Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/24R_mLVPSnPBvCesHgYY8_-xbzU.roa
File:                     24R_mLVPSnPBvCesHgYY8_-xbzU.roa (raw, json)
Hash identifier:          ROA62e9abwwKAiV5xrutf6Xbj9LiWZtMpLTiaehIVAY=
Subject key identifier:   DB:84:7F:98:B5:4F:4A:73:C1:BC:27:AC:1E:06:18:F3:FF:B1:6F:35
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018B70043A6279F2911B02DA736BC20D5639
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/24R_mLVPSnPBvCesHgYY8_-xbzU.roa
Signing time:             Fri 27 Oct 2023 07:23:27 +0000
ROA not before:           Fri 27 Oct 2023 07:23:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     45020
IP address blocks:        2a10:2f00:19b::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:70:04:3a:62:79:f2:91:1b:02:da:73:6b:c2:0d:56:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Oct 27 07:23:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=db847f98b54f4a73c1bc27ac1e0618f3ffb16f35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:e9:bb:df:1f:8b:dd:c5:92:c9:c2:95:d4:fe:
                    1d:e1:48:55:3d:56:da:5f:03:46:bc:6c:d4:09:f6:
                    c4:fe:0a:f0:7a:db:41:72:5b:d6:58:37:b8:6d:4a:
                    1b:50:ff:4b:7a:a0:2a:27:c5:1e:f2:2b:c1:9e:97:
                    37:ae:42:ce:2d:dc:7a:67:4f:38:ae:bc:20:5a:21:
                    56:a3:8f:8b:46:0a:78:92:22:7f:0a:f1:60:91:75:
                    7d:86:14:12:82:05:c0:e2:ee:14:de:3f:99:87:e8:
                    bf:00:2f:28:d0:da:22:e7:3a:ef:ea:61:0c:b5:39:
                    b9:65:9b:da:1f:1f:b9:ab:28:b4:6f:f5:e9:6d:8b:
                    6e:ae:d5:5c:7c:0d:17:a4:82:28:a8:6d:7d:c5:cf:
                    bd:99:19:76:23:6d:b3:af:92:7f:b5:47:d7:00:d8:
                    7c:70:98:b0:ee:77:e1:01:47:c1:53:7a:34:fe:67:
                    6b:6c:c9:92:69:70:90:2f:99:a7:c5:37:26:dd:f8:
                    56:3e:8d:05:c7:b3:63:45:b1:21:e7:fb:12:dc:da:
                    af:d5:4f:34:38:e7:7f:26:91:14:6f:5a:bc:a6:2e:
                    8a:63:65:bd:f2:2f:b2:79:85:e7:9e:7e:bc:43:b5:
                    d1:b9:67:54:fd:ac:92:e2:e2:f2:9b:c3:06:b6:48:
                    f1:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:84:7F:98:B5:4F:4A:73:C1:BC:27:AC:1E:06:18:F3:FF:B1:6F:35
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/24R_mLVPSnPBvCesHgYY8_-xbzU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:2f00:19b::/48

    Signature Algorithm: sha256WithRSAEncryption
         90:af:30:69:85:cd:c7:58:91:0f:5f:64:0b:00:d8:02:13:00:
         00:67:cc:32:4e:d9:c8:28:3e:5d:f6:b4:b2:a7:f8:31:b7:12:
         bb:e2:8a:b4:56:6a:97:ff:ed:99:d1:7b:53:05:1e:71:f0:49:
         0e:4b:07:bb:13:e1:6d:73:ed:50:00:ea:34:64:29:df:e9:35:
         3d:d4:b6:dd:6a:19:75:a5:80:b0:97:73:ab:63:21:87:c5:50:
         53:c9:89:b1:f8:05:f4:71:f0:e7:ac:ea:72:b5:df:02:34:16:
         40:49:16:1c:d8:36:ee:d4:22:0e:8e:c1:9f:b7:29:64:dd:94:
         4a:8a:9b:b3:fe:1e:2e:1a:4a:fe:70:5c:7b:cd:65:b0:47:92:
         df:f2:f1:99:39:c5:db:ef:40:ed:b0:ef:d7:5d:35:ba:bc:21:
         8a:d7:9f:62:76:d4:a2:b3:89:bc:5b:b2:f6:e6:d3:c7:7b:09:
         b6:4a:dd:84:bc:0f:c5:c8:65:b5:e2:f1:77:b9:a7:68:ee:ae:
         f1:fa:37:e7:98:3e:82:9e:b1:ca:13:a6:d9:ee:c8:53:2a:27:
         5e:f9:1d:93:4e:71:aa:41:70:2d:c6:6c:67:a0:7d:d4:9d:08:
         c1:f6:01:ad:d7:f5:f6:b1:3a:69:95:f5:a7:06:ef:6d:a7:4a:
         16:01:65:34
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYtwBDpiefKRGwLac2vCDVY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMDI3MDcyMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjg0N2Y5OGI1NGY0YTczYzFiYzI3YWMxZTA2MThmM2ZmYjE2ZjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkem73x+L3cWSycKV1P4d4UhVPVba
XwNGvGzUCfbE/grwettBclvWWDe4bUobUP9LeqAqJ8Ue8ivBnpc3rkLOLdx6Z084
rrwgWiFWo4+LRgp4kiJ/CvFgkXV9hhQSggXA4u4U3j+Zh+i/AC8o0Noi5zrv6mEM
tTm5ZZvaHx+5qyi0b/XpbYturtVcfA0XpIIoqG19xc+9mRl2I22zr5J/tUfXANh8
cJiw7nfhAUfBU3o0/mdrbMmSaXCQL5mnxTcm3fhWPo0Fx7NjRbEh5/sS3Nqv1U80
OOd/JpEUb1q8pi6KY2W98i+yeYXnnn68Q7XRuWdU/ayS4uLym8MGtkjxvwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNuEf5i1T0pzwbwnrB4GGPP/sW81MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMjRSX21MVlBTblBCdkNlc0hnWVk4Xy14YnpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAvAAGb
MA0GCSqGSIb3DQEBCwUAA4IBAQCQrzBphc3HWJEPX2QLANgCEwAAZ8wyTtnIKD5d
9rSyp/gxtxK74oq0VmqX/+2Z0XtTBR5x8EkOSwe7E+Ftc+1QAOo0ZCnf6TU91Lbd
ahl1pYCwl3OrYyGHxVBTyYmx+AX0cfDnrOpytd8CNBZASRYc2Dbu1CIOjsGftylk
3ZRKipuz/h4uGkr+cFx7zWWwR5Lf8vGZOcXb70DtsO/XXTW6vCGK159idtSis4m8
W7L25tPHewm2St2EvA/FyGW14vF3uado7q7x+jfnmD6CnrHKE6bZ7shTKide+R2T
TnGqQXAtxmxnoH3UnQjB9gGt1/X2sTpplfWnBu9tp0oWAWU0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:52 2024 by rpki-client on console-ams.rpki-client.org