Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xZsnz1VxthXFKAkbPJMw7phZLXo.roa
File:                     xZsnz1VxthXFKAkbPJMw7phZLXo.roa (raw, json)
Hash identifier:          gi3hpa8clSEdsqNDsiT0yQWR5gps4xypbl/pl3Obsa0=
Subject key identifier:   C5:9B:27:CF:55:71:B6:15:C5:28:09:1B:3C:93:30:EE:98:59:2D:7A
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E7E04D9A066E779488E86550BCB6C4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xZsnz1VxthXFKAkbPJMw7phZLXo.roa
Signing time:             Mon 02 Jan 2023 05:15:22 +0000
ROA not before:           Mon 02 Jan 2023 05:15:22 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209710
IP address blocks:        2a0e:b107:340::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:e0:4d:9a:06:6e:77:94:88:e8:65:50:bc:b6:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:22 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c59b27cf5571b615c528091b3c9330ee98592d7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:36:59:62:1f:e6:ae:8a:b0:58:e6:b0:60:12:
                    e7:79:b3:8e:92:03:f6:a3:8e:67:25:92:86:2b:55:
                    e2:f0:e4:31:49:2a:f7:1c:15:97:82:5a:cd:bc:37:
                    e0:41:23:91:cb:3e:94:97:f2:fc:91:a3:d2:01:73:
                    83:aa:d4:7e:4e:27:68:95:e7:42:9f:dc:30:88:a9:
                    5b:cf:ed:3d:9a:56:56:c3:00:90:88:7a:9a:21:d6:
                    a5:61:06:b9:30:83:17:da:c3:78:08:a7:07:13:dd:
                    e6:93:d6:52:40:22:c8:ee:0c:78:8c:e9:a0:68:c5:
                    30:12:ac:b1:7d:a1:d1:e8:33:05:48:95:57:4f:84:
                    26:42:ce:c9:63:2b:6c:bc:9f:c9:2e:a9:07:33:83:
                    13:bf:59:12:5c:16:0a:35:50:39:47:ab:f9:02:60:
                    8e:fd:3e:58:3a:1b:1b:35:8e:15:3e:19:9c:5f:fb:
                    36:d4:97:cd:3a:5e:83:72:31:6f:80:b5:38:04:57:
                    c0:c6:b9:57:77:1b:5c:be:42:07:40:6e:25:4e:55:
                    c8:21:45:bd:99:b7:cf:a4:14:51:11:8f:0f:38:da:
                    fc:bf:9e:b6:0e:3e:20:ec:82:c5:01:3c:91:32:40:
                    b5:6a:13:d0:a4:bf:9d:2c:5e:8f:5f:6c:ab:cb:e5:
                    89:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:9B:27:CF:55:71:B6:15:C5:28:09:1B:3C:93:30:EE:98:59:2D:7A
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xZsnz1VxthXFKAkbPJMw7phZLXo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:340::/44

    Signature Algorithm: sha256WithRSAEncryption
         83:ad:ac:55:63:5e:58:8a:4d:72:40:4c:d7:e1:ef:07:6a:05:
         f2:a7:32:70:d2:a9:c6:a9:d6:49:0a:b3:f4:78:10:8a:16:3f:
         69:09:cd:b1:22:34:bf:50:64:37:f9:6d:e5:81:fe:55:1b:6a:
         8c:f2:2c:b9:f4:45:5d:18:73:e9:1a:71:47:4a:41:62:66:c2:
         70:ac:4c:1c:1a:54:b6:7e:f6:ec:8d:82:af:ca:69:17:12:17:
         a1:20:c0:e5:dd:52:07:66:14:9d:a2:79:d8:e6:a8:c4:82:22:
         37:10:02:e4:54:60:0c:91:bd:66:92:b7:17:7f:d3:7a:67:8a:
         a1:b9:4c:a3:0e:be:e6:9f:16:b2:2a:ef:6c:63:39:d1:1c:be:
         84:26:36:3f:ef:61:d4:1c:7b:9b:d2:4b:15:6a:eb:cf:02:78:
         d2:39:cb:88:a0:3b:a1:b2:f8:50:24:11:79:40:38:f0:52:35:
         b0:74:0f:3d:96:39:f6:67:11:23:51:3d:c3:48:3f:f3:17:4f:
         02:34:75:79:e9:1d:fa:80:ff:d5:36:ba:30:73:a3:38:2e:50:
         3e:97:60:54:b4:59:00:6d:a4:a2:93:c8:21:ee:1b:cf:65:a9:
         6b:c9:7b:fe:86:f0:2c:67:7d:ec:7f:b2:21:ff:4c:18:39:16:
         90:b1:97:8b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw5+BNmgZud5SI6GVQvLbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTliMjdjZjU1NzFiNjE1YzUyODA5MWIzYzkzMzBlZTk4NTkyZDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzZZYh/mroqwWOawYBLnebOOkgP2
o45nJZKGK1Xi8OQxSSr3HBWXglrNvDfgQSORyz6Ul/L8kaPSAXODqtR+TidoledC
n9wwiKlbz+09mlZWwwCQiHqaIdalYQa5MIMX2sN4CKcHE93mk9ZSQCLI7gx4jOmg
aMUwEqyxfaHR6DMFSJVXT4QmQs7JYytsvJ/JLqkHM4MTv1kSXBYKNVA5R6v5AmCO
/T5YOhsbNY4VPhmcX/s21JfNOl6DcjFvgLU4BFfAxrlXdxtcvkIHQG4lTlXIIUW9
mbfPpBRREY8PONr8v562Dj4g7ILFATyRMkC1ahPQpL+dLF6PX2yry+WJJwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMWbJ89VcbYVxSgJGzyTMO6YWS16MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveFpzbnoxVnh0aFhGS0FrYlBKTXc3cGhaTFhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBwNA
MA0GCSqGSIb3DQEBCwUAA4IBAQCDraxVY15Yik1yQEzX4e8HagXypzJw0qnGqdZJ
CrP0eBCKFj9pCc2xIjS/UGQ3+W3lgf5VG2qM8iy59EVdGHPpGnFHSkFiZsJwrEwc
GlS2fvbsjYKvymkXEhehIMDl3VIHZhSdonnY5qjEgiI3EALkVGAMkb1mkrcXf9N6
Z4qhuUyjDr7mnxayKu9sYznRHL6EJjY/72HUHHub0ksVauvPAnjSOcuIoDuhsvhQ
JBF5QDjwUjWwdA89ljn2ZxEjUT3DSD/zF08CNHV56R36gP/VNrowc6M4LlA+l2BU
tFkAbaSik8gh7hvPZalryXv+hvAsZ33sf7Ih/0wYORaQsZeL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:34 2024 by rpki-client on console-ams.rpki-client.org