Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/9V7A3D0OIYLpHdWIU4UO_oVpbho.roa
File:                     9V7A3D0OIYLpHdWIU4UO_oVpbho.roa (raw, json)
Hash identifier:          wv5jliq5gz7DLQ+ay7pb2vTJZV/cyDxqwr48Pp9PNOA=
Subject key identifier:   F5:5E:C0:DC:3D:0E:21:82:E9:1D:D5:88:53:85:0E:FE:85:69:6E:1A
Certificate issuer:       /CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Certificate serial:       018CB67C72CC69842E5A9A10D291C0752245
Authority key identifier: FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/9V7A3D0OIYLpHdWIU4UO_oVpbho.roa
Signing time:             Fri 29 Dec 2023 16:50:58 +0000
ROA not before:           Fri 29 Dec 2023 16:50:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47152
IP address blocks:        2a10:ba87:fef0::/44 maxlen: 44

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:b6:7c:72:cc:69:84:2e:5a:9a:10:d2:91:c0:75:22:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
        Validity
            Not Before: Dec 29 16:50:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f55ec0dc3d0e2182e91dd58853850efe85696e1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ea:ae:75:63:2e:b4:88:3d:b0:e9:10:86:08:
                    20:9d:ce:6e:56:66:9b:0a:80:de:b3:62:2b:1c:47:
                    19:d1:15:1a:2a:b7:0e:cd:0a:59:f9:b1:ee:2b:d5:
                    c0:65:06:d5:c0:ec:c3:f0:c9:4c:ca:67:4a:d7:e7:
                    a0:bd:d0:9a:70:14:9f:8f:b8:36:12:3e:4b:60:77:
                    5a:7f:2d:b7:62:8a:31:6a:49:71:25:b7:d3:d4:85:
                    a3:99:3b:27:43:6a:45:d7:d5:5b:e6:7e:ea:9c:77:
                    5f:52:2f:1a:25:91:ed:12:da:4b:e8:60:30:52:fe:
                    dd:2b:dc:66:ba:ec:12:50:8b:11:7b:5e:05:30:79:
                    cf:71:d7:ca:6a:bf:92:de:0f:dd:f2:7f:8a:ab:8b:
                    8e:31:99:65:01:33:49:3d:56:29:0c:b0:8b:60:9e:
                    02:65:27:05:60:59:5a:8b:00:e6:bc:8a:ba:64:86:
                    cb:f5:bc:ca:60:78:c7:84:af:6c:0f:07:0d:8b:b5:
                    10:82:f7:9b:32:9a:f1:42:4b:ac:b3:02:67:d8:e7:
                    e9:f3:9c:54:56:fa:2b:0e:6f:cb:4a:77:8a:a1:00:
                    72:c5:ba:30:87:b1:94:c5:4b:4a:6b:24:f4:61:c9:
                    c0:9c:87:3c:3c:e4:79:0b:86:b1:11:ec:ee:47:16:
                    95:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:5E:C0:DC:3D:0E:21:82:E9:1D:D5:88:53:85:0E:FE:85:69:6E:1A
            X509v3 Authority Key Identifier:
                keyid:FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/9V7A3D0OIYLpHdWIU4UO_oVpbho.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:ba87:fef0::/44

    Signature Algorithm: sha256WithRSAEncryption
         99:2a:32:70:a9:b0:1a:5e:65:9d:fd:d2:25:fe:4f:ef:b4:30:
         a0:84:b7:55:f8:3d:68:09:84:e6:2d:a3:4a:e3:97:f5:86:1a:
         41:11:60:64:68:06:12:85:cc:21:b7:b5:a5:c7:15:0b:19:ca:
         72:78:62:da:47:e1:41:4f:15:1c:bd:51:6b:7a:56:da:88:4e:
         7f:9d:f2:21:c6:ba:d2:7d:36:7c:16:d2:e8:23:cf:af:1b:7a:
         91:24:a1:e2:b7:14:f1:1f:00:74:58:b8:e7:6f:a7:d7:3e:08:
         fc:7f:96:61:f6:14:17:ab:58:db:f6:49:fa:89:2d:76:e5:ad:
         b6:fc:16:29:aa:83:c2:8b:2e:e9:6a:62:3f:f7:7f:5e:42:63:
         b2:92:a6:e4:7f:bf:7b:3b:48:fd:6c:2d:76:99:e3:20:f4:cf:
         af:46:75:ad:39:74:16:81:f7:fb:6e:af:8c:1b:b0:17:10:f5:
         fd:11:1d:f2:c6:17:b1:ae:3f:45:94:a0:f5:ec:b7:3b:6e:0d:
         82:d2:5e:ad:35:76:4b:c4:80:ca:ba:3e:aa:60:cb:81:02:2b:
         bc:d7:73:fa:bc:ba:1e:2d:5b:89:47:c2:a0:2e:cc:02:77:59:
         73:d9:2c:59:98:6d:42:1e:e0:1d:ee:75:31:69:14:3c:04:8b:
         46:0d:17:70
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYy2fHLMaYQuWpoQ0pHAdSJFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMjFjYjRiYWExNTg2MmQxYjU3NzNiZjJiZTYwY2E1ZjRm
YzI0ZDQwHhcNMjMxMjI5MTY1MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTVlYzBkYzNkMGUyMTgyZTkxZGQ1ODg1Mzg1MGVmZTg1Njk2ZTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+qudWMutIg9sOkQhgggnc5uVmab
CoDes2IrHEcZ0RUaKrcOzQpZ+bHuK9XAZQbVwOzD8MlMymdK1+egvdCacBSfj7g2
Ej5LYHdafy23YooxaklxJbfT1IWjmTsnQ2pF19Vb5n7qnHdfUi8aJZHtEtpL6GAw
Uv7dK9xmuuwSUIsRe14FMHnPcdfKar+S3g/d8n+Kq4uOMZllATNJPVYpDLCLYJ4C
ZScFYFlaiwDmvIq6ZIbL9bzKYHjHhK9sDwcNi7UQgvebMprxQkusswJn2Ofp85xU
VvorDm/LSneKoQByxbowh7GUxUtKayT0YcnAnIc8POR5C4axEezuRxaVrwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPVewNw9DiGC6R3ViFOFDv6FaW4aMB8GA1UdIwQY
MBaAFP0hy0uqFYYtG1dzvyvmDKX0/CTUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUt
YmU1NTIwYTVjODIxLzEvOVY3QTNEME9JWUxwSGRXSVU0VU9fb1ZwYmhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUtYmU1NTIwYTVjODIx
LzEvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhC6h/7w
MA0GCSqGSIb3DQEBCwUAA4IBAQCZKjJwqbAaXmWd/dIl/k/vtDCghLdV+D1oCYTm
LaNK45f1hhpBEWBkaAYShcwht7WlxxULGcpyeGLaR+FBTxUcvVFrelbaiE5/nfIh
xrrSfTZ8FtLoI8+vG3qRJKHitxTxHwB0WLjnb6fXPgj8f5Zh9hQXq1jb9kn6iS12
5a22/BYpqoPCiy7pamI/939eQmOykqbkf797O0j9bC12meMg9M+vRnWtOXQWgff7
bq+MG7AXEPX9ER3yxhexrj9FlKD17Lc7bg2C0l6tNXZLxIDKuj6qYMuBAiu813P6
vLoeLVuJR8KgLswCd1lz2SxZmG1CHuAd7nUxaRQ8BItGDRdw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:51 2024 by rpki-client on console-ams.rpki-client.org