Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OqLcA-f0vw8y7dedMeNuGVha0XM.roa
File:                     OqLcA-f0vw8y7dedMeNuGVha0XM.roa (raw, json)
Hash identifier:          W2Xa2hZnuNW8wBj9Fu3x5I4xZhn3G7WVAnxZHNBQXsg=
Subject key identifier:   3A:A2:DC:03:E7:F4:BF:0F:32:ED:D7:9D:31:E3:6E:19:58:5A:D1:73
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       01907358846E7D123064FEF62DC6AAB291E3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OqLcA-f0vw8y7dedMeNuGVha0XM.roa
Signing time:             Tue 02 Jul 2024 12:08:19 +0000
ROA not before:           Tue 02 Jul 2024 12:08:19 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215131
IP address blocks:        2a10:ccc5:2a10::/44 maxlen: 44
                          2a10:ccc5:2a10::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 29 Jul 2024 18:16:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:73:58:84:6e:7d:12:30:64:fe:f6:2d:c6:aa:b2:91:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jul  2 12:08:19 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3aa2dc03e7f4bf0f32edd79d31e36e19585ad173
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:1d:d7:79:0f:6c:4f:98:2d:5c:78:fe:a8:0d:
                    22:89:73:6e:90:56:e1:86:f9:8f:6a:50:cb:b7:36:
                    e6:11:97:91:55:26:ce:61:20:4a:f6:05:08:47:4e:
                    05:c0:3a:57:79:cb:e8:8c:63:c4:7e:3e:43:75:37:
                    77:45:66:13:58:d9:22:db:7b:b6:9c:a3:4b:5d:74:
                    b8:e1:54:64:93:3e:ae:45:df:28:eb:1d:9a:2b:9e:
                    b2:f2:2a:a5:14:4a:ae:54:8c:e8:3b:3f:d7:38:64:
                    4b:c5:ff:22:77:aa:50:6d:c8:65:56:9f:d1:10:c0:
                    e0:42:07:11:bf:1e:f8:66:be:86:9a:8f:75:48:06:
                    97:03:76:1d:0e:d1:0e:4a:28:51:3f:15:3a:7f:fd:
                    90:0a:7a:42:fb:fc:e6:43:c5:6b:d6:83:d0:f7:77:
                    c5:b2:40:67:87:f7:07:11:bb:e5:58:cc:ac:1d:fb:
                    1e:4f:54:80:92:d8:67:51:b1:d8:e3:64:df:84:fe:
                    6f:25:e8:77:8c:97:06:c5:19:bb:f4:96:b7:4c:ad:
                    a4:6a:7d:d8:59:ec:22:43:4a:3f:e7:64:db:68:0f:
                    c8:60:09:36:3f:a6:7b:45:4c:d9:dd:f0:0f:4f:e8:
                    11:87:0f:a9:94:e5:5e:29:c6:87:45:ec:ef:8d:b2:
                    4e:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:A2:DC:03:E7:F4:BF:0F:32:ED:D7:9D:31:E3:6E:19:58:5A:D1:73
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OqLcA-f0vw8y7dedMeNuGVha0XM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:ccc5:2a10::/44

    Signature Algorithm: sha256WithRSAEncryption
         78:d4:66:89:36:32:23:51:94:29:8f:d2:df:1f:a6:04:b2:a6:
         d0:1f:37:b0:b1:4a:df:d6:53:bd:b0:84:c7:b2:fd:64:4a:e5:
         03:a5:9b:60:35:3b:57:97:57:7b:d4:2a:8c:7e:1e:d7:04:49:
         6d:08:ae:0c:a9:d6:21:b8:1a:77:25:fa:45:7e:58:97:8b:69:
         02:0b:34:31:b0:bf:59:3a:d1:4a:60:df:22:97:28:be:c5:cd:
         d3:83:83:c2:79:7a:e2:39:3f:64:94:8d:87:4e:ac:69:21:8c:
         cf:9f:1c:88:19:18:c1:43:94:ad:ea:0c:7f:4d:a5:37:a3:26:
         47:a6:ab:27:93:70:77:ee:ee:22:bc:1f:30:9b:ce:5f:b0:78:
         b9:7a:f1:d3:35:47:20:4b:ba:91:15:81:ad:6f:ac:85:1d:40:
         da:b1:ac:c0:47:35:94:6f:89:c9:87:19:24:c2:81:a0:b3:54:
         a0:7f:1f:16:58:55:eb:36:e0:c5:59:a1:24:10:1e:53:67:53:
         ef:6f:a9:e3:39:77:8f:72:41:ce:58:c8:8a:92:b0:9b:b7:3c:
         a5:de:b3:c2:06:ed:30:3f:bd:45:9d:31:55:63:a1:c8:6c:a4:
         dd:ca:c8:20:b7:7d:9c:09:e1:39:5b:02:ec:9e:27:cd:f3:22:
         86:76:87:77
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZBzWIRufRIwZP72LcaqspHjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNzAyMTIwODE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWEyZGMwM2U3ZjRiZjBmMzJlZGQ3OWQzMWUzNmUxOTU4NWFkMTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqh3XeQ9sT5gtXHj+qA0iiXNukFbh
hvmPalDLtzbmEZeRVSbOYSBK9gUIR04FwDpXecvojGPEfj5DdTd3RWYTWNki23u2
nKNLXXS44VRkkz6uRd8o6x2aK56y8iqlFEquVIzoOz/XOGRLxf8id6pQbchlVp/R
EMDgQgcRvx74Zr6Gmo91SAaXA3YdDtEOSihRPxU6f/2QCnpC+/zmQ8Vr1oPQ93fF
skBnh/cHEbvlWMysHfseT1SAkthnUbHY42TfhP5vJeh3jJcGxRm79Ja3TK2kan3Y
WewiQ0o/52TbaA/IYAk2P6Z7RUzZ3fAPT+gRhw+plOVeKcaHRezvjbJOsQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDqi3APn9L8PMu3XnTHjbhlYWtFzMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvT3FMY0EtZjB2dzh5N2RlZE1lTnVHVmhhMFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhDMxSoQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB41GaJNjIjUZQpj9LfH6YEsqbQHzewsUrf1lO9
sITHsv1kSuUDpZtgNTtXl1d71CqMfh7XBEltCK4MqdYhuBp3JfpFfliXi2kCCzQx
sL9ZOtFKYN8ilyi+xc3Tg4PCeXriOT9klI2HTqxpIYzPnxyIGRjBQ5St6gx/TaU3
oyZHpqsnk3B37u4ivB8wm85fsHi5evHTNUcgS7qRFYGtb6yFHUDasazARzWUb4nJ
hxkkwoGgs1Sgfx8WWFXrNuDFWaEkEB5TZ1Pvb6njOXePckHOWMiKkrCbtzyl3rPC
Bu0wP71FnTFVY6HIbKTdysggt32cCeE5WwLsnifN8yKGdod3
-----END CERTIFICATE-----
Generated at Mon Jul 29 21:54:47 2024 by rpki-client on console-ams.rpki-client.org