Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/4WR9ArXqvB5oDcgPCYiY5QyBPtw.roa
File:                     4WR9ArXqvB5oDcgPCYiY5QyBPtw.roa (raw, json)
Hash identifier:          GZAyVo/SxEmod/IfDFVe8Jy9AQ+FqJGAZ97HuOTCX4U=
Subject key identifier:   E1:64:7D:02:B5:EA:BC:1E:68:0D:C8:0F:09:88:98:E5:0C:81:3E:DC
Certificate issuer:       /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial:       0186C23EB149B29E9235BA4756C30DA2DFCD
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/4WR9ArXqvB5oDcgPCYiY5QyBPtw.roa
Signing time:             Wed 08 Mar 2023 17:22:13 +0000
ROA not before:           Wed 08 Mar 2023 17:22:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60668
IP address blocks:        2a10:4646:2c0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Fri 10 Mar 2023 19:31:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:c2:3e:b1:49:b2:9e:92:35:ba:47:56:c3:0d:a2:df:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
        Validity
            Not Before: Mar  8 17:22:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e1647d02b5eabc1e680dc80f098898e50c813edc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:9d:72:95:b1:f8:44:16:4d:a2:4a:fd:cb:bd:
                    cb:30:32:bd:78:7b:fb:18:9e:b9:f2:81:07:40:55:
                    9a:8e:11:89:8a:a7:a8:15:d5:7b:72:c7:ac:73:6a:
                    00:bd:78:14:62:a1:47:b6:fa:86:81:16:eb:9e:fb:
                    a8:a6:d8:c8:a3:a6:1f:1a:3b:5c:0c:2c:cb:c7:d3:
                    b9:7f:12:5f:52:bf:21:f7:8d:86:4e:67:ad:b3:50:
                    9d:a4:29:55:8b:3d:66:5d:b3:8d:fe:3e:91:23:3f:
                    f7:72:cc:51:7a:57:41:f3:e5:15:37:4e:21:86:14:
                    85:26:1b:51:07:97:e8:07:7b:5b:57:7c:1d:5d:69:
                    dd:e4:7a:85:eb:62:35:70:01:56:65:76:7a:4e:31:
                    28:a5:f8:50:59:6f:89:da:b8:1b:15:b7:7c:be:3a:
                    7e:c4:37:09:d9:d3:21:73:23:6f:02:cf:49:24:3d:
                    36:4d:29:9d:f6:14:96:56:57:65:39:7e:8d:73:e6:
                    6b:8d:fb:b4:13:86:58:17:b0:f1:5e:8d:83:73:96:
                    42:1d:b4:af:ec:28:e8:20:9e:f1:aa:9e:00:91:e0:
                    d0:1b:1e:35:c9:22:78:2b:d0:db:32:b5:e1:80:dc:
                    8d:c7:9a:36:21:96:a6:c4:49:ea:09:ac:54:a2:c9:
                    b5:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:64:7D:02:B5:EA:BC:1E:68:0D:C8:0F:09:88:98:E5:0C:81:3E:DC
            X509v3 Authority Key Identifier:
                keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/4WR9ArXqvB5oDcgPCYiY5QyBPtw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:4646:2c0::/44

    Signature Algorithm: sha256WithRSAEncryption
         0b:82:d5:09:a8:94:0b:e2:91:02:5d:c8:9e:38:95:18:39:d4:
         4d:eb:42:5f:30:e6:ec:a8:bd:35:f3:cb:df:5f:fc:6d:69:40:
         4c:92:82:4c:1e:3d:35:8f:2d:26:2d:c5:c1:6c:c5:c1:29:d0:
         60:a4:92:c9:f8:29:d3:4f:86:ca:79:6a:1a:84:60:a3:45:38:
         da:3e:9d:5a:2d:db:de:a1:29:8a:8f:d1:16:dc:48:a6:96:8e:
         c0:d2:38:b5:7e:67:8b:2f:64:c8:cd:fb:03:b7:f0:14:48:cd:
         64:f7:f3:2c:8e:11:9a:9c:d7:99:bd:e1:53:5f:a5:c1:79:69:
         05:22:0b:51:cf:c3:42:5c:c8:63:ec:49:bb:63:aa:a8:0e:39:
         68:85:95:a9:b9:9b:d3:41:e5:6f:38:c7:1c:3c:b3:46:5f:bf:
         7a:52:73:ff:92:d8:2b:20:a0:18:87:0a:74:d9:99:26:9d:b8:
         6c:eb:6f:ca:91:9b:ae:36:d2:ec:0e:b7:d6:e5:41:a6:ce:37:
         0e:9d:51:38:42:b3:94:63:6d:13:2e:53:85:8b:fd:57:90:e2:
         c9:c7:75:c2:9a:d4:8e:c7:e9:cc:a6:e0:17:ff:7b:3e:b6:fb:
         1f:af:c2:2f:66:68:58:c2:52:2e:b4:9d:81:2d:26:6f:e8:cd:
         8e:31:05:2b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYbCPrFJsp6SNbpHVsMNot/NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjMwMzA4MTcyMjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTY0N2QwMmI1ZWFiYzFlNjgwZGM4MGYwOTg4OThlNTBjODEzZWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4p1ylbH4RBZNokr9y73LMDK9eHv7
GJ658oEHQFWajhGJiqeoFdV7csesc2oAvXgUYqFHtvqGgRbrnvuoptjIo6YfGjtc
DCzLx9O5fxJfUr8h942GTmets1CdpClViz1mXbON/j6RIz/3csxReldB8+UVN04h
hhSFJhtRB5foB3tbV3wdXWnd5HqF62I1cAFWZXZ6TjEopfhQWW+J2rgbFbd8vjp+
xDcJ2dMhcyNvAs9JJD02TSmd9hSWVldlOX6Nc+Zrjfu0E4ZYF7DxXo2Dc5ZCHbSv
7CjoIJ7xqp4AkeDQGx41ySJ4K9DbMrXhgNyNx5o2IZamxEnqCaxUosm1xwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOFkfQK16rweaA3IDwmImOUMgT7cMB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvNFdSOUFyWHF2QjVvRGNnUENZaVk1UXlCUHR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhBGRgLA
MA0GCSqGSIb3DQEBCwUAA4IBAQALgtUJqJQL4pECXcieOJUYOdRN60JfMObsqL01
88vfX/xtaUBMkoJMHj01jy0mLcXBbMXBKdBgpJLJ+CnTT4bKeWoahGCjRTjaPp1a
LdveoSmKj9EW3Eimlo7A0ji1fmeLL2TIzfsDt/AUSM1k9/MsjhGanNeZveFTX6XB
eWkFIgtRz8NCXMhj7Em7Y6qoDjlohZWpuZvTQeVvOMccPLNGX796UnP/ktgrIKAY
hwp02Zkmnbhs62/KkZuuNtLsDrfW5UGmzjcOnVE4QrOUY20TLlOFi/1XkOLJx3XC
mtSOx+nMpuAX/3s+tvsfr8IvZmhYwlIutJ2BLSZv6M2OMQUr
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:43 2024 by rpki-client on console-ams.rpki-client.org