Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uLvTR4HfSdq5dIpeg6pvhcdraZE.roa
File:                     uLvTR4HfSdq5dIpeg6pvhcdraZE.roa (raw, json)
Hash identifier:          WkGcnIHJbpt5mjv8r6LZsLcC8AswPu56lGZlwiIXAcw=
Subject key identifier:   B8:BB:D3:47:81:DF:49:DA:B9:74:8A:5E:83:AA:6F:85:C7:6B:69:91
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E7E8CECB52EF5956491590DCE1F97C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uLvTR4HfSdq5dIpeg6pvhcdraZE.roa
Signing time:             Mon 02 Jan 2023 05:15:24 +0000
ROA not before:           Mon 02 Jan 2023 05:15:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210440
IP address blocks:        2a0e:97c0:365::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 30 Jan 2023 17:48:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:e8:ce:cb:52:ef:59:56:49:15:90:dc:e1:f9:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b8bbd34781df49dab9748a5e83aa6f85c76b6991
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:78:2a:28:1f:71:4b:7b:47:e2:cd:33:7e:3a:
                    27:de:e9:f6:03:33:de:38:30:4a:42:c3:dd:76:96:
                    a1:21:f5:a5:78:77:cc:83:38:87:9f:c6:28:cd:f7:
                    74:38:db:96:ac:8a:bc:46:1e:5e:59:29:4b:74:b6:
                    5a:1e:09:53:07:68:db:e0:49:29:fd:c6:88:39:6c:
                    95:79:24:bb:97:8b:86:87:48:78:14:50:fe:ff:52:
                    98:68:3e:05:00:c4:79:63:17:f6:7d:8f:d7:e2:14:
                    e4:86:b2:3e:f1:9b:a0:aa:cf:d1:93:71:a7:6d:46:
                    1f:fd:33:d8:b3:b8:d3:3a:04:a6:86:68:0d:bb:b9:
                    26:01:cf:b8:c2:27:5f:28:3f:80:1e:06:13:2b:01:
                    3f:66:f3:f3:0b:9a:bb:ad:2e:4d:ff:fb:71:d2:a4:
                    ea:fb:da:fe:51:ae:d9:4d:6a:24:be:f0:45:06:63:
                    15:5c:0c:a9:a6:c9:91:c0:98:89:81:aa:60:0c:04:
                    6c:ae:a2:b7:48:7f:af:e8:68:4c:25:46:c1:4b:9e:
                    07:fb:7b:6e:63:e9:61:6f:3a:35:e2:ac:35:eb:1a:
                    12:f3:08:e1:9b:87:c6:b3:51:4e:b2:46:a6:51:ac:
                    f9:4f:1b:a0:00:53:bc:ae:ab:de:47:f1:1f:e1:49:
                    a2:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:BB:D3:47:81:DF:49:DA:B9:74:8A:5E:83:AA:6F:85:C7:6B:69:91
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uLvTR4HfSdq5dIpeg6pvhcdraZE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:365::/48

    Signature Algorithm: sha256WithRSAEncryption
         c1:3f:49:cb:0c:cf:cd:5a:f2:64:ab:d4:80:2b:27:b2:ef:51:
         d1:e2:4d:a0:76:5e:f5:57:fb:49:c8:4e:68:8e:16:4b:ec:57:
         0b:6b:c0:b3:d4:de:07:9b:7c:92:11:8a:20:ad:34:50:6f:73:
         86:0f:91:e8:ba:85:ff:70:59:76:3d:ad:97:90:40:73:93:38:
         16:87:2b:59:71:7a:62:b8:7a:6c:00:9f:42:30:2b:7c:34:12:
         1b:8c:24:13:b2:3c:32:af:9d:79:6a:bb:88:47:37:71:20:05:
         d4:97:fc:7a:08:ff:4b:0e:0f:0a:54:7c:c4:07:fb:6e:75:dc:
         1d:62:a7:d2:a2:63:bf:08:40:46:d0:68:e3:32:9b:90:04:14:
         1c:d7:2d:ed:95:2e:db:b4:14:97:3e:03:cb:58:e3:81:37:73:
         62:18:6e:ed:1e:5b:9d:c7:ec:19:b0:58:cc:fc:f4:ae:29:c5:
         0a:19:57:72:7c:c2:61:80:69:bd:5e:e9:b9:6e:e9:db:9a:eb:
         37:f7:69:8f:85:32:ff:37:e3:54:8d:23:b1:44:cd:c2:ec:c4:
         54:5e:6e:c8:b7:02:7a:88:b6:d6:7a:ec:e7:8b:5f:f1:bb:a1:
         34:6e:2c:f3:b5:9e:9f:fd:7b:bf:92:cf:f4:f7:b3:02:34:37:
         d5:52:1c:c3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw5+jOy1LvWVZJFZDc4fl8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGJiZDM0NzgxZGY0OWRhYjk3NDhhNWU4M2FhNmY4NWM3NmI2OTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAingqKB9xS3tH4s0zfjon3un2AzPe
ODBKQsPddpahIfWleHfMgziHn8Yozfd0ONuWrIq8Rh5eWSlLdLZaHglTB2jb4Ekp
/caIOWyVeSS7l4uGh0h4FFD+/1KYaD4FAMR5Yxf2fY/X4hTkhrI+8Zugqs/Rk3Gn
bUYf/TPYs7jTOgSmhmgNu7kmAc+4widfKD+AHgYTKwE/ZvPzC5q7rS5N//tx0qTq
+9r+Ua7ZTWokvvBFBmMVXAyppsmRwJiJgapgDARsrqK3SH+v6GhMJUbBS54H+3tu
Y+lhbzo14qw16xoS8wjhm4fGs1FOskamUaz5TxugAFO8rqveR/Ef4UmiZQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLi700eB30nauXSKXoOqb4XHa2mRMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdUx2VFI0SGZTZHE1ZElwZWc2cHZoY2RyYVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6XwANl
MA0GCSqGSIb3DQEBCwUAA4IBAQDBP0nLDM/NWvJkq9SAKyey71HR4k2gdl71V/tJ
yE5ojhZL7FcLa8Cz1N4Hm3ySEYogrTRQb3OGD5HouoX/cFl2Pa2XkEBzkzgWhytZ
cXpiuHpsAJ9CMCt8NBIbjCQTsjwyr515aruIRzdxIAXUl/x6CP9LDg8KVHzEB/tu
ddwdYqfSomO/CEBG0GjjMpuQBBQc1y3tlS7btBSXPgPLWOOBN3NiGG7tHludx+wZ
sFjM/PSuKcUKGVdyfMJhgGm9Xum5bunbmus392mPhTL/N+NUjSOxRM3C7MRUXm7I
twJ6iLbWeuzni1/xu6E0bizztZ6f/Xu/ks/097MCNDfVUhzD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:33 2024 by rpki-client on console-ams.rpki-client.org