Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wnX-w4ii7EV22mmL1ktkGFXVh7w.roa
File:                     wnX-w4ii7EV22mmL1ktkGFXVh7w.roa (raw, json)
Hash identifier:          QnHf6wVN+YCQNb+J9rRrTV0FXgUd/2LLju0hcEsPSyA=
Subject key identifier:   C2:75:FE:C3:88:A2:EC:45:76:DA:69:8B:D6:4B:64:18:55:D5:87:BC
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018BF62F127114890CDA8DED68EA5988EBB7
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wnX-w4ii7EV22mmL1ktkGFXVh7w.roa
Signing time:             Wed 22 Nov 2023 08:39:21 +0000
ROA not before:           Wed 22 Nov 2023 08:39:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209294
IP address blocks:        2a0e:b107:110::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:f6:2f:12:71:14:89:0c:da:8d:ed:68:ea:59:88:eb:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Nov 22 08:39:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c275fec388a2ec4576da698bd64b641855d587bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:3a:a5:3d:cc:6a:fc:c2:bf:fe:60:bd:b5:21:
                    0d:b0:c8:2b:ff:bf:49:2f:04:d8:70:66:9b:e0:a3:
                    d7:88:e4:1e:66:31:32:ec:17:eb:67:dc:cf:2d:94:
                    e5:b6:90:7b:96:74:0b:65:b0:f9:6c:5c:fc:0b:7c:
                    f4:f0:81:0b:e1:54:db:2b:2b:94:93:22:fe:25:9d:
                    e1:03:45:3b:ea:12:31:6e:36:52:56:50:be:46:a7:
                    48:db:c9:44:c2:6d:63:31:8a:f7:3e:42:61:c9:50:
                    ec:8d:65:38:4d:f1:9e:02:f5:7a:ac:48:be:1f:d4:
                    3f:cc:e0:1f:d5:f0:60:8a:2c:85:3a:41:6e:73:e1:
                    b3:39:3a:37:ec:02:fc:0e:4e:60:1e:05:2b:8a:a2:
                    fa:23:7b:c7:c3:01:5b:c1:71:d0:db:f1:3f:7d:29:
                    79:b0:06:56:74:ee:ad:0d:bb:c4:89:f8:35:d3:7d:
                    38:09:a7:01:3e:7a:14:6e:b1:a6:25:86:5c:69:3f:
                    fb:74:a0:d0:7c:e6:8a:f3:ac:33:93:cb:6b:3b:b3:
                    c0:18:2d:60:25:02:2e:46:08:75:2a:f5:4f:2d:e3:
                    24:e0:57:57:44:e9:08:9e:89:97:64:29:0b:51:9c:
                    a9:18:2d:7a:f8:1b:5e:d1:4a:dd:ef:0e:c2:ee:31:
                    55:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:75:FE:C3:88:A2:EC:45:76:DA:69:8B:D6:4B:64:18:55:D5:87:BC
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wnX-w4ii7EV22mmL1ktkGFXVh7w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:110::/44

    Signature Algorithm: sha256WithRSAEncryption
         62:a0:a2:e6:bc:5b:9b:00:86:a9:53:11:7f:3b:56:85:23:28:
         c0:84:34:4e:cd:50:2e:6a:d4:01:94:01:f7:b3:0e:76:b0:a0:
         2f:4b:c2:ab:9f:45:d0:13:5b:fa:fe:72:95:f9:e7:49:4e:7d:
         47:23:73:2a:e8:ee:9d:3f:e7:f6:72:ce:01:8f:67:f7:94:9f:
         77:08:2c:d6:1c:75:c1:c6:af:98:09:2a:5e:f1:54:07:71:d8:
         1f:85:71:04:0f:e9:72:8d:fb:61:84:25:ba:d6:f7:33:df:fe:
         a8:83:7b:3b:57:27:05:3d:37:8a:e7:cf:e8:08:a4:44:76:aa:
         e6:4b:20:22:54:51:ce:f4:0d:f4:ff:44:f9:ea:9a:2c:5e:76:
         46:b8:20:0b:3d:ae:24:de:02:f6:d2:27:91:da:27:6c:a1:b5:
         f5:7a:ca:e8:fa:43:73:1d:4a:b2:0c:d7:4e:6a:02:ca:65:b9:
         f5:9b:6c:25:34:41:a2:bd:9f:30:99:2a:68:70:ba:4d:9f:d5:
         08:13:ab:6a:b3:dc:cd:f4:86:5a:a7:09:50:76:83:d9:41:65:
         f4:19:8f:4c:b5:52:e0:2a:71:c9:5e:16:3a:32:a7:9f:a0:08:
         05:2e:43:03:8d:ed:0a:d4:0d:f8:50:49:ec:b4:88:1b:bc:ed:
         91:e3:bf:6e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYv2LxJxFIkM2o3taOpZiOu3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMTIyMDgzOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjc1ZmVjMzg4YTJlYzQ1NzZkYTY5OGJkNjRiNjQxODU1ZDU4N2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjqlPcxq/MK//mC9tSENsMgr/79J
LwTYcGab4KPXiOQeZjEy7BfrZ9zPLZTltpB7lnQLZbD5bFz8C3z08IEL4VTbKyuU
kyL+JZ3hA0U76hIxbjZSVlC+RqdI28lEwm1jMYr3PkJhyVDsjWU4TfGeAvV6rEi+
H9Q/zOAf1fBgiiyFOkFuc+GzOTo37AL8Dk5gHgUriqL6I3vHwwFbwXHQ2/E/fSl5
sAZWdO6tDbvEifg10304CacBPnoUbrGmJYZcaT/7dKDQfOaK86wzk8trO7PAGC1g
JQIuRgh1KvVPLeMk4FdXROkInomXZCkLUZypGC16+Bte0Urd7w7C7jFVdQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMJ1/sOIouxFdtppi9ZLZBhV1Ye8MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvd25YLXc0aWk3RVYyMm1tTDFrdGtHRlhWaDd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBwEQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBioKLmvFubAIapUxF/O1aFIyjAhDROzVAuatQB
lAH3sw52sKAvS8Krn0XQE1v6/nKV+edJTn1HI3Mq6O6dP+f2cs4Bj2f3lJ93CCzW
HHXBxq+YCSpe8VQHcdgfhXEED+lyjfthhCW61vcz3/6og3s7VycFPTeK58/oCKRE
dqrmSyAiVFHO9A30/0T56posXnZGuCALPa4k3gL20ieR2idsobX1esro+kNzHUqy
DNdOagLKZbn1m2wlNEGivZ8wmSpocLpNn9UIE6tqs9zN9IZapwlQdoPZQWX0GY9M
tVLgKnHJXhY6MqefoAgFLkMDje0K1A34UEnstIgbvO2R479u
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:40 2024 by rpki-client on console-fra.rpki-client.org