Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kL_42tANMbwKqshgal5EeBTKD_Y.roa
File:                     kL_42tANMbwKqshgal5EeBTKD_Y.roa (raw, json)
Hash identifier:          po1deEe6s/9kfrKsYQn3TLua4tiDfonpKXv7apvOth4=
Subject key identifier:   90:BF:F8:DA:D0:0D:31:BC:0A:AA:C8:60:6A:5E:44:78:14:CA:0F:F6
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E7CB01FD41F942BF4B4263BA88EDAD
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kL_42tANMbwKqshgal5EeBTKD_Y.roa
Signing time:             Mon 02 Jan 2023 05:15:17 +0000
ROA not before:           Mon 02 Jan 2023 05:15:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207317
IP address blocks:        2a10:2f00:11a::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:cb:01:fd:41:f9:42:bf:4b:42:63:ba:88:ed:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=90bff8dad00d31bc0aaac8606a5e447814ca0ff6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:42:5e:e4:bf:96:96:af:e6:b6:84:47:e0:0e:
                    65:2e:3b:cc:1a:29:9c:25:c1:4d:99:62:92:2b:b8:
                    0e:f5:7d:81:83:35:b9:a0:0e:48:8d:ac:0e:ec:ae:
                    ca:b3:9e:03:54:ff:3d:d4:2a:07:e8:00:7e:0a:13:
                    a6:a6:bf:e6:ac:c8:d7:ea:4a:c5:38:00:d7:c4:35:
                    b9:35:23:3d:f4:71:b2:f5:55:ba:ec:8e:a9:0e:1b:
                    fe:bd:08:72:b1:c5:c1:b8:e7:3b:b2:59:c0:b5:9a:
                    34:49:94:58:0b:d0:40:8d:d3:fa:34:73:ae:57:cd:
                    7c:7c:4d:a3:a1:8d:f5:2b:89:02:e0:7a:7e:4b:bb:
                    fb:b0:62:48:17:10:51:fa:b0:c8:61:5a:b5:da:89:
                    62:56:cd:53:61:fe:15:b5:85:ac:9c:6e:2f:36:7b:
                    af:80:77:8f:59:05:40:c6:b3:1a:f5:13:31:43:7c:
                    0e:de:46:8c:17:86:f3:b4:66:58:b0:e6:20:1f:9d:
                    01:5b:2a:fd:ed:cd:08:d5:a2:bb:24:d9:d2:b8:16:
                    0a:05:25:6f:44:82:a1:72:4a:71:a4:16:5b:c3:93:
                    be:9d:51:93:40:9a:5d:90:02:34:26:41:1b:2f:98:
                    a6:3b:77:f2:3a:03:64:54:22:e1:ef:47:e1:ad:0a:
                    9b:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:BF:F8:DA:D0:0D:31:BC:0A:AA:C8:60:6A:5E:44:78:14:CA:0F:F6
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kL_42tANMbwKqshgal5EeBTKD_Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:2f00:11a::/48

    Signature Algorithm: sha256WithRSAEncryption
         70:bc:11:6f:ae:75:06:ac:da:3f:19:06:c2:e0:9a:1a:e2:40:
         18:84:19:ec:3a:2a:2b:a5:7d:95:cf:26:aa:52:15:20:54:15:
         91:98:c5:4f:ef:54:a8:3b:53:15:1c:a0:8c:66:20:44:39:9f:
         55:f4:de:db:29:91:30:a9:68:38:63:7e:8f:dd:80:cc:4d:4a:
         2e:77:fc:bc:91:ad:3a:77:c1:0f:54:05:e2:99:26:9c:0b:fc:
         5c:35:59:b5:b4:b3:2c:3d:43:43:11:ea:23:cb:dc:63:c1:7d:
         04:63:62:0e:54:6e:20:6e:bd:19:7e:a4:b3:89:97:bd:db:51:
         39:80:02:be:50:28:6e:59:58:b4:82:34:3a:e2:15:0e:86:5a:
         84:45:7c:fe:25:c2:fb:83:5b:7f:92:0d:3a:f8:08:7a:75:2d:
         79:39:78:a1:68:3d:71:47:fe:03:e7:08:82:5a:2c:a2:74:d3:
         01:49:bf:e2:7f:30:6f:61:92:06:75:42:4d:ba:3f:19:fa:65:
         9b:e2:59:bf:0d:e9:98:58:11:96:14:a7:ae:96:44:59:31:f9:
         66:a2:2c:74:31:48:50:a2:d5:ae:ad:8c:89:a8:2d:1f:63:d7:
         22:4b:a4:a3:45:01:a2:e0:11:1c:e5:5d:c3:3a:d2:9c:cb:ce:
         17:d6:62:9a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw58sB/UH5Qr9LQmO6iO2tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGJmZjhkYWQwMGQzMWJjMGFhYWM4NjA2YTVlNDQ3ODE0Y2EwZmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0Je5L+Wlq/mtoRH4A5lLjvMGimc
JcFNmWKSK7gO9X2BgzW5oA5IjawO7K7Ks54DVP891CoH6AB+ChOmpr/mrMjX6krF
OADXxDW5NSM99HGy9VW67I6pDhv+vQhyscXBuOc7slnAtZo0SZRYC9BAjdP6NHOu
V818fE2joY31K4kC4Hp+S7v7sGJIFxBR+rDIYVq12oliVs1TYf4VtYWsnG4vNnuv
gHePWQVAxrMa9RMxQ3wO3kaMF4bztGZYsOYgH50BWyr97c0I1aK7JNnSuBYKBSVv
RIKhckpxpBZbw5O+nVGTQJpdkAI0JkEbL5imO3fyOgNkVCLh70fhrQqb1QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJC/+NrQDTG8CqrIYGpeRHgUyg/2MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEva0xfNDJ0QU5NYndLcXNoZ2FsNUVlQlRLRF9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAvAAEa
MA0GCSqGSIb3DQEBCwUAA4IBAQBwvBFvrnUGrNo/GQbC4Joa4kAYhBnsOiorpX2V
zyaqUhUgVBWRmMVP71SoO1MVHKCMZiBEOZ9V9N7bKZEwqWg4Y36P3YDMTUoud/y8
ka06d8EPVAXimSacC/xcNVm1tLMsPUNDEeojy9xjwX0EY2IOVG4gbr0ZfqSziZe9
21E5gAK+UChuWVi0gjQ64hUOhlqERXz+JcL7g1t/kg06+Ah6dS15OXihaD1xR/4D
5wiCWiyidNMBSb/ifzBvYZIGdUJNuj8Z+mWb4lm/DemYWBGWFKeulkRZMflmoix0
MUhQotWurYyJqC0fY9ciS6SjRQGi4BEc5V3DOtKcy84X1mKa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:11 2024 by rpki-client on console-ams.rpki-client.org