Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rZmzBwd-A627ZppXAN5SaTMcH6I.roa
File:                     rZmzBwd-A627ZppXAN5SaTMcH6I.roa (raw, json)
Hash identifier:          R2yvR/cUxfhupmBIefremJALgd8CdkYGC+F2pCmER00=
Subject key identifier:   AD:99:B3:07:07:7E:03:AD:BB:66:9A:57:00:DE:52:69:33:1C:1F:A2
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E78B3FE415BCE0B249B313E7DD9C46
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rZmzBwd-A627ZppXAN5SaTMcH6I.roa
Signing time:             Mon 02 Jan 2023 05:15:00 +0000
ROA not before:           Mon 02 Jan 2023 05:15:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58336
IP address blocks:        2a0e:97c0:550::/44 maxlen: 48
                          2a0e:b107:16b0::/44 maxlen: 48
                          2a10:cc44:100::/44 maxlen: 48
                          2a10:cc42:120::/44 maxlen: 48
                          2a10:cc42:130::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 23 Jan 2023 10:50:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:8b:3f:e4:15:bc:e0:b2:49:b3:13:e7:dd:9c:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ad99b307077e03adbb669a5700de5269331c1fa2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:a0:98:01:2d:e9:17:4b:99:ae:5d:a1:ef:a8:
                    b9:39:6b:33:63:64:48:72:83:f4:b7:a3:aa:09:23:
                    86:01:c3:8a:4e:f5:fa:c3:31:62:ff:e0:ef:84:12:
                    43:b7:87:aa:0d:b4:72:12:a1:50:13:45:9e:93:9c:
                    09:7e:10:b9:0e:dd:c2:54:c9:5b:e9:ea:04:a2:a6:
                    70:f7:52:87:29:7c:4d:4f:43:52:2c:5b:4e:32:69:
                    3a:0b:fc:b8:de:33:c3:b4:38:36:60:f6:13:4a:cb:
                    e8:00:33:ef:0f:0a:b5:9e:b7:93:0e:d3:ff:7a:97:
                    ed:39:8a:2f:86:98:24:e3:d2:b8:36:7c:e8:91:1b:
                    3f:c1:d4:c1:1a:46:29:96:73:e4:91:f1:e7:1b:60:
                    5e:99:0e:25:3e:79:8e:dc:31:32:c5:cc:6a:8d:43:
                    93:9b:9e:9d:15:e2:92:31:ef:c5:02:58:2a:11:b4:
                    3f:a7:fe:fd:c8:30:e4:1f:11:e5:03:b8:04:38:a3:
                    dc:c1:08:50:ca:d2:b9:c6:52:bf:51:aa:f1:68:21:
                    c6:1d:4b:65:fd:9b:52:31:c2:fc:f9:8b:02:1f:86:
                    23:c7:67:98:39:6f:04:90:8c:8e:74:39:57:ed:42:
                    c6:bc:e5:0c:d5:81:22:b6:ac:26:fa:6a:d6:62:d9:
                    e3:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:99:B3:07:07:7E:03:AD:BB:66:9A:57:00:DE:52:69:33:1C:1F:A2
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rZmzBwd-A627ZppXAN5SaTMcH6I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:550::/44
                  2a0e:b107:16b0::/44
                  2a10:cc42:120::/43
                  2a10:cc44:100::/44

    Signature Algorithm: sha256WithRSAEncryption
         a1:9e:e5:64:27:6c:a1:1d:15:87:8a:8f:40:1e:6d:2b:7d:72:
         5d:34:e9:e2:54:a4:5c:e4:45:ee:a2:ee:c9:2a:8b:29:16:8d:
         76:2a:be:82:9e:46:96:41:d4:b4:b8:49:30:6b:5d:aa:64:e1:
         c0:f4:88:db:d6:7a:dd:c3:d0:66:dd:ca:d9:8c:77:a3:68:aa:
         76:8c:b3:fc:f3:83:2c:0c:b0:bf:33:be:88:c0:9c:2d:e2:f2:
         01:83:63:48:0f:ee:02:56:99:71:a2:10:73:14:4b:4f:00:64:
         d4:bf:a4:7a:32:49:7b:4f:9b:dd:73:cf:51:d2:98:79:58:9e:
         78:78:a1:57:0e:e8:9e:93:bd:21:31:7d:d9:cb:ab:1b:af:72:
         64:9f:e4:3c:cd:23:60:4d:76:74:89:7c:ff:d6:42:67:ad:67:
         ba:94:d3:7c:19:1f:71:da:22:04:f8:e6:9c:00:c4:70:5e:f4:
         4e:3b:01:d2:96:63:c7:15:fd:18:52:c5:ae:2e:4e:e3:6e:f6:
         94:fd:9e:de:2e:5b:f7:25:25:77:ab:86:a8:16:0a:26:0b:81:
         fe:e9:ff:cf:ba:24:2d:1d:28:46:98:f0:e7:30:5d:22:9c:11:
         5c:33:45:3a:23:2d:2b:50:f1:71:eb:59:d5:08:34:c2:c4:57:
         82:35:1d:f4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVw54s/5BW84LJJsxPn3ZxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDk5YjMwNzA3N2UwM2FkYmI2NjlhNTcwMGRlNTI2OTMzMWMxZmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaCYAS3pF0uZrl2h76i5OWszY2RI
coP0t6OqCSOGAcOKTvX6wzFi/+DvhBJDt4eqDbRyEqFQE0Wek5wJfhC5Dt3CVMlb
6eoEoqZw91KHKXxNT0NSLFtOMmk6C/y43jPDtDg2YPYTSsvoADPvDwq1nreTDtP/
epftOYovhpgk49K4NnzokRs/wdTBGkYplnPkkfHnG2BemQ4lPnmO3DEyxcxqjUOT
m56dFeKSMe/FAlgqEbQ/p/79yDDkHxHlA7gEOKPcwQhQytK5xlK/UarxaCHGHUtl
/ZtSMcL8+YsCH4Yjx2eYOW8EkIyOdDlX7ULGvOUM1YEitqwm+mrWYtnjnwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFK2ZswcHfgOtu2aaVwDeUmkzHB+iMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvclptekJ3ZC1BNjI3WnBwWEFONVNhVE1jSDZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcEKg6XwAVQ
AwcEKg6xBxawAwcFKhDMQgEgAwcEKhDMRAEAMA0GCSqGSIb3DQEBCwUAA4IBAQCh
nuVkJ2yhHRWHio9AHm0rfXJdNOniVKRc5EXuou7JKospFo12Kr6CnkaWQdS0uEkw
a12qZOHA9Ijb1nrdw9Bm3crZjHejaKp2jLP884MsDLC/M76IwJwt4vIBg2NID+4C
VplxohBzFEtPAGTUv6R6Mkl7T5vdc89R0ph5WJ54eKFXDuiek70hMX3Zy6sbr3Jk
n+Q8zSNgTXZ0iXz/1kJnrWe6lNN8GR9x2iIE+OacAMRwXvROOwHSlmPHFf0YUsWu
Lk7jbvaU/Z7eLlv3JSV3q4aoFgomC4H+6f/PuiQtHShGmPDnMF0inBFcM0U6Iy0r
UPFx61nVCDTCxFeCNR30
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:38 2024 by rpki-client on console-fra.rpki-client.org