Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1-4rBJsyamrSqw1idvmXaD07fFt8.roa
File:                     1-4rBJsyamrSqw1idvmXaD07fFt8.roa (raw, json)
Hash identifier:          HlDYRWQmBQ0rL3QneCM1VaiUX26ecmCoP7T+CWh6ShI=
Subject key identifier:   FB:8A:C1:26:CC:9A:9A:B4:AA:C3:58:9D:BE:65:DA:0F:4E:DF:16:DF
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D81F08124B1B4698C61BD5A8F0D7902FE
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1-4rBJsyamrSqw1idvmXaD07fFt8.roa
Signing time:             Wed 07 Feb 2024 05:00:38 +0000
ROA not before:           Wed 07 Feb 2024 05:00:38 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200192
IP address blocks:        2a0f:b241:1b::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:81:f0:81:24:b1:b4:69:8c:61:bd:5a:8f:0d:79:02:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  7 05:00:38 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fb8ac126cc9a9ab4aac3589dbe65da0f4edf16df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:73:bd:b9:c5:e8:aa:1a:85:21:23:2c:bd:c3:
                    c1:8b:fb:5d:83:7d:4d:3a:36:e3:1f:a4:7d:08:71:
                    6d:94:ed:be:0c:94:e0:40:8d:78:0c:4e:e1:73:50:
                    db:e0:37:98:36:09:ee:aa:12:27:2b:a8:c0:e7:a6:
                    e3:c4:57:7d:df:8e:4b:df:67:91:11:44:2e:95:d8:
                    d7:64:f7:79:00:c2:4f:54:c5:61:d3:1f:44:e4:03:
                    d7:6b:4e:e7:a5:cd:0c:e7:fb:ff:31:85:a2:18:1f:
                    e0:b8:09:66:9a:08:99:9e:1e:d6:2b:27:78:f1:e1:
                    cb:4d:32:43:3f:b3:97:1b:ff:90:70:51:08:a8:fe:
                    ce:f8:9b:81:fb:63:5b:61:d9:26:27:ac:30:51:21:
                    2f:d1:90:76:c8:af:36:6e:0a:58:99:20:dd:95:96:
                    67:06:1d:d4:ea:98:aa:e7:01:a1:92:84:c5:b3:cb:
                    f3:4a:29:80:65:11:1f:0d:c4:db:34:2f:ca:bb:99:
                    c1:eb:b4:4b:ef:6d:ee:a6:b8:92:f0:ed:8c:57:6d:
                    a6:20:a5:a6:13:64:bf:60:31:7c:9d:61:4f:e4:d3:
                    e6:21:99:44:d1:f4:cb:e9:06:67:0a:3f:ba:c3:cf:
                    28:d3:55:e6:95:83:42:ff:20:59:2e:5e:77:8a:8f:
                    f9:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:8A:C1:26:CC:9A:9A:B4:AA:C3:58:9D:BE:65:DA:0F:4E:DF:16:DF
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1-4rBJsyamrSqw1idvmXaD07fFt8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:1b::/48

    Signature Algorithm: sha256WithRSAEncryption
         83:21:1d:89:89:c3:08:c5:50:7a:87:7d:02:17:a0:59:17:b4:
         ce:c1:ab:5b:cb:34:34:c5:68:1c:4b:3d:c8:39:6f:75:24:9a:
         ec:31:b8:2d:42:e1:71:a9:e3:b4:58:6b:83:5b:68:fa:c6:3f:
         fa:91:a3:f3:c5:1e:22:e9:ab:1e:ac:51:6a:96:84:bb:9e:d8:
         06:17:51:9b:5d:a0:a7:85:44:8f:6b:a6:0b:4e:6f:b9:1b:ca:
         21:f9:69:38:23:9f:a1:9d:39:22:62:90:2b:41:6d:bb:44:08:
         e3:e1:8b:25:11:05:f3:62:ae:dc:de:41:77:d5:35:9f:05:47:
         81:a9:22:03:29:d1:0b:c0:57:94:f4:80:04:9e:0e:22:48:a8:
         f0:73:e7:27:5e:e2:2a:20:75:5e:41:8c:de:4d:97:69:84:c4:
         26:30:b6:ed:46:4c:ad:ee:3a:b5:89:53:79:0b:3a:d8:6c:ce:
         d7:0c:f7:a2:40:8c:48:2c:69:39:42:3b:0c:c6:b4:78:d8:0c:
         3e:7c:d6:06:bf:ad:56:49:4c:62:d7:5a:9a:67:af:d1:64:35:
         33:fe:11:c2:0b:90:20:45:e8:93:6c:f4:db:58:a3:3f:b6:72:
         3f:7f:78:26:fd:cb:41:7a:93:ac:e5:61:72:8e:23:fe:89:c1:
         bf:9d:b2:d3
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAY2B8IEksbRpjGG9Wo8NeQL+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjhhYzEyNmNjOWE5YWI0YWFjMzU4OWRiZTY1ZGEwZjRlZGYxNmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXO9ucXoqhqFISMsvcPBi/tdg31N
OjbjH6R9CHFtlO2+DJTgQI14DE7hc1Db4DeYNgnuqhInK6jA56bjxFd9345L32eR
EUQuldjXZPd5AMJPVMVh0x9E5APXa07npc0M5/v/MYWiGB/guAlmmgiZnh7WKyd4
8eHLTTJDP7OXG/+QcFEIqP7O+JuB+2NbYdkmJ6wwUSEv0ZB2yK82bgpYmSDdlZZn
Bh3U6piq5wGhkoTFs8vzSimAZREfDcTbNC/Ku5nB67RL723upriS8O2MV22mIKWm
E2S/YDF8nWFP5NPmIZlE0fTL6QZnCj+6w88o01XmlYNC/yBZLl53io/5AQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPuKwSbMmpq0qsNYnb5l2g9O3xbfMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMS00ckJKc3lhbXJTcXcxaWR2bVhhRDA3ZkZ0OC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDMvYjg3ZWMwLWY3NWEtNGJiZS1iMDY3LWI3MTc5ODBlNGFk
Ni8xL2JvY1FTazIweEdOeHBfaTJwRUg4TU96ZjRnOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPskEA
GzANBgkqhkiG9w0BAQsFAAOCAQEAgyEdiYnDCMVQeod9AhegWRe0zsGrW8s0NMVo
HEs9yDlvdSSa7DG4LULhcanjtFhrg1to+sY/+pGj88UeIumrHqxRapaEu57YBhdR
m12gp4VEj2umC05vuRvKIflpOCOfoZ05ImKQK0Ftu0QI4+GLJREF82Ku3N5Bd9U1
nwVHgakiAynRC8BXlPSABJ4OIkio8HPnJ17iKiB1XkGM3k2XaYTEJjC27UZMre46
tYlTeQs62GzO1wz3okCMSCxpOUI7DMa0eNgMPnzWBr+tVklMYtdammev0WQ1M/4R
wguQIEXok2z021ijP7ZyP394Jv3LQXqTrOVhco4j/onBv52y0w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org