Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qpuB6_JUd219y-c7NBZ3aWKh3AA.roa
File:                     qpuB6_JUd219y-c7NBZ3aWKh3AA.roa (raw, json)
Hash identifier:          /Y1398+7Isa/h7vPL8WBCXZPpjcmi8rleem7oVriBHw=
Subject key identifier:   AA:9B:81:EB:F2:54:77:6D:7D:CB:E7:3B:34:16:77:69:62:A1:DC:00
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0186C506FA5804E07A579A6C70F8C84CCFDB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qpuB6_JUd219y-c7NBZ3aWKh3AA.roa
Signing time:             Thu 09 Mar 2023 06:20:14 +0000
ROA not before:           Thu 09 Mar 2023 06:20:14 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58133
IP address blocks:        2a10:2f00:123::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:c5:06:fa:58:04:e0:7a:57:9a:6c:70:f8:c8:4c:cf:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Mar  9 06:20:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aa9b81ebf254776d7dcbe73b3416776962a1dc00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:ec:68:8f:76:1c:4a:f3:74:fe:e1:66:4a:c7:
                    82:af:06:52:1b:4e:ce:5d:a7:30:65:4e:0e:79:94:
                    cf:a0:d9:d1:3c:f4:2e:37:3b:73:26:d4:43:d5:9f:
                    d8:4e:26:1a:2d:c9:41:f6:b5:06:5e:04:aa:9b:a9:
                    60:9a:06:ed:19:4f:cc:47:14:27:bd:30:6b:6b:20:
                    d5:fa:6d:5d:a0:25:e2:b2:92:47:61:8f:f8:40:9d:
                    e0:bc:01:4d:fe:cb:03:0e:65:fc:04:77:65:f4:65:
                    a3:36:b3:83:81:ea:fd:63:82:23:62:f5:ae:b8:65:
                    34:51:2a:fc:ed:f5:02:ab:c5:15:f8:5d:e8:0a:8e:
                    f8:3d:2c:0c:76:98:a5:7b:36:e6:24:99:20:f4:3b:
                    ce:57:36:d0:e3:5d:47:c7:bd:2e:0e:be:0f:ed:10:
                    20:cd:72:ac:b3:50:a1:f5:cb:76:2a:86:0b:0e:10:
                    2e:34:8d:aa:59:f6:2b:c0:71:85:0d:6b:da:1c:98:
                    bd:f4:65:dd:5e:6e:c1:e7:b6:36:14:de:c2:8e:6b:
                    69:f7:f5:8d:9d:14:a3:f3:f9:91:33:a2:7e:27:fe:
                    0d:7a:57:ea:c3:31:7c:ca:48:a1:15:5b:0d:d2:ef:
                    eb:1b:99:9e:86:90:b7:c8:b8:d9:5f:7c:c7:bd:b8:
                    4e:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:9B:81:EB:F2:54:77:6D:7D:CB:E7:3B:34:16:77:69:62:A1:DC:00
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qpuB6_JUd219y-c7NBZ3aWKh3AA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:2f00:123::/48

    Signature Algorithm: sha256WithRSAEncryption
         a0:e2:4b:cb:97:af:38:2c:5d:9b:e6:0e:eb:7b:0b:15:12:00:
         dd:f0:37:3f:d7:92:aa:d8:90:b0:73:8d:8e:49:66:e4:e3:a2:
         b4:05:cd:09:8d:cf:3c:d0:56:b3:cc:36:0b:6e:5f:bd:20:d6:
         09:3b:a0:27:dd:a7:d7:b1:af:e9:59:74:9d:52:23:a8:72:58:
         ab:c0:7d:55:2f:06:d0:01:15:e0:22:4e:bb:a6:6c:5f:e6:1d:
         4d:17:0e:1f:b8:b9:7b:d0:68:c4:ad:c6:62:37:2e:51:a0:8c:
         d8:46:8d:bb:56:a4:af:db:af:e5:cb:ec:1b:86:4f:eb:3d:5a:
         7f:73:60:c9:82:cf:c3:ad:86:81:11:b8:68:53:65:98:c1:6e:
         68:e4:23:5f:c4:73:e6:6c:cb:5c:31:7f:51:52:47:fe:27:7b:
         17:11:4f:10:ea:40:e4:e5:d9:c5:dd:09:93:b2:ee:f1:34:1a:
         8f:03:1d:0a:13:c8:5d:b2:52:dd:f7:39:35:32:7b:88:e0:ff:
         d1:49:d4:a7:bb:b6:7b:ea:28:4e:1c:f3:78:72:25:20:c1:7a:
         b7:66:3e:36:14:ef:94:d9:7c:af:57:bc:b5:5b:91:5f:d2:ad:
         01:03:84:b0:9a:95:16:c3:03:98:4b:f6:34:b4:f5:9f:f2:0d:
         0d:5a:78:63
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYbFBvpYBOB6V5pscPjITM/bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzA5MDYyMDE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTliODFlYmYyNTQ3NzZkN2RjYmU3M2IzNDE2Nzc2OTYyYTFkYzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgexoj3YcSvN0/uFmSseCrwZSG07O
XacwZU4OeZTPoNnRPPQuNztzJtRD1Z/YTiYaLclB9rUGXgSqm6lgmgbtGU/MRxQn
vTBrayDV+m1doCXispJHYY/4QJ3gvAFN/ssDDmX8BHdl9GWjNrODger9Y4IjYvWu
uGU0USr87fUCq8UV+F3oCo74PSwMdpilezbmJJkg9DvOVzbQ411Hx70uDr4P7RAg
zXKss1Ch9ct2KoYLDhAuNI2qWfYrwHGFDWvaHJi99GXdXm7B57Y2FN7Cjmtp9/WN
nRSj8/mRM6J+J/4NelfqwzF8ykihFVsN0u/rG5mehpC3yLjZX3zHvbhOBwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKqbgevyVHdtfcvnOzQWd2liodwAMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcXB1QjZfSlVkMjE5eS1jN05CWjNhV0toM0FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAvAAEj
MA0GCSqGSIb3DQEBCwUAA4IBAQCg4kvLl684LF2b5g7rewsVEgDd8Dc/15Kq2JCw
c42OSWbk46K0Bc0Jjc880FazzDYLbl+9INYJO6An3afXsa/pWXSdUiOoclirwH1V
LwbQARXgIk67pmxf5h1NFw4fuLl70GjErcZiNy5RoIzYRo27VqSv26/ly+wbhk/r
PVp/c2DJgs/DrYaBEbhoU2WYwW5o5CNfxHPmbMtcMX9RUkf+J3sXEU8Q6kDk5dnF
3QmTsu7xNBqPAx0KE8hdslLd9zk1MnuI4P/RSdSnu7Z76ihOHPN4ciUgwXq3Zj42
FO+U2XyvV7y1W5Ff0q0BA4SwmpUWwwOYS/Y0tPWf8g0NWnhj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:38 2024 by rpki-client on console-fra.rpki-client.org