Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/y6FPIWOBie7y5EwWTQSeYRnOo0Q.roa
File:                     y6FPIWOBie7y5EwWTQSeYRnOo0Q.roa (raw, json)
Hash identifier:          ISNM9La5R+YS9gU8x5ccrNqGaU/BRooAccTAI1vyS+A=
Subject key identifier:   CB:A1:4F:21:63:81:89:EE:F2:E4:4C:16:4D:04:9E:61:19:CE:A3:44
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       01880DA88CD4D326D58C547E4D91EE097AF5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/y6FPIWOBie7y5EwWTQSeYRnOo0Q.roa
Signing time:             Fri 12 May 2023 01:52:09 +0000
ROA not before:           Fri 12 May 2023 01:52:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     53667
IP address blocks:        2a0e:97c0:1000::/38 maxlen: 48
                          2a06:de01:400::/38 maxlen: 48

Validation:               Failed, certificate revoked on Thu 01 Jun 2023 06:53:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:0d:a8:8c:d4:d3:26:d5:8c:54:7e:4d:91:ee:09:7a:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: May 12 01:52:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cba14f21638189eef2e44c164d049e6119cea344
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:5b:3d:d4:c4:53:9d:8a:17:0d:90:8f:bd:9c:
                    f7:8c:78:dc:e2:4a:13:42:e2:f2:d0:44:65:7d:c0:
                    ae:2b:58:0b:ae:cd:6d:9d:13:b0:52:f7:e2:a7:5c:
                    30:48:3d:82:80:b7:f5:77:fa:54:47:ba:2f:81:6b:
                    d2:31:ac:d4:9f:96:ea:f1:6e:66:2f:44:41:c3:44:
                    64:31:51:37:59:0e:15:59:bd:71:73:40:86:ea:c6:
                    a9:8e:7f:ae:e4:55:64:a2:67:cb:86:b7:6b:1f:9f:
                    be:6f:69:b4:8b:db:10:22:bc:5f:4b:d0:f1:f6:b5:
                    62:00:37:79:34:db:2e:b2:9b:c2:94:3e:a2:f1:8c:
                    95:70:d2:7b:4a:46:69:47:99:2a:66:ff:88:8f:c1:
                    80:58:f9:c6:72:60:00:79:8a:a0:96:1a:52:c4:01:
                    a7:c5:95:db:0d:d0:00:89:3f:0a:57:f7:2e:06:01:
                    16:3a:80:9d:ad:d7:a4:d0:b6:c8:5b:87:09:9c:bb:
                    0f:21:0a:65:0f:e9:a9:16:33:ba:44:1d:c1:f0:aa:
                    52:81:93:6a:b7:9b:64:9e:45:fa:85:bc:e2:9b:b5:
                    2d:d9:b0:11:0a:28:1f:00:25:6d:94:13:20:2e:a9:
                    36:cd:85:13:5f:a8:df:a8:4a:4f:21:f7:e3:6f:75:
                    62:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:A1:4F:21:63:81:89:EE:F2:E4:4C:16:4D:04:9E:61:19:CE:A3:44
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/y6FPIWOBie7y5EwWTQSeYRnOo0Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:de01:400::/38
                  2a0e:97c0:1000::/38

    Signature Algorithm: sha256WithRSAEncryption
         bf:44:54:f9:31:73:fa:ea:e0:cf:0c:fe:96:55:c9:c2:8e:6f:
         34:5e:e8:ea:f9:72:b8:07:42:1e:7b:46:4a:2a:d4:70:fa:fd:
         d1:2d:fd:4b:74:8a:57:3c:f6:de:29:05:3e:6b:41:1d:df:af:
         08:e0:69:5e:10:4f:5a:b8:3d:d3:d1:93:5f:e0:48:cc:4e:ee:
         f3:53:a6:60:58:e4:f4:33:da:fa:17:ae:9e:bb:cb:9a:37:7e:
         4b:2f:e7:93:d0:cc:52:50:b7:9b:7f:7f:f2:4b:0a:de:37:51:
         6e:ed:ae:29:90:16:31:a2:a8:9b:7c:76:3d:4a:6f:aa:68:38:
         df:62:d0:14:b1:80:c9:60:4c:2d:3e:13:b8:11:04:6d:d2:a3:
         fb:de:d4:8f:d9:0f:01:e7:9a:0d:bd:2c:09:2a:d9:da:1e:7c:
         88:94:30:0c:97:58:ff:7c:c4:bb:d1:38:bc:01:30:b9:43:8f:
         b5:32:ab:12:07:75:53:a0:e0:32:d1:1c:93:d4:74:35:ec:a7:
         83:db:3f:41:72:b5:b3:5a:c7:31:d9:a8:ed:c5:1c:0f:00:db:
         5f:ce:cb:c8:ef:fd:c8:fa:7a:d9:67:00:b0:7e:b3:4f:c3:3a:
         5d:10:c3:ba:d0:f7:00:30:5d:2f:a3:8f:dc:5e:7f:9c:73:58:
         6b:40:de:61
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYgNqIzU0ybVjFR+TZHuCXr1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTEyMDE1MjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmExNGYyMTYzODE4OWVlZjJlNDRjMTY0ZDA0OWU2MTE5Y2VhMzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFs91MRTnYoXDZCPvZz3jHjc4koT
QuLy0ERlfcCuK1gLrs1tnROwUvfip1wwSD2CgLf1d/pUR7ovgWvSMazUn5bq8W5m
L0RBw0RkMVE3WQ4VWb1xc0CG6sapjn+u5FVkomfLhrdrH5++b2m0i9sQIrxfS9Dx
9rViADd5NNsuspvClD6i8YyVcNJ7SkZpR5kqZv+Ij8GAWPnGcmAAeYqglhpSxAGn
xZXbDdAAiT8KV/cuBgEWOoCdrdek0LbIW4cJnLsPIQplD+mpFjO6RB3B8KpSgZNq
t5tknkX6hbzim7Ut2bARCigfACVtlBMgLqk2zYUTX6jfqEpPIffjb3Vi0QIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFMuhTyFjgYnu8uRMFk0EnmEZzqNEMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveTZGUElXT0JpZTd5NUV3V1RRU2VZUm5PbzBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYCKgbeAQQD
BgIqDpfAEDANBgkqhkiG9w0BAQsFAAOCAQEAv0RU+TFz+urgzwz+llXJwo5vNF7o
6vlyuAdCHntGSirUcPr90S39S3SKVzz23ikFPmtBHd+vCOBpXhBPWrg909GTX+BI
zE7u81OmYFjk9DPa+heunrvLmjd+Sy/nk9DMUlC3m39/8ksK3jdRbu2uKZAWMaKo
m3x2PUpvqmg432LQFLGAyWBMLT4TuBEEbdKj+97Uj9kPAeeaDb0sCSrZ2h58iJQw
DJdY/3zEu9E4vAEwuUOPtTKrEgd1U6DgMtEck9R0Neyng9s/QXK1s1rHMdmo7cUc
DwDbX87LyO/9yPp62WcAsH6zT8M6XRDDutD3ADBdL6OP3F5/nHNYa0DeYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:35 2024 by rpki-client on console-ams.rpki-client.org