Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/z4A5Igxlg33thNc9wM_nx4phyjU.roa
File:                     z4A5Igxlg33thNc9wM_nx4phyjU.roa (raw, json)
Hash identifier:          Rr9VFl59rhkqtHdmj5nxC4XWxSNcUTIgCZB7twFk/XM=
Subject key identifier:   CF:80:39:22:0C:65:83:7D:ED:84:D7:3D:C0:CF:E7:C7:8A:61:CA:35
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0190080E05CAA9605E5C678B9DE285B2B2A4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/z4A5Igxlg33thNc9wM_nx4phyjU.roa
Signing time:             Tue 11 Jun 2024 16:07:34 +0000
ROA not before:           Tue 11 Jun 2024 16:07:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     0
IP address blocks:        2a10:ccc5:2a11::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jul 2024 12:08:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:08:0e:05:ca:a9:60:5e:5c:67:8b:9d:e2:85:b2:b2:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jun 11 16:07:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cf8039220c65837ded84d73dc0cfe7c78a61ca35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:6e:cc:ed:51:05:5e:85:95:4e:a8:ea:cf:a8:
                    73:4c:7f:1d:5e:ea:a8:ed:dc:a6:ec:0f:05:01:40:
                    07:60:27:82:a4:c3:82:ed:c6:ef:a1:ff:47:c2:04:
                    e6:4a:76:20:7f:ad:13:06:dd:20:62:b1:ba:03:41:
                    bf:d6:3b:18:d9:cd:e4:bd:4c:05:97:87:70:2b:33:
                    b8:e8:7d:e5:e9:a2:be:5b:72:15:ad:8d:41:25:89:
                    9d:07:08:6b:42:ae:da:8d:c9:a5:e9:d1:20:e6:a4:
                    7b:c7:d2:bf:e4:ce:38:74:9c:47:90:21:1e:c3:70:
                    19:03:a5:de:72:02:23:62:76:15:f2:77:d6:48:4b:
                    64:c3:2b:90:2f:1e:38:f7:30:c2:77:e9:6e:a0:f8:
                    5f:da:6f:91:ba:4a:b1:23:d1:69:bb:50:aa:16:15:
                    64:72:05:17:db:a2:39:81:cb:52:58:f7:96:87:52:
                    b7:7b:be:14:e7:6b:8a:33:44:0b:d9:8b:aa:e2:d8:
                    fe:2d:d0:88:64:ed:df:b6:26:cd:5d:e0:75:9f:ee:
                    4c:0c:55:56:eb:da:e8:06:3a:a8:a4:20:56:7c:c5:
                    18:51:21:32:8e:22:5f:f1:10:7b:82:40:e3:26:60:
                    60:e9:bc:b2:56:fd:94:6e:10:1f:59:63:04:b0:35:
                    16:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:80:39:22:0C:65:83:7D:ED:84:D7:3D:C0:CF:E7:C7:8A:61:CA:35
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/z4A5Igxlg33thNc9wM_nx4phyjU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:ccc5:2a11::/48

    Signature Algorithm: sha256WithRSAEncryption
         67:d8:6b:e6:03:a2:9d:17:12:7d:85:77:37:d3:ee:3e:78:4b:
         b7:60:d5:b8:ca:c1:ac:b5:9b:b1:eb:12:68:50:b0:1a:33:de:
         59:a3:7c:b7:10:6f:36:47:f3:6e:05:f6:91:ee:3d:7d:8e:fd:
         40:4c:1b:56:ad:c5:76:8e:fb:43:73:97:62:d2:9c:f8:84:8f:
         f1:fd:3b:d5:8a:0c:fa:8f:d1:ee:60:89:99:7b:b1:d6:d9:da:
         02:10:15:f6:a7:16:f9:2a:81:67:1e:11:da:55:20:a9:8e:9e:
         a5:a9:94:7a:0a:9f:b4:bc:ab:c2:e0:4e:62:69:09:7a:94:71:
         82:1e:57:4a:9d:69:39:08:cd:1e:66:86:29:db:fc:2d:20:8e:
         49:64:19:ce:c5:17:1f:0d:4a:20:09:78:dc:67:9e:68:99:e5:
         03:21:72:be:9c:1f:6b:e1:a1:80:fa:d6:6c:52:0b:2a:81:47:
         3e:25:c0:41:27:83:ec:44:d2:cf:d3:42:2f:b0:46:78:a8:ca:
         69:5e:33:18:61:c2:16:2b:3d:ef:50:78:0b:28:67:2d:19:92:
         1f:3d:1f:74:d3:2f:94:80:7a:ac:db:67:e3:5a:ea:28:0c:ce:
         f6:f3:5e:0e:3c:cf:f2:0b:0f:01:0c:14:91:c9:85:81:71:c0:
         0d:29:23:7a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZAIDgXKqWBeXGeLneKFsrKkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNjExMTYwNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjgwMzkyMjBjNjU4MzdkZWQ4NGQ3M2RjMGNmZTdjNzhhNjFjYTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt27M7VEFXoWVTqjqz6hzTH8dXuqo
7dym7A8FAUAHYCeCpMOC7cbvof9HwgTmSnYgf60TBt0gYrG6A0G/1jsY2c3kvUwF
l4dwKzO46H3l6aK+W3IVrY1BJYmdBwhrQq7ajcml6dEg5qR7x9K/5M44dJxHkCEe
w3AZA6XecgIjYnYV8nfWSEtkwyuQLx449zDCd+luoPhf2m+RukqxI9Fpu1CqFhVk
cgUX26I5gctSWPeWh1K3e74U52uKM0QL2Yuq4tj+LdCIZO3ftibNXeB1n+5MDFVW
69roBjqopCBWfMUYUSEyjiJf8RB7gkDjJmBg6byyVv2UbhAfWWMEsDUWWQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM+AOSIMZYN97YTXPcDP58eKYco1MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvejRBNUlneGxnMzN0aE5jOXdNX254NHBoeWpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhDMxSoR
MA0GCSqGSIb3DQEBCwUAA4IBAQBn2GvmA6KdFxJ9hXc30+4+eEu3YNW4ysGstZux
6xJoULAaM95Zo3y3EG82R/NuBfaR7j19jv1ATBtWrcV2jvtDc5di0pz4hI/x/TvV
igz6j9HuYImZe7HW2doCEBX2pxb5KoFnHhHaVSCpjp6lqZR6Cp+0vKvC4E5iaQl6
lHGCHldKnWk5CM0eZoYp2/wtII5JZBnOxRcfDUogCXjcZ55omeUDIXK+nB9r4aGA
+tZsUgsqgUc+JcBBJ4PsRNLP00IvsEZ4qMppXjMYYcIWKz3vUHgLKGctGZIfPR90
0y+UgHqs22fjWuooDM72814OPM/yCw8BDBSRyYWBccANKSN6
-----END CERTIFICATE-----
Generated at Tue Jul 2 14:42:04 2024 by rpki-client on console-ams.rpki-client.org