Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/OuMILxRrAzJBebQUjrYTVSREa0c.roa
File:                     OuMILxRrAzJBebQUjrYTVSREa0c.roa (raw, json)
Hash identifier:          t0aGrd8kGZKyzam7krT+NhvWpx351zp9iXg9hz8xsic=
Subject key identifier:   3A:E3:08:2F:14:6B:03:32:41:79:B4:14:8E:B6:13:55:24:44:6B:47
Certificate issuer:       /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial:       01857228007DE6F9BF9AFB492941B298081B
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/OuMILxRrAzJBebQUjrYTVSREa0c.roa
Signing time:             Mon 02 Jan 2023 11:05:02 +0000
ROA not before:           Mon 02 Jan 2023 11:05:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212124
IP address blocks:        2a10:4646:10::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:28:00:7d:e6:f9:bf:9a:fb:49:29:41:b2:98:08:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
        Validity
            Not Before: Jan  2 11:05:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3ae3082f146b03324179b4148eb6135524446b47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:74:b5:08:4a:6d:34:b9:d7:2b:f9:14:7f:6d:
                    f7:28:f9:10:5c:10:79:ad:cf:2f:52:ee:64:5c:fd:
                    60:93:93:0b:e9:8c:ae:bc:28:2d:b4:fe:b7:58:5d:
                    f3:a4:50:60:40:e8:25:c0:a7:e4:fe:d1:bc:e7:34:
                    32:b3:7f:62:64:65:53:5a:86:a5:b3:21:29:71:ea:
                    89:d1:59:42:3f:0c:7e:f1:54:8c:93:8a:45:12:f9:
                    6b:4d:6b:98:b2:80:79:68:8b:52:81:7b:37:e4:52:
                    40:b5:11:10:55:98:96:56:fa:09:eb:b5:48:05:07:
                    d7:11:73:07:35:06:57:13:72:7e:37:5b:53:8e:f3:
                    8a:d0:f1:da:0d:c3:7b:e1:c6:5e:4d:f4:cc:6b:34:
                    e3:48:99:66:f2:c8:90:cc:41:c6:33:d8:dd:51:27:
                    c6:a1:4c:4e:59:31:c7:e5:3e:b9:12:82:cc:75:11:
                    a2:cc:da:e6:51:05:cc:52:9b:ef:b0:a0:bf:d5:cf:
                    a9:fc:d6:d2:10:d3:e5:17:2c:ee:e4:73:2d:98:f7:
                    16:74:ab:60:8c:b3:7e:19:aa:fa:09:90:6a:90:20:
                    88:e7:7c:d7:e9:3b:f3:8c:1f:d2:bc:c5:c6:cb:fc:
                    28:57:aa:32:ac:4f:40:32:f3:07:ce:20:05:f6:41:
                    b4:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:E3:08:2F:14:6B:03:32:41:79:B4:14:8E:B6:13:55:24:44:6B:47
            X509v3 Authority Key Identifier:
                keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/OuMILxRrAzJBebQUjrYTVSREa0c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:4646:10::/48

    Signature Algorithm: sha256WithRSAEncryption
         33:67:43:31:98:bf:5f:42:2e:cf:04:e1:45:bf:27:4f:9b:f0:
         86:8f:bf:f4:3d:cc:55:9a:8a:d9:04:06:6a:f9:84:c0:03:33:
         e5:67:21:3e:a7:77:69:76:a2:60:10:84:fd:04:3f:32:46:ec:
         d0:25:a8:57:f8:25:24:20:9d:f9:89:e3:06:48:31:72:c3:5e:
         32:ce:b7:da:14:6a:c7:20:31:47:8a:c7:f5:d8:13:2e:c7:46:
         fe:cf:ba:d6:a9:1b:50:90:db:83:29:19:15:82:9c:9e:37:d4:
         18:43:db:e3:95:95:05:b8:60:f8:5b:dd:5a:09:04:9b:c6:32:
         6c:b5:3c:9c:56:91:8e:f3:fa:cc:2f:4b:4b:74:0a:e4:1c:f3:
         50:0f:14:3a:01:c6:30:69:1e:de:97:e4:5a:92:91:3d:80:23:
         90:de:50:cd:86:af:0e:2c:12:4c:01:8e:2f:9b:2b:ae:93:e2:
         31:3e:e4:fe:e0:fd:25:a5:d9:b4:b1:23:94:75:cf:b5:d8:bf:
         6e:ba:9d:b7:48:12:df:b2:df:7e:68:e2:98:7c:2d:6b:12:af:
         c9:26:54:fc:00:cc:52:4e:f3:ca:89:4e:39:b8:c5:c5:d8:56:
         b4:b6:0e:d8:72:11:68:b8:16:29:54:d9:a3:df:30:8f:c1:29:
         1c:e9:22:0c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyKAB95vm/mvtJKUGymAgbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjMwMTAyMTEwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWUzMDgyZjE0NmIwMzMyNDE3OWI0MTQ4ZWI2MTM1NTI0NDQ2YjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03S1CEptNLnXK/kUf233KPkQXBB5
rc8vUu5kXP1gk5ML6YyuvCgttP63WF3zpFBgQOglwKfk/tG85zQys39iZGVTWoal
syEpceqJ0VlCPwx+8VSMk4pFEvlrTWuYsoB5aItSgXs35FJAtREQVZiWVvoJ67VI
BQfXEXMHNQZXE3J+N1tTjvOK0PHaDcN74cZeTfTMazTjSJlm8siQzEHGM9jdUSfG
oUxOWTHH5T65EoLMdRGizNrmUQXMUpvvsKC/1c+p/NbSENPlFyzu5HMtmPcWdKtg
jLN+Gar6CZBqkCCI53zX6TvzjB/SvMXGy/woV6oyrE9AMvMHziAF9kG05QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDrjCC8UawMyQXm0FI62E1UkRGtHMB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvT3VNSUx4UnJBekpCZWJRVWpyWVRWU1JFYTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhBGRgAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAzZ0MxmL9fQi7PBOFFvydPm/CGj7/0PcxVmorZ
BAZq+YTAAzPlZyE+p3dpdqJgEIT9BD8yRuzQJahX+CUkIJ35ieMGSDFyw14yzrfa
FGrHIDFHisf12BMux0b+z7rWqRtQkNuDKRkVgpyeN9QYQ9vjlZUFuGD4W91aCQSb
xjJstTycVpGO8/rML0tLdArkHPNQDxQ6AcYwaR7el+RakpE9gCOQ3lDNhq8OLBJM
AY4vmyuuk+IxPuT+4P0lpdm0sSOUdc+12L9uup23SBLfst9+aOKYfC1rEq/JJlT8
AMxSTvPKiU45uMXF2Fa0tg7YchFouBYpVNmj3zCPwSkc6SIM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:05 2024 by rpki-client on console-fra.rpki-client.org