Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ytAs-E1B3dWGiGnLALS1HnuLXHU.roa
File:                     ytAs-E1B3dWGiGnLALS1HnuLXHU.roa (raw, json)
Hash identifier:          u1gMc7YemVgWuOxbueZhi/gEmDdj7blTDtbUw/1Qf4c=
Subject key identifier:   CA:D0:2C:F8:4D:41:DD:D5:86:88:69:CB:00:B4:B5:1E:7B:8B:5C:75
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0188E84EC8C033860FBA0A2CD89DF8A10294
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ytAs-E1B3dWGiGnLALS1HnuLXHU.roa
Signing time:             Fri 23 Jun 2023 12:50:57 +0000
ROA not before:           Fri 23 Jun 2023 12:50:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202002
IP address blocks:        2a0e:b107:1d11::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 26 Jul 2023 06:20:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:e8:4e:c8:c0:33:86:0f:ba:0a:2c:d8:9d:f8:a1:02:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jun 23 12:50:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cad02cf84d41ddd5868869cb00b4b51e7b8b5c75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:d2:d5:d6:20:b8:0b:db:c5:0c:66:d8:8d:fe:
                    a7:da:72:e4:18:63:61:be:2a:e1:31:cd:91:95:b7:
                    8a:73:0d:aa:52:b1:14:57:a1:fb:43:bc:1c:df:e0:
                    22:ba:ff:47:84:73:e9:8a:4b:72:e9:ea:e5:91:c7:
                    06:37:2d:cb:ab:04:0b:b0:19:cb:a9:bc:f0:69:4d:
                    da:f0:35:fd:0a:d9:76:d0:94:00:33:88:5c:fb:71:
                    ee:94:1c:0f:5a:60:3d:c6:a8:a1:e0:20:6a:c9:3e:
                    e7:a1:a3:45:c4:90:eb:2a:b4:55:1b:a8:9f:18:5b:
                    d4:6b:11:ab:4d:6f:53:a7:dc:3a:ff:23:eb:c7:2c:
                    5d:db:78:8f:3b:53:9e:3e:55:30:9e:aa:02:6a:7a:
                    26:2b:ea:fd:70:4a:d7:44:7e:da:7b:88:3e:17:f7:
                    8a:35:27:69:de:a3:0c:a3:34:f5:04:aa:d3:8b:31:
                    07:44:0c:68:f7:58:4e:92:a2:ce:54:2d:a6:dc:07:
                    54:41:0c:6e:e8:5c:db:c9:ca:b2:c0:da:de:b2:06:
                    aa:d3:8d:3e:93:d9:a5:99:b7:e3:52:99:14:04:14:
                    49:d4:4f:8b:5d:fb:f2:46:65:ab:0b:cb:95:8a:6b:
                    3f:1d:a7:34:54:b1:7f:d6:3a:48:7b:8c:86:e3:25:
                    ee:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:D0:2C:F8:4D:41:DD:D5:86:88:69:CB:00:B4:B5:1E:7B:8B:5C:75
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ytAs-E1B3dWGiGnLALS1HnuLXHU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:1d11::/48

    Signature Algorithm: sha256WithRSAEncryption
         46:05:78:b5:9e:24:b1:5c:c8:d0:6b:4a:e7:4a:92:c4:14:f8:
         cf:95:2b:39:cf:1d:a5:0a:2e:67:a0:f1:57:fe:49:40:e5:47:
         de:91:4d:4f:c5:57:cb:38:cf:98:dd:16:f6:e3:85:94:4e:14:
         10:60:59:43:8d:38:ef:28:cd:f7:f3:cf:42:1d:46:80:e6:85:
         92:ee:43:4a:06:d2:89:74:27:37:ef:82:85:e8:23:86:e5:32:
         c1:92:56:ec:a3:80:d2:66:e5:55:43:d5:ca:a4:5c:4e:da:df:
         38:60:1d:a3:99:ab:d2:c0:12:b0:5a:a5:fe:2a:6c:14:41:32:
         aa:b6:58:63:e7:0d:ff:41:95:1e:5c:e8:51:6f:83:24:43:b8:
         a1:e2:f7:60:c7:46:b1:f5:97:e9:0b:ad:7b:15:5e:b9:77:5d:
         ea:79:1f:3d:41:19:d1:3f:8d:cf:b1:9f:45:d9:1f:84:aa:e7:
         28:bb:85:10:29:42:4f:3d:ce:c4:04:21:4a:67:01:83:e2:ff:
         e7:74:f8:57:b2:98:8d:d0:89:0f:52:6e:4d:e0:57:d8:d7:af:
         81:5b:94:a2:19:fa:18:b9:e6:14:55:e0:64:08:cb:94:0a:53:
         8f:05:c3:ec:f9:9a:fd:b3:e7:76:17:55:d4:94:4b:af:f2:25:
         88:27:79:ac
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYjoTsjAM4YPugos2J34oQKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNjIzMTI1MDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWQwMmNmODRkNDFkZGQ1ODY4ODY5Y2IwMGI0YjUxZTdiOGI1Yzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8tLV1iC4C9vFDGbYjf6n2nLkGGNh
virhMc2RlbeKcw2qUrEUV6H7Q7wc3+Aiuv9HhHPpikty6erlkccGNy3LqwQLsBnL
qbzwaU3a8DX9Ctl20JQAM4hc+3HulBwPWmA9xqih4CBqyT7noaNFxJDrKrRVG6if
GFvUaxGrTW9Tp9w6/yPrxyxd23iPO1OePlUwnqoCanomK+r9cErXRH7ae4g+F/eK
NSdp3qMMozT1BKrTizEHRAxo91hOkqLOVC2m3AdUQQxu6FzbycqywNresgaq040+
k9mlmbfjUpkUBBRJ1E+LXfvyRmWrC8uVims/Hac0VLF/1jpIe4yG4yXuOQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMrQLPhNQd3VhohpywC0tR57i1x1MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveXRBcy1FMUIzZFdHaUduTEFMUzFIbnVMWEhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBx0R
MA0GCSqGSIb3DQEBCwUAA4IBAQBGBXi1niSxXMjQa0rnSpLEFPjPlSs5zx2lCi5n
oPFX/klA5UfekU1PxVfLOM+Y3Rb244WUThQQYFlDjTjvKM33889CHUaA5oWS7kNK
BtKJdCc374KF6COG5TLBklbso4DSZuVVQ9XKpFxO2t84YB2jmavSwBKwWqX+KmwU
QTKqtlhj5w3/QZUeXOhRb4MkQ7ih4vdgx0ax9ZfpC617FV65d13qeR89QRnRP43P
sZ9F2R+Equcou4UQKUJPPc7EBCFKZwGD4v/ndPhXspiN0IkPUm5N4FfY16+BW5Si
GfoYueYUVeBkCMuUClOPBcPs+Zr9s+d2F1XUlEuv8iWIJ3ms
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:35 2024 by rpki-client on console-ams.rpki-client.org