Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tZzCXRfu30gxQtR3z3FlJ24l2mw.roa
File:                     tZzCXRfu30gxQtR3z3FlJ24l2mw.roa (raw, json)
Hash identifier:          dHUEhkRDqjW0PMqfb5izx/HHwaUNOM2wufKw8LyiQ+w=
Subject key identifier:   B5:9C:C2:5D:17:EE:DF:48:31:42:D4:77:CF:71:65:27:6E:25:DA:6C
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E7F3B368A286557A8EC0ACE794D578
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tZzCXRfu30gxQtR3z3FlJ24l2mw.roa
Signing time:             Mon 02 Jan 2023 05:15:27 +0000
ROA not before:           Mon 02 Jan 2023 05:15:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210864
IP address blocks:        2a0e:b107:19f0::/48 maxlen: 48
                          2a0e:b107:19f5::/48 maxlen: 48
                          2a0e:b107:19fa::/48 maxlen: 48
                          2a0e:b107:19ff::/48 maxlen: 48
                          2a0e:b107:1a04::/48 maxlen: 48
                          2a0e:b107:1a09::/48 maxlen: 48
                          2a0e:b107:19f3::/48 maxlen: 48
                          2a0e:b107:19f8::/48 maxlen: 48
                          2a0e:b107:19fd::/48 maxlen: 48
                          2a0e:b107:1a02::/48 maxlen: 48
                          2a0e:b107:1a07::/48 maxlen: 48
                          2a0e:b107:1a0c::/48 maxlen: 48
                          2a0e:b107:19f1::/48 maxlen: 48
                          2a0e:b107:19f6::/48 maxlen: 48
                          2a0e:b107:19fb::/48 maxlen: 48
                          2a0e:b107:1a00::/48 maxlen: 48
                          2a0e:b107:1a05::/48 maxlen: 48
                          2a0e:b107:1a0a::/48 maxlen: 48
                          2a0e:b107:19f4::/48 maxlen: 48
                          2a0e:b107:19f9::/48 maxlen: 48
                          2a0e:b107:19fe::/48 maxlen: 48
                          2a0e:b107:1a03::/48 maxlen: 48
                          2a0e:b107:1a08::/48 maxlen: 48
                          2a0e:b107:19f7::/48 maxlen: 48
                          2a0e:b107:19fc::/48 maxlen: 48
                          2a0e:b107:1a01::/48 maxlen: 48
                          2a0e:b107:1a06::/48 maxlen: 48
                          2a0e:b107:1a0b::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:f3:b3:68:a2:86:55:7a:8e:c0:ac:e7:94:d5:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b59cc25d17eedf483142d477cf7165276e25da6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:ba:8e:f2:5e:17:83:ed:6f:e1:8e:c4:b6:9b:
                    8c:b9:bd:9c:80:ea:2e:83:0f:e2:b4:da:71:f9:59:
                    8c:66:c5:40:41:ee:81:cb:ae:7b:2b:4e:19:f4:2a:
                    03:b4:ad:df:9b:3e:1c:a5:ad:c1:47:4b:f9:1f:ac:
                    83:b9:7c:2d:7c:75:44:13:d7:ac:4f:14:3a:42:9c:
                    d1:14:1a:dd:5f:1b:0d:cb:98:83:e7:96:69:7d:62:
                    9d:c0:fe:11:fc:05:20:b8:2a:af:65:38:69:fc:14:
                    66:d9:89:9d:a4:d0:af:f1:1f:40:56:65:4b:d5:f4:
                    49:de:59:3a:da:42:0c:51:c3:8f:a2:e2:46:ba:96:
                    36:fc:81:5d:c4:76:70:63:a2:98:c0:62:15:62:e1:
                    fd:51:5f:f0:a3:0f:7c:b3:e8:c3:71:e0:02:f4:73:
                    8e:08:1a:26:80:bd:c7:8d:ed:d8:52:db:a1:90:71:
                    31:32:cd:89:72:01:c2:2f:11:d7:45:31:40:8a:e2:
                    88:8f:1c:e6:fb:83:68:66:33:5d:80:07:fe:f0:2c:
                    9f:08:ad:42:31:f4:60:67:cc:cc:c9:59:d9:23:90:
                    5f:d9:53:28:60:e2:d9:83:bd:38:ad:60:00:8a:7e:
                    80:b5:9d:b5:ff:e4:11:e1:76:00:7c:0b:e6:18:6b:
                    13:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:9C:C2:5D:17:EE:DF:48:31:42:D4:77:CF:71:65:27:6E:25:DA:6C
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tZzCXRfu30gxQtR3z3FlJ24l2mw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:19f0::/47
                  2a0e:b107:19f3::-2a0e:b107:1a0c:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         47:a3:a8:83:cb:8f:01:36:ee:84:fc:55:41:87:7a:9d:40:1d:
         27:94:9e:9b:e6:41:9f:b7:04:b9:ae:ac:cc:c1:51:a6:e3:83:
         18:b5:6f:eb:64:55:be:60:cc:b8:d8:50:c8:48:fe:f2:29:83:
         02:7e:ab:34:42:2b:e6:73:15:a3:71:e5:ea:ef:57:b0:bd:06:
         94:9a:0b:03:18:12:c6:b0:02:94:69:86:c4:4a:05:0f:f5:50:
         bf:47:c3:85:08:0c:2e:4c:a9:06:3e:43:62:8d:b4:d2:f5:26:
         89:f4:45:00:ff:0e:81:25:2d:c4:15:ef:46:4c:b4:eb:32:43:
         de:50:96:14:85:ca:84:59:a0:68:7a:44:0f:b2:b2:fa:53:8f:
         9b:a1:f8:e8:cc:54:a8:6f:29:4b:80:8c:b9:46:16:9a:0c:99:
         7e:81:4a:2b:36:96:ec:ad:e0:ed:e4:7f:be:ab:6e:9d:50:72:
         0c:fa:5d:c6:47:74:b3:98:8a:97:9b:01:c0:87:1b:a6:f5:66:
         e3:fe:84:ce:1b:d3:36:64:d4:27:61:4f:89:03:08:48:5f:44:
         44:9d:0e:ba:60:a2:28:36:fb:91:87:9f:cd:b2:48:90:e0:cf:
         3c:84:0f:4b:a2:79:18:ef:db:16:39:a2:46:4a:27:b4:ca:fb:
         16:f7:f5:f7
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVw5/OzaKKGVXqOwKznlNV4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTljYzI1ZDE3ZWVkZjQ4MzE0MmQ0NzdjZjcxNjUyNzZlMjVkYTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbqO8l4Xg+1v4Y7EtpuMub2cgOou
gw/itNpx+VmMZsVAQe6By657K04Z9CoDtK3fmz4cpa3BR0v5H6yDuXwtfHVEE9es
TxQ6QpzRFBrdXxsNy5iD55ZpfWKdwP4R/AUguCqvZThp/BRm2YmdpNCv8R9AVmVL
1fRJ3lk62kIMUcOPouJGupY2/IFdxHZwY6KYwGIVYuH9UV/wow98s+jDceAC9HOO
CBomgL3Hje3YUtuhkHExMs2JcgHCLxHXRTFAiuKIjxzm+4NoZjNdgAf+8CyfCK1C
MfRgZ8zMyVnZI5Bf2VMoYOLZg704rWAAin6AtZ21/+QR4XYAfAvmGGsTcQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLWcwl0X7t9IMULUd89xZSduJdpsMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdFp6Q1hSZnUzMGd4UXRSM3ozRmxKMjRsMm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcBKg6xBxnw
MBIDBwAqDrEHGfMDBwAqDrEHGgwwDQYJKoZIhvcNAQELBQADggEBAEejqIPLjwE2
7oT8VUGHep1AHSeUnpvmQZ+3BLmurMzBUabjgxi1b+tkVb5gzLjYUMhI/vIpgwJ+
qzRCK+ZzFaNx5ervV7C9BpSaCwMYEsawApRphsRKBQ/1UL9Hw4UIDC5MqQY+Q2KN
tNL1Jon0RQD/DoElLcQV70ZMtOsyQ95QlhSFyoRZoGh6RA+ysvpTj5uh+OjMVKhv
KUuAjLlGFpoMmX6BSis2luyt4O3kf76rbp1Qcgz6XcZHdLOYipebAcCHG6b1ZuP+
hM4b0zZk1CdhT4kDCEhfRESdDrpgoig2+5GHn82ySJDgzzyED0uieRjv2xY5okZK
J7TK+xb39fc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:33 2024 by rpki-client on console-ams.rpki-client.org