Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ynDOEUFPDVFpZ5ipy8GpjdeSi78.roa
File:                     ynDOEUFPDVFpZ5ipy8GpjdeSi78.roa (raw, json)
Hash identifier:          JOo0XxGqjbnb3u1BkIAaw8pcDDBVk/20If4sJAPoMDY=
Subject key identifier:   CA:70:CE:11:41:4F:0D:51:69:67:98:A9:CB:C1:A9:8D:D7:92:8B:BF
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018AFBC49251BCD63EB3B00F0D3F1C569992
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ynDOEUFPDVFpZ5ipy8GpjdeSi78.roa
Signing time:             Wed 04 Oct 2023 17:37:58 +0000
ROA not before:           Wed 04 Oct 2023 17:37:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     138685
IP address blocks:        2a0e:b107:768::/45 maxlen: 48
                          2a0e:b107:760::/45 maxlen: 48

Validation:               Failed, certificate revoked on Wed 18 Oct 2023 08:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:fb:c4:92:51:bc:d6:3e:b3:b0:0f:0d:3f:1c:56:99:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Oct  4 17:37:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ca70ce11414f0d51696798a9cbc1a98dd7928bbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:a2:cf:81:d9:d0:39:f9:99:a2:6c:29:15:a2:
                    d9:dd:03:03:f8:9e:19:3f:9d:d0:86:74:12:aa:11:
                    e9:bc:58:5e:18:21:82:7c:9f:52:0f:e1:5e:69:c4:
                    f2:40:f9:04:ba:5c:39:6a:6c:09:08:ea:36:50:55:
                    e1:ce:b4:04:de:94:0f:4e:aa:fd:45:2f:f8:1f:2d:
                    07:96:bf:aa:a7:52:63:d6:e3:b8:01:60:35:f0:80:
                    49:cd:35:ca:69:89:33:23:7d:a3:d9:1c:4f:e3:25:
                    8f:36:03:30:ba:dd:17:69:cb:fe:dc:f8:53:0d:8e:
                    05:da:62:bf:63:f3:ce:cb:64:61:fc:f9:dd:21:50:
                    33:00:18:da:6d:95:95:2a:a2:9c:b9:51:05:9b:2c:
                    3d:c2:e9:66:de:e9:d3:b2:79:c2:ef:61:5b:22:27:
                    26:29:f4:82:13:e3:fc:10:74:ea:b7:93:fa:c7:93:
                    13:4f:e3:52:4e:4c:a8:53:18:40:af:e5:fe:77:cc:
                    6a:a1:c1:96:5d:01:44:da:9a:ce:c8:e0:32:5b:e8:
                    03:05:9a:97:07:34:95:a2:25:1c:6d:e0:50:c2:b7:
                    cd:ba:47:48:a2:23:76:a7:e7:67:1e:dc:29:23:34:
                    4b:74:e7:c7:09:b2:65:de:17:67:d2:88:66:c1:d7:
                    9b:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:70:CE:11:41:4F:0D:51:69:67:98:A9:CB:C1:A9:8D:D7:92:8B:BF
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ynDOEUFPDVFpZ5ipy8GpjdeSi78.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:760::/44

    Signature Algorithm: sha256WithRSAEncryption
         20:17:af:71:1f:ea:ff:ba:81:1d:bb:9a:54:2c:93:e3:39:b8:
         32:77:17:25:b5:42:3a:88:28:8b:1f:74:46:4a:43:4a:2d:29:
         e2:4a:d3:25:95:aa:b2:ef:84:96:fa:be:35:92:75:df:2f:64:
         bc:6a:f6:4b:95:03:75:c2:88:f6:cd:c5:05:76:bb:c2:52:5a:
         f9:46:d0:d9:a7:a2:be:d1:26:24:f5:2a:12:d5:55:35:8b:50:
         13:93:ec:75:ed:af:b0:85:24:e2:5d:f0:2a:d7:c8:f6:e0:e0:
         46:6a:89:95:36:42:d6:9b:d9:6c:11:2a:0a:8c:2a:ec:84:25:
         5f:b8:73:b0:39:eb:9d:c2:5c:bf:27:3f:7d:74:f2:e5:8d:a1:
         e7:3a:4f:4b:f1:92:24:42:d1:19:6b:23:af:4f:b9:36:97:5f:
         1b:ca:1f:2b:ca:ef:cc:08:e3:4d:35:49:66:91:b0:1d:bf:3b:
         fc:b6:bd:93:f8:9f:8a:1d:39:7f:3e:6e:88:43:69:03:a5:07:
         d6:80:95:f0:a0:dc:3f:0d:49:58:d4:82:8e:2f:ca:e4:b5:96:
         65:ee:d0:8f:af:ea:ec:c3:a1:80:15:a9:3b:5b:c2:81:ce:80:
         85:42:e2:e0:76:48:db:bc:a8:9f:d6:dd:7e:73:a1:3e:be:73:
         ff:fc:6f:b3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYr7xJJRvNY+s7APDT8cVpmSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMDA0MTczNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTcwY2UxMTQxNGYwZDUxNjk2Nzk4YTljYmMxYTk4ZGQ3OTI4YmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKLPgdnQOfmZomwpFaLZ3QMD+J4Z
P53QhnQSqhHpvFheGCGCfJ9SD+FeacTyQPkEulw5amwJCOo2UFXhzrQE3pQPTqr9
RS/4Hy0Hlr+qp1Jj1uO4AWA18IBJzTXKaYkzI32j2RxP4yWPNgMwut0Xacv+3PhT
DY4F2mK/Y/POy2Rh/PndIVAzABjabZWVKqKcuVEFmyw9wulm3unTsnnC72FbIicm
KfSCE+P8EHTqt5P6x5MTT+NSTkyoUxhAr+X+d8xqocGWXQFE2prOyOAyW+gDBZqX
BzSVoiUcbeBQwrfNukdIoiN2p+dnHtwpIzRLdOfHCbJl3hdn0ohmwdebWQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMpwzhFBTw1RaWeYqcvBqY3Xkou/MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveW5ET0VVRlBEVkZwWjVpcHk4R3BqZGVTaTc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBwdg
MA0GCSqGSIb3DQEBCwUAA4IBAQAgF69xH+r/uoEdu5pULJPjObgydxcltUI6iCiL
H3RGSkNKLSniStMllaqy74SW+r41knXfL2S8avZLlQN1woj2zcUFdrvCUlr5RtDZ
p6K+0SYk9SoS1VU1i1ATk+x17a+whSTiXfAq18j24OBGaomVNkLWm9lsESoKjCrs
hCVfuHOwOeudwly/Jz99dPLljaHnOk9L8ZIkQtEZayOvT7k2l18byh8ryu/MCONN
NUlmkbAdvzv8tr2T+J+KHTl/Pm6IQ2kDpQfWgJXwoNw/DUlY1IKOL8rktZZl7tCP
r+rsw6GAFak7W8KBzoCFQuLgdkjbvKif1t1+c6E+vnP//G+z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:35 2024 by rpki-client on console-ams.rpki-client.org