Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/J14_9Dd6VRNAromqRWPXge3z0R0.roa
File:                     J14_9Dd6VRNAromqRWPXge3z0R0.roa (raw, json)
Hash identifier:          5C2UDwT2vAfc/8XoUr+VXtvc8RWDA+ipNu5gwYsWRmw=
Subject key identifier:   27:5E:3F:F4:37:7A:55:13:40:AE:89:AA:45:63:D7:81:ED:F3:D1:1D
Certificate issuer:       /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial:       01857227FA0438049B6D050B4D97D8EB366D
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/J14_9Dd6VRNAromqRWPXge3z0R0.roa
Signing time:             Mon 02 Jan 2023 11:05:00 +0000
ROA not before:           Mon 02 Jan 2023 11:05:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208796
IP address blocks:        2a10:4646:270::/44 maxlen: 44

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:27:fa:04:38:04:9b:6d:05:0b:4d:97:d8:eb:36:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
        Validity
            Not Before: Jan  2 11:05:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=275e3ff4377a551340ae89aa4563d781edf3d11d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:24:44:80:4f:3d:3d:26:af:85:39:77:de:5c:
                    29:98:84:be:f9:89:63:e8:5f:b0:01:f4:e4:73:ce:
                    6e:5c:4e:5c:c8:28:5b:08:c8:c1:61:c0:7d:31:70:
                    a8:0c:a4:dc:40:50:89:17:e9:e2:95:c4:b7:d3:18:
                    b0:74:a9:21:b7:42:39:b4:cc:3c:0a:22:d5:12:d1:
                    7f:df:49:5d:66:c9:ff:7e:b1:4c:d8:16:22:c3:c3:
                    0a:6a:28:55:9f:76:ea:54:b6:00:77:2c:44:c2:38:
                    2b:da:2d:53:a8:bc:66:71:36:96:1a:c5:7f:6c:7b:
                    10:7e:44:dd:cd:75:5d:5f:fd:b8:27:2d:4b:32:30:
                    8f:e1:7a:d9:f2:1f:f9:22:37:78:4b:8b:63:44:4a:
                    b0:1c:c9:ff:83:d0:29:58:0b:53:c0:62:ab:0c:2e:
                    6f:cd:87:67:31:24:da:e7:92:f6:ef:3f:1f:ec:b0:
                    e6:59:46:fd:f3:ba:69:eb:7c:9e:80:aa:44:81:e5:
                    37:91:30:ef:6a:3f:8b:fe:0c:17:39:9a:4b:e5:ce:
                    75:fb:44:09:71:89:a8:5b:62:9b:be:36:16:35:3f:
                    3b:6d:1e:71:d5:52:d8:f0:8c:08:09:29:9e:df:5e:
                    ea:3b:b3:d1:76:11:97:2e:0d:93:45:26:23:5d:cf:
                    7f:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:5E:3F:F4:37:7A:55:13:40:AE:89:AA:45:63:D7:81:ED:F3:D1:1D
            X509v3 Authority Key Identifier:
                keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/J14_9Dd6VRNAromqRWPXge3z0R0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:4646:270::/44

    Signature Algorithm: sha256WithRSAEncryption
         33:2a:d3:ec:e6:a2:69:d5:d2:3f:db:4a:3e:93:88:6e:bf:23:
         a9:e5:f2:c0:4b:36:ea:ef:ae:c7:3e:1a:bd:74:01:2a:34:31:
         45:9f:88:da:f9:ca:fc:53:5a:92:6e:12:2b:d2:3f:f5:17:c5:
         b9:1b:47:28:78:5c:87:d5:44:ab:d2:52:a6:a3:2f:27:a9:1d:
         21:96:f5:45:64:bc:31:bb:4d:03:dd:cc:69:1c:4a:3d:20:af:
         52:b8:a4:6d:95:8d:62:d3:bd:84:11:c6:d6:29:5f:a4:31:c0:
         d8:f4:5e:b0:ef:dc:bf:a2:83:0b:7f:52:0e:a7:4b:28:1f:b3:
         c4:87:cf:31:ed:a3:d6:9d:d6:b0:2b:91:87:84:70:aa:85:ec:
         7b:a4:97:c0:41:bd:93:6b:51:eb:98:9a:87:e6:59:f0:f5:7f:
         9a:e0:46:f4:48:88:3f:e8:5e:cb:33:7e:d3:46:84:ea:4f:94:
         c3:e9:f2:a8:59:b5:67:55:d8:8f:e1:94:07:fb:fe:f3:7a:b1:
         a1:ba:14:fd:70:2b:fb:16:8c:13:86:80:77:4d:bc:b3:13:3f:
         a4:9c:00:07:80:04:d6:6f:28:bb:86:99:c1:dd:0e:db:d9:6f:
         48:03:e7:41:82:bd:2b:a6:b5:a1:6b:cd:0e:1b:c1:7e:b4:34:
         c1:db:de:be
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyJ/oEOASbbQULTZfY6zZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjMwMTAyMTEwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzVlM2ZmNDM3N2E1NTEzNDBhZTg5YWE0NTYzZDc4MWVkZjNkMTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCREgE89PSavhTl33lwpmIS++Ylj
6F+wAfTkc85uXE5cyChbCMjBYcB9MXCoDKTcQFCJF+nilcS30xiwdKkht0I5tMw8
CiLVEtF/30ldZsn/frFM2BYiw8MKaihVn3bqVLYAdyxEwjgr2i1TqLxmcTaWGsV/
bHsQfkTdzXVdX/24Jy1LMjCP4XrZ8h/5Ijd4S4tjREqwHMn/g9ApWAtTwGKrDC5v
zYdnMSTa55L27z8f7LDmWUb987pp63yegKpEgeU3kTDvaj+L/gwXOZpL5c51+0QJ
cYmoW2KbvjYWNT87bR5x1VLY8IwICSme317qO7PRdhGXLg2TRSYjXc9/CwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCdeP/Q3elUTQK6JqkVj14Ht89EdMB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvSjE0XzlEZDZWUk5Bcm9tcVJXUFhnZTN6MFIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhBGRgJw
MA0GCSqGSIb3DQEBCwUAA4IBAQAzKtPs5qJp1dI/20o+k4huvyOp5fLASzbq767H
Phq9dAEqNDFFn4ja+cr8U1qSbhIr0j/1F8W5G0coeFyH1USr0lKmoy8nqR0hlvVF
ZLwxu00D3cxpHEo9IK9SuKRtlY1i072EEcbWKV+kMcDY9F6w79y/ooMLf1IOp0so
H7PEh88x7aPWndawK5GHhHCqhex7pJfAQb2Ta1HrmJqH5lnw9X+a4Eb0SIg/6F7L
M37TRoTqT5TD6fKoWbVnVdiP4ZQH+/7zerGhuhT9cCv7FowThoB3TbyzEz+knAAH
gATWbyi7hpnB3Q7b2W9IA+dBgr0rprWha80OG8F+tDTB296+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:05 2024 by rpki-client on console-fra.rpki-client.org