Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XmU6MwRjtczfy8iB6WZkdNjh_d0.roa
File:                     XmU6MwRjtczfy8iB6WZkdNjh_d0.roa (raw, json)
Hash identifier:          o2WKGyVEVW8c92WNnwb3vqUx0xluLmor2IImxOoGivQ=
Subject key identifier:   5E:65:3A:33:04:63:B5:CC:DF:CB:C8:81:E9:66:64:74:D8:E1:FD:DD
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E779DBF4720041219371DA8D82DA1E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XmU6MwRjtczfy8iB6WZkdNjh_d0.roa
Signing time:             Mon 02 Jan 2023 05:14:56 +0000
ROA not before:           Mon 02 Jan 2023 05:14:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35708
IP address blocks:        2a10:2f00:173::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:79:db:f4:72:00:41:21:93:71:da:8d:82:da:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:14:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5e653a330463b5ccdfcbc881e9666474d8e1fddd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:64:a7:cb:18:94:00:b1:25:75:48:4c:79:aa:
                    38:71:e7:18:90:8e:3f:d7:c7:9d:b2:0b:3b:25:a6:
                    84:2b:a9:47:af:1f:b1:77:1c:34:4b:3b:08:e3:54:
                    e4:76:3e:83:86:85:d4:27:bf:7d:83:97:6d:0b:c5:
                    d0:af:0e:3d:c4:d5:1e:c5:7a:fb:41:32:f7:0b:8b:
                    be:0d:f2:a4:2f:3c:24:98:23:d9:13:6c:8a:ac:bc:
                    4e:6b:8f:f1:34:bd:2e:93:05:7b:72:b7:6b:e6:cb:
                    96:2a:60:82:0d:be:5d:f9:95:a3:b6:73:e4:30:e3:
                    4e:63:6e:c6:d3:ca:45:c7:bc:91:f2:ac:de:4d:2b:
                    8e:6a:30:7b:df:ca:a2:7f:b1:55:ef:91:b5:6c:d0:
                    7e:be:36:0a:50:fe:e7:1c:dc:ce:1f:6b:88:60:83:
                    73:40:52:56:89:61:d5:3a:35:b2:95:bd:b9:45:e9:
                    10:fd:ee:83:63:d2:76:8a:c8:6e:33:31:07:17:84:
                    11:11:35:1f:2e:75:cb:36:8a:57:dc:1f:db:68:02:
                    8e:65:42:3d:76:98:d9:28:2f:d2:3d:3a:3e:03:28:
                    de:fb:6c:7e:c9:f4:35:17:21:cf:62:52:a0:c9:5c:
                    00:b4:ac:ff:fe:a7:f9:38:28:4c:fd:c5:e5:14:8a:
                    c4:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:65:3A:33:04:63:B5:CC:DF:CB:C8:81:E9:66:64:74:D8:E1:FD:DD
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XmU6MwRjtczfy8iB6WZkdNjh_d0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:2f00:173::/48

    Signature Algorithm: sha256WithRSAEncryption
         85:59:8e:92:93:0b:42:93:69:e7:4d:90:c5:55:cc:a4:be:29:
         fd:dd:03:da:63:08:0b:77:a5:ce:7a:76:91:8d:29:6f:22:71:
         41:00:7b:06:b1:e5:68:ac:60:e2:57:05:9a:7c:d0:ac:41:ed:
         15:69:b7:2d:3b:76:c1:68:d0:cf:09:db:52:5c:12:ab:ae:8d:
         be:3a:89:ae:59:72:bd:78:bf:10:03:23:18:c1:de:ba:2e:c8:
         a5:da:f5:85:c0:b8:05:87:9f:1c:31:8c:89:9a:a9:dc:a5:c1:
         fd:01:bb:97:35:22:b6:5d:ea:67:c7:25:a8:8b:9f:3d:29:45:
         89:4f:b2:10:8c:b9:37:49:82:0a:84:87:c5:7c:73:91:6c:9b:
         be:b4:6d:f6:1e:33:92:bd:78:71:fc:08:01:3c:31:ce:02:61:
         cf:fc:89:f8:d2:25:9d:f6:c6:bb:84:ce:3a:50:23:b6:da:f3:
         db:24:3d:f3:2f:46:6b:29:f2:2e:bf:92:5f:29:5a:87:55:b6:
         c6:59:ca:d7:17:45:80:06:96:bd:fc:ba:09:3d:6b:44:47:8c:
         16:a3:a9:75:36:4b:c7:bb:5d:e3:b0:11:6a:7d:cb:f4:48:7e:
         4f:53:54:85:f0:a2:3d:22:45:fd:58:4c:c8:11:a8:de:a4:f1:
         df:6f:bb:c9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw53nb9HIAQSGTcdqNgtoeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTY1M2EzMzA0NjNiNWNjZGZjYmM4ODFlOTY2NjQ3NGQ4ZTFmZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmSnyxiUALEldUhMeao4cecYkI4/
18edsgs7JaaEK6lHrx+xdxw0SzsI41Tkdj6DhoXUJ799g5dtC8XQrw49xNUexXr7
QTL3C4u+DfKkLzwkmCPZE2yKrLxOa4/xNL0ukwV7crdr5suWKmCCDb5d+ZWjtnPk
MONOY27G08pFx7yR8qzeTSuOajB738qif7FV75G1bNB+vjYKUP7nHNzOH2uIYINz
QFJWiWHVOjWylb25RekQ/e6DY9J2ishuMzEHF4QRETUfLnXLNopX3B/baAKOZUI9
dpjZKC/SPTo+Ayje+2x+yfQ1FyHPYlKgyVwAtKz//qf5OChM/cXlFIrEZwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF5lOjMEY7XM38vIgelmZHTY4f3dMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWG1VNk13Ump0Y3pmeThpQjZXWmtkTmpoX2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAvAAFz
MA0GCSqGSIb3DQEBCwUAA4IBAQCFWY6SkwtCk2nnTZDFVcykvin93QPaYwgLd6XO
enaRjSlvInFBAHsGseVorGDiVwWafNCsQe0VabctO3bBaNDPCdtSXBKrro2+Oomu
WXK9eL8QAyMYwd66Lsil2vWFwLgFh58cMYyJmqncpcH9AbuXNSK2XepnxyWoi589
KUWJT7IQjLk3SYIKhIfFfHORbJu+tG32HjOSvXhx/AgBPDHOAmHP/In40iWd9sa7
hM46UCO22vPbJD3zL0ZrKfIuv5JfKVqHVbbGWcrXF0WABpa9/LoJPWtER4wWo6l1
NkvHu13jsBFqfcv0SH5PU1SF8KI9IkX9WEzIEajepPHfb7vJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:33 2024 by rpki-client on console-fra.rpki-client.org