Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/28dd30-ec08-4dc8-a1d1-5d3a86494775/1/4L10HJ0_aPJ3JmyBv6ckJwcH190.roa
File:                     4L10HJ0_aPJ3JmyBv6ckJwcH190.roa (raw, json)
Hash identifier:          8qIU+Y+MAdE8XmYwOI4dHyHT/i2gEVj4N5xg/Qu+JC4=
Subject key identifier:   E0:BD:74:1C:9D:3F:68:F2:77:26:6C:81:BF:A7:24:27:07:07:D7:DD
Certificate issuer:       /CN=70c9d06c51add6829063f1b67b175d0c0001e736
Certificate serial:       018B6820680B9DBFFDB7E23A9545A3F7B943
Authority key identifier: 70:C9:D0:6C:51:AD:D6:82:90:63:F1:B6:7B:17:5D:0C:00:01:E7:36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cMnQbFGt1oKQY_G2exddDAAB5zY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/28dd30-ec08-4dc8-a1d1-5d3a86494775/1/4L10HJ0_aPJ3JmyBv6ckJwcH190.roa
Signing time:             Wed 25 Oct 2023 18:37:16 +0000
ROA not before:           Wed 25 Oct 2023 18:37:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16097
IP address blocks:        2a0b:2400::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:68:20:68:0b:9d:bf:fd:b7:e2:3a:95:45:a3:f7:b9:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70c9d06c51add6829063f1b67b175d0c0001e736
        Validity
            Not Before: Oct 25 18:37:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e0bd741c9d3f68f277266c81bfa724270707d7dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:ee:78:35:0b:dc:6d:34:f6:2e:21:18:b1:ed:
                    8e:36:a5:5e:77:f3:fb:4a:dc:fd:55:31:aa:f6:df:
                    e6:08:a4:56:8c:61:cd:2e:a6:31:c8:f3:1c:3b:70:
                    d8:97:52:82:73:08:5b:cc:4f:a0:35:6d:0f:20:36:
                    e1:8b:77:13:f1:e3:81:d8:e1:fb:60:1b:c1:aa:a7:
                    2b:a3:8c:86:b2:a5:e5:14:54:e2:dc:1d:3e:61:d2:
                    5e:15:2d:ed:ca:e2:83:b1:80:b9:cb:c1:1a:77:16:
                    ac:17:da:2d:0a:71:2c:10:9e:f9:2f:8c:88:49:49:
                    25:a6:4b:6d:70:0d:7d:aa:d2:fa:6a:01:d6:ce:8b:
                    06:10:c9:56:c0:f6:c8:56:5f:fe:ba:92:50:b8:8d:
                    30:6c:30:7c:13:d0:2c:7f:c0:ae:2b:7e:0f:79:c6:
                    5c:96:a4:45:2e:be:c3:56:43:a8:68:1b:2c:fa:c2:
                    0f:cf:32:a8:b5:59:57:32:61:86:aa:cc:9b:f1:4c:
                    0c:24:5c:d4:67:93:f5:4e:ca:ab:4d:e0:05:f9:4b:
                    79:ad:12:cd:9d:67:ab:c0:cf:dd:45:9a:c6:6e:dc:
                    74:08:d0:27:ed:09:9c:f4:c9:11:15:89:b4:09:8e:
                    c3:9e:fd:5e:77:28:36:60:72:1a:bb:49:68:8c:1b:
                    45:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:BD:74:1C:9D:3F:68:F2:77:26:6C:81:BF:A7:24:27:07:07:D7:DD
            X509v3 Authority Key Identifier:
                keyid:70:C9:D0:6C:51:AD:D6:82:90:63:F1:B6:7B:17:5D:0C:00:01:E7:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMnQbFGt1oKQY_G2exddDAAB5zY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/28dd30-ec08-4dc8-a1d1-5d3a86494775/1/4L10HJ0_aPJ3JmyBv6ckJwcH190.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/28dd30-ec08-4dc8-a1d1-5d3a86494775/1/cMnQbFGt1oKQY_G2exddDAAB5zY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:2400::/32

    Signature Algorithm: sha256WithRSAEncryption
         53:c8:64:bf:ac:87:83:0d:67:81:85:96:38:83:7a:98:74:8e:
         3a:66:89:a9:1c:0c:e2:79:9d:29:2e:ea:90:e7:9d:10:6b:ce:
         61:8c:22:51:77:b6:18:55:11:19:de:73:8c:cc:65:ea:51:03:
         0e:7f:d1:04:03:65:d9:4f:28:d8:60:f1:91:b5:77:e9:1c:95:
         17:9f:56:21:57:a5:60:bd:3b:49:51:cd:13:0a:a1:bc:f2:d1:
         48:2c:f0:37:d6:71:bc:bb:e3:d0:64:2c:42:73:8e:29:93:95:
         86:08:b7:f2:47:35:d8:c7:a8:ed:23:c7:c4:71:e9:35:e9:e2:
         cc:4d:f3:20:29:d2:a6:04:eb:8d:79:5c:f7:b7:de:85:d5:cc:
         af:48:2c:01:5c:9e:c5:77:81:47:30:f2:59:db:f4:f1:8a:92:
         55:86:11:a3:27:ac:22:d2:bf:1b:f8:8a:fe:fb:43:74:61:d1:
         fa:a4:f0:b2:9b:8e:1e:31:a6:46:65:ae:a4:3e:76:21:2d:2b:
         e7:05:b2:0f:08:f6:e8:b3:36:08:02:91:9d:94:9b:ad:b7:9f:
         45:25:bd:9a:c5:c4:42:36:6d:32:1e:17:ed:20:a5:77:ad:9e:
         a2:9d:c1:be:5d:c0:1f:00:98:2a:e5:ed:1a:14:e1:01:61:5c:
         40:55:c3:51
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYtoIGgLnb/9t+I6lUWj97lDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYzlkMDZjNTFhZGQ2ODI5MDYzZjFiNjdiMTc1ZDBjMDAw
MWU3MzYwHhcNMjMxMDI1MTgzNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGJkNzQxYzlkM2Y2OGYyNzcyNjZjODFiZmE3MjQyNzA3MDdkN2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlu54NQvcbTT2LiEYse2ONqVed/P7
Stz9VTGq9t/mCKRWjGHNLqYxyPMcO3DYl1KCcwhbzE+gNW0PIDbhi3cT8eOB2OH7
YBvBqqcro4yGsqXlFFTi3B0+YdJeFS3tyuKDsYC5y8EadxasF9otCnEsEJ75L4yI
SUklpkttcA19qtL6agHWzosGEMlWwPbIVl/+upJQuI0wbDB8E9Asf8CuK34PecZc
lqRFLr7DVkOoaBss+sIPzzKotVlXMmGGqsyb8UwMJFzUZ5P1TsqrTeAF+Ut5rRLN
nWerwM/dRZrGbtx0CNAn7Qmc9MkRFYm0CY7Dnv1edyg2YHIau0lojBtFyQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOC9dBydP2jydyZsgb+nJCcHB9fdMB8GA1UdIwQY
MBaAFHDJ0GxRrdaCkGPxtnsXXQwAAec2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY01uUWJGR3Qxb0tRWV9HMmV4ZGREQUFCNXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi8yOGRkMzAtZWMwOC00ZGM4LWExZDEt
NWQzYTg2NDk0Nzc1LzEvNEwxMEhKMF9hUEozSm15QnY2Y2tKd2NIMTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi8yOGRkMzAtZWMwOC00ZGM4LWExZDEtNWQzYTg2NDk0Nzc1
LzEvY01uUWJGR3Qxb0tRWV9HMmV4ZGREQUFCNXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgskADAN
BgkqhkiG9w0BAQsFAAOCAQEAU8hkv6yHgw1ngYWWOIN6mHSOOmaJqRwM4nmdKS7q
kOedEGvOYYwiUXe2GFURGd5zjMxl6lEDDn/RBANl2U8o2GDxkbV36RyVF59WIVel
YL07SVHNEwqhvPLRSCzwN9ZxvLvj0GQsQnOOKZOVhgi38kc12Meo7SPHxHHpNeni
zE3zICnSpgTrjXlc97fehdXMr0gsAVyexXeBRzDyWdv08YqSVYYRoyesItK/G/iK
/vtDdGHR+qTwspuOHjGmRmWupD52IS0r5wWyDwj26LM2CAKRnZSbrbefRSW9msXE
QjZtMh4X7SCld62eop3Bvl3AHwCYKuXtGhThAWFcQFXDUQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:40 2024 by rpki-client on console-fra.rpki-client.org