Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XJzd92uqkpQCSp1RkGHGRTk8IWc.roa
File:                     XJzd92uqkpQCSp1RkGHGRTk8IWc.roa (raw, json)
Hash identifier:          kd/aVrguYoj6tUnj2yOS+CCZPKJqn23DdfHg/aq4iqU=
Subject key identifier:   5C:9C:DD:F7:6B:AA:92:94:02:4A:9D:51:90:61:C6:45:39:3C:21:67
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0185DE40B1F71DE8F8DF910098653B8A0291
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XJzd92uqkpQCSp1RkGHGRTk8IWc.roa
Signing time:             Mon 23 Jan 2023 10:50:59 +0000
ROA not before:           Mon 23 Jan 2023 10:50:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211640
IP address blocks:        2a10:2f00:168::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 24 Jan 2023 16:09:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:de:40:b1:f7:1d:e8:f8:df:91:00:98:65:3b:8a:02:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan 23 10:50:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5c9cddf76baa9294024a9d519061c645393c2167
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:d3:68:1b:2c:47:87:07:ac:2e:e2:7d:bd:d6:
                    5a:0e:7c:3e:fb:9f:4a:04:06:55:60:3e:c6:50:ac:
                    1f:0d:4f:ef:c9:22:18:7f:47:fb:4b:c0:ed:7e:90:
                    fd:51:d6:ea:66:18:23:9c:85:27:e8:0b:11:ca:fb:
                    59:d4:13:5f:50:09:06:99:d2:06:7a:04:45:c1:18:
                    ae:6c:8e:e8:79:0e:af:17:7a:5b:10:f4:76:56:c0:
                    15:0c:71:f8:5a:ae:a5:a8:53:75:6c:95:05:d0:cf:
                    81:a5:f3:86:9d:78:9c:21:3e:b3:ed:37:79:f1:01:
                    3f:6a:5d:01:3c:ca:65:80:45:1e:71:6e:4d:7a:54:
                    6d:57:26:3b:5a:5c:91:75:56:a7:7b:0f:04:a2:53:
                    52:fb:48:71:e1:a3:1c:76:37:e6:24:df:ae:52:44:
                    46:13:29:30:39:81:ed:60:8c:ad:28:44:f1:e6:1e:
                    62:78:d0:60:78:71:df:7f:43:7c:68:62:72:8a:14:
                    81:4d:68:dd:c4:ea:42:03:33:34:69:d8:f5:a6:84:
                    cc:c5:3c:15:f9:a4:d5:10:3d:de:13:7d:b7:6d:19:
                    7d:7c:b4:32:4c:50:57:21:e1:a1:c3:56:7b:b9:5a:
                    bb:33:35:6a:33:79:06:f7:70:fb:25:34:77:e3:24:
                    34:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:9C:DD:F7:6B:AA:92:94:02:4A:9D:51:90:61:C6:45:39:3C:21:67
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XJzd92uqkpQCSp1RkGHGRTk8IWc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:2f00:168::/48

    Signature Algorithm: sha256WithRSAEncryption
         97:46:db:ce:31:0f:75:03:bb:a4:c6:f9:e1:71:30:06:c4:1c:
         9a:6b:1a:44:e3:fc:68:13:46:93:53:fc:57:55:eb:45:9b:a2:
         86:85:e8:41:b2:d1:12:02:38:9b:36:1e:30:c7:e0:72:41:33:
         7f:26:8a:79:74:e3:0a:29:d6:e4:2f:e0:cf:65:fc:37:80:5b:
         50:69:99:72:61:d6:5d:a7:34:79:49:50:75:1b:60:3a:d2:e6:
         ec:ed:69:70:fb:bf:d7:3b:b9:dc:d8:a5:61:1d:30:6f:18:dc:
         8a:af:4e:c8:64:bd:6f:d4:a3:58:b7:8c:e0:f9:c0:f8:35:8b:
         d8:c7:10:86:cb:aa:7a:0c:58:d6:d3:bc:35:f4:2d:e9:a2:24:
         b1:6c:c8:37:57:44:e9:9c:f6:ab:4c:a6:9b:a2:80:43:29:79:
         ab:bc:cc:4a:bc:0b:40:aa:97:0e:38:fb:56:0a:f4:b2:68:a6:
         de:7e:d3:7d:2a:ba:b6:27:f4:9b:15:98:88:c2:ab:e6:f1:7e:
         7e:b4:57:7c:91:1a:44:c3:dc:17:6b:7c:d1:07:20:fc:60:06:
         15:17:9f:c3:d5:5b:3d:3d:22:66:cc:e8:60:7b:ef:33:9f:6d:
         7b:dc:c7:b6:8b:2b:e3:6e:48:be:b3:19:21:e4:9b:ea:47:e4:
         6f:52:9b:25
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXeQLH3Hej435EAmGU7igKRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTIzMTA1MDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzljZGRmNzZiYWE5Mjk0MDI0YTlkNTE5MDYxYzY0NTM5M2MyMTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dNoGyxHhwesLuJ9vdZaDnw++59K
BAZVYD7GUKwfDU/vySIYf0f7S8DtfpD9UdbqZhgjnIUn6AsRyvtZ1BNfUAkGmdIG
egRFwRiubI7oeQ6vF3pbEPR2VsAVDHH4Wq6lqFN1bJUF0M+BpfOGnXicIT6z7Td5
8QE/al0BPMplgEUecW5NelRtVyY7WlyRdVanew8EolNS+0hx4aMcdjfmJN+uUkRG
EykwOYHtYIytKETx5h5ieNBgeHHff0N8aGJyihSBTWjdxOpCAzM0adj1poTMxTwV
+aTVED3eE323bRl9fLQyTFBXIeGhw1Z7uVq7MzVqM3kG93D7JTR34yQ07wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFyc3fdrqpKUAkqdUZBhxkU5PCFnMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWEp6ZDkydXFrcFFDU3AxUmtHSEdSVGs4SVdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAvAAFo
MA0GCSqGSIb3DQEBCwUAA4IBAQCXRtvOMQ91A7ukxvnhcTAGxByaaxpE4/xoE0aT
U/xXVetFm6KGhehBstESAjibNh4wx+ByQTN/Jop5dOMKKdbkL+DPZfw3gFtQaZly
YdZdpzR5SVB1G2A60ubs7Wlw+7/XO7nc2KVhHTBvGNyKr07IZL1v1KNYt4zg+cD4
NYvYxxCGy6p6DFjW07w19C3poiSxbMg3V0TpnParTKabooBDKXmrvMxKvAtAqpcO
OPtWCvSyaKbeftN9Krq2J/SbFZiIwqvm8X5+tFd8kRpEw9wXa3zRByD8YAYVF5/D
1Vs9PSJmzOhge+8zn2173Me2iyvjbki+sxkh5JvqR+RvUpsl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:05 2024 by rpki-client on console-ams.rpki-client.org