Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/q_YYhqDhczWVXYWpsAblCxjvXCY.roa
File:                     q_YYhqDhczWVXYWpsAblCxjvXCY.roa (raw, json)
Hash identifier:          bpMOZwktV2awpcKpKxHVwumLgBffmDjMNXMDt2ri7u4=
Subject key identifier:   AB:F6:18:86:A0:E1:73:35:95:5D:85:A9:B0:06:E5:0B:18:EF:5C:26
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0187D314B437FF36E8B30D9E858D63EF3193
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/q_YYhqDhczWVXYWpsAblCxjvXCY.roa
Signing time:             Sun 30 Apr 2023 16:52:42 +0000
ROA not before:           Sun 30 Apr 2023 16:52:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200160
IP address blocks:        2a0e:b107:660::/44 maxlen: 48
                          2a0e:b107:690::/44 maxlen: 48
                          2a0e:b107:5f0::/44 maxlen: 48
                          2a0e:b107:1d60::/44 maxlen: 48
                          2a0e:b107:600::/44 maxlen: 48
                          2a0e:b107:1e00::/44 maxlen: 48
                          2a0e:b107:5e0::/44 maxlen: 48
                          2a0e:b107:2150::/44 maxlen: 48
                          2a0e:b107:800::/44 maxlen: 48

Validation:               Failed, certificate revoked on Sun 30 Apr 2023 17:48:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:d3:14:b4:37:ff:36:e8:b3:0d:9e:85:8d:63:ef:31:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Apr 30 16:52:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=abf61886a0e17335955d85a9b006e50b18ef5c26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:cf:bb:5c:6d:27:00:2a:a4:ef:19:b4:48:05:
                    15:78:90:43:b4:25:6e:50:fb:9d:35:78:a3:e0:8b:
                    21:19:e0:29:1f:d4:7f:5f:82:e6:fa:6b:9e:d9:b0:
                    db:e1:26:c9:a6:3a:13:66:29:ff:74:f3:99:90:e4:
                    09:dd:7e:1b:aa:67:84:3b:0d:2a:6f:57:f7:e4:a6:
                    f8:44:6c:52:6a:00:a1:13:15:19:96:00:ef:73:19:
                    e6:3e:7e:c1:86:d6:9c:b8:6d:b3:88:fb:f5:44:15:
                    56:79:ef:f0:de:6e:9c:2e:9b:3b:ce:ab:7b:34:9a:
                    0e:d2:20:92:ee:5b:33:4a:24:d9:8a:c1:aa:ce:96:
                    ae:7e:4a:c3:83:54:8b:ea:54:98:40:73:89:04:58:
                    db:4e:e4:a4:47:80:36:7d:8f:ba:74:59:bd:8a:eb:
                    86:25:a1:4a:95:a9:3f:38:17:fb:39:0e:3a:f6:c6:
                    a7:47:77:09:af:30:79:14:b5:98:6f:d0:62:94:45:
                    f5:14:d4:94:23:b9:0f:3c:62:a9:b3:93:73:a4:4f:
                    20:bf:f0:cf:f9:19:55:72:77:87:9d:c1:95:73:a7:
                    32:b6:c0:26:61:64:29:36:7d:c5:e2:8e:6a:12:74:
                    3f:8b:41:53:21:76:58:dd:c8:07:42:c0:9e:81:49:
                    93:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:F6:18:86:A0:E1:73:35:95:5D:85:A9:B0:06:E5:0B:18:EF:5C:26
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/q_YYhqDhczWVXYWpsAblCxjvXCY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:5e0::-2a0e:b107:60f:ffff:ffff:ffff:ffff:ffff
                  2a0e:b107:660::/44
                  2a0e:b107:690::/44
                  2a0e:b107:800::/44
                  2a0e:b107:1d60::/44
                  2a0e:b107:1e00::/44
                  2a0e:b107:2150::/44

    Signature Algorithm: sha256WithRSAEncryption
         87:bd:98:9f:6e:d3:9e:08:6b:21:2f:bd:be:d4:ef:e2:4f:81:
         65:49:a6:cc:35:04:c5:ac:23:c0:6a:ae:ed:7b:81:ba:33:a7:
         3c:b3:6b:21:d5:7b:9c:af:29:b1:a4:d1:64:0e:7e:ea:55:af:
         78:f0:dd:ca:0b:01:e6:30:81:e1:17:43:79:92:72:f6:df:2a:
         b0:00:75:e7:b8:fc:18:0e:43:d1:1b:f9:03:cd:2a:eb:60:4c:
         ff:13:72:0b:52:75:26:40:8c:d5:05:ff:01:d8:08:86:65:02:
         7e:aa:5b:e2:f1:9f:c8:73:43:54:d7:15:ac:7b:1a:5f:1b:94:
         11:e8:ca:d5:ac:3c:8e:15:97:1d:57:e2:7c:c9:7a:c0:c0:ec:
         60:bc:b6:37:35:96:b5:4a:c7:56:b0:37:e1:2d:4d:97:25:67:
         93:aa:df:ab:88:35:9e:cf:05:93:32:42:08:87:75:c5:80:be:
         cc:11:5a:8c:37:14:72:fe:f3:e7:f4:e3:ca:de:28:dd:a8:9c:
         cd:51:37:e8:fe:d6:9f:a9:7d:3d:80:62:74:cb:e2:f2:71:d4:
         fa:be:dc:bb:0d:a4:15:62:91:df:a3:1a:e3:23:0b:61:b1:46:
         90:86:23:54:25:65:fa:41:dc:6c:a2:c9:5a:aa:e4:81:22:f2:
         5c:3c:8b:83
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYfTFLQ3/zbosw2ehY1j7zGTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNDMwMTY1MjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmY2MTg4NmEwZTE3MzM1OTU1ZDg1YTliMDA2ZTUwYjE4ZWY1YzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAps+7XG0nACqk7xm0SAUVeJBDtCVu
UPudNXij4IshGeApH9R/X4Lm+mue2bDb4SbJpjoTZin/dPOZkOQJ3X4bqmeEOw0q
b1f35Kb4RGxSagChExUZlgDvcxnmPn7BhtacuG2ziPv1RBVWee/w3m6cLps7zqt7
NJoO0iCS7lszSiTZisGqzpaufkrDg1SL6lSYQHOJBFjbTuSkR4A2fY+6dFm9iuuG
JaFKlak/OBf7OQ469sanR3cJrzB5FLWYb9BilEX1FNSUI7kPPGKps5NzpE8gv/DP
+RlVcneHncGVc6cytsAmYWQpNn3F4o5qEnQ/i0FTIXZY3cgHQsCegUmTvwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFKv2GIag4XM1lV2FqbAG5QsY71wmMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcV9ZWWhxRGhjeldWWFlXcHNBYmxDeGp2WENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAAjBKMBIDBwUqDrEH
BeADBwQqDrEHBgADBwQqDrEHBmADBwQqDrEHBpADBwQqDrEHCAADBwQqDrEHHWAD
BwQqDrEHHgADBwQqDrEHIVAwDQYJKoZIhvcNAQELBQADggEBAIe9mJ9u054IayEv
vb7U7+JPgWVJpsw1BMWsI8Bqru17gbozpzyzayHVe5yvKbGk0WQOfupVr3jw3coL
AeYwgeEXQ3mScvbfKrAAdee4/BgOQ9Eb+QPNKutgTP8TcgtSdSZAjNUF/wHYCIZl
An6qW+Lxn8hzQ1TXFax7Gl8blBHoytWsPI4Vlx1X4nzJesDA7GC8tjc1lrVKx1aw
N+EtTZclZ5Oq36uINZ7PBZMyQgiHdcWAvswRWow3FHL+8+f048reKN2onM1RN+j+
1p+pfT2AYnTL4vJx1Pq+3LsNpBVikd+jGuMjC2GxRpCGI1QlZfpB3GyiyVqq5IEi
8lw8i4M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:38 2024 by rpki-client on console-fra.rpki-client.org