Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dALvdOIZflvKTyIkzUwTNEM4YzE.roa
File:                     dALvdOIZflvKTyIkzUwTNEM4YzE.roa (raw, json)
Hash identifier:          7I6T0RUCRrNgWTxvqFlTyopQOfHc9JLz9XvQV9DNKjA=
Subject key identifier:   74:02:EF:74:E2:19:7E:5B:CA:4F:22:24:CD:4C:13:34:43:38:63:31
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018C4F1F9D51EA1840166286A81ED3DE18B8
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dALvdOIZflvKTyIkzUwTNEM4YzE.roa
Signing time:             Sat 09 Dec 2023 15:08:41 +0000
ROA not before:           Sat 09 Dec 2023 15:08:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199763
IP address blocks:        2a10:cc44:1c0::/44 maxlen: 48
                          2a10:cc44:1c1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:4f:1f:9d:51:ea:18:40:16:62:86:a8:1e:d3:de:18:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Dec  9 15:08:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7402ef74e2197e5bca4f2224cd4c133443386331
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:5f:5a:c7:c5:e5:6e:98:2b:f1:e9:19:5f:d8:
                    cd:88:ef:25:2b:8c:04:37:c8:5f:59:ce:21:58:1e:
                    78:4c:90:59:16:b6:8e:8b:56:d6:5d:a0:94:b3:f1:
                    b7:ad:03:65:8f:82:eb:c3:c6:18:76:1d:5e:7f:a9:
                    79:35:46:1d:87:68:f5:b7:ac:04:f6:4b:5c:60:ac:
                    fb:09:98:0f:ee:dd:0a:a9:e6:69:3e:4c:ab:7b:d9:
                    25:72:5c:f1:8f:90:d7:e0:71:73:97:3a:14:06:77:
                    75:ac:de:bf:95:a7:3b:4e:88:b5:83:72:f6:43:ca:
                    a3:95:eb:e0:ef:c7:de:7b:38:63:ff:7c:6f:b0:cc:
                    a3:70:19:51:82:b3:3d:32:cb:0c:af:c6:0a:24:24:
                    40:4c:17:c5:b8:07:18:3a:0f:1a:0f:3b:b2:e7:c6:
                    a9:ce:7b:c3:ff:85:eb:d7:0d:b0:69:03:b2:a8:73:
                    a7:a0:e4:e4:84:72:eb:59:82:44:2a:a5:1f:d7:57:
                    2f:12:b0:6a:81:68:09:f6:af:ea:bf:f0:28:78:79:
                    38:14:04:5c:e1:a0:dc:12:57:99:d0:0e:25:93:1d:
                    fb:e0:45:b4:06:00:12:95:22:7a:49:26:93:f2:15:
                    6a:01:41:b1:14:e0:28:bd:19:78:99:d8:4f:c5:8b:
                    47:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:02:EF:74:E2:19:7E:5B:CA:4F:22:24:CD:4C:13:34:43:38:63:31
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dALvdOIZflvKTyIkzUwTNEM4YzE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:cc44:1c0::/44

    Signature Algorithm: sha256WithRSAEncryption
         81:a5:a3:a5:26:c3:30:a5:9a:ee:5b:47:1a:31:22:a5:77:2c:
         21:da:03:10:9a:3b:0d:73:72:31:78:84:ca:62:a0:bf:12:46:
         ee:e9:45:66:22:05:1f:d0:c8:60:83:06:2b:69:87:f6:4c:a2:
         08:65:51:84:27:d2:a0:f5:29:84:3e:da:6a:47:6a:58:36:47:
         a9:a7:ea:0f:58:65:93:3d:12:6b:52:38:5e:16:b1:46:54:9e:
         73:1b:29:0b:b7:61:47:fc:6e:9b:42:da:0d:3d:1a:f1:8b:c4:
         8e:19:45:1f:a7:33:d8:ca:4a:83:71:ac:e9:23:75:83:9e:18:
         9a:1d:11:0a:73:a7:5c:07:10:36:86:d7:3d:4e:40:0f:8c:aa:
         ad:52:22:f8:72:3c:d2:89:02:18:8f:92:bc:f7:09:32:bf:40:
         11:67:31:27:f8:d5:23:01:21:1e:7f:9b:cc:a1:92:61:21:fc:
         46:1f:b6:af:bb:ef:3f:60:95:bc:99:15:67:28:a2:a7:6b:91:
         27:af:a0:1d:b1:63:06:28:04:82:74:fe:47:e9:8d:ed:9a:3f:
         55:5f:04:00:58:d3:12:24:5e:81:d3:80:df:34:b5:8f:3e:42:
         a7:95:c7:33:0d:ec:1f:a7:87:74:22:29:14:96:5a:d4:ad:b3:
         6f:65:bf:52
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYxPH51R6hhAFmKGqB7T3hi4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjA5MTUwODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDAyZWY3NGUyMTk3ZTViY2E0ZjIyMjRjZDRjMTMzNDQzMzg2MzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu19ax8Xlbpgr8ekZX9jNiO8lK4wE
N8hfWc4hWB54TJBZFraOi1bWXaCUs/G3rQNlj4Lrw8YYdh1ef6l5NUYdh2j1t6wE
9ktcYKz7CZgP7t0KqeZpPkyre9klclzxj5DX4HFzlzoUBnd1rN6/lac7Toi1g3L2
Q8qjlevg78feezhj/3xvsMyjcBlRgrM9MssMr8YKJCRATBfFuAcYOg8aDzuy58ap
znvD/4Xr1w2waQOyqHOnoOTkhHLrWYJEKqUf11cvErBqgWgJ9q/qv/AoeHk4FARc
4aDcEleZ0A4lkx374EW0BgASlSJ6SSaT8hVqAUGxFOAovRl4mdhPxYtH1QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHQC73TiGX5byk8iJM1MEzRDOGMxMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZEFMdmRPSVpmbHZLVHlJa3pVd1RORU00WXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhDMRAHA
MA0GCSqGSIb3DQEBCwUAA4IBAQCBpaOlJsMwpZruW0caMSKldywh2gMQmjsNc3Ix
eITKYqC/Ekbu6UVmIgUf0MhggwYraYf2TKIIZVGEJ9Kg9SmEPtpqR2pYNkepp+oP
WGWTPRJrUjheFrFGVJ5zGykLt2FH/G6bQtoNPRrxi8SOGUUfpzPYykqDcazpI3WD
nhiaHREKc6dcBxA2htc9TkAPjKqtUiL4cjzSiQIYj5K89wkyv0ARZzEn+NUjASEe
f5vMoZJhIfxGH7avu+8/YJW8mRVnKKKna5Enr6AdsWMGKASCdP5H6Y3tmj9VXwQA
WNMSJF6B04DfNLWPPkKnlcczDewfp4d0IikUllrUrbNvZb9S
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:35 2024 by rpki-client on console-fra.rpki-client.org