Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/t9db8RhCIOLioNYlQE134YltkSY.roa
File:                     t9db8RhCIOLioNYlQE134YltkSY.roa (raw, json)
Hash identifier:          ubIebc+t0zxjUFnJoqZPRg2LW5V+dYct+qXuhf1Ma2o=
Subject key identifier:   B7:D7:5B:F1:18:42:20:E2:E2:A0:D6:25:40:4D:77:E1:89:6D:91:26
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E7C6FB189D42550334B5327035CA4E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/t9db8RhCIOLioNYlQE134YltkSY.roa
Signing time:             Mon 02 Jan 2023 05:15:15 +0000
ROA not before:           Mon 02 Jan 2023 05:15:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205947
IP address blocks:        2a09:4c2:2e::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 09 Mar 2023 06:29:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:c6:fb:18:9d:42:55:03:34:b5:32:70:35:ca:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b7d75bf1184220e2e2a0d625404d77e1896d9126
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:b6:f7:54:d7:cf:c0:e7:5f:ff:3d:67:d4:8f:
                    ec:c4:2c:57:4a:c7:39:67:a1:bf:a8:ec:f1:62:1c:
                    0f:28:88:aa:0f:f5:9c:05:38:9d:4f:c9:94:93:65:
                    9a:10:f9:7d:ee:2e:0a:09:b2:a2:6c:f1:1f:3b:a9:
                    08:37:f4:08:bd:d7:1d:b9:64:be:0b:cc:ff:06:94:
                    07:11:a0:ad:e6:c5:31:bd:61:13:57:2a:23:92:0f:
                    9c:4e:1b:14:84:cc:78:74:2e:91:6e:32:92:77:56:
                    68:a5:03:ef:d3:84:04:86:a9:3e:4f:f8:9b:9f:46:
                    5e:ac:f0:bc:3d:0a:a2:e1:8b:b8:07:86:12:ac:b4:
                    34:52:b7:14:97:62:28:b5:30:e3:6c:20:6e:bf:05:
                    35:a9:8a:5f:77:25:f8:01:03:70:24:e9:1d:9c:00:
                    ce:43:e6:95:5c:8f:7c:6a:e2:7a:de:cf:30:8a:38:
                    da:1d:0d:c9:92:db:c9:91:d0:d9:96:42:20:15:7f:
                    3c:4d:1b:f6:a3:10:de:dd:30:cf:f8:6c:ca:3c:da:
                    87:ec:3b:03:6c:ff:35:a9:97:b5:61:87:40:41:9a:
                    8a:a1:3a:b9:2b:ef:da:0f:ff:70:d4:8b:4f:9f:29:
                    65:9f:5e:08:a8:7c:f3:47:0a:7a:70:ee:e9:13:07:
                    80:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:D7:5B:F1:18:42:20:E2:E2:A0:D6:25:40:4D:77:E1:89:6D:91:26
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/t9db8RhCIOLioNYlQE134YltkSY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:4c2:2e::/48

    Signature Algorithm: sha256WithRSAEncryption
         b0:c9:3e:d2:c3:a8:b9:00:e2:42:31:b6:23:52:09:35:28:9c:
         76:a5:2a:7c:98:c7:a5:6b:d9:e0:4c:2e:10:69:a6:a5:94:36:
         e4:41:cc:81:85:52:4d:a3:1a:d2:6c:12:90:f3:cf:15:0d:05:
         49:ab:6c:5b:2e:9f:f6:01:95:9e:2f:d7:b7:06:9c:75:a5:e0:
         4e:40:38:09:d0:bf:29:5c:5b:5b:46:c7:57:25:47:1a:df:3a:
         2f:0f:a1:ca:17:eb:66:24:9f:be:35:6f:46:65:23:4d:0e:8a:
         03:3a:6b:72:49:70:a2:33:cf:9b:75:ea:36:ce:da:59:d8:1e:
         93:32:b1:b7:7f:74:c2:9b:ad:ca:01:29:aa:d2:5a:1e:9a:bd:
         54:5c:77:e8:f2:8c:0b:97:8f:a6:7a:b4:58:c6:1d:94:5d:7e:
         a8:61:33:82:e4:4f:a6:26:1b:e0:c9:db:8f:d1:46:7e:8f:5a:
         a8:5c:4e:83:52:7e:01:4d:80:a1:73:9f:39:26:29:5f:29:3d:
         3c:a3:ab:0b:d2:6a:a4:8c:16:92:69:62:80:6f:2c:d3:e0:9a:
         f1:64:73:79:73:f9:d2:ca:56:ff:50:0a:54:5b:e6:8f:ea:c1:
         79:4e:24:20:6d:aa:e9:1c:46:9f:6a:dd:fc:c7:bf:f4:ef:55:
         46:56:f2:4a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw58b7GJ1CVQM0tTJwNcpOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2Q3NWJmMTE4NDIyMGUyZTJhMGQ2MjU0MDRkNzdlMTg5NmQ5MTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbb3VNfPwOdf/z1n1I/sxCxXSsc5
Z6G/qOzxYhwPKIiqD/WcBTidT8mUk2WaEPl97i4KCbKibPEfO6kIN/QIvdcduWS+
C8z/BpQHEaCt5sUxvWETVyojkg+cThsUhMx4dC6RbjKSd1ZopQPv04QEhqk+T/ib
n0ZerPC8PQqi4Yu4B4YSrLQ0UrcUl2IotTDjbCBuvwU1qYpfdyX4AQNwJOkdnADO
Q+aVXI98auJ63s8wijjaHQ3JktvJkdDZlkIgFX88TRv2oxDe3TDP+GzKPNqH7DsD
bP81qZe1YYdAQZqKoTq5K+/aD/9w1ItPnylln14IqHzzRwp6cO7pEweAcwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLfXW/EYQiDi4qDWJUBNd+GJbZEmMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdDlkYjhSaENJT0xpb05ZbFFFMTM0WWx0a1NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgkEwgAu
MA0GCSqGSIb3DQEBCwUAA4IBAQCwyT7Sw6i5AOJCMbYjUgk1KJx2pSp8mMela9ng
TC4QaaallDbkQcyBhVJNoxrSbBKQ888VDQVJq2xbLp/2AZWeL9e3Bpx1peBOQDgJ
0L8pXFtbRsdXJUca3zovD6HKF+tmJJ++NW9GZSNNDooDOmtySXCiM8+bdeo2ztpZ
2B6TMrG3f3TCm63KASmq0loemr1UXHfo8owLl4+merRYxh2UXX6oYTOC5E+mJhvg
yduP0UZ+j1qoXE6DUn4BTYChc585JilfKT08o6sL0mqkjBaSaWKAbyzT4JrxZHN5
c/nSylb/UApUW+aP6sF5TiQgbarpHEafat38x7/071VGVvJK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:39 2024 by rpki-client on console-fra.rpki-client.org