Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ntmezgjDe0RD7v5BS5yt8ViB4zY.roa
File:                     ntmezgjDe0RD7v5BS5yt8ViB4zY.roa (raw, json)
Hash identifier:          Yn7NICRBCwNtlcVElCpDMLqJDsVD66Ev2a95SRdzS60=
Subject key identifier:   9E:D9:9E:CE:08:C3:7B:44:43:EE:FE:41:4B:9C:AD:F1:58:81:E3:36
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018CC9BD337685D1BDBDE6F94FCBDE96AF23
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ntmezgjDe0RD7v5BS5yt8ViB4zY.roa
Signing time:             Tue 02 Jan 2024 10:34:29 +0000
ROA not before:           Tue 02 Jan 2024 10:34:29 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211275
IP address blocks:        2a0e:97c0:410::/48 maxlen: 48
                          2a0e:97c0:411::/48 maxlen: 48
                          2a0e:97c0:41c::/48 maxlen: 48
                          2a0e:97c0:41f::/48 maxlen: 48
                          2a0e:97c0:412::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 16 Apr 2024 20:15:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bd:33:76:85:d1:bd:bd:e6:f9:4f:cb:de:96:af:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 10:34:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9ed99ece08c37b4443eefe414b9cadf15881e336
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:18:fe:1f:42:42:59:86:a3:02:c3:00:e0:81:
                    a3:f5:4c:26:ba:52:1e:a6:4d:5b:a8:db:86:35:80:
                    63:e6:11:43:de:a4:f0:11:76:b0:90:47:04:11:55:
                    5a:da:95:56:a0:ed:ad:4c:98:a3:f6:93:26:ea:15:
                    f7:9f:48:47:24:02:08:62:24:b7:ac:bd:d1:11:f8:
                    2a:2a:2d:56:70:9a:0a:e9:90:c2:bb:77:4e:2f:df:
                    85:db:20:6c:42:24:34:0e:c1:47:dd:15:ef:92:95:
                    7e:49:14:59:e1:63:bd:00:a0:10:55:e0:a5:aa:7d:
                    e2:64:2b:1e:dd:72:ac:95:67:15:3a:bb:a5:84:49:
                    c9:3d:61:9d:7c:42:e7:41:05:5b:18:f7:9f:1c:d8:
                    82:6d:f4:3d:e9:df:be:d7:92:ab:0d:92:b4:e7:be:
                    99:fa:e8:80:05:04:bc:52:8b:b9:e4:a6:da:77:90:
                    f7:eb:16:fa:84:1b:62:ff:f7:fd:86:0f:1f:41:96:
                    ee:49:e6:ff:9e:d2:68:f2:e1:90:71:b3:26:3c:d3:
                    55:7f:b0:3e:6e:c8:88:3e:85:f5:40:69:e4:9a:0b:
                    61:78:70:1c:bd:0a:e4:b8:bc:f2:59:7a:4d:ff:0f:
                    7f:55:cd:8a:14:5f:46:28:f2:70:7d:ad:be:c6:73:
                    d0:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:D9:9E:CE:08:C3:7B:44:43:EE:FE:41:4B:9C:AD:F1:58:81:E3:36
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ntmezgjDe0RD7v5BS5yt8ViB4zY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:410::-2a0e:97c0:412:ffff:ffff:ffff:ffff:ffff
                  2a0e:97c0:41c::/48
                  2a0e:97c0:41f::/48

    Signature Algorithm: sha256WithRSAEncryption
         a9:7e:7e:b5:89:19:b6:66:de:78:42:9d:71:f8:9a:92:54:74:
         07:78:9c:27:bb:bc:2c:3c:08:b9:96:88:69:d8:f6:ce:a7:86:
         1c:06:22:f3:d3:a4:23:5f:cf:8b:63:00:52:74:2e:36:b1:13:
         bd:fb:fa:ae:6f:4b:5c:ec:da:b9:d0:0a:79:16:ed:79:7d:3e:
         a5:b4:8f:15:d8:26:0f:5f:78:fc:1f:44:d0:27:41:37:d6:3d:
         c6:8f:c2:d0:70:32:8c:85:4d:f4:db:03:fb:38:88:fe:53:99:
         18:b0:66:c7:af:af:6c:ae:dd:e6:5e:0c:1a:16:4d:fb:46:02:
         44:f1:1c:5d:14:35:77:38:ad:48:33:e4:bd:dc:04:57:96:84:
         22:96:f1:4c:72:a4:12:f5:6a:1a:ca:6a:f5:8d:a1:c1:da:b1:
         f5:23:48:c0:e8:82:5b:7b:20:c1:ef:b4:23:17:3b:91:65:28:
         5f:c1:b0:0d:52:e9:ae:86:f8:be:d3:fc:d8:a2:7a:c0:7d:ae:
         14:dc:82:b2:a3:05:b3:e5:4f:0e:f8:27:f2:69:ab:c6:b6:76:
         1a:0a:d0:55:e6:da:b6:be:41:ab:51:95:0a:67:6b:35:93:f0:
         35:3f:13:29:85:e2:e5:56:0b:0f:14:8d:00:8a:ff:55:99:5e:
         a5:ef:3d:75
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzJvTN2hdG9veb5T8velq8jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWQ5OWVjZTA4YzM3YjQ0NDNlZWZlNDE0YjljYWRmMTU4ODFlMzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxj+H0JCWYajAsMA4IGj9UwmulIe
pk1bqNuGNYBj5hFD3qTwEXawkEcEEVVa2pVWoO2tTJij9pMm6hX3n0hHJAIIYiS3
rL3REfgqKi1WcJoK6ZDCu3dOL9+F2yBsQiQ0DsFH3RXvkpV+SRRZ4WO9AKAQVeCl
qn3iZCse3XKslWcVOrulhEnJPWGdfELnQQVbGPefHNiCbfQ96d++15KrDZK0576Z
+uiABQS8Uou55Kbad5D36xb6hBti//f9hg8fQZbuSeb/ntJo8uGQcbMmPNNVf7A+
bsiIPoX1QGnkmgtheHAcvQrkuLzyWXpN/w9/Vc2KFF9GKPJwfa2+xnPQqQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJ7Zns4Iw3tEQ+7+QUucrfFYgeM2MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbnRtZXpnakRlMFJEN3Y1QlM1eXQ4VmlCNHpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmMBIDBwQqDpfA
BBADBwAqDpfABBIDBwAqDpfABBwDBwAqDpfABB8wDQYJKoZIhvcNAQELBQADggEB
AKl+frWJGbZm3nhCnXH4mpJUdAd4nCe7vCw8CLmWiGnY9s6nhhwGIvPTpCNfz4tj
AFJ0LjaxE737+q5vS1zs2rnQCnkW7Xl9PqW0jxXYJg9fePwfRNAnQTfWPcaPwtBw
MoyFTfTbA/s4iP5TmRiwZsevr2yu3eZeDBoWTftGAkTxHF0UNXc4rUgz5L3cBFeW
hCKW8UxypBL1ahrKavWNocHasfUjSMDoglt7IMHvtCMXO5FlKF/BsA1S6a6G+L7T
/NiiesB9rhTcgrKjBbPlTw74J/Jpq8a2dhoK0FXm2ra+QatRlQpnazWT8DU/EymF
4uVWCw8UjQCK/1WZXqXvPXU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:12 2024 by rpki-client on console-ams.rpki-client.org