Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o0KKq5B6wn3OthW9TZDlhkJWvks.roa
File:                     o0KKq5B6wn3OthW9TZDlhkJWvks.roa (raw, json)
Hash identifier:          WkkaRf0CI7cvXCeUsHFvinICpObvchKQFq3DgDxgJAY=
Subject key identifier:   A3:42:8A:AB:90:7A:C2:7D:CE:B6:15:BD:4D:90:E5:86:42:56:BE:4B
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018C6387173226B380E4B4B47F3CB811667D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o0KKq5B6wn3OthW9TZDlhkJWvks.roa
Signing time:             Wed 13 Dec 2023 14:14:06 +0000
ROA not before:           Wed 13 Dec 2023 14:14:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     215852
IP address blocks:        2a0e:97c0:630::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:63:87:17:32:26:b3:80:e4:b4:b4:7f:3c:b8:11:66:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Dec 13 14:14:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a3428aab907ac27dceb615bd4d90e5864256be4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:12:8f:c8:39:a2:03:63:85:01:50:6b:b2:5b:
                    dd:c9:14:02:91:f3:67:2d:81:70:ab:1d:ca:e8:eb:
                    26:0b:a1:dd:1b:57:09:21:4b:c8:8c:9a:57:ed:47:
                    50:db:97:19:d3:81:f5:fa:b2:a3:12:df:ab:6b:0d:
                    a4:c7:89:7c:c7:14:f7:39:b7:e0:1b:ed:44:70:6d:
                    45:16:c1:bc:37:f7:0b:80:99:8c:7a:b4:3f:7e:e5:
                    a0:42:41:29:d2:bd:0a:3c:42:3b:fa:fa:d1:37:2c:
                    89:2b:a5:a1:da:46:f9:3d:9c:43:16:1e:09:a4:26:
                    a9:73:be:7c:c9:af:87:46:75:71:32:19:e2:b2:00:
                    07:89:80:50:60:09:57:49:56:27:f8:a9:5f:86:f5:
                    86:0b:11:28:21:35:63:77:0f:a4:8c:1c:72:7c:2d:
                    0d:7f:26:f5:00:3a:92:0d:a5:b2:89:1e:b9:42:0f:
                    cf:23:dc:a4:6c:a0:ef:21:9c:e2:4b:78:d4:45:c5:
                    fe:de:4e:e7:fa:2d:55:6b:0a:52:f2:40:f6:46:2f:
                    fc:d8:58:f0:12:18:0e:13:e2:54:b5:32:69:23:b1:
                    3b:5d:cb:5b:d5:45:74:8b:4b:c7:bb:b9:e8:ef:fa:
                    b9:7e:4a:14:ea:17:19:a2:71:c2:52:e1:8b:67:b3:
                    34:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:42:8A:AB:90:7A:C2:7D:CE:B6:15:BD:4D:90:E5:86:42:56:BE:4B
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o0KKq5B6wn3OthW9TZDlhkJWvks.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:630::/44

    Signature Algorithm: sha256WithRSAEncryption
         1e:bc:91:77:7d:66:b9:c6:66:98:91:76:f6:b4:81:0b:96:43:
         16:b6:73:e7:13:eb:b7:68:13:03:85:84:a8:8c:a3:97:04:36:
         b4:0e:23:da:e5:ee:83:9d:a9:ee:bd:28:dd:5f:93:df:12:f5:
         86:67:33:45:d6:21:4f:75:9c:37:84:7d:c0:29:5d:ef:7b:1a:
         70:56:02:f6:3d:fe:1d:bf:d3:56:0d:95:36:d5:30:a6:32:83:
         52:53:74:07:2e:48:4c:13:6f:fa:6d:bb:9b:ac:22:22:22:fa:
         04:d1:5b:f1:9a:9f:0c:19:86:ac:a4:72:bb:93:0b:de:cc:60:
         2c:00:2b:be:ef:f9:8b:e3:a3:f4:70:4b:5c:20:3d:d8:45:26:
         58:9f:7c:8d:e9:d6:05:2b:fb:30:7f:2a:fa:fe:a8:5e:c7:13:
         1d:87:4f:58:f1:c9:d2:c5:1d:0d:aa:53:b2:45:ff:f4:02:f0:
         f3:9f:e8:d4:ca:da:aa:da:fb:17:d8:12:0b:65:8f:f6:41:1c:
         55:10:17:86:8d:43:06:fa:f2:2a:1d:77:19:04:d8:05:f2:47:
         3c:70:a2:c9:a0:5a:20:61:4f:e5:bb:77:73:9a:6f:e4:1b:4d:
         a0:0c:9d:8e:8d:fb:ba:8d:bb:29:00:da:40:5b:97:70:27:00:
         aa:02:4b:52
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYxjhxcyJrOA5LS0fzy4EWZ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjEzMTQxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzQyOGFhYjkwN2FjMjdkY2ViNjE1YmQ0ZDkwZTU4NjQyNTZiZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxKPyDmiA2OFAVBrslvdyRQCkfNn
LYFwqx3K6OsmC6HdG1cJIUvIjJpX7UdQ25cZ04H1+rKjEt+raw2kx4l8xxT3Obfg
G+1EcG1FFsG8N/cLgJmMerQ/fuWgQkEp0r0KPEI7+vrRNyyJK6Wh2kb5PZxDFh4J
pCapc758ya+HRnVxMhnisgAHiYBQYAlXSVYn+KlfhvWGCxEoITVjdw+kjBxyfC0N
fyb1ADqSDaWyiR65Qg/PI9ykbKDvIZziS3jURcX+3k7n+i1VawpS8kD2Ri/82Fjw
EhgOE+JUtTJpI7E7Xctb1UV0i0vHu7no7/q5fkoU6hcZonHCUuGLZ7M0HwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKNCiquQesJ9zrYVvU2Q5YZCVr5LMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbzBLS3E1QjZ3bjNPdGhXOVRaRGxoa0pXdmtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAYw
MA0GCSqGSIb3DQEBCwUAA4IBAQAevJF3fWa5xmaYkXb2tIELlkMWtnPnE+u3aBMD
hYSojKOXBDa0DiPa5e6DnanuvSjdX5PfEvWGZzNF1iFPdZw3hH3AKV3vexpwVgL2
Pf4dv9NWDZU21TCmMoNSU3QHLkhME2/6bbubrCIiIvoE0Vvxmp8MGYaspHK7kwve
zGAsACu+7/mL46P0cEtcID3YRSZYn3yN6dYFK/swfyr6/qhexxMdh09Y8cnSxR0N
qlOyRf/0AvDzn+jUytqq2vsX2BILZY/2QRxVEBeGjUMG+vIqHXcZBNgF8kc8cKLJ
oFogYU/lu3dzmm/kG02gDJ2Ojfu6jbspANpAW5dwJwCqAktS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:12 2024 by rpki-client on console-ams.rpki-client.org