Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yVKVlaD5jKZRJtg_0bnTGql04MI.roa
File:                     yVKVlaD5jKZRJtg_0bnTGql04MI.roa (raw, json)
Hash identifier:          HYvMVUppFC4TUeq6tabyhMTuSv8T1vLB6lo6u7yFlfQ=
Subject key identifier:   C9:52:95:95:A0:F9:8C:A6:51:26:D8:3F:D1:B9:D3:1A:A9:74:E0:C2
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0185A7A288B13EEC80C6017E180C315A1D22
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yVKVlaD5jKZRJtg_0bnTGql04MI.roa
Signing time:             Thu 12 Jan 2023 20:18:44 +0000
ROA not before:           Thu 12 Jan 2023 20:18:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208375
IP address blocks:        2a0e:97c0:c90::/48 maxlen: 48
                          2a0e:97c0:c93::/48 maxlen: 48
                          2a0e:97c0:c9e::/48 maxlen: 48
                          2a0e:97c0:c91::/48 maxlen: 48
                          2a0e:97c0:c9f::/48 maxlen: 48
                          2a0e:97c0:c92::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 03 Apr 2023 11:47:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:a7:a2:88:b1:3e:ec:80:c6:01:7e:18:0c:31:5a:1d:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan 12 20:18:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c9529595a0f98ca65126d83fd1b9d31aa974e0c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:61:61:45:a9:95:5f:15:95:0a:f8:05:50:5d:
                    f7:ae:ce:65:3b:86:46:29:95:cd:dd:17:7e:33:b7:
                    c4:23:c5:06:94:6d:3d:65:8f:20:7e:a2:9d:d6:74:
                    2e:2c:c7:c7:ca:82:32:22:3a:29:f7:7e:69:4f:c7:
                    c1:a3:3c:1c:47:61:1c:db:20:b0:a2:ad:2f:be:de:
                    ed:a1:9c:57:16:bf:3c:1d:21:7d:36:46:1f:6d:5e:
                    e3:25:7e:1b:12:1b:ac:06:01:d9:41:dc:d8:b6:ec:
                    5c:7a:b1:af:62:30:c8:09:ca:5b:ad:ef:88:ac:9f:
                    83:19:7b:94:11:a7:f6:a0:0f:ae:73:ea:6b:27:f3:
                    59:34:65:ae:31:58:ee:b5:33:fc:9f:1f:d4:7b:10:
                    17:f3:a6:85:8d:9a:f1:a7:82:c7:89:ef:12:ab:3b:
                    3b:dc:16:ee:90:d1:1d:55:bf:cd:fe:5b:e0:fe:e1:
                    dc:7d:4e:5c:f4:47:94:29:a3:5b:6e:fc:46:63:83:
                    9e:bd:48:28:a1:d3:84:86:9a:39:a9:d8:aa:f3:d2:
                    0e:5a:7d:98:6a:bc:4b:a0:8f:d1:10:a7:70:d0:94:
                    e0:c3:ba:e5:be:40:9a:d2:43:14:f9:dc:46:f8:3b:
                    76:23:b2:d4:75:22:8e:36:ed:b2:e2:ba:10:c6:47:
                    ca:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:52:95:95:A0:F9:8C:A6:51:26:D8:3F:D1:B9:D3:1A:A9:74:E0:C2
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yVKVlaD5jKZRJtg_0bnTGql04MI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:c90::/46
                  2a0e:97c0:c9e::/47

    Signature Algorithm: sha256WithRSAEncryption
         5e:cf:42:71:e7:0a:22:58:a1:9a:7e:8f:cd:f5:c1:21:5c:f5:
         bd:9c:07:52:f4:e1:7b:db:39:38:e5:3e:ab:e6:8b:9e:67:1a:
         57:a7:28:2a:0c:4b:a7:bd:7a:d4:77:b8:61:75:b0:d5:21:f8:
         d5:23:7e:f7:b5:9c:c3:f5:ae:5e:f0:ed:21:08:74:db:98:3d:
         36:c7:83:5e:19:59:68:d9:10:60:43:36:d2:e5:2a:54:c3:91:
         b0:b1:9e:fa:f9:c2:25:ec:6d:60:87:b5:33:d6:97:23:4b:62:
         63:d8:9a:73:35:25:46:fa:27:d9:84:bd:d3:51:5b:c4:ea:62:
         ff:f1:7b:38:85:d9:3d:b7:37:3d:9b:f3:9d:5f:60:15:1a:9e:
         a5:e9:12:33:47:49:b7:04:56:9c:75:e3:7e:02:e9:5e:68:6a:
         cc:3e:1e:7f:a5:23:01:60:e5:93:86:d2:df:44:a5:36:75:cb:
         a3:48:bf:e1:14:95:91:16:e3:06:f8:2c:e2:4e:29:08:b5:cc:
         a3:0e:21:11:e3:46:d2:20:54:1f:21:82:e0:93:e3:57:bf:fe:
         1f:05:90:51:12:67:dd:98:a7:1b:c5:dc:f8:ce:c4:f5:2e:30:
         fa:16:67:5e:0c:bf:41:db:e3:e1:ec:48:0b:5f:04:52:48:e6:
         55:db:ae:67
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYWnooixPuyAxgF+GAwxWh0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTEyMjAxODQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTUyOTU5NWEwZjk4Y2E2NTEyNmQ4M2ZkMWI5ZDMxYWE5NzRlMGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmFhRamVXxWVCvgFUF33rs5lO4ZG
KZXN3Rd+M7fEI8UGlG09ZY8gfqKd1nQuLMfHyoIyIjop935pT8fBozwcR2Ec2yCw
oq0vvt7toZxXFr88HSF9NkYfbV7jJX4bEhusBgHZQdzYtuxcerGvYjDICcpbre+I
rJ+DGXuUEaf2oA+uc+prJ/NZNGWuMVjutTP8nx/UexAX86aFjZrxp4LHie8Sqzs7
3BbukNEdVb/N/lvg/uHcfU5c9EeUKaNbbvxGY4OevUgoodOEhpo5qdiq89IOWn2Y
arxLoI/REKdw0JTgw7rlvkCa0kMU+dxG+Dt2I7LUdSKONu2y4roQxkfKAQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMlSlZWg+YymUSbYP9G50xqpdODCMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveVZLVmxhRDVqS1pSSnRnXzBiblRHcWwwNE1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcCKg6XwAyQ
AwcBKg6XwAyeMA0GCSqGSIb3DQEBCwUAA4IBAQBez0Jx5woiWKGafo/N9cEhXPW9
nAdS9OF72zk45T6r5oueZxpXpygqDEunvXrUd7hhdbDVIfjVI373tZzD9a5e8O0h
CHTbmD02x4NeGVlo2RBgQzbS5SpUw5GwsZ76+cIl7G1gh7Uz1pcjS2Jj2JpzNSVG
+ifZhL3TUVvE6mL/8Xs4hdk9tzc9m/OdX2AVGp6l6RIzR0m3BFacdeN+AuleaGrM
Ph5/pSMBYOWThtLfRKU2dcujSL/hFJWRFuMG+CziTikItcyjDiER40bSIFQfIYLg
k+NXv/4fBZBREmfdmKcbxdz4zsT1LjD6FmdeDL9B2+Ph7EgLXwRSSOZV265n
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:35 2024 by rpki-client on console-ams.rpki-client.org