Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1lySf0DORiD01x4hEcofI0bUVjM.roa
File:                     1lySf0DORiD01x4hEcofI0bUVjM.roa (raw, json)
Hash identifier:          NpAE4ZsGPKbOn0qU6qdvfqbWWOK+yz6/gP3hrf7WaUI=
Subject key identifier:   D6:5C:92:7F:40:CE:46:20:F4:D7:1E:21:11:CA:1F:23:46:D4:56:33
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FABBB2438C02C6A342D356260424E0C
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1lySf0DORiD01x4hEcofI0bUVjM.roa
Signing time:             Tue 06 Feb 2024 18:26:17 +0000
ROA not before:           Tue 06 Feb 2024 18:26:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206218
IP address blocks:        2a0f:b241:ef::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:ab:bb:24:38:c0:2c:6a:34:2d:35:62:60:42:4e:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:26:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d65c927f40ce4620f4d71e2111ca1f2346d45633
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:d3:1f:47:07:51:9a:c6:27:37:e5:1c:0a:88:
                    a6:0a:cd:f7:ae:74:b5:25:b0:71:03:fe:31:6b:56:
                    bc:36:f9:3c:e5:3c:4d:74:a8:86:2a:ba:06:f4:ee:
                    76:26:2c:d8:75:62:57:e2:5f:73:1f:ba:07:56:2f:
                    a4:4a:72:95:9d:61:05:9c:e2:b4:de:09:3e:b8:dc:
                    c5:23:ca:f0:9c:4b:37:d6:58:0a:79:d4:8d:42:a2:
                    f6:5b:72:d5:70:27:cb:bc:7a:f6:34:d0:b7:16:47:
                    a9:a5:e1:05:1b:fb:74:87:67:41:ce:e9:8a:cd:8a:
                    a9:1d:7c:f2:55:e3:f4:ae:6c:da:93:4a:fe:97:ee:
                    87:0b:82:85:a7:17:40:76:00:53:c3:f1:e7:f0:4a:
                    1a:58:93:e6:2e:07:2f:64:62:0a:a8:48:59:32:55:
                    60:27:23:2a:3e:9e:4c:57:39:bc:71:0c:de:99:8b:
                    33:b3:97:5c:13:5a:db:48:79:ab:32:a2:c5:9d:88:
                    bc:f7:30:82:f7:7b:12:15:f4:33:a9:8e:80:9f:e3:
                    c3:14:4e:8e:46:5f:86:d4:a1:aa:17:f4:41:87:d0:
                    e2:96:13:bd:19:6c:9e:87:53:f4:a1:90:23:58:cf:
                    79:2b:62:5f:11:8b:84:3a:b7:33:a8:36:33:36:8a:
                    cf:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:5C:92:7F:40:CE:46:20:F4:D7:1E:21:11:CA:1F:23:46:D4:56:33
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1lySf0DORiD01x4hEcofI0bUVjM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:ef::/48

    Signature Algorithm: sha256WithRSAEncryption
         82:08:df:94:bb:2d:9f:c3:d9:14:86:0a:11:53:6a:13:cc:a4:
         7b:fb:bc:d9:16:45:fe:2b:0c:4c:dc:67:94:a8:d5:2e:92:7e:
         6f:6b:31:35:5b:0f:54:7c:2f:e8:14:de:46:7b:5b:bb:d2:cd:
         4c:dd:b5:1d:ba:21:fe:19:d1:b7:d8:dd:c0:15:9e:4c:7e:43:
         a9:a2:42:a3:a0:d1:4d:54:07:e4:7c:45:69:ec:fb:3c:2c:d0:
         9c:36:62:cc:31:23:06:19:72:63:0c:61:10:35:0a:03:c5:73:
         cd:ff:32:29:00:72:ed:b5:23:c1:b2:8d:3a:6e:d2:2f:a9:9f:
         70:3b:c7:7b:d6:e9:ce:f1:9c:84:b9:b8:ca:ba:ab:7f:ae:03:
         04:84:9a:44:13:bc:36:67:bd:40:d7:cc:31:be:20:bd:7d:df:
         86:98:17:b2:ed:e7:8e:53:84:65:c3:6f:55:cc:b8:c4:cf:a4:
         da:d6:95:a2:e8:ad:68:2d:fa:f3:b0:64:a4:2e:50:0c:d8:a2:
         79:25:07:c6:cf:b2:1c:16:fc:4a:81:2a:07:44:5d:3f:3e:b8:
         3f:47:f0:dd:fa:8e:ff:d3:63:dc:d7:5a:a5:d3:ff:fa:59:dc:
         db:31:3a:6a:72:82:62:33:d5:a6:4b:fa:dd:2a:95:13:91:1d:
         26:ef:9d:92
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/q7skOMAsajQtNWJgQk4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjVjOTI3ZjQwY2U0NjIwZjRkNzFlMjExMWNhMWYyMzQ2ZDQ1NjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9MfRwdRmsYnN+UcCoimCs33rnS1
JbBxA/4xa1a8Nvk85TxNdKiGKroG9O52JizYdWJX4l9zH7oHVi+kSnKVnWEFnOK0
3gk+uNzFI8rwnEs31lgKedSNQqL2W3LVcCfLvHr2NNC3FkeppeEFG/t0h2dBzumK
zYqpHXzyVeP0rmzak0r+l+6HC4KFpxdAdgBTw/Hn8EoaWJPmLgcvZGIKqEhZMlVg
JyMqPp5MVzm8cQzemYszs5dcE1rbSHmrMqLFnYi89zCC93sSFfQzqY6An+PDFE6O
Rl+G1KGqF/RBh9DilhO9GWyeh1P0oZAjWM95K2JfEYuEOrczqDYzNorPhQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNZckn9AzkYg9NceIRHKHyNG1FYzMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMWx5U2YwRE9SaUQwMXg0aEVjb2ZJMGJVVmpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDv
MA0GCSqGSIb3DQEBCwUAA4IBAQCCCN+Uuy2fw9kUhgoRU2oTzKR7+7zZFkX+KwxM
3GeUqNUukn5vazE1Ww9UfC/oFN5Ge1u70s1M3bUduiH+GdG32N3AFZ5MfkOpokKj
oNFNVAfkfEVp7Ps8LNCcNmLMMSMGGXJjDGEQNQoDxXPN/zIpAHLttSPBso06btIv
qZ9wO8d71unO8ZyEubjKuqt/rgMEhJpEE7w2Z71A18wxviC9fd+GmBey7eeOU4Rl
w29VzLjEz6Ta1pWi6K1oLfrzsGSkLlAM2KJ5JQfGz7IcFvxKgSoHRF0/Prg/R/Dd
+o7/02Pc11ql0//6WdzbMTpqcoJiM9WmS/rdKpUTkR0m752S
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org