Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wfaLNTlwHYg8Zz2myH48DIorGQ0.roa
File:                     wfaLNTlwHYg8Zz2myH48DIorGQ0.roa (raw, json)
Hash identifier:          5K0iHKDKMvNnC9xI0gWOQE5ZZRcvrVRYqgjKLd6LHcU=
Subject key identifier:   C1:F6:8B:35:39:70:1D:88:3C:67:3D:A6:C8:7E:3C:0C:8A:2B:19:0D
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018C6832FF881321B62A0962353BDB0A2FC3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wfaLNTlwHYg8Zz2myH48DIorGQ0.roa
Signing time:             Thu 14 Dec 2023 12:00:21 +0000
ROA not before:           Thu 14 Dec 2023 12:00:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49581
IP address blocks:        2a0e:b107:2828::/45 maxlen: 48
                          2a0e:b107:2818::/45 maxlen: 48
                          2a0e:b107:2820::/45 maxlen: 48
                          2a0e:b107:27d0::/45 maxlen: 48
                          2a0e:b107:2800::/45 maxlen: 48
                          2a0e:b107:2810::/45 maxlen: 48
                          2a0e:b107:27f8::/45 maxlen: 48

Validation:               Failed, certificate revoked on Wed 20 Dec 2023 13:43:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:68:32:ff:88:13:21:b6:2a:09:62:35:3b:db:0a:2f:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Dec 14 12:00:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c1f68b3539701d883c673da6c87e3c0c8a2b190d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:f5:46:1c:b7:c5:6a:a3:be:2c:2e:ad:13:7b:
                    48:06:15:0f:fb:00:a8:13:05:2e:a8:7b:a3:17:83:
                    71:b7:ad:de:05:cf:d0:f1:2e:ca:6a:2f:aa:38:7d:
                    5c:b9:c4:54:c9:31:f9:ec:42:b4:28:e5:09:cf:a6:
                    53:2d:af:3d:b4:8e:9e:b5:10:ea:ba:20:76:b5:ff:
                    fe:de:79:74:02:38:45:4c:10:a4:6d:69:ec:63:ce:
                    cd:b1:02:46:36:15:38:6f:2b:9f:6a:70:1b:b9:c9:
                    b0:49:e6:d5:fb:f7:35:4e:6b:c4:df:bc:4d:4f:d5:
                    e6:43:df:59:2a:8f:4a:51:44:f2:46:5c:ef:4d:6f:
                    b2:48:a1:24:3d:7f:15:40:15:5d:e7:aa:af:08:ec:
                    67:75:b3:08:17:04:aa:cb:be:3b:44:31:28:b3:bc:
                    19:b2:13:e0:f8:86:92:dd:da:a2:99:e7:eb:ce:e0:
                    e7:18:7d:af:6b:93:a6:6c:8a:2e:ba:8b:69:12:d3:
                    a1:af:63:e1:7a:cb:be:a9:92:03:81:62:4e:d3:23:
                    13:46:d7:5f:92:f1:ef:bc:65:e1:25:ad:1e:16:18:
                    26:5c:84:fa:fe:6e:19:1c:dc:75:8a:5f:b8:f7:13:
                    28:e9:51:4f:1f:c2:3c:59:52:9a:98:6e:4f:66:c1:
                    53:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:F6:8B:35:39:70:1D:88:3C:67:3D:A6:C8:7E:3C:0C:8A:2B:19:0D
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wfaLNTlwHYg8Zz2myH48DIorGQ0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:27d0::/45
                  2a0e:b107:27f8::-2a0e:b107:2807:ffff:ffff:ffff:ffff:ffff
                  2a0e:b107:2810::-2a0e:b107:282f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         b8:71:b3:df:15:61:ee:d4:95:19:13:a6:e8:42:01:86:5c:10:
         bd:f5:c4:f7:bc:64:a7:3e:3f:b9:ef:04:23:57:1d:46:8a:9a:
         ba:74:8f:fd:d2:62:22:96:2d:3f:42:97:b2:13:8b:61:00:0f:
         6f:50:73:91:a7:04:8e:d6:4c:20:88:69:7a:d9:54:85:f5:7d:
         96:08:74:49:bd:42:02:15:61:2e:c3:65:9f:b2:ae:33:e8:9b:
         b8:56:84:dc:76:99:87:bb:3a:9b:91:9e:b3:1a:f5:1d:fb:49:
         ad:09:a0:f1:dc:f8:8e:e6:d1:6c:7f:4b:27:c7:79:3b:85:5f:
         cf:c0:85:f0:10:a5:3f:a9:89:99:0c:a6:4a:fa:08:8c:22:66:
         1f:a4:e1:e7:4d:7f:2e:87:34:a2:bb:26:26:1e:96:c4:0f:4d:
         ec:8e:67:35:dc:fd:d7:1c:c2:b4:0b:5f:d6:4b:c4:8f:49:10:
         14:fa:14:a9:6d:1f:8d:72:25:3f:e9:15:06:d5:f8:e1:e7:55:
         79:a6:86:4e:68:8b:2c:d1:fe:c4:8e:a5:d6:10:70:72:7f:fb:
         16:13:d9:38:de:3c:4e:f8:bf:76:a6:b3:41:1c:95:c9:a4:08:
         34:fb:fe:ff:e8:55:94:b7:bb:30:4f:f1:ab:b0:dd:a2:aa:40:
         df:54:f3:82
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYxoMv+IEyG2KgliNTvbCi/DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjE0MTIwMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWY2OGIzNTM5NzAxZDg4M2M2NzNkYTZjODdlM2MwYzhhMmIxOTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPVGHLfFaqO+LC6tE3tIBhUP+wCo
EwUuqHujF4Nxt63eBc/Q8S7Kai+qOH1cucRUyTH57EK0KOUJz6ZTLa89tI6etRDq
uiB2tf/+3nl0AjhFTBCkbWnsY87NsQJGNhU4byufanAbucmwSebV+/c1TmvE37xN
T9XmQ99ZKo9KUUTyRlzvTW+ySKEkPX8VQBVd56qvCOxndbMIFwSqy747RDEos7wZ
shPg+IaS3dqimefrzuDnGH2va5OmbIouuotpEtOhr2Phesu+qZIDgWJO0yMTRtdf
kvHvvGXhJa0eFhgmXIT6/m4ZHNx1il+49xMo6VFPH8I8WVKamG5PZsFT/QIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFMH2izU5cB2IPGc9psh+PAyKKxkNMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvd2ZhTE5UbHdIWWc4WnoybXlINDhESW9yR1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwcDKg6xByfQ
MBIDBwMqDrEHJ/gDBwMqDrEHKAAwEgMHBCoOsQcoEAMHBCoOsQcoIDANBgkqhkiG
9w0BAQsFAAOCAQEAuHGz3xVh7tSVGROm6EIBhlwQvfXE97xkpz4/ue8EI1cdRoqa
unSP/dJiIpYtP0KXshOLYQAPb1BzkacEjtZMIIhpetlUhfV9lgh0Sb1CAhVhLsNl
n7KuM+ibuFaE3HaZh7s6m5Gesxr1HftJrQmg8dz4jubRbH9LJ8d5O4Vfz8CF8BCl
P6mJmQymSvoIjCJmH6Th501/Loc0orsmJh6WxA9N7I5nNdz91xzCtAtf1kvEj0kQ
FPoUqW0fjXIlP+kVBtX44edVeaaGTmiLLNH+xI6l1hBwcn/7FhPZON48Tvi/dqaz
QRyVyaQINPv+/+hVlLe7ME/xq7DdoqpA31Tzgg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:40 2024 by rpki-client on console-fra.rpki-client.org