Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rjY-pdVsCppW2qIXK_upnVQOcNU.roa
File:                     rjY-pdVsCppW2qIXK_upnVQOcNU.roa (raw, json)
Hash identifier:          7KLA0Fk7HKW95cIQuDwtSZD0lrClDEWISGsgrhEqrRM=
Subject key identifier:   AE:36:3E:A5:D5:6C:0A:9A:56:DA:A2:17:2B:FB:A9:9D:54:0E:70:D5
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0186A759CC601573AF096101514381D0D9BB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rjY-pdVsCppW2qIXK_upnVQOcNU.roa
Signing time:             Fri 03 Mar 2023 12:02:05 +0000
ROA not before:           Fri 03 Mar 2023 12:02:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199613
IP address blocks:        2a0e:b107:1f20::/44 maxlen: 48
                          2a0e:b107:11b0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:a7:59:cc:60:15:73:af:09:61:01:51:43:81:d0:d9:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Mar  3 12:02:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ae363ea5d56c0a9a56daa2172bfba99d540e70d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:62:e9:d0:11:fd:f0:bb:92:b3:29:a6:83:b3:
                    fa:25:cf:dc:c9:0b:fe:cc:be:ff:eb:4f:44:1e:2b:
                    61:aa:f7:10:0a:7b:8d:0f:53:84:54:de:7c:ab:71:
                    7d:4a:10:9d:e8:b9:1e:68:3b:e8:fb:62:fd:e3:96:
                    fb:c9:6c:d7:da:33:43:cb:6e:1b:c5:95:51:41:dc:
                    29:07:e4:c1:60:35:11:71:e0:a9:11:3a:85:d9:21:
                    2b:77:c2:60:13:54:45:a2:1d:cc:ff:13:52:2f:3f:
                    39:ce:2a:55:19:e5:6d:1a:63:1c:c1:45:e2:d8:b8:
                    e8:8c:67:16:90:b6:81:3c:29:74:6c:38:26:cc:03:
                    0b:9c:b8:6c:da:cf:d8:b2:9e:09:52:6c:55:23:02:
                    50:89:9c:31:f6:68:26:b1:4e:c0:54:87:44:4e:c3:
                    24:e1:5b:0a:65:cc:2f:7b:8f:93:40:74:14:5f:47:
                    2c:20:8c:0a:37:75:9d:08:79:b5:6f:6d:93:af:32:
                    9a:6a:c7:12:9e:30:17:8a:5a:51:9c:35:68:fe:02:
                    5a:fa:c9:fc:20:04:32:22:6d:b9:6d:9e:75:c3:19:
                    57:cf:b6:17:52:0d:fb:5c:f9:11:5b:61:db:98:f3:
                    d5:95:74:11:ca:da:e4:2e:39:d0:99:3d:97:55:51:
                    47:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:36:3E:A5:D5:6C:0A:9A:56:DA:A2:17:2B:FB:A9:9D:54:0E:70:D5
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rjY-pdVsCppW2qIXK_upnVQOcNU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:11b0::/44
                  2a0e:b107:1f20::/44

    Signature Algorithm: sha256WithRSAEncryption
         2b:7e:68:30:08:97:0b:22:77:90:d3:58:53:1e:c0:b6:f2:46:
         da:bc:9c:54:43:22:0f:82:66:3b:f5:0f:f1:db:ac:48:f6:a6:
         a4:6c:f4:81:25:9a:f7:a2:77:7b:51:b3:d8:5c:73:8a:3d:b9:
         d0:dd:bf:8b:26:98:fe:23:01:cd:db:0e:b6:48:a4:38:48:80:
         36:f2:33:4b:5e:b1:be:0a:15:42:31:a4:bc:80:76:74:55:e4:
         ea:7e:4c:59:12:82:ae:8d:af:ee:50:54:07:fa:5d:ba:e0:b9:
         11:fa:0a:20:e4:10:70:8c:79:1f:de:40:3e:8d:8b:98:67:ff:
         12:20:e5:a7:01:39:eb:cc:81:f2:91:e9:3b:f7:56:17:56:01:
         fb:ca:6a:b5:7d:e2:3b:49:05:14:98:1d:d2:71:e1:2c:09:aa:
         4e:a4:d3:63:9e:29:d9:33:09:45:51:b5:ab:3f:50:2b:d0:72:
         4c:ab:48:ef:37:86:ef:c8:8a:1f:91:9c:f3:0d:9c:00:bc:62:
         6f:ee:e9:1e:22:2b:a8:3b:30:c2:44:15:f4:33:05:93:9e:c6:
         0c:89:60:60:84:3c:37:db:91:f2:36:8a:14:16:e4:3b:ab:12:
         22:b4:39:1c:11:7f:66:05:2d:bf:8e:47:27:95:b4:69:80:2a:
         de:d2:6d:c4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYanWcxgFXOvCWEBUUOB0Nm7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzAzMTIwMjA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTM2M2VhNWQ1NmMwYTlhNTZkYWEyMTcyYmZiYTk5ZDU0MGU3MGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWLp0BH98LuSsymmg7P6Jc/cyQv+
zL7/609EHithqvcQCnuND1OEVN58q3F9ShCd6LkeaDvo+2L945b7yWzX2jNDy24b
xZVRQdwpB+TBYDURceCpETqF2SErd8JgE1RFoh3M/xNSLz85zipVGeVtGmMcwUXi
2LjojGcWkLaBPCl0bDgmzAMLnLhs2s/Ysp4JUmxVIwJQiZwx9mgmsU7AVIdETsMk
4VsKZcwve4+TQHQUX0csIIwKN3WdCHm1b22TrzKaascSnjAXilpRnDVo/gJa+sn8
IAQyIm25bZ51wxlXz7YXUg37XPkRW2HbmPPVlXQRytrkLjnQmT2XVVFHmQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK42PqXVbAqaVtqiFyv7qZ1UDnDVMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcmpZLXBkVnNDcHBXMnFJWEtfdXBuVlFPY05VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBxGw
AwcEKg6xBx8gMA0GCSqGSIb3DQEBCwUAA4IBAQArfmgwCJcLIneQ01hTHsC28kba
vJxUQyIPgmY79Q/x26xI9qakbPSBJZr3ond7UbPYXHOKPbnQ3b+LJpj+IwHN2w62
SKQ4SIA28jNLXrG+ChVCMaS8gHZ0VeTqfkxZEoKuja/uUFQH+l264LkR+gog5BBw
jHkf3kA+jYuYZ/8SIOWnATnrzIHykek791YXVgH7ymq1feI7SQUUmB3SceEsCapO
pNNjninZMwlFUbWrP1Ar0HJMq0jvN4bvyIofkZzzDZwAvGJv7ukeIiuoOzDCRBX0
MwWTnsYMiWBghDw325HyNooUFuQ7qxIitDkcEX9mBS2/jkcnlbRpgCre0m3E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:39 2024 by rpki-client on console-fra.rpki-client.org