Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sPHOjI9pzjLg-JmrmU52_XacoZs.roa
File:                     sPHOjI9pzjLg-JmrmU52_XacoZs.roa (raw, json)
Hash identifier:          zGfpOCm64jgI4u0SvVfVHr6OukLiYBCD34oki494f+I=
Subject key identifier:   B0:F1:CE:8C:8F:69:CE:32:E0:F8:99:AB:99:4E:76:FD:76:9C:A1:9B
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0185E48AF93DE82200B11F8D7A96B84D4B20
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sPHOjI9pzjLg-JmrmU52_XacoZs.roa
Signing time:             Tue 24 Jan 2023 16:09:51 +0000
ROA not before:           Tue 24 Jan 2023 16:09:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211704
IP address blocks:        2a0e:97c0:230::/44 maxlen: 48
                          2a0e:b107:fb3::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e4:8a:f9:3d:e8:22:00:b1:1f:8d:7a:96:b8:4d:4b:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan 24 16:09:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b0f1ce8c8f69ce32e0f899ab994e76fd769ca19b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:71:a0:09:a6:e0:0a:a0:df:c3:a5:b9:6e:23:
                    f8:c5:87:ec:c4:46:b7:2d:22:b8:3b:f4:08:fe:cf:
                    b6:12:7f:bf:d3:31:6c:17:35:80:1f:3e:3d:f0:7b:
                    fd:7d:de:ad:ce:01:30:68:6f:c3:08:40:e5:9e:2f:
                    f4:cb:7b:5e:9a:47:9f:fa:17:b6:3a:14:3c:d8:99:
                    cd:24:4f:59:96:35:e2:8f:80:bf:e7:e9:2f:d8:c0:
                    13:48:32:76:58:c2:e7:97:73:63:93:f5:62:5c:0c:
                    97:e4:69:07:68:90:86:7b:24:c1:9c:68:de:5c:40:
                    50:48:d6:b7:de:25:87:73:f7:fc:14:a1:ed:be:13:
                    bf:35:9e:6a:70:e9:e3:70:9c:59:ca:44:ce:35:3d:
                    11:49:60:7b:d0:88:f5:4b:89:20:ac:02:ae:b3:ba:
                    a8:6e:6c:3e:d1:26:e4:d6:57:6c:01:e1:2f:c1:ae:
                    34:7a:65:dc:d8:43:ee:2c:5b:64:5e:1f:a4:14:3e:
                    5d:7b:be:8b:b4:b3:aa:fa:22:61:4d:fe:56:61:16:
                    72:b9:89:5b:a2:63:ea:e7:2f:7b:53:48:16:68:3b:
                    ea:56:90:ae:e4:78:be:d6:56:76:5d:f7:bf:ce:71:
                    7c:a4:99:57:a9:ba:60:a2:7e:47:12:4b:4f:0a:ab:
                    07:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:F1:CE:8C:8F:69:CE:32:E0:F8:99:AB:99:4E:76:FD:76:9C:A1:9B
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sPHOjI9pzjLg-JmrmU52_XacoZs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:230::/44
                  2a0e:b107:fb3::/48

    Signature Algorithm: sha256WithRSAEncryption
         ac:63:f8:4c:ae:bf:21:37:38:6e:ee:66:5c:b0:4d:e4:97:76:
         90:30:d3:cd:28:79:a9:c9:6b:e5:47:a1:df:b8:ec:5a:b9:28:
         49:53:c7:89:7b:93:4b:f4:ec:3e:8b:a6:3c:e8:e6:04:f0:13:
         fd:2f:47:b8:27:a0:ce:76:cd:49:d6:74:ef:c1:ba:bc:b2:eb:
         bf:07:c9:1a:8f:52:76:97:ab:11:38:61:c5:41:53:90:c1:e3:
         ae:c8:21:9d:fc:0b:35:ec:91:dd:df:cd:07:99:d5:47:c4:ba:
         8d:c8:3f:0b:e0:ec:7b:38:bf:9e:ba:25:fb:31:55:37:2d:76:
         b1:78:7a:53:8e:5c:bf:43:ca:f4:e8:30:1f:62:d8:94:2b:8b:
         c1:af:48:fc:93:37:5a:56:dc:35:09:66:cd:a2:ac:7f:5f:55:
         fa:7b:9f:8a:89:f4:08:09:b4:09:fc:86:b0:a1:26:a8:0a:1f:
         37:77:6d:00:20:ad:77:0d:e8:1a:e6:8b:c0:8b:d3:99:d6:aa:
         c5:02:57:00:ba:f8:0c:d7:aa:36:63:20:3f:c4:2e:5d:85:4c:
         22:7d:8f:2c:c2:a8:40:a1:05:d6:a8:1a:ff:32:44:2c:fc:b5:
         82:60:48:8d:6d:f2:ca:2d:91:c7:3b:e3:0d:fa:36:4e:b5:22:
         db:24:d7:5c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXkivk96CIAsR+Nepa4TUsgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGYxY2U4YzhmNjljZTMyZTBmODk5YWI5OTRlNzZmZDc2OWNhMTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3GgCabgCqDfw6W5biP4xYfsxEa3
LSK4O/QI/s+2En+/0zFsFzWAHz498Hv9fd6tzgEwaG/DCEDlni/0y3temkef+he2
OhQ82JnNJE9ZljXij4C/5+kv2MATSDJ2WMLnl3Njk/ViXAyX5GkHaJCGeyTBnGje
XEBQSNa33iWHc/f8FKHtvhO/NZ5qcOnjcJxZykTONT0RSWB70Ij1S4kgrAKus7qo
bmw+0Sbk1ldsAeEvwa40emXc2EPuLFtkXh+kFD5de76LtLOq+iJhTf5WYRZyuYlb
omPq5y97U0gWaDvqVpCu5Hi+1lZ2Xfe/znF8pJlXqbpgon5HEktPCqsHqwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLDxzoyPac4y4PiZq5lOdv12nKGbMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvc1BIT2pJOXB6akxnLUptcm1VNTJfWGFjb1pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAIw
AwcAKg6xBw+zMA0GCSqGSIb3DQEBCwUAA4IBAQCsY/hMrr8hNzhu7mZcsE3kl3aQ
MNPNKHmpyWvlR6HfuOxauShJU8eJe5NL9Ow+i6Y86OYE8BP9L0e4J6DOds1J1nTv
wbq8suu/B8kaj1J2l6sROGHFQVOQweOuyCGd/As17JHd380HmdVHxLqNyD8L4Ox7
OL+euiX7MVU3LXaxeHpTjly/Q8r06DAfYtiUK4vBr0j8kzdaVtw1CWbNoqx/X1X6
e5+KifQICbQJ/IawoSaoCh83d20AIK13Dega5ovAi9OZ1qrFAlcAuvgM16o2YyA/
xC5dhUwifY8swqhAoQXWqBr/MkQs/LWCYEiNbfLKLZHHO+MN+jZOtSLbJNdc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:39 2024 by rpki-client on console-fra.rpki-client.org