Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/11oK8895sMAjcZuFyi0IpPmPJT0.roa
File:                     11oK8895sMAjcZuFyi0IpPmPJT0.roa (raw, json)
Hash identifier:          Kj46QYH8c19/P9BiDoTgSrMfBulR5tj0TCYvwGoPurU=
Subject key identifier:   D7:5A:0A:F3:CF:79:B0:C0:23:71:9B:85:CA:2D:08:A4:F9:8F:25:3D
Certificate issuer:       /CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Certificate serial:       0187FF85D043E4B712E89518EB8A0688E0C7
Authority key identifier: C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/11oK8895sMAjcZuFyi0IpPmPJT0.roa
Signing time:             Tue 09 May 2023 07:59:32 +0000
ROA not before:           Tue 09 May 2023 07:59:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     22773
IP address blocks:        2a10:5c80::/29 maxlen: 29
                          2a10:5a80::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:ff:85:d0:43:e4:b7:12:e8:95:18:eb:8a:06:88:e0:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2d21e804ab7713ad7877dde603aa7824b31983c
        Validity
            Not Before: May  9 07:59:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d75a0af3cf79b0c023719b85ca2d08a4f98f253d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:7d:01:f2:6d:09:ea:f3:74:bc:88:f0:e2:42:
                    13:c6:4e:c1:a5:2a:79:0a:58:8b:41:6e:ba:fe:7d:
                    21:cd:c9:78:27:58:cc:87:fd:13:fb:d6:fd:2b:84:
                    a1:91:33:af:f7:e4:59:13:29:bd:87:e8:df:c7:2b:
                    4c:2f:75:c0:7b:97:9f:b2:7e:e6:e1:37:67:57:ad:
                    ae:9b:a4:16:1e:f4:aa:94:07:12:55:82:1b:c6:49:
                    48:6b:f6:43:69:c4:1b:e2:94:21:22:17:e9:29:7c:
                    51:d3:1f:59:34:39:e6:81:3a:bc:65:7f:cc:cb:07:
                    19:d7:d6:ce:ff:8b:b8:bf:bb:37:e7:41:8b:68:79:
                    e7:6b:56:80:b9:d1:e8:e9:a2:18:45:0e:7c:a4:a6:
                    78:2f:ff:e4:7d:ab:20:01:d2:62:0d:74:b2:4d:f1:
                    35:43:92:83:d2:4c:52:23:d7:10:13:6f:88:f2:9d:
                    79:55:e9:8d:36:fa:01:80:37:f2:53:55:68:e1:b9:
                    8f:67:97:b5:4b:29:d0:46:2d:98:e2:f4:87:9d:d2:
                    a1:0f:e4:36:b5:cf:f7:51:d2:ab:e0:ce:05:f0:4d:
                    9e:86:f3:c8:dd:c4:03:ab:53:3b:4e:dc:11:5c:38:
                    d7:4b:17:f6:3d:17:b0:26:e8:c5:48:0e:5e:90:50:
                    36:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:5A:0A:F3:CF:79:B0:C0:23:71:9B:85:CA:2D:08:A4:F9:8F:25:3D
            X509v3 Authority Key Identifier:
                keyid:C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/11oK8895sMAjcZuFyi0IpPmPJT0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:5a80::/29
                  2a10:5c80::/29

    Signature Algorithm: sha256WithRSAEncryption
         29:af:f1:e7:0e:32:f6:9a:cc:a5:2d:73:85:8f:f9:e9:f0:fc:
         98:8d:a3:ab:29:a6:3e:f3:91:1f:80:fd:19:99:48:79:16:33:
         10:ba:3b:01:33:ca:28:d0:a9:f3:02:a4:f0:e0:e3:90:88:c5:
         fb:7f:92:de:48:fd:57:d8:63:bd:dd:5c:33:29:46:11:16:a8:
         9b:ad:9d:ce:f0:ab:02:9b:40:ea:79:60:3f:60:f8:a3:97:a3:
         c0:7f:48:b6:7e:50:8f:51:99:66:b7:d2:f3:41:3a:c4:ff:5b:
         8a:e1:e9:79:ed:91:fa:bc:95:d8:7d:f9:4c:be:23:ae:ef:94:
         fe:30:3e:a4:b5:8e:e0:f9:5d:1d:a1:17:1a:7d:56:7b:12:19:
         fb:ad:99:51:ee:01:8c:31:43:3b:0c:4a:3a:64:6c:7d:61:6b:
         4a:d3:01:27:68:45:c6:72:b6:00:f9:1e:0d:34:85:e1:b5:bc:
         41:00:dd:62:33:32:a6:98:57:2b:f3:34:f3:e2:38:b4:a3:a0:
         42:6b:63:e1:34:32:4b:c7:7e:34:0c:dc:ff:f3:5d:ed:2f:43:
         33:2b:de:d7:70:e2:07:a4:5f:3b:f1:a5:ce:6d:37:d7:85:3d:
         4c:ec:24:ef:8a:c2:76:fe:fa:cd:ec:16:2b:c2:d2:49:a0:37:
         50:fe:1e:ec
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYf/hdBD5LcS6JUY64oGiODHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDIxZTgwNGFiNzcxM2FkNzg3N2RkZTYwM2FhNzgyNGIz
MTk4M2MwHhcNMjMwNTA5MDc1OTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzVhMGFmM2NmNzliMGMwMjM3MTliODVjYTJkMDhhNGY5OGYyNTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjn0B8m0J6vN0vIjw4kITxk7BpSp5
CliLQW66/n0hzcl4J1jMh/0T+9b9K4ShkTOv9+RZEym9h+jfxytML3XAe5efsn7m
4TdnV62um6QWHvSqlAcSVYIbxklIa/ZDacQb4pQhIhfpKXxR0x9ZNDnmgTq8ZX/M
ywcZ19bO/4u4v7s350GLaHnna1aAudHo6aIYRQ58pKZ4L//kfasgAdJiDXSyTfE1
Q5KD0kxSI9cQE2+I8p15VemNNvoBgDfyU1Vo4bmPZ5e1SynQRi2Y4vSHndKhD+Q2
tc/3UdKr4M4F8E2ehvPI3cQDq1M7TtwRXDjXSxf2PRewJujFSA5ekFA2kQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNdaCvPPebDAI3GbhcotCKT5jyU9MB8GA1UdIwQY
MBaAFMLSHoBKt3E614d93mA6p4JLMZg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYt
NTlhZTA5ZWRiZWI5LzEvMTFvSzg4OTVzTUFqY1p1RnlpMElwUG1QSlQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYtNTlhZTA5ZWRiZWI5
LzEvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhBagAMF
AyoQXIAwDQYJKoZIhvcNAQELBQADggEBACmv8ecOMvaazKUtc4WP+enw/JiNo6sp
pj7zkR+A/RmZSHkWMxC6OwEzyijQqfMCpPDg45CIxft/kt5I/VfYY73dXDMpRhEW
qJutnc7wqwKbQOp5YD9g+KOXo8B/SLZ+UI9RmWa30vNBOsT/W4rh6Xntkfq8ldh9
+Uy+I67vlP4wPqS1juD5XR2hFxp9VnsSGfutmVHuAYwxQzsMSjpkbH1ha0rTASdo
RcZytgD5Hg00heG1vEEA3WIzMqaYVyvzNPPiOLSjoEJrY+E0MkvHfjQM3P/zXe0v
QzMr3tdw4gekXzvxpc5tN9eFPUzsJO+Kwnb++s3sFivC0kmgN1D+Huw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:14 2024 by rpki-client on console-ams.rpki-client.org