Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vK4uMIS91KJyOmIG-HMO0QN6Amo.roa
File:                     vK4uMIS91KJyOmIG-HMO0QN6Amo.roa (raw, json)
Hash identifier:          8zWxfCTWMmMMrsydVj2FTrMNxuLAH6UbP8WF9+n9Ckc=
Subject key identifier:   BC:AE:2E:30:84:BD:D4:A2:72:3A:62:06:F8:73:0E:D1:03:7A:02:6A
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018AFBC3A86760C7F32ABCED5FAA0F9897A2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vK4uMIS91KJyOmIG-HMO0QN6Amo.roa
Signing time:             Wed 04 Oct 2023 17:36:58 +0000
ROA not before:           Wed 04 Oct 2023 17:36:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205977
IP address blocks:        2a0e:b107:760::/48 maxlen: 48
                          2a0e:b107:765::/48 maxlen: 48
                          2a0e:b107:76a::/48 maxlen: 48
                          2a10:2f00:120::/48 maxlen: 48
                          2a0e:b107:764::/48 maxlen: 48
                          2a0e:b107:769::/48 maxlen: 48
                          2a0e:b107:768::/45 maxlen: 48
                          2a0e:b107:763::/48 maxlen: 48
                          2a0e:b107:768::/48 maxlen: 48
                          2a0e:b107:76d::/48 maxlen: 48
                          2a0e:b107:760::/44 maxlen: 48
                          2a0e:b107:762::/48 maxlen: 48
                          2a0e:b107:767::/48 maxlen: 48
                          2a0e:b107:76c::/48 maxlen: 48
                          2a0e:b107:761::/48 maxlen: 48
                          2a0e:b107:766::/48 maxlen: 48
                          2a0e:b107:76b::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 18 Oct 2023 08:15:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:fb:c3:a8:67:60:c7:f3:2a:bc:ed:5f:aa:0f:98:97:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Oct  4 17:36:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bcae2e3084bdd4a2723a6206f8730ed1037a026a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:1d:12:d2:d2:0d:a0:9d:11:87:c0:63:2b:87:
                    bc:4f:98:7b:17:8e:ae:db:dd:c1:11:7b:9c:fa:e1:
                    41:29:39:3f:37:c4:41:20:29:e6:bc:1b:95:00:25:
                    68:99:74:cc:ce:bd:7c:56:65:57:03:cb:ac:0e:45:
                    68:4b:b1:58:cc:66:bd:28:32:7f:d0:74:87:02:6a:
                    33:51:dc:71:c6:99:e6:06:c9:ea:fa:a7:d2:a8:69:
                    6b:ba:60:e3:96:15:b9:12:f3:96:47:5e:76:53:36:
                    15:d5:0e:54:47:a0:05:f7:72:02:02:0e:a5:48:f4:
                    bc:0b:4f:15:8f:1c:9b:3f:70:cb:4e:c7:15:5f:78:
                    95:60:ff:6b:59:d2:13:5f:d6:21:a0:49:a7:b0:1f:
                    6d:c7:c0:c2:d2:54:f0:e7:79:9d:73:5e:81:4b:eb:
                    66:c6:86:9e:65:d8:ee:b2:fb:2c:b5:9a:01:99:16:
                    8b:59:7a:72:51:27:33:13:58:a5:80:df:52:e3:6b:
                    e2:aa:59:b7:ab:fe:fc:39:ea:b1:f4:32:a7:10:d4:
                    53:4e:2a:f2:32:64:46:da:4b:69:e8:b2:97:fc:1c:
                    10:6a:0b:8e:51:28:d8:83:31:d7:b2:05:53:74:6e:
                    2b:05:59:12:d0:31:32:7f:ff:2a:87:a2:04:5f:5f:
                    3e:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:AE:2E:30:84:BD:D4:A2:72:3A:62:06:F8:73:0E:D1:03:7A:02:6A
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vK4uMIS91KJyOmIG-HMO0QN6Amo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:760::/44
                  2a10:2f00:120::/48

    Signature Algorithm: sha256WithRSAEncryption
         57:3e:ea:c7:1c:fb:13:ac:71:eb:fa:51:50:34:a5:c7:fd:42:
         26:67:9c:52:3e:70:03:b2:10:d8:db:9d:4d:64:59:12:fa:e0:
         f6:fd:a8:9a:68:85:80:65:1f:5e:79:ae:3f:0c:60:59:25:63:
         18:a9:60:9e:17:7f:70:89:97:17:75:d8:77:5b:4d:ad:89:51:
         38:f0:af:93:f9:f0:78:6c:b2:2a:d6:46:51:db:19:e6:04:29:
         e3:ef:1d:4a:c5:f0:b5:90:83:6e:a0:07:9b:72:0a:92:69:99:
         5a:d0:d2:30:98:8a:78:0f:f8:98:28:02:9a:7f:1d:4e:b6:60:
         41:70:45:ce:67:e4:d9:a2:62:a9:9f:30:39:d9:9a:2a:69:27:
         f6:9a:7c:7a:63:79:da:a1:a7:3e:e5:c4:88:11:d3:b4:7d:85:
         61:2c:a7:a2:a5:f1:b0:ce:85:56:fd:87:22:fa:8e:d4:43:cf:
         35:d0:33:b3:b7:98:a2:81:71:8c:e4:0a:73:5a:79:fc:fc:54:
         f5:f1:f0:7f:15:18:92:09:a1:f1:78:d7:11:0e:6e:76:4c:89:
         c6:23:b3:68:3f:95:2e:2f:c7:aa:06:f1:c4:df:c1:b6:a9:2b:
         48:dd:35:86:cb:ad:31:8d:60:00:57:9a:97:2d:1c:45:bc:dd:
         ed:1b:4b:d7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYr7w6hnYMfzKrztX6oPmJeiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMDA0MTczNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2FlMmUzMDg0YmRkNGEyNzIzYTYyMDZmODczMGVkMTAzN2EwMjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlh0S0tINoJ0Rh8BjK4e8T5h7F46u
293BEXuc+uFBKTk/N8RBICnmvBuVACVomXTMzr18VmVXA8usDkVoS7FYzGa9KDJ/
0HSHAmozUdxxxpnmBsnq+qfSqGlrumDjlhW5EvOWR152UzYV1Q5UR6AF93ICAg6l
SPS8C08VjxybP3DLTscVX3iVYP9rWdITX9YhoEmnsB9tx8DC0lTw53mdc16BS+tm
xoaeZdjusvsstZoBmRaLWXpyUSczE1ilgN9S42viqlm3q/78Oeqx9DKnENRTTiry
MmRG2ktp6LKX/BwQaguOUSjYgzHXsgVTdG4rBVkS0DEyf/8qh6IEX18+MQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLyuLjCEvdSicjpiBvhzDtEDegJqMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdks0dU1JUzkxS0p5T21JRy1ITU8wUU42QW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBwdg
AwcAKhAvAAEgMA0GCSqGSIb3DQEBCwUAA4IBAQBXPurHHPsTrHHr+lFQNKXH/UIm
Z5xSPnADshDY251NZFkS+uD2/aiaaIWAZR9eea4/DGBZJWMYqWCeF39wiZcXddh3
W02tiVE48K+T+fB4bLIq1kZR2xnmBCnj7x1KxfC1kINuoAebcgqSaZla0NIwmIp4
D/iYKAKafx1OtmBBcEXOZ+TZomKpnzA52ZoqaSf2mnx6Y3naoac+5cSIEdO0fYVh
LKeipfGwzoVW/Yci+o7UQ8810DOzt5iigXGM5ApzWnn8/FT18fB/FRiSCaHxeNcR
Dm52TInGI7NoP5UuL8eqBvHE38G2qStI3TWGy60xjWAAV5qXLRxFvN3tG0vX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:39 2024 by rpki-client on console-fra.rpki-client.org