Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/sJU8JXWMnu0QllO9aUpByqW8P_Q.roa
File:                     sJU8JXWMnu0QllO9aUpByqW8P_Q.roa (raw, json)
Hash identifier:          sNLwxlELSAbKyAYaoKVoXF1nqYjetYS+pH4rQGa476I=
Subject key identifier:   B0:95:3C:25:75:8C:9E:ED:10:96:53:BD:69:4A:41:CA:A5:BC:3F:F4
Certificate issuer:       /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial:       01857227FFB015E06220D7C05A08286C340D
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/sJU8JXWMnu0QllO9aUpByqW8P_Q.roa
Signing time:             Mon 02 Jan 2023 11:05:01 +0000
ROA not before:           Mon 02 Jan 2023 11:05:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212106
IP address blocks:        2a10:4646:60::/44 maxlen: 44
                          2a10:4646:11::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:27:ff:b0:15:e0:62:20:d7:c0:5a:08:28:6c:34:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
        Validity
            Not Before: Jan  2 11:05:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b0953c25758c9eed109653bd694a41caa5bc3ff4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:4d:4e:9d:f4:e2:7e:4a:71:d9:4f:7d:7c:38:
                    a0:e0:bf:19:3f:20:5d:7f:e2:8c:a7:e4:28:4f:35:
                    00:09:f7:d9:7a:a6:fa:5d:02:ae:39:99:fc:d8:6a:
                    fe:59:0c:c9:2b:e3:fc:a8:1a:f9:03:8f:17:16:f9:
                    3f:78:5a:d1:82:56:45:4e:d5:74:47:86:68:91:c8:
                    72:49:c0:e5:c4:5c:d0:03:8f:16:6f:99:cb:10:c2:
                    8d:2b:38:8e:26:24:1d:60:04:9e:07:8a:65:7f:41:
                    79:d7:95:ab:7f:20:93:2b:00:40:ad:0f:de:59:b1:
                    e7:8c:5b:d0:9c:f1:e8:d9:f2:42:77:b7:2c:f6:9f:
                    87:ab:1e:3e:09:1a:20:f0:8b:8a:c1:df:d7:dc:06:
                    45:9d:b8:c4:3e:8d:e3:ae:6e:95:fd:9c:de:d8:c1:
                    6e:6d:51:c5:e3:2d:e2:7c:6e:af:ee:a9:53:ad:ec:
                    27:1f:60:4e:c9:be:c0:b2:38:08:b2:d8:c2:2a:d6:
                    a4:09:6c:29:2a:36:2b:8c:76:b3:50:8e:81:6c:e6:
                    a2:f6:da:a0:38:bd:7e:2d:32:2c:a3:4f:09:fc:c4:
                    00:be:54:36:c0:f1:60:48:6d:17:5d:fd:67:33:99:
                    ee:b7:73:3d:1d:0c:25:59:f9:eb:f2:a7:1a:8f:b7:
                    ff:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:95:3C:25:75:8C:9E:ED:10:96:53:BD:69:4A:41:CA:A5:BC:3F:F4
            X509v3 Authority Key Identifier:
                keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/sJU8JXWMnu0QllO9aUpByqW8P_Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:4646:11::/48
                  2a10:4646:60::/44

    Signature Algorithm: sha256WithRSAEncryption
         c8:c7:10:47:c8:6d:68:ad:56:b7:b2:d8:cf:e7:67:e7:87:53:
         87:47:15:f9:ea:ca:0e:6a:09:b1:52:c4:92:1d:67:ea:be:31:
         51:91:92:f5:6b:05:c1:65:50:19:f9:72:97:82:2d:ec:78:a4:
         bc:95:c8:ed:b6:35:56:35:1b:f2:90:d6:24:1a:cf:25:f2:69:
         d5:35:d2:07:2a:62:68:36:15:8a:78:7e:c2:e8:d0:bf:5b:85:
         6f:5b:fa:77:01:9d:c2:a3:5e:68:c8:07:02:d7:87:62:af:6a:
         6e:b5:1c:c2:8c:12:8e:60:1a:03:2e:c1:6d:91:e1:e5:3a:a9:
         c4:ad:a0:f0:f4:7b:3a:dd:8c:6a:f2:7f:6a:76:1c:ef:91:db:
         f5:d7:54:05:6b:a7:12:7b:47:17:b9:e7:c0:66:02:63:f7:dc:
         0b:f1:d3:04:0e:ac:77:d3:7c:77:0d:bb:8e:c7:89:c4:d2:0d:
         b1:5a:36:cc:81:5d:02:5f:05:c8:f4:28:7c:eb:50:79:8a:54:
         c1:ff:9a:de:55:da:ec:35:e6:09:7a:46:8c:e0:d7:0e:6a:c7:
         45:7c:49:40:5b:1f:5d:b8:8e:9c:9b:b8:80:55:f7:db:60:c0:
         66:d0:5d:48:d8:22:72:ba:79:ca:cf:4e:c7:95:a9:de:a5:7f:
         50:a6:70:84
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyJ/+wFeBiINfAWggobDQNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjMwMTAyMTEwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDk1M2MyNTc1OGM5ZWVkMTA5NjUzYmQ2OTRhNDFjYWE1YmMzZmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm01OnfTifkpx2U99fDig4L8ZPyBd
f+KMp+QoTzUACffZeqb6XQKuOZn82Gr+WQzJK+P8qBr5A48XFvk/eFrRglZFTtV0
R4ZokchyScDlxFzQA48Wb5nLEMKNKziOJiQdYASeB4plf0F515WrfyCTKwBArQ/e
WbHnjFvQnPHo2fJCd7cs9p+Hqx4+CRog8IuKwd/X3AZFnbjEPo3jrm6V/Zze2MFu
bVHF4y3ifG6v7qlTrewnH2BOyb7AsjgIstjCKtakCWwpKjYrjHazUI6BbOai9tqg
OL1+LTIso08J/MQAvlQ2wPFgSG0XXf1nM5nut3M9HQwlWfnr8qcaj7f/DQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLCVPCV1jJ7tEJZTvWlKQcqlvD/0MB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvc0pVOEpYV01udTBRbGxPOWFVcEJ5cVc4UF9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhBGRgAR
AwcEKhBGRgBgMA0GCSqGSIb3DQEBCwUAA4IBAQDIxxBHyG1orVa3stjP52fnh1OH
RxX56soOagmxUsSSHWfqvjFRkZL1awXBZVAZ+XKXgi3seKS8lcjttjVWNRvykNYk
Gs8l8mnVNdIHKmJoNhWKeH7C6NC/W4VvW/p3AZ3Co15oyAcC14dir2putRzCjBKO
YBoDLsFtkeHlOqnEraDw9Hs63Yxq8n9qdhzvkdv111QFa6cSe0cXuefAZgJj99wL
8dMEDqx303x3DbuOx4nE0g2xWjbMgV0CXwXI9Ch861B5ilTB/5reVdrsNeYJekaM
4NcOasdFfElAWx9duI6cm7iAVffbYMBm0F1I2CJyunnKz07HlanepX9QpnCE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:05 2024 by rpki-client on console-fra.rpki-client.org