Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qSGclRyPyUW8-9iQkGiXQsjME6o.roa
File:                     qSGclRyPyUW8-9iQkGiXQsjME6o.roa (raw, json)
Hash identifier:          wzhFxlN/axLI+29VvPipwH22kbyjEbgxNsqEgwl1H6A=
Subject key identifier:   A9:21:9C:95:1C:8F:C9:45:BC:FB:D8:90:90:68:97:42:C8:CC:13:AA
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018C09CBD21E2E484451A82D9720616254E1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qSGclRyPyUW8-9iQkGiXQsjME6o.roa
Signing time:             Sun 26 Nov 2023 04:03:21 +0000
ROA not before:           Sun 26 Nov 2023 04:03:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51939
IP address blocks:        2a0e:97c0:5c5::/48 maxlen: 48
                          2a0e:97c0:5c0::/44 maxlen: 48
                          2a0e:97c0:5c8::/48 maxlen: 48
                          2a0e:97c0:5c0::/48 maxlen: 48
                          2a0e:97c0:5c3::/48 maxlen: 48
                          2a0e:97c0:5ce::/48 maxlen: 48
                          2a0e:97c0:5c1::/48 maxlen: 48
                          2a0e:97c0:5cc::/48 maxlen: 48
                          2a0e:97c0:5c4::/48 maxlen: 48
                          2a0e:97c0:5cf::/48 maxlen: 48
                          2a0e:97c0:5ca::/48 maxlen: 48
                          2a0e:97c0:5c2::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:09:cb:d2:1e:2e:48:44:51:a8:2d:97:20:61:62:54:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Nov 26 04:03:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a9219c951c8fc945bcfbd89090689742c8cc13aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:45:32:9a:da:65:ac:c5:5f:7b:78:49:e1:4b:
                    de:d4:6e:8f:6b:ac:29:c0:01:e0:bd:91:2c:74:0f:
                    cf:75:a3:99:07:e9:45:b4:d6:46:81:21:9f:c4:e6:
                    33:3a:ee:15:3c:0b:8a:7d:8b:22:6e:ed:86:18:90:
                    0a:7d:e6:e2:53:fb:2b:94:f9:1b:82:10:b2:4e:13:
                    a9:0d:ac:67:e3:be:c6:81:74:83:f0:d9:8d:b2:c2:
                    3a:41:d5:b5:60:1c:bc:a6:78:24:1f:66:82:3f:d8:
                    63:d9:62:6a:65:4e:38:f5:48:0a:7b:a3:ef:96:d5:
                    20:19:78:a7:77:40:90:79:69:fc:30:30:2a:a7:bd:
                    78:5a:02:cc:cc:c4:8c:23:61:78:a4:d1:1b:3b:2e:
                    c2:e4:f5:2a:d4:24:d7:b0:18:68:a0:79:5a:8f:47:
                    d7:f2:b1:87:63:a6:8e:cb:fa:11:50:d2:75:30:85:
                    60:aa:1a:ea:03:0e:99:d1:8e:81:c2:9c:89:58:fa:
                    35:10:b0:50:21:86:c8:15:42:aa:38:6b:6c:4b:e2:
                    ed:3c:4e:c8:c2:e0:d5:a9:19:3b:19:f0:28:ef:3a:
                    7e:4e:75:ec:a3:5d:19:78:44:76:66:32:98:c5:11:
                    7d:63:c2:1f:f3:c0:f9:e6:7b:c8:38:80:f5:ab:6b:
                    9d:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:21:9C:95:1C:8F:C9:45:BC:FB:D8:90:90:68:97:42:C8:CC:13:AA
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qSGclRyPyUW8-9iQkGiXQsjME6o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:5c0::/44

    Signature Algorithm: sha256WithRSAEncryption
         0a:e4:d3:e6:e6:8f:8f:4c:0e:b1:b4:e8:48:b2:80:04:1b:95:
         6a:33:6d:ff:fd:1a:5b:bb:e7:31:3d:4f:b2:53:6e:29:92:a7:
         57:43:6f:74:7c:eb:15:df:42:53:56:55:9a:5e:53:4f:83:65:
         f4:93:1f:96:67:cb:1a:57:42:45:06:dd:48:d0:ac:88:13:07:
         9e:20:87:ed:33:03:d8:ad:b4:06:c5:fe:0f:4a:39:94:35:5a:
         c8:44:fc:1e:61:0c:59:38:cd:57:aa:2f:4d:c6:5e:d1:83:38:
         ec:4a:d2:fa:8c:f6:05:9a:9b:c7:c0:fa:34:e2:05:a9:01:a3:
         bb:8c:58:57:9f:eb:29:ea:b5:db:24:05:43:61:3b:9b:a1:5b:
         62:d2:8d:1b:d5:59:34:e3:90:54:3e:c0:f5:48:84:fd:89:f5:
         4c:b8:04:52:30:bf:8c:9e:e0:9f:d9:df:77:31:7e:fd:ca:12:
         86:8a:aa:97:f4:3b:c7:1a:d8:bb:7e:fd:60:63:96:3c:a1:b6:
         14:9e:7c:c4:6b:66:3e:c2:cd:39:98:c8:6e:be:20:85:c1:99:
         45:bd:73:4b:04:1a:69:74:47:3e:75:17:1f:10:d8:e2:5a:7f:
         9d:db:78:96:29:ce:4c:57:90:e6:ed:86:19:51:14:9b:d2:a7:
         07:75:63:d9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYwJy9IeLkhEUagtlyBhYlThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMTI2MDQwMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTIxOWM5NTFjOGZjOTQ1YmNmYmQ4OTA5MDY4OTc0MmM4Y2MxM2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkUymtplrMVfe3hJ4Uve1G6Pa6wp
wAHgvZEsdA/PdaOZB+lFtNZGgSGfxOYzOu4VPAuKfYsibu2GGJAKfebiU/srlPkb
ghCyThOpDaxn477GgXSD8NmNssI6QdW1YBy8pngkH2aCP9hj2WJqZU449UgKe6Pv
ltUgGXind0CQeWn8MDAqp714WgLMzMSMI2F4pNEbOy7C5PUq1CTXsBhooHlaj0fX
8rGHY6aOy/oRUNJ1MIVgqhrqAw6Z0Y6BwpyJWPo1ELBQIYbIFUKqOGtsS+LtPE7I
wuDVqRk7GfAo7zp+TnXso10ZeER2ZjKYxRF9Y8If88D55nvIOID1q2udgQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKkhnJUcj8lFvPvYkJBol0LIzBOqMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcVNHY2xSeVB5VVc4LTlpUWtHaVhRc2pNRTZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAXA
MA0GCSqGSIb3DQEBCwUAA4IBAQAK5NPm5o+PTA6xtOhIsoAEG5VqM23//Rpbu+cx
PU+yU24pkqdXQ290fOsV30JTVlWaXlNPg2X0kx+WZ8saV0JFBt1I0KyIEweeIIft
MwPYrbQGxf4PSjmUNVrIRPweYQxZOM1Xqi9Nxl7RgzjsStL6jPYFmpvHwPo04gWp
AaO7jFhXn+sp6rXbJAVDYTuboVti0o0b1Vk045BUPsD1SIT9ifVMuARSML+MnuCf
2d93MX79yhKGiqqX9DvHGti7fv1gY5Y8obYUnnzEa2Y+ws05mMhuviCFwZlFvXNL
BBppdEc+dRcfENjiWn+d23iWKc5MV5Dm7YYZURSb0qcHdWPZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:31 2024 by rpki-client on console-ams.rpki-client.org