Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/x_lcJuk2vLSoWFeb-DHTyhMe66M.roa
File:                     x_lcJuk2vLSoWFeb-DHTyhMe66M.roa (raw, json)
Hash identifier:          iAVQl/FgHvanMZsWQD618tUfUNC/qbmNelpE2n3+M/4=
Subject key identifier:   C7:F9:5C:26:E9:36:BC:B4:A8:58:57:9B:F8:31:D3:CA:13:1E:EB:A3
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018B4F1C4CB31B480151181E004DA587F2C0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/x_lcJuk2vLSoWFeb-DHTyhMe66M.roa
Signing time:             Fri 20 Oct 2023 22:02:16 +0000
ROA not before:           Fri 20 Oct 2023 22:02:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210732
IP address blocks:        2a0e:97c0:ac0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:4f:1c:4c:b3:1b:48:01:51:18:1e:00:4d:a5:87:f2:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Oct 20 22:02:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c7f95c26e936bcb4a858579bf831d3ca131eeba3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:4c:7d:0f:a0:b5:15:9f:3f:dd:fa:b8:27:71:
                    36:c5:08:d8:08:26:7a:7b:c7:3b:e9:44:ab:4f:99:
                    13:47:93:54:06:36:f2:86:76:46:24:6f:2e:69:f7:
                    c3:92:39:d0:87:c6:79:22:67:aa:56:2c:ae:14:77:
                    b5:36:a1:e7:f3:91:8a:e7:5e:31:3e:1c:1c:70:27:
                    88:d7:90:f7:5b:29:18:c5:1d:74:ad:8c:e4:fb:13:
                    74:94:26:02:bb:26:b4:c8:b3:cb:bb:77:a6:ef:7c:
                    dd:9e:26:d8:6f:fa:81:24:03:c4:ad:63:88:db:53:
                    5d:85:72:ad:07:d5:21:2a:6e:92:ed:11:a0:b0:97:
                    bb:c4:5d:4c:30:93:79:7b:e8:f6:78:a0:3b:ba:0d:
                    c4:57:e6:f3:c2:54:2c:44:f4:89:91:c9:f6:b8:9d:
                    b5:28:5c:98:fa:99:1c:e0:d3:f2:46:21:54:46:d8:
                    4d:29:41:47:b3:da:63:bd:eb:a5:6a:6c:f7:32:a6:
                    bb:44:ad:ce:02:b5:f5:a5:93:7f:62:a2:85:67:bf:
                    49:1a:d1:27:d7:76:2c:d9:14:3b:39:84:f8:99:5d:
                    5d:4d:21:50:ae:0e:fe:c8:e0:bc:26:e5:30:ab:87:
                    9f:00:1a:3b:d1:b4:ab:5a:12:71:81:df:33:18:65:
                    38:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:F9:5C:26:E9:36:BC:B4:A8:58:57:9B:F8:31:D3:CA:13:1E:EB:A3
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/x_lcJuk2vLSoWFeb-DHTyhMe66M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:ac0::/44

    Signature Algorithm: sha256WithRSAEncryption
         ac:9c:88:ca:07:04:6f:17:bb:06:87:4b:02:9f:5e:e4:94:55:
         f2:18:b8:fd:89:37:7d:98:8d:92:74:62:b3:e4:10:a5:83:20:
         7e:78:99:eb:a3:b4:9f:a7:ed:dc:bc:d3:8e:0c:1d:08:24:99:
         1d:58:fe:43:70:83:e2:71:b9:bf:06:36:61:45:6a:b8:12:67:
         b0:46:b2:63:b5:90:f3:fb:91:64:22:c5:05:e7:1a:aa:1d:e1:
         43:18:4c:20:c5:84:1c:25:c3:7d:d9:09:4c:70:4a:aa:a6:27:
         be:ad:ac:bb:40:1f:9e:2b:61:8b:b8:a2:13:61:e9:ec:82:f4:
         f2:64:bb:43:42:a9:91:52:91:bd:3e:aa:80:d9:93:41:44:a6:
         8c:30:84:b7:93:76:aa:86:d6:97:6e:57:30:a4:21:49:97:df:
         8f:73:b5:93:34:e4:0b:fb:c7:29:51:c4:43:7e:ad:42:1f:58:
         5a:0d:c0:bc:34:a8:2b:cb:ab:c8:d4:5d:eb:74:f1:83:d5:76:
         c6:1a:5e:ae:ab:59:bb:38:f6:40:63:73:ee:a5:32:80:93:20:
         78:06:88:cb:dc:e9:45:6d:e2:65:57:53:87:cc:c3:6a:ea:a7:
         f5:50:ba:76:71:ea:4e:4d:ec:40:22:91:79:b1:ff:11:a9:16:
         44:14:f2:da
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYtPHEyzG0gBURgeAE2lh/LAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMDIwMjIwMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2Y5NWMyNmU5MzZiY2I0YTg1ODU3OWJmODMxZDNjYTEzMWVlYmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkx9D6C1FZ8/3fq4J3E2xQjYCCZ6
e8c76USrT5kTR5NUBjbyhnZGJG8uaffDkjnQh8Z5ImeqViyuFHe1NqHn85GK514x
PhwccCeI15D3WykYxR10rYzk+xN0lCYCuya0yLPLu3em73zdnibYb/qBJAPErWOI
21NdhXKtB9UhKm6S7RGgsJe7xF1MMJN5e+j2eKA7ug3EV+bzwlQsRPSJkcn2uJ21
KFyY+pkc4NPyRiFURthNKUFHs9pjveulamz3Mqa7RK3OArX1pZN/YqKFZ79JGtEn
13Ys2RQ7OYT4mV1dTSFQrg7+yOC8JuUwq4efABo70bSrWhJxgd8zGGU4kwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMf5XCbpNry0qFhXm/gx08oTHuujMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveF9sY0p1azJ2TFNvV0ZlYi1ESFR5aE1lNjZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwArA
MA0GCSqGSIb3DQEBCwUAA4IBAQCsnIjKBwRvF7sGh0sCn17klFXyGLj9iTd9mI2S
dGKz5BClgyB+eJnro7Sfp+3cvNOODB0IJJkdWP5DcIPicbm/BjZhRWq4EmewRrJj
tZDz+5FkIsUF5xqqHeFDGEwgxYQcJcN92QlMcEqqpie+ray7QB+eK2GLuKITYens
gvTyZLtDQqmRUpG9PqqA2ZNBRKaMMIS3k3aqhtaXblcwpCFJl9+Pc7WTNOQL+8cp
UcRDfq1CH1haDcC8NKgry6vI1F3rdPGD1XbGGl6uq1m7OPZAY3PupTKAkyB4BojL
3OlFbeJlV1OHzMNq6qf1ULp2cepOTexAIpF5sf8RqRZEFPLa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:40 2024 by rpki-client on console-fra.rpki-client.org