Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/b73add-ea0f-4c22-980e-059bab015cc3/1/e_hG7SaF-CD4AmVwIw42LETpmW0.roa
File:                     e_hG7SaF-CD4AmVwIw42LETpmW0.roa (raw, json)
Hash identifier:          Rus6KocPsAhiNduQuZRl6tHTzQCRW28HZJbCko3T1Zc=
Subject key identifier:   7B:F8:46:ED:26:85:F8:20:F8:02:65:70:23:0E:36:2C:44:E9:99:6D
Certificate issuer:       /CN=bbe026ef26920909d931ea4dac9d9390486b4153
Certificate serial:       01856F4B5E29031D7B2F3D6A640193F7272C
Authority key identifier: BB:E0:26:EF:26:92:09:09:D9:31:EA:4D:AC:9D:93:90:48:6B:41:53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u-Am7yaSCQnZMepNrJ2TkEhrQVM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/b73add-ea0f-4c22-980e-059bab015cc3/1/e_hG7SaF-CD4AmVwIw42LETpmW0.roa
Signing time:             Sun 01 Jan 2023 21:44:48 +0000
ROA not before:           Sun 01 Jan 2023 21:44:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6697
IP address blocks:        2a10:641::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:4b:5e:29:03:1d:7b:2f:3d:6a:64:01:93:f7:27:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bbe026ef26920909d931ea4dac9d9390486b4153
        Validity
            Not Before: Jan  1 21:44:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7bf846ed2685f820f8026570230e362c44e9996d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:fb:a3:b2:82:3d:ab:3f:84:1b:41:ad:a3:50:
                    4f:a7:9d:e9:83:7c:e1:d5:68:98:3b:41:a9:45:c8:
                    d4:0b:d2:da:01:a0:e1:e2:c0:ab:7c:5b:94:81:2d:
                    d5:04:8a:7f:dd:69:00:a4:30:0c:28:f2:eb:22:de:
                    c8:9e:bb:e0:8e:a6:6e:c1:5e:94:9e:c6:cf:d7:f6:
                    7d:ba:83:af:2c:de:63:43:fa:f5:fa:89:bc:d8:4e:
                    61:ff:ea:af:93:ae:20:a8:7d:47:23:1f:ef:b2:3b:
                    b3:86:a1:15:da:23:75:bd:92:91:38:29:09:39:2a:
                    8e:ec:c0:29:eb:6e:a1:84:0d:e9:65:2d:6d:d3:26:
                    4d:6d:d5:c1:aa:53:e6:01:4c:74:b3:33:9e:6b:4e:
                    f3:de:f6:35:7f:49:db:ff:07:86:a0:8f:03:9e:47:
                    07:ef:aa:dc:2f:34:61:3a:b5:d7:41:4f:f7:7f:ac:
                    3d:20:d1:7e:52:96:db:fc:bf:db:23:d4:4b:81:20:
                    c6:a1:74:fc:47:b0:b8:d2:1a:17:71:2b:69:35:58:
                    f2:d2:d6:c5:90:33:e8:aa:10:15:5f:02:2c:86:c6:
                    a4:6c:cf:33:3b:bb:dc:b6:14:ef:65:bf:d8:9d:f4:
                    ec:91:2e:dd:de:58:02:bf:32:3a:f5:1d:b0:f9:9c:
                    b0:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:F8:46:ED:26:85:F8:20:F8:02:65:70:23:0E:36:2C:44:E9:99:6D
            X509v3 Authority Key Identifier:
                keyid:BB:E0:26:EF:26:92:09:09:D9:31:EA:4D:AC:9D:93:90:48:6B:41:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u-Am7yaSCQnZMepNrJ2TkEhrQVM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/b73add-ea0f-4c22-980e-059bab015cc3/1/e_hG7SaF-CD4AmVwIw42LETpmW0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/b73add-ea0f-4c22-980e-059bab015cc3/1/u-Am7yaSCQnZMepNrJ2TkEhrQVM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:641::/32

    Signature Algorithm: sha256WithRSAEncryption
         52:16:2d:b9:00:b5:54:63:8a:16:a5:70:91:98:c8:1d:c1:4f:
         88:4b:5d:f6:76:af:ad:60:fa:eb:6d:c5:cc:26:ea:2b:59:a8:
         a8:56:8e:b1:85:7d:12:90:66:a3:77:56:ff:3f:27:73:35:e6:
         2c:95:8d:9b:58:3e:9e:eb:d0:c7:7e:01:6e:8b:3a:4f:32:20:
         d8:6a:34:72:90:51:a1:e5:90:0d:f4:d6:bd:e0:9d:e5:8d:6f:
         2b:f3:9f:34:67:13:2c:4a:ce:17:41:aa:23:e9:d3:f6:29:b6:
         b4:90:da:bd:89:75:70:74:7e:06:ab:22:1c:b4:8e:5e:ae:c4:
         da:3d:9a:b6:59:f5:81:cd:f4:e5:51:4f:7a:aa:48:3c:0b:ad:
         29:f9:0f:6f:9f:d3:e8:86:f6:06:24:32:d3:e3:32:f2:11:d0:
         de:05:3e:12:f4:4d:e2:92:e5:6a:55:3f:2f:42:05:e7:fc:f6:
         e0:2c:c5:0f:dd:d3:b3:db:ce:a6:f5:69:e3:b4:b8:8c:78:8c:
         01:94:6d:65:a3:a5:a0:a5:0e:73:91:d4:0b:51:86:92:f4:d2:
         6d:dc:35:e4:e8:d7:de:87:11:b2:4e:25:df:47:38:43:4a:1c:
         7c:c7:94:89:f0:c2:ab:91:6c:3b:99:13:e4:2c:2f:fa:61:d4:
         bb:da:eb:36
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvS14pAx17Lz1qZAGT9ycsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZTAyNmVmMjY5MjA5MDlkOTMxZWE0ZGFjOWQ5MzkwNDg2
YjQxNTMwHhcNMjMwMTAxMjE0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmY4NDZlZDI2ODVmODIwZjgwMjY1NzAyMzBlMzYyYzQ0ZTk5OTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPujsoI9qz+EG0Gto1BPp53pg3zh
1WiYO0GpRcjUC9LaAaDh4sCrfFuUgS3VBIp/3WkApDAMKPLrIt7InrvgjqZuwV6U
nsbP1/Z9uoOvLN5jQ/r1+om82E5h/+qvk64gqH1HIx/vsjuzhqEV2iN1vZKROCkJ
OSqO7MAp626hhA3pZS1t0yZNbdXBqlPmAUx0szOea07z3vY1f0nb/weGoI8DnkcH
76rcLzRhOrXXQU/3f6w9INF+Upbb/L/bI9RLgSDGoXT8R7C40hoXcStpNVjy0tbF
kDPoqhAVXwIshsakbM8zO7vcthTvZb/YnfTskS7d3lgCvzI69R2w+Zyw4QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHv4Ru0mhfgg+AJlcCMONixE6ZltMB8GA1UdIwQY
MBaAFLvgJu8mkgkJ2THqTaydk5BIa0FTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdS1BbTd5YVNDUW5aTWVwTnJKMlRrRWhyUVZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9iNzNhZGQtZWEwZi00YzIyLTk4MGUt
MDU5YmFiMDE1Y2MzLzEvZV9oRzdTYUYtQ0Q0QW1Wd0l3NDJMRVRwbVcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9iNzNhZGQtZWEwZi00YzIyLTk4MGUtMDU5YmFiMDE1Y2Mz
LzEvdS1BbTd5YVNDUW5aTWVwTnJKMlRrRWhyUVZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhAGQTAN
BgkqhkiG9w0BAQsFAAOCAQEAUhYtuQC1VGOKFqVwkZjIHcFPiEtd9navrWD6623F
zCbqK1moqFaOsYV9EpBmo3dW/z8nczXmLJWNm1g+nuvQx34Bbos6TzIg2Go0cpBR
oeWQDfTWveCd5Y1vK/OfNGcTLErOF0GqI+nT9im2tJDavYl1cHR+BqsiHLSOXq7E
2j2atln1gc305VFPeqpIPAutKfkPb5/T6Ib2BiQy0+My8hHQ3gU+EvRN4pLlalU/
L0IF5/z24CzFD93Ts9vOpvVp47S4jHiMAZRtZaOloKUOc5HUC1GGkvTSbdw15OjX
3ocRsk4l30c4Q0ocfMeUifDCq5FsO5kT5Cwv+mHUu9rrNg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:43 2024 by rpki-client on console-fra.rpki-client.org