Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/m21nG_ps0_8HZKOPd55Kph80eFE.roa
File:                     m21nG_ps0_8HZKOPd55Kph80eFE.roa (raw, json)
Hash identifier:          ZC+Ue4TmeYhF3dAmMSs6Z1HCtzsSK85dDGHfPW2Ebbk=
Subject key identifier:   9B:6D:67:1B:FA:6C:D3:FF:07:64:A3:8F:77:9E:4A:A6:1F:34:78:51
Certificate issuer:       /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial:       01886E4D123E0CE293BB8BE25CE208182070
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/m21nG_ps0_8HZKOPd55Kph80eFE.roa
Signing time:             Tue 30 May 2023 20:15:24 +0000
ROA not before:           Tue 30 May 2023 20:15:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198596
IP address blocks:        2a10:4646:320::/44 maxlen: 44

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:6e:4d:12:3e:0c:e2:93:bb:8b:e2:5c:e2:08:18:20:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
        Validity
            Not Before: May 30 20:15:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9b6d671bfa6cd3ff0764a38f779e4aa61f347851
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:fe:9b:df:58:6f:37:f6:95:70:80:e7:8c:fe:
                    2d:ee:1c:f8:d0:db:dc:4f:8c:e9:be:de:b5:09:76:
                    f0:a4:d1:2c:f4:71:71:0c:59:75:7b:29:08:67:23:
                    c8:29:e0:fd:6a:fd:83:58:da:ce:a7:27:dc:58:4e:
                    35:60:02:97:94:1d:ee:9f:c3:91:3e:c4:1a:f6:4b:
                    be:65:1b:cb:84:af:33:f2:0c:c7:a4:d6:2b:fa:2f:
                    7d:c6:4a:37:6c:ed:83:95:45:f2:90:bd:86:31:2a:
                    dd:cb:2f:53:fa:8d:ce:39:3d:a8:3f:14:59:31:2c:
                    5c:23:ac:3a:d5:1f:14:35:0c:14:82:33:0c:2b:64:
                    4e:eb:ed:ea:2b:ed:41:37:c2:87:6c:05:41:fd:0a:
                    0d:d0:0b:15:4e:9a:1d:b5:6b:e9:82:20:0b:30:4c:
                    19:85:b6:5f:06:e7:35:d4:cc:82:9e:2c:5c:6c:02:
                    33:79:b8:34:ab:fc:7b:c8:3a:34:31:25:8f:bc:99:
                    0a:62:b1:84:4b:63:5e:86:bd:ab:4e:f1:2c:65:9f:
                    4a:77:41:92:ab:37:77:4f:aa:22:32:24:83:90:0b:
                    44:9f:25:a0:65:d2:e6:e1:fa:1d:02:42:6b:3f:e7:
                    56:f5:85:c4:4e:92:b5:e8:62:38:62:90:da:dc:cd:
                    77:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:6D:67:1B:FA:6C:D3:FF:07:64:A3:8F:77:9E:4A:A6:1F:34:78:51
            X509v3 Authority Key Identifier:
                keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/m21nG_ps0_8HZKOPd55Kph80eFE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:4646:320::/44

    Signature Algorithm: sha256WithRSAEncryption
         9d:17:be:02:04:fd:4b:5e:40:cd:bf:1e:54:d7:a4:0a:cc:2d:
         2e:c2:97:35:4b:2d:89:fe:4d:07:fe:6a:82:8f:a1:5e:60:34:
         74:09:88:20:e3:04:95:58:96:12:00:0f:c8:11:4d:d2:4d:b6:
         55:91:8d:81:37:5f:48:c3:38:ad:95:04:72:ea:e3:e3:52:dd:
         c0:09:54:a1:64:69:c8:73:45:24:5d:08:ec:2e:2a:cb:cf:e7:
         cb:6e:13:f1:bf:e5:eb:55:89:a2:be:b3:b1:24:42:d6:94:2a:
         e6:d3:c7:89:ae:b9:68:96:33:90:94:b9:62:3f:dd:cd:12:67:
         97:32:89:b1:d4:9a:2f:07:00:6b:38:7c:91:ed:ae:2b:4c:5d:
         15:0e:0d:41:56:02:0d:15:06:f8:68:84:55:e7:cd:69:18:68:
         c5:93:22:55:fe:41:f9:40:99:8b:25:f0:9b:d8:ba:30:44:5f:
         09:43:1b:38:e7:c1:36:99:e6:41:77:94:20:6e:54:43:d8:a1:
         8a:ee:a9:a7:eb:df:02:3d:35:6f:20:f5:a4:a9:55:7f:ef:c6:
         8e:c5:3d:5d:5f:fc:d9:f9:48:a1:74:09:ee:d0:cc:99:61:48:
         4a:df:ac:77:21:65:bb:86:02:44:3f:3f:ca:b2:e4:fb:70:5a:
         93:f6:e9:de
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYhuTRI+DOKTu4viXOIIGCBwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjMwNTMwMjAxNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjZkNjcxYmZhNmNkM2ZmMDc2NGEzOGY3NzllNGFhNjFmMzQ3ODUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/6b31hvN/aVcIDnjP4t7hz40Nvc
T4zpvt61CXbwpNEs9HFxDFl1eykIZyPIKeD9av2DWNrOpyfcWE41YAKXlB3un8OR
PsQa9ku+ZRvLhK8z8gzHpNYr+i99xko3bO2DlUXykL2GMSrdyy9T+o3OOT2oPxRZ
MSxcI6w61R8UNQwUgjMMK2RO6+3qK+1BN8KHbAVB/QoN0AsVTpodtWvpgiALMEwZ
hbZfBuc11MyCnixcbAIzebg0q/x7yDo0MSWPvJkKYrGES2Nehr2rTvEsZZ9Kd0GS
qzd3T6oiMiSDkAtEnyWgZdLm4fodAkJrP+dW9YXETpK16GI4YpDa3M13TQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJttZxv6bNP/B2Sjj3eeSqYfNHhRMB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvbTIxbkdfcHMwXzhIWktPUGQ1NUtwaDgwZUZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhBGRgMg
MA0GCSqGSIb3DQEBCwUAA4IBAQCdF74CBP1LXkDNvx5U16QKzC0uwpc1Sy2J/k0H
/mqCj6FeYDR0CYgg4wSVWJYSAA/IEU3STbZVkY2BN19IwzitlQRy6uPjUt3ACVSh
ZGnIc0UkXQjsLirLz+fLbhPxv+XrVYmivrOxJELWlCrm08eJrrloljOQlLliP93N
EmeXMomx1JovBwBrOHyR7a4rTF0VDg1BVgINFQb4aIRV581pGGjFkyJV/kH5QJmL
JfCb2LowRF8JQxs458E2meZBd5QgblRD2KGK7qmn698CPTVvIPWkqVV/78aOxT1d
X/zZ+UihdAnu0MyZYUhK36x3IWW7hgJEPz/KsuT7cFqT9une
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:43 2024 by rpki-client on console-ams.rpki-client.org