Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/28WvNNrMja1NbOtSPgUiR2mgc4U.roa
File:                     28WvNNrMja1NbOtSPgUiR2mgc4U.roa (raw, json)
Hash identifier:          AbuypgBjPkr68CNO3mv4pue85Xy+pdxE5qrvD++7fdc=
Subject key identifier:   DB:C5:AF:34:DA:CC:8D:AD:4D:6C:EB:52:3E:05:22:47:69:A0:73:85
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018CC9BCE32D71C3346996BD8F0E5482547C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/28WvNNrMja1NbOtSPgUiR2mgc4U.roa
Signing time:             Tue 02 Jan 2024 10:34:08 +0000
ROA not before:           Tue 02 Jan 2024 10:34:08 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     149476
IP address blocks:        2a10:ccc3:ccca::/47 maxlen: 48

Validation:               Failed, certificate revoked on Thu 04 Jan 2024 15:20:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:e3:2d:71:c3:34:69:96:bd:8f:0e:54:82:54:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 10:34:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=dbc5af34dacc8dad4d6ceb523e05224769a07385
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:1d:54:7e:5e:d6:49:1a:e2:85:09:ad:3e:c6:
                    68:7a:9a:70:67:b1:19:6a:7f:d1:d8:10:44:a0:a4:
                    67:cc:79:90:9f:e7:40:a8:7d:09:1d:ce:c8:f6:1f:
                    46:80:55:1f:f5:73:24:66:ba:40:57:22:ab:8f:61:
                    32:56:8a:13:79:ec:31:1f:51:c5:bf:9a:68:f3:e6:
                    d9:5a:96:aa:5a:e1:c6:10:2e:0d:35:0b:f6:ce:52:
                    13:e3:aa:ae:46:63:4d:4d:bc:f1:ee:5c:31:51:15:
                    62:e5:17:18:77:c2:64:fb:ac:03:37:89:5b:fc:8b:
                    13:80:57:5d:ed:48:6c:fb:af:53:de:90:a9:a7:83:
                    1a:c4:e0:05:0f:7f:87:a0:9b:7b:3f:19:8e:e1:81:
                    7a:f0:57:33:6f:85:4b:6d:d9:59:a7:2c:ae:df:4d:
                    39:28:75:c7:c1:6e:26:75:3f:73:cc:4c:9a:ce:43:
                    95:b6:6b:29:00:a8:48:cf:0d:ac:b7:ab:e5:bd:52:
                    82:87:47:24:9f:34:4a:a6:45:8f:34:fe:89:a6:7b:
                    d4:e8:86:7a:9c:74:eb:9a:de:0c:19:d0:b9:61:c8:
                    71:74:c6:50:09:c4:57:77:cb:19:14:87:23:32:18:
                    a7:24:ed:74:c9:02:d0:bc:b6:b8:87:99:39:88:14:
                    d5:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:C5:AF:34:DA:CC:8D:AD:4D:6C:EB:52:3E:05:22:47:69:A0:73:85
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/28WvNNrMja1NbOtSPgUiR2mgc4U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:ccc3:ccca::/47

    Signature Algorithm: sha256WithRSAEncryption
         8b:c7:66:f8:b7:55:c1:27:18:e0:aa:0c:13:45:b7:8d:de:69:
         00:89:02:5d:48:91:4f:35:a0:4a:9d:a7:ce:67:28:79:d9:21:
         ff:c9:a1:d5:87:3e:40:4e:f9:02:6b:50:25:98:82:ad:df:04:
         66:83:84:6e:c5:28:64:58:86:9c:30:60:09:66:f3:c7:db:4b:
         23:ca:8f:e6:f1:bd:0a:85:0d:ed:84:68:ab:77:1c:29:18:27:
         fe:93:de:a3:04:ef:8b:af:96:4c:84:4a:c6:08:cb:5a:29:9b:
         cb:83:f2:bc:17:77:cd:c6:3f:33:38:9d:02:24:4e:6f:fb:a4:
         56:e4:92:5e:7d:51:24:b2:0e:70:67:07:59:ba:d5:d6:94:e4:
         65:a5:67:a3:d7:e6:a4:ba:a6:98:04:3d:e0:a3:31:07:de:d0:
         8a:c2:5d:02:0c:0c:fb:a7:f1:4f:2f:e4:5f:d4:44:9b:b8:0e:
         8c:28:43:1a:27:76:47:62:64:d9:d7:89:19:48:6f:86:dd:8a:
         07:7c:ba:27:6f:36:18:4d:68:d8:ab:10:6d:1f:e0:06:f6:f3:
         cf:a8:ff:d6:e5:8d:3f:29:72:49:66:ba:11:7a:0b:09:9c:86:
         2a:ee:51:93:0a:b9:28:da:05:5c:58:4a:85:a9:7e:b5:7c:aa:
         0e:ac:8c:43
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvOMtccM0aZa9jw5UglR8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmM1YWYzNGRhY2M4ZGFkNGQ2Y2ViNTIzZTA1MjI0NzY5YTA3Mzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgh1Ufl7WSRrihQmtPsZoeppwZ7EZ
an/R2BBEoKRnzHmQn+dAqH0JHc7I9h9GgFUf9XMkZrpAVyKrj2EyVooTeewxH1HF
v5po8+bZWpaqWuHGEC4NNQv2zlIT46quRmNNTbzx7lwxURVi5RcYd8Jk+6wDN4lb
/IsTgFdd7Uhs+69T3pCpp4MaxOAFD3+HoJt7PxmO4YF68Fczb4VLbdlZpyyu3005
KHXHwW4mdT9zzEyazkOVtmspAKhIzw2st6vlvVKCh0cknzRKpkWPNP6JpnvU6IZ6
nHTrmt4MGdC5YchxdMZQCcRXd8sZFIcjMhinJO10yQLQvLa4h5k5iBTVbQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNvFrzTazI2tTWzrUj4FIkdpoHOFMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMjhXdk5Ock1qYTFOYk90U1BnVWlSMm1nYzRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKhDMw8zK
MA0GCSqGSIb3DQEBCwUAA4IBAQCLx2b4t1XBJxjgqgwTRbeN3mkAiQJdSJFPNaBK
nafOZyh52SH/yaHVhz5ATvkCa1AlmIKt3wRmg4RuxShkWIacMGAJZvPH20sjyo/m
8b0KhQ3thGirdxwpGCf+k96jBO+Lr5ZMhErGCMtaKZvLg/K8F3fNxj8zOJ0CJE5v
+6RW5JJefVEksg5wZwdZutXWlORlpWej1+akuqaYBD3gozEH3tCKwl0CDAz7p/FP
L+Rf1ESbuA6MKEMaJ3ZHYmTZ14kZSG+G3YoHfLonbzYYTWjYqxBtH+AG9vPPqP/W
5Y0/KXJJZroRegsJnIYq7lGTCrko2gVcWEqFqX61fKoOrIxD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:52 2024 by rpki-client on console-ams.rpki-client.org