Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/VZzUoXidugxHv6gSSf9TIKrwSSM.roa
File:                     VZzUoXidugxHv6gSSf9TIKrwSSM.roa (raw, json)
Hash identifier:          TflBk6XF6VberfGy6rEwpI+uKAJQBufcGBC/LJ7+HTM=
Subject key identifier:   55:9C:D4:A1:78:9D:BA:0C:47:BF:A8:12:49:FF:53:20:AA:F0:49:23
Certificate issuer:       /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial:       018C87FA03F7EB8597F4CDB2454BA58019F8
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/VZzUoXidugxHv6gSSf9TIKrwSSM.roa
Signing time:             Wed 20 Dec 2023 16:05:58 +0000
ROA not before:           Wed 20 Dec 2023 16:05:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399486
IP address blocks:        2a10:4646:240::/44 maxlen: 44
                          2a10:4646:170::/44 maxlen: 44
                          2a10:4645::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:87:fa:03:f7:eb:85:97:f4:cd:b2:45:4b:a5:80:19:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
        Validity
            Not Before: Dec 20 16:05:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=559cd4a1789dba0c47bfa81249ff5320aaf04923
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:d2:62:41:5b:8a:ce:f3:d6:22:77:d7:d1:dc:
                    2e:8d:dc:fa:66:63:a8:91:79:e1:8a:4b:2e:87:e1:
                    84:87:37:35:6e:da:73:dc:fe:ae:7f:03:59:2a:70:
                    95:48:dd:27:c2:ba:59:ed:e4:e7:af:c3:e8:d9:ba:
                    d4:5d:21:fc:c2:dc:77:cc:bf:9c:65:a7:7a:c9:a7:
                    88:84:ff:bb:19:3a:d0:27:ee:62:af:03:67:96:1f:
                    80:39:e1:6e:f1:d7:ef:f3:7e:f5:2e:cd:60:4e:86:
                    1e:73:6f:c7:d8:03:bd:fd:2c:2a:a5:96:f3:54:8b:
                    20:9d:df:c5:f2:c1:2e:50:ab:70:5e:57:d2:d7:e1:
                    f5:98:ef:44:f7:93:46:ee:5a:d8:5b:57:52:52:ca:
                    e4:f2:b2:e8:6f:32:57:93:80:19:70:a7:77:fb:39:
                    b8:e9:a2:a7:13:69:e7:9a:90:95:86:3b:0e:0a:9a:
                    14:bc:88:84:5e:da:06:97:7a:ce:09:9d:21:f1:ed:
                    1c:bd:fc:d6:38:2c:a0:08:b2:4e:d8:4f:3f:74:38:
                    b5:25:5b:cf:22:25:e5:1e:d1:1a:50:d7:77:fb:b6:
                    c8:74:e1:57:e8:b1:03:01:96:e6:74:58:d0:bb:e9:
                    df:4c:86:16:54:82:7d:a1:5b:96:ec:70:5f:dc:03:
                    7b:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:9C:D4:A1:78:9D:BA:0C:47:BF:A8:12:49:FF:53:20:AA:F0:49:23
            X509v3 Authority Key Identifier:
                keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/VZzUoXidugxHv6gSSf9TIKrwSSM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:4645::/32
                  2a10:4646:170::/44
                  2a10:4646:240::/44

    Signature Algorithm: sha256WithRSAEncryption
         56:b7:00:63:23:ff:b9:00:70:c2:f2:b4:2b:6e:c1:56:c7:64:
         24:fd:af:bb:85:33:63:05:1d:f8:d1:88:fb:7a:49:d4:90:ab:
         5d:ad:89:d8:cb:e8:cb:6a:e0:2a:87:1a:1b:82:f7:89:3f:ce:
         1c:83:8e:31:ab:72:b4:c1:b5:af:a3:b9:97:cb:19:72:d5:0b:
         a6:94:51:7d:a0:3d:5a:58:8c:58:33:57:b3:27:13:8e:6e:d3:
         57:15:8e:0d:20:45:bc:03:45:75:cd:d0:8c:f3:0a:6b:6a:61:
         53:08:a2:7b:68:7d:df:e4:69:a0:a1:33:20:a7:60:d7:e1:fa:
         9c:df:65:ea:78:4c:94:0f:10:59:34:44:d9:91:8c:89:1d:d2:
         1c:bc:60:70:9a:07:ba:2d:b9:e0:d3:a1:af:78:9e:c2:af:11:
         7d:21:4b:a4:fa:b8:03:da:96:e3:2e:8c:84:24:5f:f9:16:5a:
         5c:08:6a:31:c3:e9:0b:4f:3c:aa:1d:fc:cf:79:d2:98:f1:ac:
         55:08:af:79:06:60:23:33:0d:be:32:91:6a:01:b6:0b:f7:6b:
         f2:7c:b9:a4:06:a9:48:9e:04:a2:75:b2:be:99:45:6e:12:24:
         53:03:fd:4e:f5:cf:b0:ba:16:1b:62:99:b0:51:d4:01:13:c0:
         20:98:f6:36
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYyH+gP364WX9M2yRUulgBn4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjMxMjIwMTYwNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTljZDRhMTc4OWRiYTBjNDdiZmE4MTI0OWZmNTMyMGFhZjA0OTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNJiQVuKzvPWInfX0dwujdz6ZmOo
kXnhiksuh+GEhzc1btpz3P6ufwNZKnCVSN0nwrpZ7eTnr8Po2brUXSH8wtx3zL+c
Zad6yaeIhP+7GTrQJ+5irwNnlh+AOeFu8dfv8371Ls1gToYec2/H2AO9/SwqpZbz
VIsgnd/F8sEuUKtwXlfS1+H1mO9E95NG7lrYW1dSUsrk8rLobzJXk4AZcKd3+zm4
6aKnE2nnmpCVhjsOCpoUvIiEXtoGl3rOCZ0h8e0cvfzWOCygCLJO2E8/dDi1JVvP
IiXlHtEaUNd3+7bIdOFX6LEDAZbmdFjQu+nfTIYWVIJ9oVuW7HBf3AN7kwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFFWc1KF4nboMR7+oEkn/UyCq8EkjMB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvVlp6VW9YaWR1Z3hIdjZnU1NmOVRJS3J3U1NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwUAKhBGRQMH
BCoQRkYBcAMHBCoQRkYCQDANBgkqhkiG9w0BAQsFAAOCAQEAVrcAYyP/uQBwwvK0
K27BVsdkJP2vu4UzYwUd+NGI+3pJ1JCrXa2J2Mvoy2rgKocaG4L3iT/OHIOOMaty
tMG1r6O5l8sZctULppRRfaA9WliMWDNXsycTjm7TVxWODSBFvANFdc3QjPMKa2ph
Uwiie2h93+RpoKEzIKdg1+H6nN9l6nhMlA8QWTRE2ZGMiR3SHLxgcJoHui254NOh
r3iewq8RfSFLpPq4A9qW4y6MhCRf+RZaXAhqMcPpC088qh38z3nSmPGsVQiveQZg
IzMNvjKRagG2C/dr8ny5pAapSJ4EonWyvplFbhIkUwP9TvXPsLoWG2KZsFHUARPA
IJj2Ng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:43 2024 by rpki-client on console-ams.rpki-client.org