Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OkHCVhKX_bo2Sq0nWYoF-Qe1FMs.roa
File:                     OkHCVhKX_bo2Sq0nWYoF-Qe1FMs.roa (raw, json)
Hash identifier:          qLLZYcyc0Yc6KVCtRXniiDYXJy3vN/A4zTuaWTEHNn4=
Subject key identifier:   3A:41:C2:56:12:97:FD:BA:36:4A:AD:27:59:8A:05:F9:07:B5:14:CB
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0185DE40AE0F715ADE6573661B81F9D60FE1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OkHCVhKX_bo2Sq0nWYoF-Qe1FMs.roa
Signing time:             Mon 23 Jan 2023 10:50:58 +0000
ROA not before:           Mon 23 Jan 2023 10:50:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209105
IP address blocks:        2a10:2f00:17f::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 24 Jan 2023 16:09:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:de:40:ae:0f:71:5a:de:65:73:66:1b:81:f9:d6:0f:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan 23 10:50:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3a41c2561297fdba364aad27598a05f907b514cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:c4:b3:0b:d7:ac:6b:71:e5:1e:46:87:bc:da:
                    24:98:d9:70:b1:55:8b:a4:be:b3:30:d0:92:94:35:
                    c8:71:7c:7d:3b:9c:bc:8a:9e:90:a8:89:52:e3:5d:
                    ba:41:e9:28:6f:5c:bc:0e:56:9a:65:59:6e:bf:8e:
                    3e:b3:cf:1d:c6:63:fe:29:5b:f0:19:61:6a:44:73:
                    2e:97:5a:08:a0:5f:5e:3e:67:6f:ee:c8:82:98:f1:
                    a1:14:72:7f:2f:34:cb:1a:50:71:72:ca:bb:d2:6a:
                    f2:0f:d9:94:59:34:be:8d:27:af:6c:3e:d9:85:30:
                    cb:91:6b:69:da:29:4a:38:2f:aa:c2:9f:52:75:85:
                    16:50:44:24:1f:24:6b:d3:f4:c3:d6:23:45:85:34:
                    3b:6b:14:dc:01:22:79:fc:e9:7e:90:be:a1:d5:c4:
                    f4:09:08:c7:45:8d:43:b2:b4:0d:a1:ae:41:c9:44:
                    ce:e2:a1:0d:9e:63:2f:4e:78:12:2b:f1:26:e4:a8:
                    8f:13:d0:8f:ce:d3:dd:a8:89:58:3a:66:2e:35:1a:
                    6a:88:a7:ff:25:c2:77:e0:e6:b5:c1:28:d8:60:bd:
                    06:77:bc:dd:2c:57:16:fa:9e:b7:c3:74:73:ef:bf:
                    3e:8d:40:28:b3:c6:9a:8b:e4:82:dc:a3:01:bb:c6:
                    a1:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:41:C2:56:12:97:FD:BA:36:4A:AD:27:59:8A:05:F9:07:B5:14:CB
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OkHCVhKX_bo2Sq0nWYoF-Qe1FMs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:2f00:17f::/48

    Signature Algorithm: sha256WithRSAEncryption
         b6:63:a1:89:ec:9d:4e:a8:81:9d:29:02:af:a3:2e:a5:6c:85:
         ac:45:20:37:89:7a:eb:46:26:60:85:2b:ac:17:6b:6e:35:07:
         60:c3:ab:56:33:d0:ea:3a:c6:09:e5:30:ff:85:f6:1a:57:cb:
         9b:53:6d:80:81:00:b7:08:af:b9:d9:49:af:fb:f0:c4:7c:2c:
         72:59:a0:8d:e5:7c:65:85:ed:4a:ed:06:69:90:c9:c5:1f:c7:
         2a:6c:44:28:72:29:cd:27:c8:53:68:a3:5a:58:16:14:d8:7a:
         10:17:8e:b0:4b:a6:d2:1a:52:a3:d5:96:9b:6a:1b:17:f8:11:
         d2:24:92:46:08:26:71:ef:80:f2:d4:16:c5:de:48:f7:6d:38:
         a3:a3:9c:d0:b9:41:4a:e6:b5:23:3d:7e:fd:17:fb:9d:06:1c:
         46:88:0b:7e:9a:c9:d8:72:50:13:1c:1a:4b:92:c7:05:fd:af:
         fc:8d:ce:ca:bd:0c:f7:2b:7c:47:49:33:78:13:17:dd:f0:75:
         16:17:46:f2:78:4a:53:d8:30:f9:84:40:68:03:1f:b6:f7:dc:
         b7:ec:05:2e:3f:d2:87:29:91:52:85:6d:7f:c7:61:b0:7c:84:
         b0:3c:55:1a:31:37:82:13:0f:6d:0e:26:2c:71:2c:9a:f0:6b:
         b1:c1:f5:d1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXeQK4PcVreZXNmG4H51g/hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTIzMTA1MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTQxYzI1NjEyOTdmZGJhMzY0YWFkMjc1OThhMDVmOTA3YjUxNGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsSzC9esa3HlHkaHvNokmNlwsVWL
pL6zMNCSlDXIcXx9O5y8ip6QqIlS4126Qekob1y8DlaaZVluv44+s88dxmP+KVvw
GWFqRHMul1oIoF9ePmdv7siCmPGhFHJ/LzTLGlBxcsq70mryD9mUWTS+jSevbD7Z
hTDLkWtp2ilKOC+qwp9SdYUWUEQkHyRr0/TD1iNFhTQ7axTcASJ5/Ol+kL6h1cT0
CQjHRY1DsrQNoa5ByUTO4qENnmMvTngSK/Em5KiPE9CPztPdqIlYOmYuNRpqiKf/
JcJ34Oa1wSjYYL0Gd7zdLFcW+p63w3Rz778+jUAos8aai+SC3KMBu8ahIQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDpBwlYSl/26NkqtJ1mKBfkHtRTLMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvT2tIQ1ZoS1hfYm8yU3EwbldZb0YtUWUxRk1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAvAAF/
MA0GCSqGSIb3DQEBCwUAA4IBAQC2Y6GJ7J1OqIGdKQKvoy6lbIWsRSA3iXrrRiZg
hSusF2tuNQdgw6tWM9DqOsYJ5TD/hfYaV8ubU22AgQC3CK+52Umv+/DEfCxyWaCN
5Xxlhe1K7QZpkMnFH8cqbEQocinNJ8hTaKNaWBYU2HoQF46wS6bSGlKj1ZabahsX
+BHSJJJGCCZx74Dy1BbF3kj3bTijo5zQuUFK5rUjPX79F/udBhxGiAt+msnYclAT
HBpLkscF/a/8jc7KvQz3K3xHSTN4Exfd8HUWF0byeEpT2DD5hEBoAx+299y37AUu
P9KHKZFShW1/x2GwfISwPFUaMTeCEw9tDiYscSya8GuxwfXR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:02 2024 by rpki-client on console-ams.rpki-client.org