Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/013c99-7d7a-482b-bb51-eb4e13be506a/1/_9WMqYIr3XG-UNCGcdW7cI12J2A.roa
File:                     _9WMqYIr3XG-UNCGcdW7cI12J2A.roa (raw, json)
Hash identifier:          XtYTA0IYiGcaU+VrjIrH4rmIycjda0nbs8u39bDfWFY=
Subject key identifier:   FF:D5:8C:A9:82:2B:DD:71:BE:50:D0:86:71:D5:BB:70:8D:76:27:60
Certificate issuer:       /CN=9416d8e02b5a1a75859f64a05c5a8d77c84c50f1
Certificate serial:       01856FD52B1AA749225655E10B19AE1A9E73
Authority key identifier: 94:16:D8:E0:2B:5A:1A:75:85:9F:64:A0:5C:5A:8D:77:C8:4C:50:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lBbY4CtaGnWFn2SgXFqNd8hMUPE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/013c99-7d7a-482b-bb51-eb4e13be506a/1/_9WMqYIr3XG-UNCGcdW7cI12J2A.roa
Signing time:             Mon 02 Jan 2023 00:15:19 +0000
ROA not before:           Mon 02 Jan 2023 00:15:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        2a10:6640:1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:d5:2b:1a:a7:49:22:56:55:e1:0b:19:ae:1a:9e:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9416d8e02b5a1a75859f64a05c5a8d77c84c50f1
        Validity
            Not Before: Jan  2 00:15:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ffd58ca9822bdd71be50d08671d5bb708d762760
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:05:26:4e:06:84:5b:7f:6d:5c:9c:9d:97:7a:
                    3d:bb:33:b7:11:9d:de:02:06:e7:5a:ee:83:e3:2d:
                    d2:1e:47:1f:2f:7b:11:b5:af:82:02:9d:47:1f:47:
                    fd:65:56:01:a8:f2:a1:5c:a5:52:75:af:e9:60:96:
                    45:35:a0:e3:20:e3:fb:e0:c4:08:72:82:02:3d:84:
                    6f:f9:cd:21:fa:c7:34:11:b2:f6:b9:50:49:55:fa:
                    7c:d7:4b:37:ac:99:e6:66:0f:60:78:d5:be:7b:14:
                    90:4d:e6:e3:73:9c:79:80:45:b7:1c:a7:e9:cc:61:
                    e8:10:ec:68:da:77:44:98:77:44:9f:e0:ca:7c:c7:
                    fb:4e:3f:62:fe:88:f6:e4:71:bd:62:ba:4e:46:69:
                    d8:10:36:cd:5c:48:e2:51:b8:9b:9c:29:d2:da:24:
                    76:66:93:93:00:a5:26:dc:c5:16:a0:3c:d5:51:03:
                    e1:49:53:39:02:63:e9:93:74:fd:57:81:0b:53:8c:
                    85:e0:83:88:a5:d3:82:1f:19:c3:50:57:ce:3e:d8:
                    2d:41:94:0c:be:70:99:de:94:b7:c6:4e:0b:2f:26:
                    30:ed:76:06:32:06:ad:fb:a9:47:dc:29:04:02:76:
                    30:80:60:f1:86:54:c4:05:98:95:89:c0:52:3a:d6:
                    03:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:D5:8C:A9:82:2B:DD:71:BE:50:D0:86:71:D5:BB:70:8D:76:27:60
            X509v3 Authority Key Identifier:
                keyid:94:16:D8:E0:2B:5A:1A:75:85:9F:64:A0:5C:5A:8D:77:C8:4C:50:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBbY4CtaGnWFn2SgXFqNd8hMUPE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/013c99-7d7a-482b-bb51-eb4e13be506a/1/_9WMqYIr3XG-UNCGcdW7cI12J2A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/013c99-7d7a-482b-bb51-eb4e13be506a/1/lBbY4CtaGnWFn2SgXFqNd8hMUPE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:6640:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         5e:28:f0:95:bd:0c:20:eb:20:6c:ca:f3:1a:75:1f:dc:e5:88:
         87:0d:88:a1:b6:9c:6b:7e:6c:f1:a9:7d:dd:a0:be:68:56:d4:
         f1:80:96:41:24:31:e9:a2:cf:36:10:aa:94:9e:48:fc:42:69:
         b0:7e:d9:d0:29:45:a8:a6:50:75:df:ab:2f:f9:fc:dd:3c:7b:
         1c:07:f2:c5:57:39:26:74:53:b5:a7:3b:1f:47:21:fa:06:30:
         15:15:0e:ff:ec:20:2d:e1:2d:c6:fd:50:e5:ff:40:45:79:a6:
         91:6f:77:b1:64:c9:ab:e9:ef:b9:39:98:9f:1a:dd:3f:fa:48:
         99:39:be:52:9d:32:81:9d:1c:e7:8b:b1:28:4b:3d:5a:c2:d6:
         50:16:8c:af:e0:15:10:7b:a1:73:f8:e8:2f:c8:9b:66:b2:73:
         83:cc:f0:53:cc:61:c7:3e:f9:e3:38:9c:59:8a:7d:2c:40:e2:
         a1:e3:30:e8:44:da:ce:ad:29:9a:7d:05:fa:d3:85:49:f8:96:
         34:d0:eb:55:de:e2:2b:c9:06:9d:96:ab:44:11:43:9d:19:bb:
         1a:8b:4f:14:1d:aa:65:ae:32:47:d8:cd:f1:1d:16:aa:6a:1d:
         fa:72:19:ec:85:97:c5:a7:4a:5a:a3:6e:b1:3e:93:c9:b4:43:
         41:a2:af:bd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVv1Ssap0kiVlXhCxmuGp5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTZkOGUwMmI1YTFhNzU4NTlmNjRhMDVjNWE4ZDc3Yzg0
YzUwZjEwHhcNMjMwMTAyMDAxNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmQ1OGNhOTgyMmJkZDcxYmU1MGQwODY3MWQ1YmI3MDhkNzYyNzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswUmTgaEW39tXJydl3o9uzO3EZ3e
AgbnWu6D4y3SHkcfL3sRta+CAp1HH0f9ZVYBqPKhXKVSda/pYJZFNaDjIOP74MQI
coICPYRv+c0h+sc0EbL2uVBJVfp810s3rJnmZg9geNW+exSQTebjc5x5gEW3HKfp
zGHoEOxo2ndEmHdEn+DKfMf7Tj9i/oj25HG9YrpORmnYEDbNXEjiUbibnCnS2iR2
ZpOTAKUm3MUWoDzVUQPhSVM5AmPpk3T9V4ELU4yF4IOIpdOCHxnDUFfOPtgtQZQM
vnCZ3pS3xk4LLyYw7XYGMgat+6lH3CkEAnYwgGDxhlTEBZiVicBSOtYDOQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP/VjKmCK91xvlDQhnHVu3CNdidgMB8GA1UdIwQY
MBaAFJQW2OArWhp1hZ9koFxajXfITFDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJiWTRDdGFHbldGbjJTZ1hGcU5kOGhNVVBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wMTNjOTktN2Q3YS00ODJiLWJiNTEt
ZWI0ZTEzYmU1MDZhLzEvXzlXTXFZSXIzWEctVU5DR2NkVzdjSTEySjJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wMTNjOTktN2Q3YS00ODJiLWJiNTEtZWI0ZTEzYmU1MDZh
LzEvbEJiWTRDdGFHbldGbjJTZ1hGcU5kOGhNVVBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhBmQAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQBeKPCVvQwg6yBsyvMadR/c5YiHDYihtpxrfmzx
qX3doL5oVtTxgJZBJDHpos82EKqUnkj8QmmwftnQKUWoplB136sv+fzdPHscB/LF
VzkmdFO1pzsfRyH6BjAVFQ7/7CAt4S3G/VDl/0BFeaaRb3exZMmr6e+5OZifGt0/
+kiZOb5SnTKBnRzni7EoSz1awtZQFoyv4BUQe6Fz+OgvyJtmsnODzPBTzGHHPvnj
OJxZin0sQOKh4zDoRNrOrSmafQX604VJ+JY00OtV3uIryQadlqtEEUOdGbsai08U
HaplrjJH2M3xHRaqah36chnshZfFp0pao26xPpPJtENBoq+9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:38 2024 by rpki-client on console-fra.rpki-client.org