Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/dYpdHgCWtP0b2IHSwkOhf3VCl3I.roa
File:                     dYpdHgCWtP0b2IHSwkOhf3VCl3I.roa (raw, json)
Hash identifier:          sI3siyLYgAR/BOv4K8+o6fwzXglXDNfGDd1loToB8ac=
Subject key identifier:   75:8A:5D:1E:00:96:B4:FD:1B:D8:81:D2:C2:43:A1:7F:75:42:97:72
Certificate issuer:       /CN=7139bc5cef3aeadf32613f7d959ec8e40a742918
Certificate serial:       01879F29FB3BA050EE2D068D4547C0276C5A
Authority key identifier: 71:39:BC:5C:EF:3A:EA:DF:32:61:3F:7D:95:9E:C8:E4:0A:74:29:18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cTm8XO866t8yYT99lZ7I5Ap0KRg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/dYpdHgCWtP0b2IHSwkOhf3VCl3I.roa
Signing time:             Thu 20 Apr 2023 14:55:41 +0000
ROA not before:           Thu 20 Apr 2023 14:55:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        2a10:e344::/32 maxlen: 32
                          2a10:e342::/32 maxlen: 32
                          2a10:e346::/32 maxlen: 32
                          2a10:e343::/32 maxlen: 32
                          2a10:e345::/32 maxlen: 32
                          2a10:e347::/32 maxlen: 32
                          2a10:e341::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:9f:29:fb:3b:a0:50:ee:2d:06:8d:45:47:c0:27:6c:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7139bc5cef3aeadf32613f7d959ec8e40a742918
        Validity
            Not Before: Apr 20 14:55:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=758a5d1e0096b4fd1bd881d2c243a17f75429772
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:db:70:ab:b6:84:49:6b:85:52:be:34:2a:43:
                    e4:be:7f:1a:76:33:0e:b0:fc:a0:00:a4:a6:15:3b:
                    ad:b9:b8:9c:e3:61:66:53:d5:6d:8f:cf:69:10:55:
                    95:97:68:b0:4c:75:25:5e:be:ae:67:51:ae:8f:31:
                    e3:ad:69:8b:9a:d8:9c:8d:ac:a3:bd:f9:80:bd:8d:
                    29:d4:44:f6:e2:4b:b5:30:0c:29:a9:e6:23:80:fc:
                    7e:3e:52:dc:97:0a:7b:16:ca:1a:ad:1a:21:38:2a:
                    5e:1e:fc:84:fa:93:5b:0d:ad:fa:24:b9:d3:6f:b6:
                    78:70:1a:f7:df:10:75:df:cd:31:ab:58:33:44:1e:
                    97:f4:ea:74:e1:8c:f6:39:ec:71:36:30:ec:fd:4f:
                    97:c9:3b:8c:b4:b6:3c:ac:d3:b4:13:b5:53:51:3f:
                    f4:df:e6:30:6a:a5:9d:ef:93:4f:2a:59:f4:70:ac:
                    96:29:0d:d0:57:a2:50:30:56:31:41:93:50:35:ec:
                    53:0d:c8:8f:22:a3:2e:e6:32:a6:58:47:38:89:2b:
                    d8:67:3b:06:5f:5d:cc:44:1b:39:4f:e7:4b:03:37:
                    8d:d0:c8:3a:e0:7d:35:c8:98:24:fa:2f:99:f0:d1:
                    3c:78:09:57:49:5c:c6:78:88:83:ce:0b:15:d9:d6:
                    95:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:8A:5D:1E:00:96:B4:FD:1B:D8:81:D2:C2:43:A1:7F:75:42:97:72
            X509v3 Authority Key Identifier:
                keyid:71:39:BC:5C:EF:3A:EA:DF:32:61:3F:7D:95:9E:C8:E4:0A:74:29:18

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cTm8XO866t8yYT99lZ7I5Ap0KRg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/dYpdHgCWtP0b2IHSwkOhf3VCl3I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/cTm8XO866t8yYT99lZ7I5Ap0KRg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:e341::-2a10:e347:ffff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         8b:34:94:6f:77:45:57:5c:7e:2c:04:06:78:ee:71:a0:c5:ed:
         a9:af:76:cd:ac:0a:04:0b:21:a8:fa:83:39:e5:d7:81:1b:b4:
         dd:0b:99:2b:be:97:d1:a0:18:ae:ac:50:5c:e3:f3:a9:67:d2:
         38:93:fc:de:4e:06:15:af:0d:ea:ba:88:2b:94:2b:de:48:cd:
         2e:a6:d9:57:6d:e8:6f:a7:f2:89:4c:12:4f:5c:f7:75:f2:0e:
         8d:2d:47:23:85:f9:ea:4d:6e:09:a7:86:24:b1:0f:33:b9:f8:
         e7:c2:c1:f7:7f:5e:c9:ca:2a:12:07:38:b9:0a:46:7c:ce:63:
         88:aa:fe:8b:ed:2a:31:a5:2a:a1:8c:ab:07:da:f5:1e:01:df:
         b0:fb:3c:53:5f:31:e7:7f:ff:97:3e:3b:55:cc:61:76:08:9c:
         6d:ed:36:78:0b:f0:72:43:9a:e6:90:a6:2c:fe:eb:42:ef:e6:
         54:d8:9d:62:96:21:2d:9e:48:81:4c:0f:86:56:10:9e:98:b8:
         c2:ef:ef:3f:c7:a9:e0:8d:a0:b7:1b:3e:7e:40:01:d9:75:56:
         bf:f6:d2:9a:69:1b:64:6d:33:7a:ca:22:59:61:ab:9d:8a:47:
         6b:1c:7e:12:47:40:7c:14:79:ed:bc:9c:4c:be:32:4d:5d:15:
         88:cd:5d:ab
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYefKfs7oFDuLQaNRUfAJ2xaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMzliYzVjZWYzYWVhZGYzMjYxM2Y3ZDk1OWVjOGU0MGE3
NDI5MTgwHhcNMjMwNDIwMTQ1NTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NThhNWQxZTAwOTZiNGZkMWJkODgxZDJjMjQzYTE3Zjc1NDI5NzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuttwq7aESWuFUr40KkPkvn8adjMO
sPygAKSmFTutubic42FmU9Vtj89pEFWVl2iwTHUlXr6uZ1GujzHjrWmLmticjayj
vfmAvY0p1ET24ku1MAwpqeYjgPx+PlLclwp7FsoarRohOCpeHvyE+pNbDa36JLnT
b7Z4cBr33xB1380xq1gzRB6X9Op04Yz2OexxNjDs/U+XyTuMtLY8rNO0E7VTUT/0
3+YwaqWd75NPKln0cKyWKQ3QV6JQMFYxQZNQNexTDciPIqMu5jKmWEc4iSvYZzsG
X13MRBs5T+dLAzeN0Mg64H01yJgk+i+Z8NE8eAlXSVzGeIiDzgsV2daVcwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFHWKXR4AlrT9G9iB0sJDoX91QpdyMB8GA1UdIwQY
MBaAFHE5vFzvOurfMmE/fZWeyOQKdCkYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1RtOFhPODY2dDh5WVQ5OWxaN0k1QXAwS1JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jYWU2NTItYTIxOC00MmY2LTk3YWYt
Nzk0YjI4ZWIxNmM1LzEvZFlwZEhnQ1d0UDBiMklIU3drT2hmM1ZDbDNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jYWU2NTItYTIxOC00MmY2LTk3YWYtNzk0YjI4ZWIxNmM1
LzEvY1RtOFhPODY2dDh5WVQ5OWxaN0k1QXAwS1JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqEONB
AwUDKhDjQDANBgkqhkiG9w0BAQsFAAOCAQEAizSUb3dFV1x+LAQGeO5xoMXtqa92
zawKBAshqPqDOeXXgRu03QuZK76X0aAYrqxQXOPzqWfSOJP83k4GFa8N6rqIK5Qr
3kjNLqbZV23ob6fyiUwST1z3dfIOjS1HI4X56k1uCaeGJLEPM7n458LB939eycoq
Egc4uQpGfM5jiKr+i+0qMaUqoYyrB9r1HgHfsPs8U18x53//lz47Vcxhdgicbe02
eAvwckOa5pCmLP7rQu/mVNidYpYhLZ5IgUwPhlYQnpi4wu/vP8ep4I2gtxs+fkAB
2XVWv/bSmmkbZG0zesoiWWGrnYpHaxx+EkdAfBR57bycTL4yTV0ViM1dqw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:49 2024 by rpki-client on console-fra.rpki-client.org