Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/3OW_YG-ThQaosQXphPXCIAYHD7k.roa
File:                     3OW_YG-ThQaosQXphPXCIAYHD7k.roa (raw, json)
Hash identifier:          dVJdo4J/vboEuvb90RAccHgjhwvy3l7JTmsCtljVjCg=
Subject key identifier:   DC:E5:BF:60:6F:93:85:06:A8:B1:05:E9:84:F5:C2:20:06:07:0F:B9
Certificate issuer:       /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial:       0188E4B12E0FFB72B50E2857D6CCBFEC80C1
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/3OW_YG-ThQaosQXphPXCIAYHD7k.roa
Signing time:             Thu 22 Jun 2023 19:59:56 +0000
ROA not before:           Thu 22 Jun 2023 19:59:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198474
IP address blocks:        2a10:4646:340::/44 maxlen: 44

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:e4:b1:2e:0f:fb:72:b5:0e:28:57:d6:cc:bf:ec:80:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
        Validity
            Not Before: Jun 22 19:59:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dce5bf606f938506a8b105e984f5c22006070fb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:86:b2:00:8d:dc:9d:68:ff:79:16:e6:79:c5:
                    af:19:9d:7a:aa:ad:9a:2e:fc:9b:8a:70:91:7a:93:
                    59:a9:e7:4d:ce:8d:94:34:b7:77:16:73:5d:a8:dd:
                    5f:37:c9:63:18:c6:4a:02:e5:05:f3:9b:64:b9:46:
                    b9:40:52:1f:e8:0d:25:2a:ea:dc:5e:f1:93:66:cb:
                    d8:fb:41:25:a3:dd:f9:49:7d:76:f6:db:d8:81:87:
                    b9:f2:d6:6e:51:b7:89:93:1c:2a:68:4c:05:1a:8e:
                    95:98:8f:c1:5b:1a:3f:be:8f:67:44:05:6f:02:d3:
                    32:01:24:01:3c:c0:db:14:c0:31:a6:90:05:bb:33:
                    69:a3:d7:53:a7:4f:25:03:f5:ef:a1:0a:db:d8:74:
                    7d:af:7d:66:27:b2:6b:ab:41:9b:bc:75:9b:05:ee:
                    c8:6b:08:26:5b:b1:cd:1f:14:43:a0:0d:36:52:01:
                    d8:9e:88:34:57:63:ca:5b:e6:31:c5:73:47:20:d7:
                    45:d1:bc:03:38:14:84:a7:d5:09:f1:b5:85:ce:90:
                    69:51:5c:8f:44:4b:ae:ee:6f:f3:80:f4:1d:18:88:
                    d4:d8:58:4c:72:c0:96:23:2a:1e:cb:3a:02:95:02:
                    42:de:8b:99:2b:e8:dc:85:d6:65:98:a6:7a:30:7f:
                    7e:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:E5:BF:60:6F:93:85:06:A8:B1:05:E9:84:F5:C2:20:06:07:0F:B9
            X509v3 Authority Key Identifier:
                keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/3OW_YG-ThQaosQXphPXCIAYHD7k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:4646:340::/44

    Signature Algorithm: sha256WithRSAEncryption
         94:f5:b8:00:ad:08:32:3b:39:cf:ae:97:18:56:6f:b7:44:34:
         5e:b9:30:c4:d7:bb:05:e1:f4:b1:14:b3:74:50:a9:1a:f5:f3:
         8c:01:b5:c6:6b:9f:94:6c:8b:cc:05:7b:6e:09:34:3c:c3:18:
         da:e1:4a:a5:e2:a9:8f:dc:bd:92:d6:41:f7:59:ca:8e:e1:f4:
         77:79:85:57:c5:1c:17:91:cf:96:af:3c:d1:07:9b:6b:b6:23:
         5c:cc:20:5c:80:ee:fa:04:75:89:2f:7f:8d:2c:e4:8a:3c:24:
         88:cc:09:fe:53:5c:41:fe:1f:78:08:f5:81:54:f3:71:d2:01:
         e9:6d:fd:fe:e3:96:a7:ea:1b:0b:2c:49:74:b5:a1:f6:33:6d:
         b7:c0:64:ae:32:60:8b:c0:b9:52:00:49:b6:20:07:25:39:b0:
         8e:b3:70:fd:55:1f:d7:69:25:7d:60:5f:76:7e:5b:c4:e4:b1:
         b6:b5:b4:bb:25:e8:63:6a:06:32:b6:9c:40:ec:e1:0e:d0:00:
         5d:bf:54:08:e9:af:fa:21:be:18:92:3b:f1:b5:53:36:67:ff:
         9f:b9:69:62:fe:2c:a2:d1:71:24:4c:3a:66:39:c0:16:2e:87:
         a5:cc:37:a7:2d:28:90:34:2d:85:0c:17:04:d0:8b:d2:70:6f:
         9e:40:71:7c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYjksS4P+3K1DihX1sy/7IDBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjMwNjIyMTk1OTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2U1YmY2MDZmOTM4NTA2YThiMTA1ZTk4NGY1YzIyMDA2MDcwZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IayAI3cnWj/eRbmecWvGZ16qq2a
LvybinCRepNZqedNzo2UNLd3FnNdqN1fN8ljGMZKAuUF85tkuUa5QFIf6A0lKurc
XvGTZsvY+0Elo935SX129tvYgYe58tZuUbeJkxwqaEwFGo6VmI/BWxo/vo9nRAVv
AtMyASQBPMDbFMAxppAFuzNpo9dTp08lA/XvoQrb2HR9r31mJ7Jrq0GbvHWbBe7I
awgmW7HNHxRDoA02UgHYnog0V2PKW+YxxXNHINdF0bwDOBSEp9UJ8bWFzpBpUVyP
REuu7m/zgPQdGIjU2FhMcsCWIyoeyzoClQJC3ouZK+jchdZlmKZ6MH9+LQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNzlv2Bvk4UGqLEF6YT1wiAGBw+5MB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvM09XX1lHLVRoUWFvc1FYcGhQWENJQVlIRDdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhBGRgNA
MA0GCSqGSIb3DQEBCwUAA4IBAQCU9bgArQgyOznPrpcYVm+3RDReuTDE17sF4fSx
FLN0UKka9fOMAbXGa5+UbIvMBXtuCTQ8wxja4Uql4qmP3L2S1kH3WcqO4fR3eYVX
xRwXkc+WrzzRB5trtiNczCBcgO76BHWJL3+NLOSKPCSIzAn+U1xB/h94CPWBVPNx
0gHpbf3+45an6hsLLEl0taH2M223wGSuMmCLwLlSAEm2IAclObCOs3D9VR/XaSV9
YF92flvE5LG2tbS7JehjagYytpxA7OEO0ABdv1QI6a/6Ib4YkjvxtVM2Z/+fuWli
/iyi0XEkTDpmOcAWLoelzDenLSiQNC2FDBcE0IvScG+eQHF8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:05 2024 by rpki-client on console-fra.rpki-client.org