Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pt1utG3I5QHxT48kBJ3ytqXdyqE.roa
File:                     pt1utG3I5QHxT48kBJ3ytqXdyqE.roa (raw, json)
Hash identifier:          fsVaztq5t4yyJ0fn+CMubbBOXGWRsYSut1Sd5GdG0NU=
Subject key identifier:   A6:DD:6E:B4:6D:C8:E5:01:F1:4F:8F:24:04:9D:F2:B6:A5:DD:CA:A1
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0186DD81CB2B3C1176C31A54F696EF3EA683
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pt1utG3I5QHxT48kBJ3ytqXdyqE.roa
Signing time:             Tue 14 Mar 2023 00:25:16 +0000
ROA not before:           Tue 14 Mar 2023 00:25:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199956
IP address blocks:        2a0e:97c0:850::/44 maxlen: 48
                          2a0e:b107:1db0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:dd:81:cb:2b:3c:11:76:c3:1a:54:f6:96:ef:3e:a6:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Mar 14 00:25:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a6dd6eb46dc8e501f14f8f24049df2b6a5ddcaa1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:05:d1:dd:a5:9f:09:e2:eb:86:9d:9c:6d:8d:
                    71:0d:3a:dd:46:b7:50:ee:dc:bc:53:19:33:b2:23:
                    5e:c7:e1:5b:9e:16:4d:28:57:28:15:62:75:54:9a:
                    38:30:56:a3:52:1c:b6:0f:2e:97:b8:b0:e3:e3:54:
                    cd:52:ac:5a:7c:9e:78:ab:d6:56:5a:27:27:d6:16:
                    bc:8b:40:a5:dc:c9:0c:5d:6e:cb:08:c1:9e:2d:ce:
                    29:44:d9:f6:32:cd:3e:91:43:57:6d:31:37:c3:b4:
                    c4:f5:97:d8:59:4d:00:cd:cb:57:ce:6a:5c:2b:b8:
                    f9:05:d0:6a:b6:2a:82:1f:1d:fd:73:d6:90:34:c9:
                    df:40:29:c7:a8:d7:01:c7:b1:62:23:28:02:92:44:
                    3d:45:8e:4d:e1:fa:65:e1:f7:b3:b0:8e:b1:bb:1c:
                    29:3d:e0:c2:91:2c:26:d2:a7:90:25:04:33:54:02:
                    f6:4a:c2:53:d6:29:2e:e3:19:69:ec:d6:7d:30:b3:
                    69:57:40:61:fa:62:33:76:d9:a6:cc:4a:27:67:cf:
                    c6:6a:97:05:fb:09:8e:89:fe:90:61:06:82:d3:92:
                    dd:75:c1:63:13:9e:64:bf:b2:e2:17:1d:67:fc:00:
                    dd:a0:54:be:df:ca:28:90:88:ae:9c:38:b4:ff:dc:
                    63:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:DD:6E:B4:6D:C8:E5:01:F1:4F:8F:24:04:9D:F2:B6:A5:DD:CA:A1
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pt1utG3I5QHxT48kBJ3ytqXdyqE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:850::/44
                  2a0e:b107:1db0::/44

    Signature Algorithm: sha256WithRSAEncryption
         68:fe:62:ee:13:2d:33:93:ab:3f:b6:f3:5f:be:1e:cf:c0:c6:
         5a:c8:56:8a:12:0e:c3:b9:fb:23:e4:05:7c:76:a1:90:10:25:
         a9:94:74:cb:c9:5d:8a:14:8a:5a:e9:fa:b7:89:c7:e1:fb:65:
         3c:7d:ed:a8:eb:56:f6:e0:06:a9:86:90:e9:6c:08:78:5d:89:
         a9:e5:0c:65:8f:28:3a:7d:29:8f:77:05:99:ad:3c:cd:05:11:
         12:c1:93:c3:f5:b2:01:39:c2:1b:1d:ac:69:4f:56:b6:5c:68:
         24:7f:27:51:83:0d:83:07:91:5a:ce:9a:67:4c:68:24:66:02:
         b4:09:ea:85:e0:d7:5d:4f:e2:dd:9a:65:50:4b:0d:65:98:0f:
         22:68:76:21:c3:36:99:4c:c6:82:8e:e1:bd:a1:81:da:23:2c:
         46:8a:2d:c3:15:2a:6d:1e:c2:31:58:48:11:17:fb:d7:77:ed:
         45:70:68:38:83:df:89:5d:b1:9a:b8:d1:ab:98:7e:04:17:6c:
         dd:6e:4e:9b:15:90:af:a8:24:75:e2:32:c8:47:f7:c7:38:21:
         12:f2:28:5f:a3:1a:9a:3e:59:34:80:27:07:7e:fa:9c:6b:08:
         ca:ba:2b:7b:60:f7:90:5b:2b:45:95:9c:63:2d:e2:fb:08:9c:
         a2:ca:57:53
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYbdgcsrPBF2wxpU9pbvPqaDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzE0MDAyNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmRkNmViNDZkYzhlNTAxZjE0ZjhmMjQwNDlkZjJiNmE1ZGRjYWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAXR3aWfCeLrhp2cbY1xDTrdRrdQ
7ty8UxkzsiNex+FbnhZNKFcoFWJ1VJo4MFajUhy2Dy6XuLDj41TNUqxafJ54q9ZW
Wicn1ha8i0Cl3MkMXW7LCMGeLc4pRNn2Ms0+kUNXbTE3w7TE9ZfYWU0AzctXzmpc
K7j5BdBqtiqCHx39c9aQNMnfQCnHqNcBx7FiIygCkkQ9RY5N4fpl4fezsI6xuxwp
PeDCkSwm0qeQJQQzVAL2SsJT1iku4xlp7NZ9MLNpV0Bh+mIzdtmmzEonZ8/GapcF
+wmOif6QYQaC05LddcFjE55kv7LiFx1n/ADdoFS+38ookIiunDi0/9xjFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKbdbrRtyOUB8U+PJASd8ral3cqhMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcHQxdXRHM0k1UUh4VDQ4a0JKM3l0cVhkeXFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAhQ
AwcEKg6xBx2wMA0GCSqGSIb3DQEBCwUAA4IBAQBo/mLuEy0zk6s/tvNfvh7PwMZa
yFaKEg7Dufsj5AV8dqGQECWplHTLyV2KFIpa6fq3icfh+2U8fe2o61b24AaphpDp
bAh4XYmp5Qxljyg6fSmPdwWZrTzNBRESwZPD9bIBOcIbHaxpT1a2XGgkfydRgw2D
B5FazppnTGgkZgK0CeqF4NddT+LdmmVQSw1lmA8iaHYhwzaZTMaCjuG9oYHaIyxG
ii3DFSptHsIxWEgRF/vXd+1FcGg4g9+JXbGauNGrmH4EF2zdbk6bFZCvqCR14jLI
R/fHOCES8ihfoxqaPlk0gCcHfvqcawjKuit7YPeQWytFlZxjLeL7CJyiyldT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:31 2024 by rpki-client on console-ams.rpki-client.org