Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/u6hBgxJVot2gsdOavbmU4VKkujc.roa
File:                     u6hBgxJVot2gsdOavbmU4VKkujc.roa (raw, json)
Hash identifier:          uN9xyzh5hrTyQH6b8squTsJ/4UAYFk9Tz3d9Wh7SKD4=
Subject key identifier:   BB:A8:41:83:12:55:A2:DD:A0:B1:D3:9A:BD:B9:94:E1:52:A4:BA:37
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E81341F2887E5574A2E85755FEF797
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/u6hBgxJVot2gsdOavbmU4VKkujc.roa
Signing time:             Mon 02 Jan 2023 05:15:35 +0000
ROA not before:           Mon 02 Jan 2023 05:15:35 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212154
IP address blocks:        2a0e:b107:1c00::/48 maxlen: 48
                          2a0e:b107:1c0f::/48 maxlen: 48
                          2a0e:b107:1c0e::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e8:13:41:f2:88:7e:55:74:a2:e8:57:55:fe:f7:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:35 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bba841831255a2dda0b1d39abdb994e152a4ba37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:1c:cf:86:90:ac:9c:31:99:4e:fa:88:98:0b:
                    e3:e1:bd:a6:d7:2d:25:a1:79:91:fb:96:1f:cd:5d:
                    bb:44:74:96:1e:13:ce:8d:ef:ba:3c:d5:1b:6d:a7:
                    87:da:16:3d:82:5d:8d:bb:6c:29:29:08:64:5d:cf:
                    c7:d3:6f:80:fe:ca:65:7e:73:28:48:f9:16:d4:ae:
                    58:4a:3f:be:c2:d5:05:b4:23:ba:fd:38:ec:a4:24:
                    65:b8:5b:f3:8a:35:f7:e1:2b:83:c5:cf:43:ab:8c:
                    2e:53:f3:69:99:c2:28:ae:f2:fd:8c:e5:b3:92:cb:
                    bf:89:0c:9d:89:42:72:29:1a:e8:b9:42:64:a8:58:
                    83:a1:15:06:b4:26:bd:9b:44:2a:75:25:87:d4:d1:
                    72:88:8b:de:72:dd:a6:b7:da:6a:0f:00:c9:73:bd:
                    8d:0c:a6:fc:b6:b7:38:2b:3d:72:9b:80:2b:ba:20:
                    b1:55:06:e5:88:cf:1d:d3:97:37:dd:dc:a5:26:db:
                    cd:53:af:3c:e9:d6:2d:13:67:60:9a:4a:ed:7b:af:
                    43:c9:3c:e0:db:6c:1e:75:d7:56:b2:59:57:75:c0:
                    c2:02:8b:92:03:5d:5c:d8:68:3b:7c:d5:cd:af:8e:
                    d2:a5:e8:bb:fa:68:ba:cc:c6:aa:1c:cc:5f:2e:ef:
                    8b:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:A8:41:83:12:55:A2:DD:A0:B1:D3:9A:BD:B9:94:E1:52:A4:BA:37
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/u6hBgxJVot2gsdOavbmU4VKkujc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:1c00::/48
                  2a0e:b107:1c0e::/47

    Signature Algorithm: sha256WithRSAEncryption
         41:a1:d5:b2:7e:44:90:e3:76:92:10:b3:d8:f0:e2:c5:73:8b:
         0a:05:6d:e3:69:2a:43:89:31:f7:0e:3b:22:71:82:71:92:73:
         5d:a7:fa:41:13:b0:e4:0a:f7:fe:84:e2:48:f9:98:84:6a:b4:
         96:10:01:aa:00:9e:c8:c7:7f:39:e0:26:24:b8:22:f6:7f:d5:
         ad:cf:77:23:0a:09:2d:57:84:56:3e:09:1b:ce:4d:4c:ca:0f:
         a2:b9:30:fc:00:32:b4:43:ed:d1:ec:f7:cc:c1:0f:92:23:8a:
         0b:ae:db:7d:7f:14:66:7a:69:7d:8b:cc:33:48:99:0f:67:20:
         c9:9c:a6:7b:3b:bd:74:f4:c7:73:ee:82:ff:75:25:71:89:c6:
         eb:fc:6e:69:b0:62:bd:c0:07:f5:a9:a4:80:fd:08:5d:a1:99:
         9c:41:65:5e:a9:f6:e1:2c:d0:37:cd:8b:3b:d2:53:b5:c2:2b:
         1d:b2:f5:63:f2:c7:da:b9:57:c7:5a:c7:61:8f:c3:9f:07:5b:
         9a:54:1c:a2:24:41:bd:94:3c:77:f8:82:d9:9b:2a:10:84:e9:
         98:de:ea:d1:41:9b:ec:0e:82:b5:41:9a:39:7e:2d:11:5a:ce:
         c8:40:0e:77:a9:db:1a:3f:3d:3b:84:b7:64:ee:e2:d7:1a:1d:
         4f:cd:8d:6d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw6BNB8oh+VXSi6FdV/veXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmE4NDE4MzEyNTVhMmRkYTBiMWQzOWFiZGI5OTRlMTUyYTRiYTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRzPhpCsnDGZTvqImAvj4b2m1y0l
oXmR+5YfzV27RHSWHhPOje+6PNUbbaeH2hY9gl2Nu2wpKQhkXc/H02+A/splfnMo
SPkW1K5YSj++wtUFtCO6/TjspCRluFvzijX34SuDxc9Dq4wuU/NpmcIorvL9jOWz
ksu/iQydiUJyKRrouUJkqFiDoRUGtCa9m0QqdSWH1NFyiIvect2mt9pqDwDJc72N
DKb8trc4Kz1ym4AruiCxVQbliM8d05c33dylJtvNU6886dYtE2dgmkrte69DyTzg
22wedddWsllXdcDCAouSA11c2Gg7fNXNr47Spei7+mi6zMaqHMxfLu+LTQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLuoQYMSVaLdoLHTmr25lOFSpLo3MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdTZoQmd4SlZvdDJnc2RPYXZibVU0VktrdWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBxwA
AwcBKg6xBxwOMA0GCSqGSIb3DQEBCwUAA4IBAQBBodWyfkSQ43aSELPY8OLFc4sK
BW3jaSpDiTH3DjsicYJxknNdp/pBE7DkCvf+hOJI+ZiEarSWEAGqAJ7Ix3854CYk
uCL2f9Wtz3cjCgktV4RWPgkbzk1Myg+iuTD8ADK0Q+3R7PfMwQ+SI4oLrtt9fxRm
eml9i8wzSJkPZyDJnKZ7O7109Mdz7oL/dSVxicbr/G5psGK9wAf1qaSA/QhdoZmc
QWVeqfbhLNA3zYs70lO1wisdsvVj8sfauVfHWsdhj8OfB1uaVByiJEG9lDx3+ILZ
myoQhOmY3urRQZvsDoK1QZo5fi0RWs7IQA53qdsaPz07hLdk7uLXGh1PzY1t
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:33 2024 by rpki-client on console-ams.rpki-client.org