Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yYvk62dWnGdHDCqgpsovjs8bPcU.roa
File:                     yYvk62dWnGdHDCqgpsovjs8bPcU.roa (raw, json)
Hash identifier:          9IbNS4ZfZMv6pVOuXf0fdex0WFXHuFAvsAlvcDBiaHs=
Subject key identifier:   C9:8B:E4:EB:67:56:9C:67:47:0C:2A:A0:A6:CA:2F:8E:CF:1B:3D:C5
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E782F3E5838D0DDC483B19F4F73290
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yYvk62dWnGdHDCqgpsovjs8bPcU.roa
Signing time:             Mon 02 Jan 2023 05:14:58 +0000
ROA not before:           Mon 02 Jan 2023 05:14:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49953
IP address blocks:        2a0e:97c0:680::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:82:f3:e5:83:8d:0d:dc:48:3b:19:f4:f7:32:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:14:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c98be4eb67569c67470c2aa0a6ca2f8ecf1b3dc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:58:37:c1:24:7c:6d:40:f8:0f:82:7c:d4:20:
                    3b:85:46:51:be:46:44:88:13:73:7c:7a:bc:f2:ec:
                    86:34:4c:21:85:49:65:74:85:1f:29:01:35:f5:1e:
                    54:cb:9c:4c:87:dd:5c:68:c7:7b:c5:a3:62:25:8f:
                    b6:38:e5:e7:9d:43:80:61:1f:5a:37:b4:c4:95:97:
                    ef:6f:c2:3e:ef:aa:e7:1b:a7:fe:91:54:01:c8:61:
                    f7:eb:72:99:18:a3:8d:cd:f8:3b:fc:c3:16:c1:60:
                    62:3c:d5:ab:e4:a4:fa:77:64:ee:b6:65:90:a8:ab:
                    44:bb:14:db:89:e3:0e:22:21:5e:c5:9d:e6:94:eb:
                    85:ed:9b:cb:f2:79:52:47:74:dc:44:8a:b0:e2:00:
                    aa:67:76:46:b7:3f:4f:1d:eb:b6:cd:74:35:6d:a2:
                    c4:67:83:fb:9a:d0:18:96:00:2c:76:51:5e:dd:88:
                    f3:0d:1d:25:2b:80:c1:1d:4c:98:0f:80:c4:95:42:
                    8a:a7:c9:28:a6:87:19:23:23:cf:29:1a:12:34:0f:
                    73:b1:04:22:34:99:16:4e:a7:2d:c9:a5:70:88:3c:
                    e9:0d:37:c4:02:14:1a:8d:07:dd:b4:aa:f9:61:7e:
                    1c:7a:e4:c8:43:bb:80:67:48:56:dc:95:5a:b9:aa:
                    36:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:8B:E4:EB:67:56:9C:67:47:0C:2A:A0:A6:CA:2F:8E:CF:1B:3D:C5
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yYvk62dWnGdHDCqgpsovjs8bPcU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:680::/44

    Signature Algorithm: sha256WithRSAEncryption
         1b:51:84:11:13:a5:3d:02:a6:c5:2f:40:04:84:d3:ee:e6:15:
         d2:df:52:79:e2:36:32:0b:5a:45:89:17:f3:73:9d:bb:9b:1c:
         20:8c:8f:da:a1:49:19:8e:37:3d:68:a1:03:f6:88:8a:ef:79:
         2f:4e:2c:a0:30:55:80:85:9f:ac:26:d1:c4:17:5c:a5:a5:5a:
         98:c5:12:ee:8a:d9:20:8a:2a:a9:10:0a:21:3b:ad:56:f6:69:
         3c:cd:ae:b2:22:10:ea:2d:33:20:b4:7d:3d:9b:21:ae:a0:95:
         9a:05:65:1d:f1:97:0b:1c:ef:ec:65:e1:c5:1a:66:fb:d2:9f:
         dd:78:5b:f1:9c:52:19:9f:1d:a8:ae:43:e1:b1:7b:5b:e7:34:
         c0:f3:dd:35:7f:d2:d4:86:7f:da:1a:97:10:37:25:13:15:33:
         1b:98:e3:8e:8d:75:90:5d:b9:67:ae:a6:cc:9c:bf:8e:88:f4:
         2a:50:e0:24:40:c9:18:2d:08:db:13:3a:4b:ec:eb:03:38:69:
         c0:75:22:61:c7:a8:00:df:16:91:d9:5a:01:92:b4:29:f2:39:
         ce:55:38:d2:72:76:aa:66:44:4c:cc:b0:7d:60:d7:e8:06:83:
         00:55:a7:be:ea:a2:c6:a2:5c:d9:fe:40:34:4a:7e:05:78:2e:
         72:32:b6:13
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw54Lz5YONDdxIOxn09zKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOThiZTRlYjY3NTY5YzY3NDcwYzJhYTBhNmNhMmY4ZWNmMWIzZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVg3wSR8bUD4D4J81CA7hUZRvkZE
iBNzfHq88uyGNEwhhUlldIUfKQE19R5Uy5xMh91caMd7xaNiJY+2OOXnnUOAYR9a
N7TElZfvb8I+76rnG6f+kVQByGH363KZGKONzfg7/MMWwWBiPNWr5KT6d2TutmWQ
qKtEuxTbieMOIiFexZ3mlOuF7ZvL8nlSR3TcRIqw4gCqZ3ZGtz9PHeu2zXQ1baLE
Z4P7mtAYlgAsdlFe3YjzDR0lK4DBHUyYD4DElUKKp8kopocZIyPPKRoSNA9zsQQi
NJkWTqctyaVwiDzpDTfEAhQajQfdtKr5YX4ceuTIQ7uAZ0hW3JVauao2+QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMmL5OtnVpxnRwwqoKbKL47PGz3FMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveVl2azYyZFduR2RIRENxZ3Bzb3ZqczhiUGNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAaA
MA0GCSqGSIb3DQEBCwUAA4IBAQAbUYQRE6U9AqbFL0AEhNPu5hXS31J54jYyC1pF
iRfzc527mxwgjI/aoUkZjjc9aKED9oiK73kvTiygMFWAhZ+sJtHEF1ylpVqYxRLu
itkgiiqpEAohO61W9mk8za6yIhDqLTMgtH09myGuoJWaBWUd8ZcLHO/sZeHFGmb7
0p/deFvxnFIZnx2orkPhsXtb5zTA8901f9LUhn/aGpcQNyUTFTMbmOOOjXWQXbln
rqbMnL+OiPQqUOAkQMkYLQjbEzpL7OsDOGnAdSJhx6gA3xaR2VoBkrQp8jnOVTjS
cnaqZkRMzLB9YNfoBoMAVae+6qLGolzZ/kA0Sn4FeC5yMrYT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:40 2024 by rpki-client on console-fra.rpki-client.org