Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/px2ec8dj0-A8-Bb-SbVN63DgPxY.roa
File:                     px2ec8dj0-A8-Bb-SbVN63DgPxY.roa (raw, json)
Hash identifier:          7YfncDdnDc9gNTqouLBOYUUpHSezU/6DvvrtOGogwJE=
Subject key identifier:   A7:1D:9E:73:C7:63:D3:E0:3C:F8:16:FE:49:B5:4D:EB:70:E0:3F:16
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0185E48AB9C907569E6DB02868712FDC04F3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/px2ec8dj0-A8-Bb-SbVN63DgPxY.roa
Signing time:             Tue 24 Jan 2023 16:09:34 +0000
ROA not before:           Tue 24 Jan 2023 16:09:34 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        2a0e:b107:1870::/48 maxlen: 48
                          2a0e:b107:9f4::/48 maxlen: 48
                          2a0e:b107:1b9e::/48 maxlen: 48
                          2a0e:b107:5d0::/44 maxlen: 48
                          2a0e:b107:660::/44 maxlen: 48
                          2a0e:b107:5e0::/44 maxlen: 48
                          2a0e:97c0:750::/48 maxlen: 48
                          2a0e:b107:900::/44 maxlen: 48
                          2a0e:b107:df2::/48 maxlen: 48
                          2a0e:97c0:736::/48 maxlen: 48
                          2a0e:b107:9f6::/48 maxlen: 48
                          2a0e:b102:12f::/48 maxlen: 48
                          2a0e:97c0:76f::/48 maxlen: 48
                          2a0e:97c0:73f::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 24 Jan 2023 23:18:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e4:8a:b9:c9:07:56:9e:6d:b0:28:68:71:2f:dc:04:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan 24 16:09:34 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a71d9e73c763d3e03cf816fe49b54deb70e03f16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:53:86:bc:c4:bb:07:c3:d1:f7:78:1d:04:30:
                    a3:fd:d6:4c:a3:6c:1a:2c:0c:df:73:1a:66:73:62:
                    d1:c5:02:46:e8:e2:2d:32:f0:42:ac:0e:25:88:48:
                    7b:fe:f5:ab:7a:34:c6:c8:4a:f5:82:99:ab:c4:c9:
                    81:5c:91:2e:23:9e:64:ca:d2:68:45:97:10:23:44:
                    af:f7:ae:e3:e2:a0:9b:57:41:a6:47:42:a8:9a:3f:
                    6c:5f:21:68:df:87:1a:99:2a:64:c9:21:87:ec:9b:
                    7b:94:60:b6:34:8e:69:82:fc:f0:d4:47:78:37:86:
                    3d:11:ff:f8:8b:e0:49:b6:d3:86:c9:74:a4:a7:1f:
                    d2:4f:3f:7a:5e:27:39:66:e9:49:a1:91:8d:2f:74:
                    18:1a:66:54:f0:17:f7:66:b9:e1:44:ce:19:86:2d:
                    a0:b5:65:c3:15:cf:d8:38:e1:3e:15:a0:8b:2f:c3:
                    bc:06:e2:38:69:e7:19:f5:ba:36:d7:60:7e:dd:3d:
                    9b:db:03:65:bf:15:61:22:9b:22:6d:7b:b9:4f:20:
                    e9:07:a1:c7:71:e6:bc:2f:9d:a2:91:0d:d2:a6:c0:
                    0a:98:2a:80:85:b2:45:cc:79:6d:e1:14:76:f7:33:
                    aa:3d:a4:5c:27:3b:80:d5:f3:17:6b:41:3c:43:6d:
                    2d:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:1D:9E:73:C7:63:D3:E0:3C:F8:16:FE:49:B5:4D:EB:70:E0:3F:16
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/px2ec8dj0-A8-Bb-SbVN63DgPxY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:736::/48
                  2a0e:97c0:73f::/48
                  2a0e:97c0:750::/48
                  2a0e:97c0:76f::/48
                  2a0e:b102:12f::/48
                  2a0e:b107:5d0::-2a0e:b107:5ef:ffff:ffff:ffff:ffff:ffff
                  2a0e:b107:660::/44
                  2a0e:b107:900::/44
                  2a0e:b107:9f4::/48
                  2a0e:b107:9f6::/48
                  2a0e:b107:df2::/48
                  2a0e:b107:1870::/48
                  2a0e:b107:1b9e::/48

    Signature Algorithm: sha256WithRSAEncryption
         93:d9:55:7b:21:d5:f5:23:45:ba:7f:36:be:3b:4f:f9:f2:c3:
         62:5c:92:61:f6:66:d3:04:ba:e5:a9:5f:87:66:84:ba:a0:9b:
         09:ae:a2:30:42:66:a2:0c:6c:b1:2f:81:c0:44:56:17:43:a7:
         6c:c8:ad:13:fc:d3:85:ca:6b:61:b4:46:a4:2e:20:4b:b3:23:
         66:68:0f:f9:81:3e:e9:78:8e:eb:18:91:81:12:f8:03:7a:2d:
         8c:05:b6:4d:ea:13:44:9d:99:fe:0f:9a:71:ea:09:87:af:db:
         12:49:c0:37:0a:0b:32:2e:0c:f2:9b:e4:2e:bb:b1:4c:48:08:
         57:ad:46:cf:20:0c:ac:35:3f:02:33:17:37:5e:4e:ea:37:b8:
         4c:2d:35:cb:35:1b:91:d8:ac:d8:84:10:22:c9:3a:5e:c7:0b:
         f9:f9:bc:c2:a1:f2:c8:d9:b6:c3:55:c6:3d:39:12:49:89:80:
         6a:1e:cd:88:6c:e0:34:95:7e:f5:30:2a:c2:c4:93:4a:09:c6:
         09:2a:09:e6:ae:4a:f3:7e:dc:09:9a:7c:6f:7b:08:37:1a:5d:
         3b:fb:dc:7f:05:37:01:73:b3:3f:0c:09:55:56:8e:58:e8:f4:
         23:1f:ed:4a:60:b3:f5:49:66:dd:89:0c:57:d2:64:60:ef:cf:
         40:3c:cc:f4
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYXkirnJB1aebbAoaHEv3ATzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzFkOWU3M2M3NjNkM2UwM2NmODE2ZmU0OWI1NGRlYjcwZTAzZjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1OGvMS7B8PR93gdBDCj/dZMo2wa
LAzfcxpmc2LRxQJG6OItMvBCrA4liEh7/vWrejTGyEr1gpmrxMmBXJEuI55kytJo
RZcQI0Sv967j4qCbV0GmR0Komj9sXyFo34camSpkySGH7Jt7lGC2NI5pgvzw1Ed4
N4Y9Ef/4i+BJttOGyXSkpx/STz96Xic5ZulJoZGNL3QYGmZU8Bf3ZrnhRM4Zhi2g
tWXDFc/YOOE+FaCLL8O8BuI4aecZ9bo212B+3T2b2wNlvxVhIpsibXu5TyDpB6HH
cea8L52ikQ3SpsAKmCqAhbJFzHlt4RR29zOqPaRcJzuA1fMXa0E8Q20tZwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFKcdnnPHY9PgPPgW/km1Tetw4D8WMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcHgyZWM4ZGowLUE4LUJiLVNiVk42M0RnUHhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAIwgYADBwAq
DpfABzYDBwAqDpfABz8DBwAqDpfAB1ADBwAqDpfAB28DBwAqDrECAS8wEgMHBCoO
sQcF0AMHBCoOsQcF4AMHBCoOsQcGYAMHBCoOsQcJAAMHACoOsQcJ9AMHACoOsQcJ
9gMHACoOsQcN8gMHACoOsQcYcAMHACoOsQcbnjANBgkqhkiG9w0BAQsFAAOCAQEA
k9lVeyHV9SNFun82vjtP+fLDYlySYfZm0wS65alfh2aEuqCbCa6iMEJmogxssS+B
wERWF0OnbMitE/zThcprYbRGpC4gS7MjZmgP+YE+6XiO6xiRgRL4A3otjAW2TeoT
RJ2Z/g+aceoJh6/bEknANwoLMi4M8pvkLruxTEgIV61GzyAMrDU/AjMXN15O6je4
TC01yzUbkdis2IQQIsk6XscL+fm8wqHyyNm2w1XGPTkSSYmAah7NiGzgNJV+9TAq
wsSTSgnGCSoJ5q5K837cCZp8b3sINxpdO/vcfwU3AXOzPwwJVVaOWOj0Ix/tSmCz
9Ulm3YkMV9JkYO/PQDzM9A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:38 2024 by rpki-client on console-fra.rpki-client.org