Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/oL_JG2WUSIhW0-BJ---t7zMFN34.roa
File:                     oL_JG2WUSIhW0-BJ---t7zMFN34.roa (raw, json)
Hash identifier:          H1OmcaPHG5ZHw+JA/DaC9XlL5J1W/6cF3vHmEQ8Ww9g=
Subject key identifier:   A0:BF:C9:1B:65:94:48:88:56:D3:E0:49:FB:EF:AD:EF:33:05:37:7E
Certificate issuer:       /CN=a088b0547f09fe9224050d70a523da5bedbe0738
Certificate serial:       0185CC7FC542E2E4A221120D3DDC678B7F53
Authority key identifier: A0:88:B0:54:7F:09:FE:92:24:05:0D:70:A5:23:DA:5B:ED:BE:07:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/oL_JG2WUSIhW0-BJ---t7zMFN34.roa
Signing time:             Fri 20 Jan 2023 00:06:43 +0000
ROA not before:           Fri 20 Jan 2023 00:06:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212027
IP address blocks:        2a10:e780::/40 maxlen: 40

Validation:               Failed, certificate revoked on Sat 21 Jan 2023 02:04:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:cc:7f:c5:42:e2:e4:a2:21:12:0d:3d:dc:67:8b:7f:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a088b0547f09fe9224050d70a523da5bedbe0738
        Validity
            Not Before: Jan 20 00:06:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a0bfc91b6594488856d3e049fbefadef3305377e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:f2:d2:ef:f0:3f:3f:70:a5:d4:23:f0:f4:a2:
                    77:17:a2:03:31:dc:13:7b:bb:29:cf:6d:15:3c:3d:
                    2a:be:84:9e:e8:8a:8a:50:61:2c:8f:ae:e6:d5:c7:
                    25:ef:34:56:88:29:42:34:86:23:9f:3a:bb:00:43:
                    fd:f7:0c:2f:c5:10:e2:32:3e:ac:a4:71:a6:a4:47:
                    a9:12:32:7d:26:fa:11:f6:ad:b0:83:53:3e:67:03:
                    44:a2:1c:a3:db:d1:e0:56:34:78:71:ba:e2:4c:7e:
                    a6:95:b9:85:e6:1f:12:36:4f:3e:12:e4:21:db:1b:
                    d3:f5:25:cb:94:c2:ec:db:0f:ac:52:ef:41:5c:e1:
                    9f:77:72:71:96:9f:f0:8e:0d:ee:f1:bd:bd:84:21:
                    7c:d5:40:29:da:b0:94:15:e9:a8:cd:e3:40:aa:eb:
                    8e:c4:cd:c1:84:f1:3e:23:20:98:e4:96:e7:f8:00:
                    d9:15:48:34:d9:e6:22:2e:5f:5a:cc:e2:f6:6d:ee:
                    24:3b:3b:a7:5c:4c:9f:01:79:79:c2:86:a5:8f:7a:
                    0a:f5:03:a5:ea:f6:14:9d:43:43:f8:7f:28:72:7d:
                    63:e0:a4:03:22:aa:59:27:65:55:25:10:a3:24:68:
                    60:78:ff:29:c9:65:fc:69:13:77:63:56:1b:8c:08:
                    f0:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:BF:C9:1B:65:94:48:88:56:D3:E0:49:FB:EF:AD:EF:33:05:37:7E
            X509v3 Authority Key Identifier:
                keyid:A0:88:B0:54:7F:09:FE:92:24:05:0D:70:A5:23:DA:5B:ED:BE:07:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/oL_JG2WUSIhW0-BJ---t7zMFN34.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:e780::/40

    Signature Algorithm: sha256WithRSAEncryption
         41:9e:25:48:dd:da:02:30:ff:91:5d:88:24:3a:e4:97:34:d7:
         d1:a5:36:44:44:43:cf:fc:38:ce:25:f4:da:94:4e:db:eb:b8:
         72:f7:e0:26:59:13:41:34:a2:4f:04:ce:48:27:4b:1e:95:26:
         10:ff:3c:3e:ab:18:1f:c2:8e:a0:53:52:30:04:4c:21:d8:e1:
         30:72:ac:e6:9c:2d:8c:c2:f0:b1:de:0d:f3:72:8f:41:55:65:
         bb:8b:34:4b:a3:51:d4:56:46:db:87:89:f7:84:ac:a4:c0:d2:
         8f:d4:56:07:67:06:31:f1:b7:1f:54:59:70:08:5b:c3:30:6b:
         ee:e7:98:54:04:6e:bf:99:79:06:1d:85:11:80:68:2c:a8:a6:
         bf:fb:77:51:ed:6f:2a:45:5a:8b:18:d3:11:02:1c:3c:fb:9f:
         27:54:1d:53:94:e6:d6:24:e7:5b:35:f4:16:9f:94:1c:d5:66:
         81:f5:7d:8a:4b:d1:1b:fe:3d:8f:c1:93:ef:dd:15:a4:e8:5b:
         e7:05:bd:a3:93:b9:77:2b:b9:02:8f:61:00:e9:1d:dc:18:84:
         d3:c6:59:2b:50:8f:37:a1:e8:1c:2b:13:d8:f9:ed:7c:4f:d5:
         56:04:1d:0a:44:d0:39:c1:2a:d6:ef:6f:f5:c7:e7:97:50:1a:
         a2:12:52:b7
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYXMf8VC4uSiIRINPdxni39TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwODhiMDU0N2YwOWZlOTIyNDA1MGQ3MGE1MjNkYTViZWRi
ZTA3MzgwHhcNMjMwMTIwMDAwNjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGJmYzkxYjY1OTQ0ODg4NTZkM2UwNDlmYmVmYWRlZjMzMDUzNzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/LS7/A/P3Cl1CPw9KJ3F6IDMdwT
e7spz20VPD0qvoSe6IqKUGEsj67m1ccl7zRWiClCNIYjnzq7AEP99wwvxRDiMj6s
pHGmpEepEjJ9JvoR9q2wg1M+ZwNEohyj29HgVjR4cbriTH6mlbmF5h8SNk8+EuQh
2xvT9SXLlMLs2w+sUu9BXOGfd3Jxlp/wjg3u8b29hCF81UAp2rCUFemozeNAquuO
xM3BhPE+IyCY5Jbn+ADZFUg02eYiLl9azOL2be4kOzunXEyfAXl5woalj3oK9QOl
6vYUnUND+H8ocn1j4KQDIqpZJ2VVJRCjJGhgeP8pyWX8aRN3Y1YbjAjwZQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKC/yRtllEiIVtPgSfvvre8zBTd+MB8GA1UdIwQY
MBaAFKCIsFR/Cf6SJAUNcKUj2lvtvgc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0lpd1ZIOEpfcElrQlExd3BTUGFXLTItQnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9kOTA2MzUtYjI4Mi00ZTg2LTllNTMt
ZGY4MmZhODk3MzI2LzEvb0xfSkcyV1VTSWhXMC1CSi0tLXQ3ek1GTjM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9kOTA2MzUtYjI4Mi00ZTg2LTllNTMtZGY4MmZhODk3MzI2
LzEvb0lpd1ZIOEpfcElrQlExd3BTUGFXLTItQnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhDngAAw
DQYJKoZIhvcNAQELBQADggEBAEGeJUjd2gIw/5FdiCQ65Jc019GlNkREQ8/8OM4l
9NqUTtvruHL34CZZE0E0ok8EzkgnSx6VJhD/PD6rGB/CjqBTUjAETCHY4TByrOac
LYzC8LHeDfNyj0FVZbuLNEujUdRWRtuHifeErKTA0o/UVgdnBjHxtx9UWXAIW8Mw
a+7nmFQEbr+ZeQYdhRGAaCyopr/7d1HtbypFWosY0xECHDz7nydUHVOU5tYk51s1
9BaflBzVZoH1fYpL0Rv+PY/Bk+/dFaToW+cFvaOTuXcruQKPYQDpHdwYhNPGWStQ
jzeh6BwrE9j57XxP1VYEHQpE0DnBKtbvb/XH55dQGqISUrc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:42 2024 by rpki-client on console-fra.rpki-client.org