Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/BM6V7BKSvpbphJNUvW5v0cbLtJc.roa
File:                     BM6V7BKSvpbphJNUvW5v0cbLtJc.roa (raw, json)
Hash identifier:          +ha1BQHB324WO6XQIPlWno8LRvt/XaCSAXeC6Q7XeFo=
Subject key identifier:   04:CE:95:EC:12:92:BE:96:E9:84:93:54:BD:6E:6F:D1:C6:CB:B4:97
Certificate issuer:       /CN=87f41ae0779e37defc69b2a5b0f7ab8fd40cd3e7
Certificate serial:       01884877B4EAE8A20067B08C1E6AD0508C1B
Authority key identifier: 87:F4:1A:E0:77:9E:37:DE:FC:69:B2:A5:B0:F7:AB:8F:D4:0C:D3:E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h_Qa4HeeN978abKlsPerj9QM0-c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/BM6V7BKSvpbphJNUvW5v0cbLtJc.roa
Signing time:             Tue 23 May 2023 11:56:24 +0000
ROA not before:           Tue 23 May 2023 11:56:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206125
IP address blocks:        2a03:7c00:11::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:48:77:b4:ea:e8:a2:00:67:b0:8c:1e:6a:d0:50:8c:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87f41ae0779e37defc69b2a5b0f7ab8fd40cd3e7
        Validity
            Not Before: May 23 11:56:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=04ce95ec1292be96e9849354bd6e6fd1c6cbb497
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:a8:a3:bd:b0:2c:20:ec:62:9e:2e:57:ad:43:
                    ae:f6:cb:97:73:bd:87:2b:a6:32:a8:34:21:69:89:
                    be:7d:36:42:a4:ca:40:22:99:9b:89:78:69:d4:02:
                    13:02:20:80:b2:ac:d9:6e:79:5f:78:b0:58:43:fa:
                    5e:68:a4:d2:7f:87:ca:0c:59:5d:4f:15:45:14:25:
                    e5:cb:b0:a8:33:3d:b3:db:9e:7f:9f:bc:e5:79:ca:
                    0c:06:ce:f8:80:ce:d1:0e:e0:88:52:5c:f7:f6:b4:
                    b6:e1:d0:8c:93:c7:94:ff:8a:2b:f0:8c:44:39:1a:
                    24:a2:ce:d4:48:72:d1:2d:ef:26:97:b7:bc:3a:ea:
                    5b:8d:c2:da:92:ba:a1:ec:2b:a3:11:92:a5:d5:55:
                    68:52:08:22:fa:0b:61:9e:68:6f:08:0b:b7:eb:1b:
                    b6:77:c8:f4:c0:de:83:5c:9f:b6:e0:5d:5e:81:03:
                    0b:59:4c:cb:fb:4f:26:e3:ba:c4:82:b5:3e:dd:20:
                    64:7c:0c:7e:43:43:a7:36:2d:24:15:31:21:2e:bd:
                    db:e2:78:70:c7:c3:8d:7b:d3:ac:ca:93:ce:16:20:
                    05:ab:f5:05:8d:6f:8e:16:4f:74:6e:91:9f:24:bd:
                    73:91:1c:f0:45:f2:7d:c4:b1:84:e8:31:e7:64:07:
                    4e:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:CE:95:EC:12:92:BE:96:E9:84:93:54:BD:6E:6F:D1:C6:CB:B4:97
            X509v3 Authority Key Identifier:
                keyid:87:F4:1A:E0:77:9E:37:DE:FC:69:B2:A5:B0:F7:AB:8F:D4:0C:D3:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h_Qa4HeeN978abKlsPerj9QM0-c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/BM6V7BKSvpbphJNUvW5v0cbLtJc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/h_Qa4HeeN978abKlsPerj9QM0-c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a03:7c00:11::/48

    Signature Algorithm: sha256WithRSAEncryption
         78:00:3d:26:48:a0:bd:dd:5d:4c:e8:12:e1:89:79:8c:58:a3:
         f5:95:84:70:74:79:50:25:88:c6:0c:f4:c0:9b:cb:95:bd:dd:
         7e:45:3a:e1:f9:be:1c:97:90:a8:2e:72:c2:dc:00:b8:69:17:
         52:bf:b2:75:9c:4c:68:ac:86:b6:03:e1:4f:0a:ad:0f:85:51:
         f7:de:fc:6f:5e:0f:1d:b1:bf:b1:85:0a:15:1b:a8:d0:be:2a:
         3e:a7:69:56:3a:80:ba:d7:5f:a1:a5:9b:fe:bd:0b:be:07:c8:
         bc:c7:f3:9e:cd:b5:ca:7b:f0:44:18:78:af:1b:fe:1c:fe:fe:
         e0:8b:e1:82:4d:7d:a6:6a:f6:1c:33:2a:27:86:40:e7:3b:5d:
         91:84:44:58:84:62:32:26:72:eb:db:44:4b:bd:be:f5:68:66:
         54:21:cc:cd:6b:d8:82:f1:56:40:c1:96:d9:90:b5:76:21:fa:
         08:f0:a7:b4:46:b1:22:ef:0e:88:32:82:b8:cc:8a:d0:dc:b9:
         4a:80:05:bf:20:ec:56:fc:df:55:aa:fd:f7:fc:e7:0c:3a:69:
         3f:de:03:19:11:26:71:04:87:a0:8e:b2:65:c0:ee:35:84:58:
         e0:51:25:9b:71:78:c2:2b:ed:3d:24:4a:e2:7a:d8:9b:53:10:
         bb:14:6d:04
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYhId7Tq6KIAZ7CMHmrQUIwbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZjQxYWUwNzc5ZTM3ZGVmYzY5YjJhNWIwZjdhYjhmZDQw
Y2QzZTcwHhcNMjMwNTIzMTE1NjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGNlOTVlYzEyOTJiZTk2ZTk4NDkzNTRiZDZlNmZkMWM2Y2JiNDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaijvbAsIOxini5XrUOu9suXc72H
K6YyqDQhaYm+fTZCpMpAIpmbiXhp1AITAiCAsqzZbnlfeLBYQ/peaKTSf4fKDFld
TxVFFCXly7CoMz2z255/n7zlecoMBs74gM7RDuCIUlz39rS24dCMk8eU/4or8IxE
ORokos7USHLRLe8ml7e8OupbjcLakrqh7CujEZKl1VVoUggi+gthnmhvCAu36xu2
d8j0wN6DXJ+24F1egQMLWUzL+08m47rEgrU+3SBkfAx+Q0OnNi0kFTEhLr3b4nhw
x8ONe9OsypPOFiAFq/UFjW+OFk90bpGfJL1zkRzwRfJ9xLGE6DHnZAdOtwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFATOlewSkr6W6YSTVL1ub9HGy7SXMB8GA1UdIwQY
MBaAFIf0GuB3njfe/GmypbD3q4/UDNPnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaF9RYTRIZWVOOTc4YWJLbHNQZXJqOVFNMC1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xODVjYjUtNDc1Mi00M2I4LThlNDYt
YzQzYWIyYTEyZDU1LzEvQk02VjdCS1N2cGJwaEpOVXZXNXYwY2JMdEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xODVjYjUtNDc1Mi00M2I4LThlNDYtYzQzYWIyYTEyZDU1
LzEvaF9RYTRIZWVOOTc4YWJLbHNQZXJqOVFNMC1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgN8AAAR
MA0GCSqGSIb3DQEBCwUAA4IBAQB4AD0mSKC93V1M6BLhiXmMWKP1lYRwdHlQJYjG
DPTAm8uVvd1+RTrh+b4cl5CoLnLC3AC4aRdSv7J1nExorIa2A+FPCq0PhVH33vxv
Xg8dsb+xhQoVG6jQvio+p2lWOoC611+hpZv+vQu+B8i8x/OezbXKe/BEGHivG/4c
/v7gi+GCTX2mavYcMyonhkDnO12RhERYhGIyJnLr20RLvb71aGZUIczNa9iC8VZA
wZbZkLV2IfoI8Ke0RrEi7w6IMoK4zIrQ3LlKgAW/IOxW/N9Vqv33/OcMOmk/3gMZ
ESZxBIegjrJlwO41hFjgUSWbcXjCK+09JErietibUxC7FG0E
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:09 2024 by rpki-client on console-ams.rpki-client.org