Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/O6BayR6_mOJKr3BHVd6zZ1rwAFg.roa
File:                     O6BayR6_mOJKr3BHVd6zZ1rwAFg.roa (raw, json)
Hash identifier:          Ni+N9U930ginDAyfKvrnkhJTqOFi8FknKrsiHCtxqRM=
Subject key identifier:   3B:A0:5A:C9:1E:BF:98:E2:4A:AF:70:47:55:DE:B3:67:5A:F0:00:58
Certificate issuer:       /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial:       018B68EABDEB9DBE2AC359C07DABCDC30991
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/O6BayR6_mOJKr3BHVd6zZ1rwAFg.roa
Signing time:             Wed 25 Oct 2023 22:18:16 +0000
ROA not before:           Wed 25 Oct 2023 22:18:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216117
IP address blocks:        2a10:4646:122::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:68:ea:bd:eb:9d:be:2a:c3:59:c0:7d:ab:cd:c3:09:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
        Validity
            Not Before: Oct 25 22:18:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3ba05ac91ebf98e24aaf704755deb3675af00058
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:4b:28:a8:46:51:8d:1d:62:a2:76:f5:47:cd:
                    97:df:a8:a9:dc:95:86:b7:50:cb:7a:59:4b:79:22:
                    ed:67:80:a4:23:6c:0f:eb:48:74:61:74:59:9c:19:
                    9c:de:fc:b5:cb:b8:5a:3c:e6:e9:87:c2:f5:f1:ca:
                    bf:62:4c:e1:3d:a2:c3:0b:6a:9c:cf:84:97:e5:0f:
                    0b:2c:ae:60:72:f3:ab:f2:3b:f9:46:87:d0:8a:a3:
                    3e:38:41:3f:b8:1c:37:96:a4:3a:21:f2:f0:d1:ab:
                    6d:59:ac:b6:d3:4a:14:80:e9:0c:8e:ee:0c:7b:1b:
                    c8:f0:17:c0:b8:62:09:4c:7c:0a:08:e3:14:e8:bb:
                    db:ac:9e:08:e9:ac:7c:11:16:44:82:90:b1:55:9b:
                    76:94:3e:f6:13:4c:d9:96:e7:b0:3c:eb:3e:78:04:
                    0f:45:53:79:94:a5:47:cb:38:2d:e2:60:a8:13:88:
                    30:7e:70:55:4f:f7:d5:60:f1:7b:3e:93:b9:57:86:
                    80:04:34:c2:de:dd:ae:a0:7a:13:61:b3:4e:2e:84:
                    1a:10:c0:89:53:1c:3b:89:cf:41:4f:2d:36:80:d2:
                    69:3d:0d:0e:3b:00:00:95:0f:2e:7a:6b:33:33:98:
                    95:db:cd:18:28:e2:a6:25:24:30:67:ee:5e:34:34:
                    f4:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:A0:5A:C9:1E:BF:98:E2:4A:AF:70:47:55:DE:B3:67:5A:F0:00:58
            X509v3 Authority Key Identifier:
                keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/O6BayR6_mOJKr3BHVd6zZ1rwAFg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:4646:122::/48

    Signature Algorithm: sha256WithRSAEncryption
         6c:5c:32:16:f9:9a:54:94:90:08:83:d9:17:d7:ff:62:b8:46:
         43:d5:eb:33:c2:56:99:00:49:e2:61:81:9a:27:de:f2:d5:b1:
         05:28:a1:92:6a:08:ca:b1:4e:e1:de:33:58:03:fc:7f:fd:78:
         21:a6:6a:aa:86:ef:b6:43:33:85:67:c5:5a:6e:f0:dd:bc:7c:
         67:8d:69:7e:06:b4:ed:0c:65:6b:4a:6b:59:10:ef:17:bd:80:
         cc:0d:45:c5:18:c4:7e:51:f6:1c:c7:77:04:31:4b:c2:b8:60:
         06:ca:45:ed:e5:a1:84:35:6a:f6:65:d8:9e:b4:97:ba:98:0f:
         6b:e6:9b:83:03:85:4f:b0:c9:e6:7e:86:3a:4e:b9:f8:61:16:
         08:34:5b:2a:77:4f:57:6d:57:1e:48:11:c1:83:59:42:1a:52:
         f0:33:78:3d:e0:0c:e4:33:9f:8c:9f:c9:a8:a6:84:86:68:3b:
         4f:d7:d5:3d:50:17:e5:85:69:67:25:33:3f:fc:6d:78:7f:e7:
         1c:8a:0e:5e:45:ec:66:22:07:e1:71:2a:3f:ab:b9:65:cd:c3:
         fe:d3:59:64:9e:6c:28:18:3d:28:00:e0:3e:52:c9:97:95:6e:
         09:03:3b:d4:87:44:aa:9e:b3:dd:64:2e:d6:b5:a9:46:2f:20:
         38:a0:34:91
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYto6r3rnb4qw1nAfavNwwmRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjMxMDI1MjIxODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmEwNWFjOTFlYmY5OGUyNGFhZjcwNDc1NWRlYjM2NzVhZjAwMDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEsoqEZRjR1ionb1R82X36ip3JWG
t1DLellLeSLtZ4CkI2wP60h0YXRZnBmc3vy1y7haPObph8L18cq/YkzhPaLDC2qc
z4SX5Q8LLK5gcvOr8jv5RofQiqM+OEE/uBw3lqQ6IfLw0attWay200oUgOkMju4M
exvI8BfAuGIJTHwKCOMU6LvbrJ4I6ax8ERZEgpCxVZt2lD72E0zZluewPOs+eAQP
RVN5lKVHyzgt4mCoE4gwfnBVT/fVYPF7PpO5V4aABDTC3t2uoHoTYbNOLoQaEMCJ
Uxw7ic9BTy02gNJpPQ0OOwAAlQ8uemszM5iV280YKOKmJSQwZ+5eNDT0RwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDugWskev5jiSq9wR1Xes2da8ABYMB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvTzZCYXlSNl9tT0pLcjNCSFZkNnpaMXJ3QUZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhBGRgEi
MA0GCSqGSIb3DQEBCwUAA4IBAQBsXDIW+ZpUlJAIg9kX1/9iuEZD1eszwlaZAEni
YYGaJ97y1bEFKKGSagjKsU7h3jNYA/x//Xghpmqqhu+2QzOFZ8VabvDdvHxnjWl+
BrTtDGVrSmtZEO8XvYDMDUXFGMR+UfYcx3cEMUvCuGAGykXt5aGENWr2ZdietJe6
mA9r5puDA4VPsMnmfoY6Trn4YRYINFsqd09XbVceSBHBg1lCGlLwM3g94AzkM5+M
n8mopoSGaDtP19U9UBflhWlnJTM//G14f+ccig5eRexmIgfhcSo/q7llzcP+01lk
nmwoGD0oAOA+UsmXlW4JAzvUh0SqnrPdZC7WtalGLyA4oDSR
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:43 2024 by rpki-client on console-ams.rpki-client.org