Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5aIpzs7_KG-Ac5hr4Nul6FGon9A.roa
File:                     5aIpzs7_KG-Ac5hr4Nul6FGon9A.roa (raw, json)
Hash identifier:          Hw6vBqoD5oRrdoF8Szeu0fpKPAyBgpdwZ29urj1qwMU=
Subject key identifier:   E5:A2:29:CE:CE:FF:28:6F:80:73:98:6B:E0:DB:A5:E8:51:A8:9F:D0
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0186115ED632DB74CB5264064F51E28AD043
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5aIpzs7_KG-Ac5hr4Nul6FGon9A.roa
Signing time:             Thu 02 Feb 2023 09:04:33 +0000
ROA not before:           Thu 02 Feb 2023 09:04:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200099
IP address blocks:        2a10:cc42:1a8::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:11:5e:d6:32:db:74:cb:52:64:06:4f:51:e2:8a:d0:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Feb  2 09:04:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e5a229ceceff286f8073986be0dba5e851a89fd0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:13:79:66:86:3c:a5:50:48:9b:29:a9:dc:1d:
                    2b:f9:03:5c:c1:93:e6:48:5c:3e:fd:b6:36:e8:d7:
                    96:30:ab:39:3b:af:6d:ef:9f:a4:87:85:45:7d:a3:
                    2f:ff:b0:0b:09:ee:84:5d:c4:21:c6:ce:de:01:0c:
                    35:0d:c1:d8:ba:e2:2e:b8:03:28:08:d7:e4:26:59:
                    6c:78:2c:f5:ae:8a:04:31:9b:71:be:d2:63:a0:79:
                    1b:16:b6:dc:f2:6e:61:26:22:03:6e:df:ff:3d:33:
                    e5:d7:b3:b2:5a:49:e7:f0:a5:bd:9e:4a:2d:a3:c0:
                    c8:65:84:48:87:92:e7:99:f8:3c:ac:63:e5:f1:93:
                    76:ba:a2:9d:f3:b0:05:3e:33:6a:01:82:2e:49:db:
                    88:3a:54:8a:35:7a:1a:b5:d4:71:6c:1c:00:ef:07:
                    47:0c:ff:12:88:b4:dc:59:7b:d2:48:c8:36:d7:52:
                    82:92:57:70:ba:22:1c:98:cd:46:ff:b7:83:74:6b:
                    fb:0d:d9:4c:78:86:f2:9b:35:87:28:e1:a8:db:7c:
                    71:4d:d7:42:2a:b7:e8:fe:d7:a0:39:49:66:b0:35:
                    78:1b:b5:fa:3b:15:2a:d3:4a:e9:9b:90:b6:c5:42:
                    77:45:88:be:89:65:3d:c2:5e:fa:41:ba:e8:89:ef:
                    9a:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:A2:29:CE:CE:FF:28:6F:80:73:98:6B:E0:DB:A5:E8:51:A8:9F:D0
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5aIpzs7_KG-Ac5hr4Nul6FGon9A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:cc42:1a8::/48

    Signature Algorithm: sha256WithRSAEncryption
         a0:7d:5b:41:93:b3:20:a0:25:ee:64:89:d1:17:4a:91:3f:00:
         ab:d7:13:2f:a2:40:1c:04:a1:8c:4f:ae:a2:dd:ad:67:db:08:
         b9:01:61:f3:db:de:5f:67:ac:f9:72:f4:e9:19:75:7f:49:a4:
         ec:96:46:47:78:07:a5:7e:7c:87:89:f8:dd:59:23:4c:d6:34:
         1a:a6:e2:9e:12:3e:e7:b9:36:20:41:dc:0a:c8:4f:ba:91:32:
         92:8f:db:4a:cc:da:8b:a8:83:29:01:65:77:57:fa:fe:52:e7:
         68:70:7c:51:5a:d1:ee:47:a3:78:13:08:70:41:5d:8b:4d:39:
         36:74:2c:85:6a:fd:05:44:73:9a:0c:29:fc:cf:45:ca:2f:30:
         36:9d:ba:29:9e:96:5c:a3:d6:bc:d7:94:43:84:97:a4:45:a1:
         7f:b2:2c:fe:a8:0d:a9:6c:a9:a4:8e:70:5a:c1:a1:94:0c:87:
         85:a2:0d:6b:2e:b1:52:1b:ee:28:50:af:31:56:b0:48:56:d0:
         a0:a5:95:4c:3c:a2:4c:2e:22:55:e9:57:2e:e4:cb:98:0d:f4:
         6c:84:af:84:c2:ec:05:82:be:bc:32:8f:15:a3:f7:e1:2f:ef:
         64:32:10:46:00:a6:f2:c9:8f:06:3b:5e:ce:4d:ea:0f:e0:f4:
         b3:53:a0:49
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYYRXtYy23TLUmQGT1HiitBDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMjAyMDkwNDMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWEyMjljZWNlZmYyODZmODA3Mzk4NmJlMGRiYTVlODUxYTg5ZmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRN5ZoY8pVBImymp3B0r+QNcwZPm
SFw+/bY26NeWMKs5O69t75+kh4VFfaMv/7ALCe6EXcQhxs7eAQw1DcHYuuIuuAMo
CNfkJllseCz1rooEMZtxvtJjoHkbFrbc8m5hJiIDbt//PTPl17OyWknn8KW9nkot
o8DIZYRIh5Lnmfg8rGPl8ZN2uqKd87AFPjNqAYIuSduIOlSKNXoatdRxbBwA7wdH
DP8SiLTcWXvSSMg211KCkldwuiIcmM1G/7eDdGv7DdlMeIbymzWHKOGo23xxTddC
Krfo/tegOUlmsDV4G7X6OxUq00rpm5C2xUJ3RYi+iWU9wl76Qbroie+awQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOWiKc7O/yhvgHOYa+DbpehRqJ/QMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNWFJcHpzN19LRy1BYzVocjROdWw2RkdvbjlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhDMQgGo
MA0GCSqGSIb3DQEBCwUAA4IBAQCgfVtBk7MgoCXuZInRF0qRPwCr1xMvokAcBKGM
T66i3a1n2wi5AWHz295fZ6z5cvTpGXV/SaTslkZHeAelfnyHifjdWSNM1jQapuKe
Ej7nuTYgQdwKyE+6kTKSj9tKzNqLqIMpAWV3V/r+UudocHxRWtHuR6N4EwhwQV2L
TTk2dCyFav0FRHOaDCn8z0XKLzA2nbopnpZco9a815RDhJekRaF/siz+qA2pbKmk
jnBawaGUDIeFog1rLrFSG+4oUK8xVrBIVtCgpZVMPKJMLiJV6Vcu5MuYDfRshK+E
wuwFgr68Mo8Vo/fhL+9kMhBGAKbyyY8GO17OTeoP4PSzU6BJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:22 2024 by rpki-client on console-fra.rpki-client.org