Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/0g-DdHMW4ggYd8p7TWKOsKpTrlY.roa
File:                     0g-DdHMW4ggYd8p7TWKOsKpTrlY.roa (raw, json)
Hash identifier:          lK9b6wrTzs2WkHx1YSTEX464U0+47Tj5zV/zpeJsfvk=
Subject key identifier:   D2:0F:83:74:73:16:E2:08:18:77:CA:7B:4D:62:8E:B0:AA:53:AE:56
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7F95C42A21C693BBAFDEAD727C014FB7
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/0g-DdHMW4ggYd8p7TWKOsKpTrlY.roa
Signing time:             Tue 06 Feb 2024 18:02:17 +0000
ROA not before:           Tue 06 Feb 2024 18:02:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     213384
IP address blocks:        2a0f:b241:4b::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:95:c4:2a:21:c6:93:bb:af:de:ad:72:7c:01:4f:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:02:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d20f83747316e2081877ca7b4d628eb0aa53ae56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:8a:aa:cc:af:37:16:83:31:0f:00:15:bf:68:
                    18:f0:97:96:ac:26:b5:80:c6:ea:ed:d6:45:4c:d7:
                    8c:e4:ec:72:60:7c:e4:26:b4:e2:b7:36:f5:32:81:
                    6e:a1:f8:3d:5c:3b:ab:05:0d:03:fa:83:5a:ec:da:
                    3b:88:e6:68:38:fa:fb:52:0e:2a:a5:36:b5:93:d4:
                    01:d4:29:d8:ae:f2:e6:1d:74:e5:07:09:d2:d6:e0:
                    cb:82:1b:91:2d:b4:74:f0:1f:3c:e2:a7:90:9d:20:
                    9a:9a:83:d0:ea:ea:5b:37:94:4e:25:8d:6b:20:aa:
                    22:78:20:63:9c:9d:17:9c:d0:53:6f:5a:53:82:48:
                    da:35:7f:4d:50:88:65:00:8a:3c:5a:1f:95:90:46:
                    68:9c:20:cd:0b:2e:c1:a4:7d:46:4a:89:e3:c9:84:
                    18:4b:9e:79:2d:44:9a:3b:40:38:ad:43:8a:b7:f7:
                    14:cf:26:71:db:47:2e:0b:62:f4:28:21:5d:43:0a:
                    a6:e4:4f:e9:7c:a3:f9:65:c1:db:71:24:6b:03:b9:
                    b1:86:5d:0a:0e:12:36:05:15:b4:47:0c:a4:45:23:
                    f2:bc:0c:69:d4:9a:25:0b:35:73:39:f5:d8:58:a6:
                    8b:77:b5:7e:d2:97:a7:ed:4a:c5:49:e2:f5:5f:c4:
                    c1:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:0F:83:74:73:16:E2:08:18:77:CA:7B:4D:62:8E:B0:AA:53:AE:56
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/0g-DdHMW4ggYd8p7TWKOsKpTrlY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:4b::/48

    Signature Algorithm: sha256WithRSAEncryption
         02:e4:e6:a0:e7:ee:a1:88:50:4a:f6:89:50:f4:ef:71:0c:5b:
         3f:32:51:50:6c:49:58:be:e8:33:ee:b9:18:f2:30:30:46:26:
         0a:a5:c0:06:74:16:a3:fd:bd:43:19:4c:01:f1:4a:8d:19:89:
         22:9d:29:b3:ad:d7:62:e0:c5:96:ec:82:89:2a:05:0d:16:20:
         8a:d3:4e:d1:89:b9:c8:c2:c9:e1:3f:d8:52:07:a3:be:8e:87:
         29:2b:58:b9:4d:24:f3:d2:96:27:58:21:9b:d4:d9:2d:32:5a:
         ef:e2:04:67:72:4c:63:e5:53:26:13:c0:fe:ee:62:83:22:f0:
         96:01:8e:9b:c9:f2:ed:1e:9b:bf:be:c6:0e:50:9a:56:c9:05:
         ca:83:b3:bf:84:93:fa:ac:f7:4e:c8:cd:fc:96:5d:af:7a:c9:
         0c:c5:70:97:bd:d4:75:24:9f:50:c9:4f:1a:61:55:79:64:80:
         8a:75:57:e4:88:76:fc:b6:40:af:53:ae:69:1e:c2:e8:65:21:
         80:fb:67:07:4b:0d:58:c9:50:09:d3:e8:01:6c:c8:09:4a:85:
         21:1e:cb:0f:dd:de:e5:99:63:e1:98:98:f1:66:7a:05:09:c7:
         c3:ea:73:21:7d:e7:d1:41:1a:12:c1:06:9b:47:07:2d:62:30:
         74:07:62:3c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lcQqIcaTu6/erXJ8AU+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjBmODM3NDczMTZlMjA4MTg3N2NhN2I0ZDYyOGViMGFhNTNhZTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIqqzK83FoMxDwAVv2gY8JeWrCa1
gMbq7dZFTNeM5OxyYHzkJrTitzb1MoFuofg9XDurBQ0D+oNa7No7iOZoOPr7Ug4q
pTa1k9QB1CnYrvLmHXTlBwnS1uDLghuRLbR08B884qeQnSCamoPQ6upbN5ROJY1r
IKoieCBjnJ0XnNBTb1pTgkjaNX9NUIhlAIo8Wh+VkEZonCDNCy7BpH1GSonjyYQY
S555LUSaO0A4rUOKt/cUzyZx20cuC2L0KCFdQwqm5E/pfKP5ZcHbcSRrA7mxhl0K
DhI2BRW0RwykRSPyvAxp1JolCzVzOfXYWKaLd7V+0pen7UrFSeL1X8TBDQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNIPg3RzFuIIGHfKe01ijrCqU65WMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMGctRGRITVc0Z2dZZDhwN1RXS09zS3BUcmxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBL
MA0GCSqGSIb3DQEBCwUAA4IBAQAC5Oag5+6hiFBK9olQ9O9xDFs/MlFQbElYvugz
7rkY8jAwRiYKpcAGdBaj/b1DGUwB8UqNGYkinSmzrddi4MWW7IKJKgUNFiCK007R
ibnIwsnhP9hSB6O+jocpK1i5TSTz0pYnWCGb1NktMlrv4gRnckxj5VMmE8D+7mKD
IvCWAY6byfLtHpu/vsYOUJpWyQXKg7O/hJP6rPdOyM38ll2veskMxXCXvdR1JJ9Q
yU8aYVV5ZICKdVfkiHb8tkCvU65pHsLoZSGA+2cHSw1YyVAJ0+gBbMgJSoUhHssP
3d7lmWPhmJjxZnoFCcfD6nMhfefRQRoSwQabRwctYjB0B2I8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org