Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ROc_fnhT7_PeyNu1B6G0D-qiwW0.roa
File:                     ROc_fnhT7_PeyNu1B6G0D-qiwW0.roa (raw, json)
Hash identifier:          dzGG4DM65h14usiGPP92+JFToOML528l8cxXkFdj4l4=
Subject key identifier:   44:E7:3F:7E:78:53:EF:F3:DE:C8:DB:B5:07:A1:B4:0F:EA:A2:C1:6D
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018CC9BCC92805E1272537EDF23F26583941
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ROc_fnhT7_PeyNu1B6G0D-qiwW0.roa
Signing time:             Tue 02 Jan 2024 10:34:01 +0000
ROA not before:           Tue 02 Jan 2024 10:34:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     40676
IP address blocks:        2a10:ccc3:ccc0::/46 maxlen: 48

Validation:               Failed, certificate revoked on Sat 24 Feb 2024 15:23:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:c9:28:05:e1:27:25:37:ed:f2:3f:26:58:39:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 10:34:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=44e73f7e7853eff3dec8dbb507a1b40feaa2c16d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:78:02:64:99:8c:8c:e5:6b:2f:e7:0d:6e:fb:
                    d8:a3:23:84:42:d2:90:f1:7b:d4:26:4b:da:8f:c0:
                    90:70:19:26:36:53:c1:ce:14:46:e9:2e:5e:d3:0b:
                    eb:c5:b3:9c:3d:56:dd:fc:35:da:95:cd:f0:d3:4d:
                    9a:af:05:ab:d6:f3:95:95:a3:9a:25:93:98:c3:97:
                    20:7d:80:86:20:58:05:81:c4:e2:01:f3:e7:cb:67:
                    53:54:f4:9e:be:15:0a:7a:01:e3:db:4b:ce:3f:6f:
                    0c:c1:43:48:30:51:a1:b4:3d:26:4f:bf:fd:76:0b:
                    37:b1:be:57:87:a6:13:33:d6:9b:e8:52:57:58:ee:
                    33:7d:56:c0:0b:00:48:23:7c:4d:b3:36:1c:23:a7:
                    ba:2b:13:1a:f2:8a:a5:aa:0b:71:94:7f:5e:60:1f:
                    b7:e2:0d:6b:c9:64:62:96:f8:51:7e:f7:d3:75:af:
                    9d:ec:e1:9e:9c:38:29:49:a3:da:e5:3c:2f:c9:23:
                    6c:c9:84:a4:72:cd:55:cb:37:43:c2:2a:69:6d:b1:
                    a5:62:27:6f:61:ba:71:ff:43:e2:68:8d:f3:b4:03:
                    36:15:14:f2:d6:4f:eb:39:d1:74:64:71:4d:a4:be:
                    a2:11:3c:1d:d5:fc:38:6d:a7:5b:a2:58:90:7f:28:
                    c8:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:E7:3F:7E:78:53:EF:F3:DE:C8:DB:B5:07:A1:B4:0F:EA:A2:C1:6D
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ROc_fnhT7_PeyNu1B6G0D-qiwW0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:ccc3:ccc0::/46

    Signature Algorithm: sha256WithRSAEncryption
         78:70:53:f8:30:7e:ff:e6:aa:8f:d4:2c:86:4c:47:ee:28:73:
         97:65:2f:73:0b:63:20:19:34:0a:ab:a7:50:7f:e6:3c:9e:34:
         5b:a7:86:4c:8e:db:1a:42:7c:bc:6c:70:92:c1:2e:9a:26:29:
         3a:a6:3a:67:80:d6:01:65:c9:fa:16:55:e6:29:6c:0c:2c:b7:
         d8:ef:03:e5:aa:1c:4d:d6:a5:ee:be:eb:24:03:8e:e6:4b:06:
         1c:29:ac:92:8d:0f:d4:1d:56:fd:e9:12:8c:1a:5f:04:e3:56:
         5a:97:fc:2b:15:fe:a4:08:11:23:7a:e6:ce:ac:f7:18:f3:93:
         08:12:da:05:42:66:a4:9d:83:2b:d8:f8:da:20:f9:75:9e:bd:
         18:7b:6c:f0:38:75:6a:89:a4:c5:a6:c5:18:19:57:2f:80:d0:
         7c:d5:ea:ce:fa:b8:ec:f6:18:fc:d5:e9:65:fd:46:c4:39:9f:
         5a:8a:99:de:fd:0b:be:c6:38:6f:48:98:16:35:db:73:9b:0f:
         ca:e9:b0:53:a8:25:ff:e2:6e:d8:24:0b:7b:2f:2f:9a:83:71:
         b9:fe:5c:9e:87:ae:ae:3c:71:05:7a:2a:49:e8:aa:dd:29:50:
         74:58:19:db:b7:0f:35:14:3d:1c:7b:d6:cf:c3:b7:5d:46:b8:
         e0:00:cc:15
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvMkoBeEnJTft8j8mWDlBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGU3M2Y3ZTc4NTNlZmYzZGVjOGRiYjUwN2ExYjQwZmVhYTJjMTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13gCZJmMjOVrL+cNbvvYoyOEQtKQ
8XvUJkvaj8CQcBkmNlPBzhRG6S5e0wvrxbOcPVbd/DXalc3w002arwWr1vOVlaOa
JZOYw5cgfYCGIFgFgcTiAfPny2dTVPSevhUKegHj20vOP28MwUNIMFGhtD0mT7/9
dgs3sb5Xh6YTM9ab6FJXWO4zfVbACwBII3xNszYcI6e6KxMa8oqlqgtxlH9eYB+3
4g1ryWRilvhRfvfTda+d7OGenDgpSaPa5TwvySNsyYSkcs1VyzdDwippbbGlYidv
Ybpx/0PiaI3ztAM2FRTy1k/rOdF0ZHFNpL6iETwd1fw4badboliQfyjIFwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFETnP354U+/z3sjbtQehtA/qosFtMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUk9jX2ZuaFQ3X1BleU51MUI2RzBELXFpd1cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKhDMw8zA
MA0GCSqGSIb3DQEBCwUAA4IBAQB4cFP4MH7/5qqP1CyGTEfuKHOXZS9zC2MgGTQK
q6dQf+Y8njRbp4ZMjtsaQny8bHCSwS6aJik6pjpngNYBZcn6FlXmKWwMLLfY7wPl
qhxN1qXuvuskA47mSwYcKaySjQ/UHVb96RKMGl8E41Zal/wrFf6kCBEjeubOrPcY
85MIEtoFQmaknYMr2PjaIPl1nr0Ye2zwOHVqiaTFpsUYGVcvgNB81erO+rjs9hj8
1ell/UbEOZ9aipne/Qu+xjhvSJgWNdtzmw/K6bBTqCX/4m7YJAt7Ly+ag3G5/lye
h66uPHEFeipJ6KrdKVB0WBnbtw81FD0ce9bPw7ddRrjgAMwV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:31 2024 by rpki-client on console-fra.rpki-client.org