Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/tLnuS1eP7AoAXj7Bd3oZ4C7bvpE.roa
File:                     tLnuS1eP7AoAXj7Bd3oZ4C7bvpE.roa (raw, json)
Hash identifier:          AcyLQnvmeYe7qPZF8xSQDVfxu3tjlDXQx/jwZN2QZNo=
Subject key identifier:   B4:B9:EE:4B:57:8F:EC:0A:00:5E:3E:C1:77:7A:19:E0:2E:DB:BE:91
Certificate issuer:       /CN=96b377644e414101db6dead0eb5821063f588e8c
Certificate serial:       018D41A77B78E777A172E4E6BC0D1FCABAAE
Authority key identifier: 96:B3:77:64:4E:41:41:01:DB:6D:EA:D0:EB:58:21:06:3F:58:8E:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lrN3ZE5BQQHbberQ61ghBj9Yjow.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/tLnuS1eP7AoAXj7Bd3oZ4C7bvpE.roa
Signing time:             Thu 25 Jan 2024 17:25:11 +0000
ROA not before:           Thu 25 Jan 2024 17:25:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48152
IP address blocks:        2a10:3201::/32 maxlen: 48
                          2a10:3202::/32 maxlen: 48
                          2a10:3203::/32 maxlen: 48
                          2a10:3204::/32 maxlen: 48
                          2a10:3205::/32 maxlen: 48
                          2a10:3206::/32 maxlen: 48
                          2a10:3207::/32 maxlen: 48

Validation:               Failed, certificate revoked on Fri 31 May 2024 11:20:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:41:a7:7b:78:e7:77:a1:72:e4:e6:bc:0d:1f:ca:ba:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96b377644e414101db6dead0eb5821063f588e8c
        Validity
            Not Before: Jan 25 17:25:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b4b9ee4b578fec0a005e3ec1777a19e02edbbe91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:73:07:25:c0:66:67:8a:57:a0:4e:fd:04:4b:
                    e9:56:b1:5a:f3:e7:a2:2d:bb:fd:cf:40:5f:a3:98:
                    bf:33:b0:9c:9a:05:4d:96:fc:0a:30:6a:9c:7f:64:
                    91:e1:aa:a0:b5:5c:b6:35:ba:56:d6:77:18:f9:5b:
                    da:38:c4:9b:62:99:78:7c:7e:36:1c:fa:58:b9:bf:
                    81:aa:34:bc:01:54:31:81:86:7d:b2:cc:48:b1:6a:
                    7f:19:1f:2d:da:82:93:2d:e8:db:6f:7c:42:55:23:
                    20:59:6e:81:30:7e:69:97:43:e3:2c:c7:50:23:e9:
                    1a:bc:ca:c2:38:13:2a:26:07:34:b2:bc:ee:14:97:
                    91:ff:6d:50:7f:8d:5e:bd:e5:35:e6:f2:ad:06:a0:
                    47:7a:f2:e0:eb:73:97:d3:9b:28:b7:db:6f:94:8b:
                    af:06:58:ca:df:80:dc:48:29:b3:2e:a8:30:c1:e1:
                    7c:42:c7:46:89:38:5b:ce:57:6f:a8:40:cb:7a:bf:
                    31:20:ac:55:90:87:c3:aa:04:84:b6:db:dd:f4:58:
                    86:85:e9:4a:8f:c3:b0:a4:73:ba:67:8a:66:80:bc:
                    9b:f0:dc:8f:12:1e:06:d9:0f:1c:7a:ce:1b:1a:11:
                    cc:c1:79:9e:91:37:36:de:7c:e7:5c:38:72:2b:cb:
                    e1:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:B9:EE:4B:57:8F:EC:0A:00:5E:3E:C1:77:7A:19:E0:2E:DB:BE:91
            X509v3 Authority Key Identifier:
                keyid:96:B3:77:64:4E:41:41:01:DB:6D:EA:D0:EB:58:21:06:3F:58:8E:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lrN3ZE5BQQHbberQ61ghBj9Yjow.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/tLnuS1eP7AoAXj7Bd3oZ4C7bvpE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/lrN3ZE5BQQHbberQ61ghBj9Yjow.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:3201::-2a10:3207:ffff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         17:96:60:a2:a9:1f:52:4f:68:82:c6:72:41:d7:d6:d7:90:08:
         e7:3c:4b:74:3b:d2:e9:49:33:95:b6:13:26:e1:20:de:48:e1:
         72:7d:78:92:ae:74:b6:2d:a0:13:64:1c:6a:23:fc:0e:b0:40:
         83:42:c9:e9:15:da:8d:5a:98:39:ce:e7:4d:85:00:b8:fa:07:
         32:37:0b:a0:e5:7d:93:7b:ac:6c:47:04:08:8f:a6:69:ec:13:
         a4:6e:a8:ca:3b:4b:19:d1:9b:41:26:53:c2:2c:f2:58:a1:77:
         88:a9:87:66:4f:10:ce:e1:1a:c2:20:c9:22:ca:d5:bb:19:f5:
         ff:d8:10:e5:06:e1:bf:58:79:83:cc:91:01:9c:65:53:2a:58:
         78:a8:8d:cd:c3:b1:20:a2:e0:2f:db:1a:55:01:f7:2e:bc:90:
         67:10:b1:82:84:80:aa:21:51:c5:df:07:d0:8d:46:ee:4c:d3:
         d6:57:d8:24:e0:89:e0:05:c7:ef:5c:85:f2:7f:dc:7a:2c:46:
         c4:3c:be:13:38:55:55:e1:b3:11:a5:64:23:92:81:fd:f3:79:
         c0:a8:4a:e6:a1:a3:b3:e8:46:59:96:e2:df:ae:7c:60:30:44:
         8d:60:31:6e:c1:91:81:2a:fd:b5:71:83:77:41:c4:c6:7e:14:
         f1:9c:56:3d
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAY1Bp3t453ehcuTmvA0fyrquMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YjM3NzY0NGU0MTQxMDFkYjZkZWFkMGViNTgyMTA2M2Y1
ODhlOGMwHhcNMjQwMTI1MTcyNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGI5ZWU0YjU3OGZlYzBhMDA1ZTNlYzE3NzdhMTllMDJlZGJiZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13MHJcBmZ4pXoE79BEvpVrFa8+ei
Lbv9z0Bfo5i/M7CcmgVNlvwKMGqcf2SR4aqgtVy2NbpW1ncY+VvaOMSbYpl4fH42
HPpYub+BqjS8AVQxgYZ9ssxIsWp/GR8t2oKTLejbb3xCVSMgWW6BMH5pl0PjLMdQ
I+kavMrCOBMqJgc0srzuFJeR/21Qf41eveU15vKtBqBHevLg63OX05sot9tvlIuv
BljK34DcSCmzLqgwweF8QsdGiThbzldvqEDLer8xIKxVkIfDqgSEttvd9FiGhelK
j8OwpHO6Z4pmgLyb8NyPEh4G2Q8ces4bGhHMwXmekTc23nznXDhyK8vhMwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFLS57ktXj+wKAF4+wXd6GeAu276RMB8GA1UdIwQY
MBaAFJazd2ROQUEB223q0OtYIQY/WI6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJOM1pFNUJRUUhiYmVyUTYxZ2hCajlZam93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84OWU0ZTItYjhhYi00ODE0LTkzYzEt
MjhlNmM1YmEyZWFlLzEvdExudVMxZVA3QW9BWGo3QmQzb1o0QzdidnBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84OWU0ZTItYjhhYi00ODE0LTkzYzEtMjhlNmM1YmEyZWFl
LzEvbHJOM1pFNUJRUUhiYmVyUTYxZ2hCajlZam93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqEDIB
AwUDKhAyADANBgkqhkiG9w0BAQsFAAOCAQEAF5ZgoqkfUk9ogsZyQdfW15AI5zxL
dDvS6UkzlbYTJuEg3kjhcn14kq50ti2gE2QcaiP8DrBAg0LJ6RXajVqYOc7nTYUA
uPoHMjcLoOV9k3usbEcECI+maewTpG6oyjtLGdGbQSZTwizyWKF3iKmHZk8QzuEa
wiDJIsrVuxn1/9gQ5Qbhv1h5g8yRAZxlUypYeKiNzcOxIKLgL9saVQH3LryQZxCx
goSAqiFRxd8H0I1G7kzT1lfYJOCJ4AXH71yF8n/ceixGxDy+EzhVVeGzEaVkI5KB
/fN5wKhK5qGjs+hGWZbi3658YDBEjWAxbsGRgSr9tXGDd0HExn4U8ZxWPQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:34 2024 by rpki-client on console-fra.rpki-client.org