Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xEJcQhl_NYHYIKlUwOzmARuPdPI.roa
File:                     xEJcQhl_NYHYIKlUwOzmARuPdPI.roa (raw, json)
Hash identifier:          5WEQZ1cEAZa5ETLZEh4ltJo9nIEaE9l0pO6a3iSLoC8=
Subject key identifier:   C4:42:5C:42:19:7F:35:81:D8:20:A9:54:C0:EC:E6:01:1B:8F:74:F2
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0186A3525F21AE15DA52ED350296C435EECA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xEJcQhl_NYHYIKlUwOzmARuPdPI.roa
Signing time:             Thu 02 Mar 2023 17:15:29 +0000
ROA not before:           Thu 02 Mar 2023 17:15:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200160
IP address blocks:        2a0e:b107:660::/44 maxlen: 48
                          2a0e:b107:5f0::/44 maxlen: 48
                          2a0e:b107:1d60::/44 maxlen: 48
                          2a0e:b107:600::/44 maxlen: 48
                          2a0e:b107:1e00::/44 maxlen: 48
                          2a0e:b107:5e0::/44 maxlen: 48
                          2a0e:b107:800::/44 maxlen: 48

Validation:               Failed, certificate revoked on Sun 30 Apr 2023 15:47:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:a3:52:5f:21:ae:15:da:52:ed:35:02:96:c4:35:ee:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Mar  2 17:15:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c4425c42197f3581d820a954c0ece6011b8f74f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:b8:3d:0d:fd:95:aa:dc:e6:1a:81:53:cf:7c:
                    08:6b:8b:3b:62:28:ea:9f:26:a4:06:37:03:fd:b2:
                    61:0c:e3:ee:7c:5b:44:1b:f7:85:63:83:ec:7b:8f:
                    68:9e:4e:a5:29:f7:23:2c:0f:dc:4a:5e:b1:1c:e7:
                    89:4d:c9:49:e4:d7:10:2c:76:01:41:53:25:cd:80:
                    3c:8c:ef:fc:45:4d:d1:6b:20:fa:7a:f2:07:c7:44:
                    f0:58:69:6e:8f:b3:66:cf:2b:74:f8:bd:0e:9c:ab:
                    ca:ef:a9:06:f2:be:c2:b7:8a:eb:d7:1b:4c:47:74:
                    23:59:07:32:ee:53:5d:eb:47:18:c8:7d:9f:ac:1a:
                    8f:f9:20:90:4e:a2:98:67:c3:b1:7c:8b:61:ff:55:
                    0b:5f:92:d5:d3:d1:e7:28:36:6c:3b:a1:6c:5e:eb:
                    0d:4d:70:70:2f:50:73:b6:10:02:99:16:9c:38:96:
                    20:ea:0c:1b:71:27:dd:ab:b3:4f:3f:cb:bf:f3:8e:
                    be:72:8d:f5:af:77:15:70:c9:2c:56:9f:38:31:7a:
                    28:82:11:64:a7:2b:05:27:2d:dd:ee:19:3d:85:37:
                    8d:c1:ef:f6:ec:fe:d4:0f:7f:35:c7:b3:b0:57:4b:
                    d1:e4:fe:1d:82:5b:c4:26:7d:49:18:f8:60:fe:d2:
                    e1:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:42:5C:42:19:7F:35:81:D8:20:A9:54:C0:EC:E6:01:1B:8F:74:F2
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xEJcQhl_NYHYIKlUwOzmARuPdPI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:5e0::-2a0e:b107:60f:ffff:ffff:ffff:ffff:ffff
                  2a0e:b107:660::/44
                  2a0e:b107:800::/44
                  2a0e:b107:1d60::/44
                  2a0e:b107:1e00::/44

    Signature Algorithm: sha256WithRSAEncryption
         06:ff:25:92:b8:9c:b0:ea:ff:64:8d:6d:ee:92:ec:e9:26:84:
         01:6e:63:13:47:cb:0c:0e:a0:bb:5f:31:f9:32:96:58:3e:10:
         76:5f:8a:e2:88:9c:07:e3:db:b1:f6:31:87:01:04:ad:a6:69:
         38:e5:2c:ca:12:4f:ee:d3:ca:51:ca:e8:d8:fa:6c:ae:a9:7d:
         fb:e3:ea:ae:91:c2:98:7c:7b:ca:72:8d:ea:64:79:1e:a3:a5:
         25:2c:6e:2b:1a:32:b9:7e:b1:d1:9b:1e:a6:f3:41:9a:8b:27:
         0f:cb:da:94:98:33:da:60:de:66:e7:1d:62:ba:6a:8d:da:4f:
         07:56:2c:61:ae:74:23:59:b5:46:b8:ca:e7:31:12:a4:a8:58:
         9f:e3:a9:12:cd:d6:43:6e:c6:a7:bf:f1:e0:cb:45:cb:73:41:
         95:be:65:11:37:1f:cf:b6:38:fa:d6:9e:f0:0b:f0:9a:6f:bd:
         76:8b:fd:8b:5e:65:02:d8:cc:a7:b0:c4:3d:1c:88:36:28:74:
         89:62:fb:93:16:5c:c2:fc:2e:be:ce:72:bb:54:a7:1a:f3:39:
         48:0f:2e:71:ed:db:da:3a:f1:e2:82:33:6b:5d:36:45:83:c3:
         21:1e:64:c5:96:d0:60:70:5f:3e:92:81:8e:42:85:27:78:e2:
         7b:61:8a:02
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYajUl8hrhXaUu01ApbENe7KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzAyMTcxNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDQyNWM0MjE5N2YzNTgxZDgyMGE5NTRjMGVjZTYwMTFiOGY3NGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7g9Df2VqtzmGoFTz3wIa4s7Yijq
nyakBjcD/bJhDOPufFtEG/eFY4Pse49onk6lKfcjLA/cSl6xHOeJTclJ5NcQLHYB
QVMlzYA8jO/8RU3RayD6evIHx0TwWGluj7Nmzyt0+L0OnKvK76kG8r7Ct4rr1xtM
R3QjWQcy7lNd60cYyH2frBqP+SCQTqKYZ8OxfIth/1ULX5LV09HnKDZsO6FsXusN
TXBwL1BzthACmRacOJYg6gwbcSfdq7NPP8u/846+co31r3cVcMksVp84MXooghFk
pysFJy3d7hk9hTeNwe/27P7UD381x7OwV0vR5P4dglvEJn1JGPhg/tLhkwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFMRCXEIZfzWB2CCpVMDs5gEbj3TyMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveEVKY1FobF9OWUhZSUtsVXdPem1BUnVQZFBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4MBIDBwUqDrEH
BeADBwQqDrEHBgADBwQqDrEHBmADBwQqDrEHCAADBwQqDrEHHWADBwQqDrEHHgAw
DQYJKoZIhvcNAQELBQADggEBAAb/JZK4nLDq/2SNbe6S7OkmhAFuYxNHywwOoLtf
Mfkyllg+EHZfiuKInAfj27H2MYcBBK2maTjlLMoST+7TylHK6Nj6bK6pffvj6q6R
wph8e8pyjepkeR6jpSUsbisaMrl+sdGbHqbzQZqLJw/L2pSYM9pg3mbnHWK6ao3a
TwdWLGGudCNZtUa4yucxEqSoWJ/jqRLN1kNuxqe/8eDLRctzQZW+ZRE3H8+2OPrW
nvAL8JpvvXaL/YteZQLYzKewxD0ciDYodIli+5MWXML8Lr7OcrtUpxrzOUgPLnHt
29o68eKCM2tdNkWDwyEeZMWW0GBwXz6SgY5ChSd44nthigI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:34 2024 by rpki-client on console-ams.rpki-client.org