Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pnWZq3abycBYJ4fnPIiyJYINxxE.roa
File:                     pnWZq3abycBYJ4fnPIiyJYINxxE.roa (raw, json)
Hash identifier:          4FN3gtz6NdQ4+bNdec2kvoOKxvGlFPBqxw/06CN5woc=
Subject key identifier:   A6:75:99:AB:76:9B:C9:C0:58:27:87:E7:3C:88:B2:25:82:0D:C7:11
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0187CC3C62C3E15BEC3D00102956A7BA77CA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pnWZq3abycBYJ4fnPIiyJYINxxE.roa
Signing time:             Sat 29 Apr 2023 08:58:42 +0000
ROA not before:           Sat 29 Apr 2023 08:58:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199310
IP address blocks:        2a0e:b107:21c0::/48 maxlen: 48
                          2a0e:97c0:220::/44 maxlen: 48

Validation:               Failed, certificate revoked on Sat 29 Apr 2023 11:36:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:cc:3c:62:c3:e1:5b:ec:3d:00:10:29:56:a7:ba:77:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Apr 29 08:58:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a67599ab769bc9c0582787e73c88b225820dc711
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:04:6e:fc:f5:4a:4f:bc:b8:ff:ab:77:c8:3f:
                    a4:a5:27:c4:c9:12:be:34:50:60:20:15:71:f6:8f:
                    5b:26:24:f1:aa:00:5e:32:27:58:75:3b:9c:a0:78:
                    13:c0:77:3c:52:07:1a:0d:b7:c6:dc:47:af:b9:6d:
                    a7:55:dd:21:fa:85:43:30:11:73:22:50:8e:4e:84:
                    ee:00:83:be:b8:58:4b:3f:db:bb:ea:95:d1:7c:95:
                    2e:f1:87:37:14:4a:f5:75:01:57:34:c3:b5:ce:98:
                    85:1f:4e:2c:42:f4:39:7b:86:41:ca:89:8d:18:fe:
                    19:c2:8a:d8:de:f8:61:ab:e5:85:2e:19:c6:e5:1e:
                    f2:c8:18:16:3e:27:3a:2d:f8:c1:42:4a:ea:26:f2:
                    ae:5f:3b:f3:11:f5:02:33:6e:a4:fb:a0:69:0f:ba:
                    08:33:92:3e:5d:a4:68:ef:ca:f3:45:d4:bc:5c:e1:
                    e0:93:ec:1e:41:86:a1:7e:4c:aa:2e:40:25:fe:5f:
                    ff:41:c6:2e:41:4d:91:2b:40:db:a0:cf:40:e9:2a:
                    6f:de:a4:30:c4:e4:f7:a0:f1:46:f5:df:31:88:e9:
                    af:5e:bd:df:92:55:ee:36:20:05:68:8c:12:df:64:
                    ad:49:82:f6:d0:cc:05:18:39:46:c5:1e:60:f8:e6:
                    ab:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:75:99:AB:76:9B:C9:C0:58:27:87:E7:3C:88:B2:25:82:0D:C7:11
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pnWZq3abycBYJ4fnPIiyJYINxxE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:220::/44
                  2a0e:b107:21c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         2e:0b:8e:d3:5f:ad:fe:ac:f8:10:11:af:ec:11:53:28:2a:e1:
         18:9e:7a:e6:c2:32:fa:7c:5c:b9:38:25:9c:4a:66:61:89:d5:
         9b:79:82:31:72:d4:fc:75:71:93:26:9d:ba:d7:cf:de:4b:f9:
         3a:1d:4c:67:7c:db:7c:5f:f0:d9:d8:48:eb:5f:b0:ce:7b:05:
         f5:ea:93:9e:d2:d8:1c:14:28:d4:db:56:0c:03:13:ec:12:0b:
         7d:6f:6a:24:66:4e:42:09:6b:ef:26:10:7f:23:ac:c4:6d:53:
         04:fc:9a:05:df:48:d4:95:13:60:8b:94:58:22:56:20:a5:e9:
         a9:d1:e5:c9:1f:5c:51:2a:9c:9d:71:c0:c1:5b:42:4d:77:b8:
         f5:3f:c8:ef:8b:08:a8:ed:5c:70:e3:9b:00:4f:15:fa:35:c1:
         c9:b1:53:0d:3d:90:20:59:9e:bc:7b:60:7c:81:41:88:62:47:
         77:e5:d7:f2:99:1e:2b:07:b2:aa:e1:2e:1c:c6:0c:69:d8:33:
         bc:47:99:61:65:5a:de:05:3e:20:64:86:a4:0e:cd:8a:e5:2e:
         15:af:3c:f0:ce:f7:00:f3:89:d0:a6:2c:b3:bc:82:ca:a0:ad:
         97:ee:15:64:70:d7:f3:67:99:7b:3c:e7:63:db:ac:5e:f5:ac:
         17:b7:8c:15
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfMPGLD4VvsPQAQKVanunfKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNDI5MDg1ODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjc1OTlhYjc2OWJjOWMwNTgyNzg3ZTczYzg4YjIyNTgyMGRjNzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gRu/PVKT7y4/6t3yD+kpSfEyRK+
NFBgIBVx9o9bJiTxqgBeMidYdTucoHgTwHc8UgcaDbfG3EevuW2nVd0h+oVDMBFz
IlCOToTuAIO+uFhLP9u76pXRfJUu8Yc3FEr1dQFXNMO1zpiFH04sQvQ5e4ZByomN
GP4ZworY3vhhq+WFLhnG5R7yyBgWPic6LfjBQkrqJvKuXzvzEfUCM26k+6BpD7oI
M5I+XaRo78rzRdS8XOHgk+weQYahfkyqLkAl/l//QcYuQU2RK0DboM9A6Spv3qQw
xOT3oPFG9d8xiOmvXr3fklXuNiAFaIwS32StSYL20MwFGDlGxR5g+OarkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKZ1mat2m8nAWCeH5zyIsiWCDccRMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcG5XWnEzYWJ5Y0JZSjRmblBJaXlKWUlOeHhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAIg
AwcAKg6xByHAMA0GCSqGSIb3DQEBCwUAA4IBAQAuC47TX63+rPgQEa/sEVMoKuEY
nnrmwjL6fFy5OCWcSmZhidWbeYIxctT8dXGTJp2618/eS/k6HUxnfNt8X/DZ2Ejr
X7DOewX16pOe0tgcFCjU21YMAxPsEgt9b2okZk5CCWvvJhB/I6zEbVME/JoF30jU
lRNgi5RYIlYgpemp0eXJH1xRKpydccDBW0JNd7j1P8jviwio7Vxw45sATxX6NcHJ
sVMNPZAgWZ68e2B8gUGIYkd35dfymR4rB7Kq4S4cxgxp2DO8R5lhZVreBT4gZIak
Ds2K5S4VrzzwzvcA84nQpiyzvILKoK2X7hVkcNfzZ5l7POdj26xe9awXt4wV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:38 2024 by rpki-client on console-fra.rpki-client.org