Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/i-dbXqAlI6AfXY9aHO3wrq8m2kg.roa
File:                     i-dbXqAlI6AfXY9aHO3wrq8m2kg.roa (raw, json)
Hash identifier:          8Gkne1sY0o4XHQj4BnX75ZVbJ++3sXMYzNG3EQVBO4s=
Subject key identifier:   8B:E7:5B:5E:A0:25:23:A0:1F:5D:8F:5A:1C:ED:F0:AE:AF:26:DA:48
Certificate issuer:       /CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Certificate serial:       018CC6B7DEDE3B14C07994411EFA0339F1C6
Authority key identifier: 94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/i-dbXqAlI6AfXY9aHO3wrq8m2kg.roa
Signing time:             Mon 01 Jan 2024 20:29:47 +0000
ROA not before:           Mon 01 Jan 2024 20:29:47 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61102
IP address blocks:        2a10:1fc0:4::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 14 Feb 2024 21:52:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b7:de:de:3b:14:c0:79:94:41:1e:fa:03:39:f1:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=947320d030930178e6f7ceef91d2ab8784d3dc16
        Validity
            Not Before: Jan  1 20:29:47 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8be75b5ea02523a01f5d8f5a1cedf0aeaf26da48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:23:b0:ec:b3:fc:89:2c:b8:95:4f:68:0a:64:
                    55:a3:30:34:58:7f:90:4a:6e:f9:32:71:ef:1e:5e:
                    60:84:39:ad:44:4b:0a:11:d4:e4:d7:08:86:7d:10:
                    74:72:ab:ef:0a:9e:19:d7:91:01:40:ff:f0:a9:04:
                    d6:33:aa:2f:23:1e:23:d2:93:e7:48:44:9f:64:e3:
                    f3:cf:06:30:c0:11:14:28:da:85:88:9e:ef:fe:61:
                    62:f3:3b:89:05:35:1b:b0:1c:67:f8:79:8e:ca:d2:
                    1b:e7:e1:4d:3f:85:81:ff:72:c2:41:06:e9:7f:67:
                    a9:13:12:35:36:a0:56:0a:c7:91:3c:a7:71:5c:3c:
                    e0:3c:69:36:ff:94:0a:f4:27:5f:7b:fe:2e:ec:d2:
                    87:00:0e:9d:8b:56:73:77:59:50:f9:2e:86:ee:90:
                    7b:14:ce:13:fd:1c:a9:09:22:80:08:bd:c8:e3:76:
                    93:f1:82:48:a5:fc:cd:da:b2:cf:0d:7d:bc:f0:29:
                    f6:a1:61:a3:37:2a:22:df:6e:42:83:dd:7d:0f:ba:
                    9c:85:16:d7:ac:ca:a3:d0:c9:31:05:b1:13:73:f4:
                    2b:df:f2:6a:ba:ae:83:2c:6f:e2:fb:7b:94:16:2e:
                    29:40:69:68:5b:d9:77:44:36:7c:2f:7d:6b:74:46:
                    7d:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:E7:5B:5E:A0:25:23:A0:1F:5D:8F:5A:1C:ED:F0:AE:AF:26:DA:48
            X509v3 Authority Key Identifier:
                keyid:94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/i-dbXqAlI6AfXY9aHO3wrq8m2kg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:1fc0:4::/48

    Signature Algorithm: sha256WithRSAEncryption
         17:4e:50:7b:b6:42:49:1d:a1:1b:54:29:f4:e1:4d:bd:cb:f8:
         cc:27:16:e6:80:51:9e:7f:e7:a3:12:65:7b:fc:8a:8b:d9:57:
         13:b3:8f:24:55:ee:52:55:61:48:94:00:f2:38:9f:e5:d3:84:
         83:5c:91:23:87:57:9e:77:1a:07:ad:b0:42:ca:e7:38:ce:a0:
         e1:1d:0c:8b:a1:14:db:fc:91:e9:c9:1e:f9:b9:a9:58:83:0f:
         6a:8d:a9:7d:e8:7d:4c:39:b4:10:c4:28:c2:05:ab:53:0d:2c:
         b9:51:9a:42:62:a8:ea:a3:ea:6a:42:8c:c0:64:e4:4d:57:44:
         e0:55:a5:e9:91:43:81:eb:b5:05:fa:6a:dd:58:ec:44:c4:67:
         76:19:6f:10:fc:07:8b:59:ea:06:6b:cc:50:26:22:c6:08:31:
         7d:ea:62:4e:82:b1:48:d5:05:c9:a7:8a:30:a9:65:81:a9:72:
         ad:d3:40:47:a0:74:c2:4b:d7:71:0d:14:60:e5:3c:64:41:2f:
         5e:57:d7:64:96:c3:18:b0:af:93:34:b8:c3:64:a8:35:1b:92:
         7e:1c:7a:ac:3b:53:6a:5c:bd:18:09:b7:59:10:f2:b7:a2:c8:
         85:84:72:96:9a:e2:9b:be:ac:d9:c2:05:f2:21:68:e0:d1:50:
         2d:bb:cf:33
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGt97eOxTAeZRBHvoDOfHGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzMyMGQwMzA5MzAxNzhlNmY3Y2VlZjkxZDJhYjg3ODRk
M2RjMTYwHhcNMjQwMTAxMjAyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmU3NWI1ZWEwMjUyM2EwMWY1ZDhmNWExY2VkZjBhZWFmMjZkYTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCOw7LP8iSy4lU9oCmRVozA0WH+Q
Sm75MnHvHl5ghDmtREsKEdTk1wiGfRB0cqvvCp4Z15EBQP/wqQTWM6ovIx4j0pPn
SESfZOPzzwYwwBEUKNqFiJ7v/mFi8zuJBTUbsBxn+HmOytIb5+FNP4WB/3LCQQbp
f2epExI1NqBWCseRPKdxXDzgPGk2/5QK9Cdfe/4u7NKHAA6di1Zzd1lQ+S6G7pB7
FM4T/RypCSKACL3I43aT8YJIpfzN2rLPDX288Cn2oWGjNyoi325Cg919D7qchRbX
rMqj0MkxBbETc/Qr3/Jquq6DLG/i+3uUFi4pQGloW9l3RDZ8L31rdEZ9AQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIvnW16gJSOgH12PWhzt8K6vJtpIMB8GA1UdIwQY
MBaAFJRzINAwkwF45vfO75HSq4eE09wWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEt
OGFjNGEyMTkzOGI0LzEvaS1kYlhxQWxJNkFmWFk5YUhPM3dycThtMmtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEtOGFjNGEyMTkzOGI0
LzEvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAfwAAE
MA0GCSqGSIb3DQEBCwUAA4IBAQAXTlB7tkJJHaEbVCn04U29y/jMJxbmgFGef+ej
EmV7/IqL2VcTs48kVe5SVWFIlADyOJ/l04SDXJEjh1eedxoHrbBCyuc4zqDhHQyL
oRTb/JHpyR75ualYgw9qjal96H1MObQQxCjCBatTDSy5UZpCYqjqo+pqQozAZORN
V0TgVaXpkUOB67UF+mrdWOxExGd2GW8Q/AeLWeoGa8xQJiLGCDF96mJOgrFI1QXJ
p4owqWWBqXKt00BHoHTCS9dxDRRg5TxkQS9eV9dklsMYsK+TNLjDZKg1G5J+HHqs
O1NqXL0YCbdZEPK3osiFhHKWmuKbvqzZwgXyIWjg0VAtu88z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:13 2024 by rpki-client on console-ams.rpki-client.org