Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wiXwFy9vV8LjJH4oz-MDnJzWwtY.roa
File:                     wiXwFy9vV8LjJH4oz-MDnJzWwtY.roa (raw, json)
Hash identifier:          nn79bMS8EA9/+yOrqkXzGJXSArBMcaCx6IV1ozjQ2OY=
Subject key identifier:   C2:25:F0:17:2F:6F:57:C2:E3:24:7E:28:CF:E3:03:9C:9C:D6:C2:D6
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018BEC12E0BD05285F670D5E7534ACF7138B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wiXwFy9vV8LjJH4oz-MDnJzWwtY.roa
Signing time:             Mon 20 Nov 2023 09:32:21 +0000
ROA not before:           Mon 20 Nov 2023 09:32:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     134666
IP address blocks:        2a0e:b107:30f::/48 maxlen: 48
                          2a10:2f01:3df::/48 maxlen: 48
                          2a10:2f01:3dc::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:ec:12:e0:bd:05:28:5f:67:0d:5e:75:34:ac:f7:13:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Nov 20 09:32:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c225f0172f6f57c2e3247e28cfe3039c9cd6c2d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:c5:10:c7:89:2d:82:a2:1d:c4:a1:eb:d6:21:
                    f0:5a:62:a1:ea:0b:e1:cb:a3:66:50:43:de:c3:8d:
                    d5:0d:50:ea:8f:6a:5c:c7:31:c9:f7:4c:50:fe:2c:
                    68:1b:9e:e6:17:6f:74:0e:65:3b:09:5d:45:6f:cf:
                    e1:19:1d:b2:ae:80:ec:65:d5:43:b3:30:9b:7a:ad:
                    54:52:3c:44:0f:b5:e9:4a:10:5c:31:05:73:0a:91:
                    65:a2:8c:fc:7a:cf:29:e6:b8:b1:90:e1:ea:3d:cf:
                    0f:db:97:bc:23:73:14:5a:b8:56:2d:35:f5:f8:9c:
                    a2:7f:02:57:70:31:e5:9b:6a:ff:46:90:9e:c8:ce:
                    31:ad:9d:a5:60:74:d7:4c:66:01:21:28:a2:68:bd:
                    e4:ca:db:33:77:df:25:21:ef:b6:9a:ba:70:e5:6a:
                    3f:38:59:2d:35:54:74:b8:1c:67:c4:24:8d:23:34:
                    c1:52:a2:85:3a:e6:c5:ff:df:29:29:e6:15:3d:ae:
                    d6:09:4d:08:29:55:ae:4c:cf:d2:6c:24:65:ad:d9:
                    8e:52:2d:f8:a7:f7:6b:e4:a0:f6:1b:90:26:02:32:
                    3b:ae:ea:14:f9:48:81:9a:e6:f2:14:c9:4e:83:80:
                    37:af:c0:2f:f2:15:9a:11:41:c0:e0:7c:80:1e:dd:
                    59:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:25:F0:17:2F:6F:57:C2:E3:24:7E:28:CF:E3:03:9C:9C:D6:C2:D6
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wiXwFy9vV8LjJH4oz-MDnJzWwtY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:30f::/48
                  2a10:2f01:3dc::/48
                  2a10:2f01:3df::/48

    Signature Algorithm: sha256WithRSAEncryption
         c1:9a:34:47:38:b7:23:90:2d:74:b4:de:80:d6:55:b1:e8:8e:
         60:96:fb:26:81:ef:5a:09:2c:5b:4a:0a:9d:c1:c6:28:19:5e:
         38:b1:c1:45:27:e4:14:61:6f:fa:8c:82:12:5e:cb:b2:9e:78:
         aa:f0:e4:18:1a:25:ad:1c:ef:29:1f:cf:0c:56:32:da:b9:37:
         3b:c3:cc:8e:ff:df:23:93:db:aa:03:38:f9:14:b1:f5:21:c1:
         19:90:e1:16:79:23:a5:2d:4f:43:e4:e6:8e:1e:54:01:30:54:
         16:ee:4f:c4:f5:8f:24:a8:c1:97:e2:6f:8f:5f:82:54:06:84:
         63:e7:c7:c4:0d:8a:ac:34:9d:54:94:5e:6b:94:e2:d4:24:a4:
         16:13:f2:58:a3:ca:9c:72:5c:07:e8:7b:5c:aa:47:67:6c:a7:
         75:60:6e:73:96:b8:73:3d:cc:86:df:7c:9e:95:47:b9:ba:3e:
         e8:f2:3a:eb:ed:ec:09:a7:17:87:82:dd:7b:0b:1e:71:7c:bb:
         b4:5a:68:f5:53:48:53:2d:c5:d8:83:90:43:0e:da:ca:4c:68:
         6e:3c:29:3c:23:9d:c3:68:36:f8:b2:d0:b6:a7:cd:ce:7e:9f:
         8a:ae:22:f7:bd:b9:f6:77:fe:7d:1a:e9:d7:7a:7c:94:88:39:
         3e:20:ef:14
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYvsEuC9BShfZw1edTSs9xOLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMTIwMDkzMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjI1ZjAxNzJmNmY1N2MyZTMyNDdlMjhjZmUzMDM5YzljZDZjMmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMUQx4ktgqIdxKHr1iHwWmKh6gvh
y6NmUEPew43VDVDqj2pcxzHJ90xQ/ixoG57mF290DmU7CV1Fb8/hGR2yroDsZdVD
szCbeq1UUjxED7XpShBcMQVzCpFlooz8es8p5rixkOHqPc8P25e8I3MUWrhWLTX1
+JyifwJXcDHlm2r/RpCeyM4xrZ2lYHTXTGYBISiiaL3kytszd98lIe+2mrpw5Wo/
OFktNVR0uBxnxCSNIzTBUqKFOubF/98pKeYVPa7WCU0IKVWuTM/SbCRlrdmOUi34
p/dr5KD2G5AmAjI7ruoU+UiBmubyFMlOg4A3r8Av8hWaEUHA4HyAHt1ZUwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMIl8Bcvb1fC4yR+KM/jA5yc1sLWMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvd2lYd0Z5OXZWOExqSkg0b3otTURuSnpXd3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg6xBwMP
AwcAKhAvAQPcAwcAKhAvAQPfMA0GCSqGSIb3DQEBCwUAA4IBAQDBmjRHOLcjkC10
tN6A1lWx6I5glvsmge9aCSxbSgqdwcYoGV44scFFJ+QUYW/6jIISXsuynniq8OQY
GiWtHO8pH88MVjLauTc7w8yO/98jk9uqAzj5FLH1IcEZkOEWeSOlLU9D5OaOHlQB
MFQW7k/E9Y8kqMGX4m+PX4JUBoRj58fEDYqsNJ1UlF5rlOLUJKQWE/JYo8qcclwH
6HtcqkdnbKd1YG5zlrhzPcyG33yelUe5uj7o8jrr7ewJpxeHgt17Cx5xfLu0Wmj1
U0hTLcXYg5BDDtrKTGhuPCk8I53DaDb4stC2p83Ofp+KriL3vbn2d/59GunXenyU
iDk+IO8U
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:34 2024 by rpki-client on console-ams.rpki-client.org