Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qvTWUeF-Al54vpZWAaGI2MP0UVA.roa
File:                     qvTWUeF-Al54vpZWAaGI2MP0UVA.roa (raw, json)
Hash identifier:          g3v5rL6nF3b7LomsFs+BN+idsN5JBRy9wOtusO6N/WI=
Subject key identifier:   AA:F4:D6:51:E1:7E:02:5E:78:BE:96:56:01:A1:88:D8:C3:F4:51:50
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0187C93409DB93020A0E59FC9F38ECAE76F0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qvTWUeF-Al54vpZWAaGI2MP0UVA.roa
Signing time:             Fri 28 Apr 2023 18:50:43 +0000
ROA not before:           Fri 28 Apr 2023 18:50:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212184
IP address blocks:        2a0e:b107:20b0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Fri 28 Apr 2023 21:21:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:c9:34:09:db:93:02:0a:0e:59:fc:9f:38:ec:ae:76:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Apr 28 18:50:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aaf4d651e17e025e78be965601a188d8c3f45150
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:80:ab:a7:92:6b:78:e3:11:d3:8e:57:ac:5c:
                    bc:6f:b9:d9:0b:6f:cb:f4:a4:e2:27:3d:7c:46:4a:
                    73:2d:37:c4:ee:5d:ae:8e:a8:fc:14:f2:8b:5b:32:
                    77:d3:e5:77:92:ba:7b:46:d0:7d:64:1b:94:f7:c8:
                    38:fd:5b:98:df:a8:88:a9:c6:33:46:98:95:ca:9a:
                    bc:03:34:c1:6d:9e:4d:18:82:2a:ca:b0:68:73:fd:
                    c8:c6:a4:5b:ad:1c:64:20:1d:7d:d5:cf:c4:1d:c6:
                    42:cc:77:0f:f7:53:05:48:62:0a:fc:1b:05:61:42:
                    4e:52:eb:10:54:1c:7b:9a:74:29:31:37:b7:1a:e5:
                    8f:85:d3:91:8b:2e:02:38:c6:23:f2:65:ae:30:7b:
                    02:0a:a4:27:3e:08:a8:24:ac:fa:80:86:de:f3:17:
                    10:ca:23:46:39:56:8f:ed:27:d1:11:94:92:fe:ec:
                    47:b7:c5:64:ba:7e:73:8a:26:47:37:af:2f:12:6a:
                    43:a6:1e:a2:1d:ea:9c:8d:92:d9:69:41:04:26:e2:
                    d8:67:dd:3d:70:e5:41:95:05:9d:f2:a4:37:0b:de:
                    ce:e6:c2:de:28:08:21:be:83:0a:34:ab:0f:86:da:
                    7d:43:fd:11:1d:9c:2a:f5:38:e8:db:7d:39:93:16:
                    91:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:F4:D6:51:E1:7E:02:5E:78:BE:96:56:01:A1:88:D8:C3:F4:51:50
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qvTWUeF-Al54vpZWAaGI2MP0UVA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:20b0::/44

    Signature Algorithm: sha256WithRSAEncryption
         72:c1:8d:4a:c1:fa:85:70:77:44:61:78:72:7a:25:89:d4:21:
         bd:8d:56:a0:ed:f6:79:cd:34:a7:71:6e:39:b5:40:5f:ba:3e:
         ed:e0:f3:d9:30:cf:62:25:ce:e4:b2:66:70:98:f9:6b:c3:db:
         8a:81:06:73:f1:d6:c6:06:ed:d8:62:df:1c:f9:5f:68:a2:af:
         86:fa:36:a6:35:59:41:c1:48:2c:36:49:61:1c:92:a3:50:36:
         82:4a:fd:fd:21:fa:c0:6d:0d:5b:39:6e:d0:7a:b7:f7:39:45:
         ba:20:90:36:9a:63:10:17:08:c4:04:43:ef:45:3d:34:a7:5f:
         d6:8d:8f:66:f3:1c:89:ba:3f:84:0a:21:c1:4d:a8:cc:ea:56:
         9c:8f:fd:94:3e:46:55:6a:3e:9c:bc:1f:93:c9:73:47:66:34:
         5e:b7:98:a5:63:aa:cb:00:57:aa:4c:82:d7:52:7a:e4:90:aa:
         42:d4:98:52:9b:1f:57:bd:f4:bd:18:61:04:96:2f:d0:6e:3a:
         d3:60:0c:0a:fe:cc:2b:e0:be:30:56:04:9d:f7:a7:cb:7e:72:
         4e:61:85:4e:fe:b9:bb:b9:c3:7a:77:8f:44:f7:fc:ef:56:4f:
         f5:4d:26:8f:c3:f7:63:cf:c1:84:a8:10:6f:f2:e1:7d:5e:96:
         48:2f:3e:bb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYfJNAnbkwIKDln8nzjsrnbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNDI4MTg1MDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWY0ZDY1MWUxN2UwMjVlNzhiZTk2NTYwMWExODhkOGMzZjQ1MTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYCrp5JreOMR045XrFy8b7nZC2/L
9KTiJz18RkpzLTfE7l2ujqj8FPKLWzJ30+V3krp7RtB9ZBuU98g4/VuY36iIqcYz
RpiVypq8AzTBbZ5NGIIqyrBoc/3IxqRbrRxkIB191c/EHcZCzHcP91MFSGIK/BsF
YUJOUusQVBx7mnQpMTe3GuWPhdORiy4COMYj8mWuMHsCCqQnPgioJKz6gIbe8xcQ
yiNGOVaP7SfREZSS/uxHt8Vkun5ziiZHN68vEmpDph6iHeqcjZLZaUEEJuLYZ909
cOVBlQWd8qQ3C97O5sLeKAghvoMKNKsPhtp9Q/0RHZwq9Tjo2305kxaRVQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKr01lHhfgJeeL6WVgGhiNjD9FFQMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcXZUV1VlRi1BbDU0dnBaV0FhR0kyTVAwVVZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xByCw
MA0GCSqGSIb3DQEBCwUAA4IBAQBywY1KwfqFcHdEYXhyeiWJ1CG9jVag7fZ5zTSn
cW45tUBfuj7t4PPZMM9iJc7ksmZwmPlrw9uKgQZz8dbGBu3YYt8c+V9ooq+G+jam
NVlBwUgsNklhHJKjUDaCSv39IfrAbQ1bOW7Qerf3OUW6IJA2mmMQFwjEBEPvRT00
p1/WjY9m8xyJuj+ECiHBTajM6lacj/2UPkZVaj6cvB+TyXNHZjRet5ilY6rLAFeq
TILXUnrkkKpC1JhSmx9XvfS9GGEEli/QbjrTYAwK/swr4L4wVgSd96fLfnJOYYVO
/rm7ucN6d49E9/zvVk/1TSaPw/djz8GEqBBv8uF9XpZILz67
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:38 2024 by rpki-client on console-fra.rpki-client.org