Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/8PqWFZm1N3PXsei9Y8EX7CHCbU0.roa
File:                     8PqWFZm1N3PXsei9Y8EX7CHCbU0.roa (raw, json)
Hash identifier:          BIuKN16Fei/B16tBhCNW6WWuj+A2HGn6b3PcJD7IMVY=
Subject key identifier:   F0:FA:96:15:99:B5:37:73:D7:B1:E8:BD:63:C1:17:EC:21:C2:6D:4D
Certificate issuer:       /CN=f6137c597d1e30cb75618e51f42b7f79ed5ffc88
Certificate serial:       018CC8713E7CE9B78022AA8A483BCACC133A
Authority key identifier: F6:13:7C:59:7D:1E:30:CB:75:61:8E:51:F4:2B:7F:79:ED:5F:FC:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/8PqWFZm1N3PXsei9Y8EX7CHCbU0.roa
Signing time:             Tue 02 Jan 2024 04:31:53 +0000
ROA not before:           Tue 02 Jan 2024 04:31:53 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     208626
IP address blocks:        2a0c:7b85::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 16 Jan 2024 14:08:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:71:3e:7c:e9:b7:80:22:aa:8a:48:3b:ca:cc:13:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f6137c597d1e30cb75618e51f42b7f79ed5ffc88
        Validity
            Not Before: Jan  2 04:31:53 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f0fa961599b53773d7b1e8bd63c117ec21c26d4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:6a:ef:e1:3b:58:11:fe:a6:a9:f6:be:ac:71:
                    4e:da:0e:a8:eb:06:04:fc:80:41:57:f0:c3:c5:ee:
                    84:c8:4f:de:47:f3:de:be:cc:4f:92:2f:0c:b7:00:
                    5a:13:d6:7f:30:8f:07:55:ae:86:3e:c7:f0:b6:6f:
                    3b:06:b9:1e:ee:07:7f:d2:14:d0:2e:cb:40:cc:72:
                    25:ca:50:26:c3:15:f9:8f:6e:a0:f9:1d:c2:3b:fc:
                    74:68:89:3b:79:de:ef:61:25:49:ab:21:ce:78:38:
                    a9:cf:31:ea:e9:ef:5a:b7:2a:88:66:0a:1c:a1:3f:
                    37:b5:98:5a:31:dd:3e:3d:76:b5:30:98:d3:8d:b0:
                    2f:b3:a8:90:c3:46:66:6f:6a:d5:31:30:86:69:7a:
                    34:09:1d:39:08:82:d6:82:62:a3:89:d8:a6:0b:e3:
                    f3:f4:ab:20:3d:3e:25:c5:a4:5c:50:b1:17:bc:04:
                    d5:d4:f4:40:46:9c:14:ea:e6:53:42:69:ff:b9:30:
                    71:68:9c:65:50:a8:e4:64:1c:b1:83:29:50:76:08:
                    c6:b1:dc:d0:8c:7c:c3:fa:50:e9:23:21:06:13:5f:
                    30:af:19:e4:ac:f4:89:e6:e9:b7:fe:49:0b:1b:d2:
                    55:97:63:56:b0:60:c4:a6:70:6f:36:8c:98:22:51:
                    4c:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:FA:96:15:99:B5:37:73:D7:B1:E8:BD:63:C1:17:EC:21:C2:6D:4D
            X509v3 Authority Key Identifier:
                keyid:F6:13:7C:59:7D:1E:30:CB:75:61:8E:51:F4:2B:7F:79:ED:5F:FC:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/8PqWFZm1N3PXsei9Y8EX7CHCbU0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:7b85::/32

    Signature Algorithm: sha256WithRSAEncryption
         08:57:d4:dc:4a:54:55:6c:55:2e:96:7c:39:57:3d:2a:6a:74:
         c9:7c:5a:5b:ef:91:57:16:30:fd:c6:4a:9d:49:f9:0a:b5:16:
         7d:8c:ed:59:07:ef:3e:b2:48:7e:c9:53:4d:90:fc:33:93:f5:
         66:97:4f:c9:86:29:60:e0:de:a0:29:c3:8d:be:59:5e:ea:c0:
         dc:0c:94:02:61:a9:91:66:3a:8c:2f:bf:e1:c1:83:30:fb:ad:
         fd:44:af:58:bd:1a:20:77:c2:73:78:84:2d:ae:06:22:0f:a7:
         7c:c0:4d:f0:f4:d9:bf:f1:75:0c:9e:cb:fb:4f:e4:2b:f7:85:
         bb:89:f0:97:8b:af:06:46:7b:5b:29:dd:14:97:5a:20:53:3c:
         d9:a7:1d:b2:c8:97:67:69:a7:a2:2d:16:3e:fe:f7:18:2a:f8:
         55:69:78:35:58:ca:f7:c3:90:c3:51:29:7d:58:f8:86:11:a9:
         4b:e0:92:06:e1:45:a4:c3:30:f3:ff:f2:71:64:2e:dd:4d:5a:
         5f:8c:ac:96:00:cb:63:86:11:32:65:0d:5e:b7:46:b7:8c:74:
         71:b6:d1:fc:9e:20:5b:cf:61:0b:84:48:18:c6:5b:f2:7b:f2:
         e1:ef:03:72:61:0d:4e:61:6e:94:1d:8e:9b:24:56:61:e8:ab:
         1c:8e:4a:d6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzIcT586beAIqqKSDvKzBM6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MTM3YzU5N2QxZTMwY2I3NTYxOGU1MWY0MmI3Zjc5ZWQ1
ZmZjODgwHhcNMjQwMTAyMDQzMTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGZhOTYxNTk5YjUzNzczZDdiMWU4YmQ2M2MxMTdlYzIxYzI2ZDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWrv4TtYEf6mqfa+rHFO2g6o6wYE
/IBBV/DDxe6EyE/eR/PevsxPki8MtwBaE9Z/MI8HVa6GPsfwtm87Brke7gd/0hTQ
LstAzHIlylAmwxX5j26g+R3CO/x0aIk7ed7vYSVJqyHOeDipzzHq6e9atyqIZgoc
oT83tZhaMd0+PXa1MJjTjbAvs6iQw0Zmb2rVMTCGaXo0CR05CILWgmKjidimC+Pz
9KsgPT4lxaRcULEXvATV1PRARpwU6uZTQmn/uTBxaJxlUKjkZByxgylQdgjGsdzQ
jHzD+lDpIyEGE18wrxnkrPSJ5um3/kkLG9JVl2NWsGDEpnBvNoyYIlFMIQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPD6lhWZtTdz17HovWPBF+whwm1NMB8GA1UdIwQY
MBaAFPYTfFl9HjDLdWGOUfQrf3ntX/yIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWhOOFdYMGVNTXQxWVk1UjlDdF9lZTFmX0lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8wZjFmOWYtNWE1MS00YmQ2LWJmMzAt
MzlhMjQzODhhNWU4LzEvOFBxV0ZabTFOM1BYc2VpOVk4RVg3Q0hDYlUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8wZjFmOWYtNWE1MS00YmQ2LWJmMzAtMzlhMjQzODhhNWU4
LzEvOWhOOFdYMGVNTXQxWVk1UjlDdF9lZTFmX0lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgx7hTAN
BgkqhkiG9w0BAQsFAAOCAQEACFfU3EpUVWxVLpZ8OVc9Kmp0yXxaW++RVxYw/cZK
nUn5CrUWfYztWQfvPrJIfslTTZD8M5P1ZpdPyYYpYODeoCnDjb5ZXurA3AyUAmGp
kWY6jC+/4cGDMPut/USvWL0aIHfCc3iELa4GIg+nfMBN8PTZv/F1DJ7L+0/kK/eF
u4nwl4uvBkZ7WyndFJdaIFM82acdssiXZ2mnoi0WPv73GCr4VWl4NVjK98OQw1Ep
fVj4hhGpS+CSBuFFpMMw8//ycWQu3U1aX4yslgDLY4YRMmUNXrdGt4x0cbbR/J4g
W89hC4RIGMZb8nvy4e8DcmENTmFulB2OmyRWYeirHI5K1g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:45 2024 by rpki-client on console-ams.rpki-client.org