Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1thYVPXUziCyEK2ldzPxkM55mMo.roa
File:                     1thYVPXUziCyEK2ldzPxkM55mMo.roa (raw, json)
Hash identifier:          /Gaqlz5xj24LXzPt/+UwlasTmeMksKN99CvBnJ+OFEI=
Subject key identifier:   D6:D8:58:54:F5:D4:CE:20:B2:10:AD:A5:77:33:F1:90:CE:79:98:CA
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FB88B4FB2C236D8965EE17EE9A914E0
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1thYVPXUziCyEK2ldzPxkM55mMo.roa
Signing time:             Tue 06 Feb 2024 18:40:17 +0000
ROA not before:           Tue 06 Feb 2024 18:40:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215615
IP address blocks:        2a0f:b241:14d::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:b8:8b:4f:b2:c2:36:d8:96:5e:e1:7e:e9:a9:14:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:40:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d6d85854f5d4ce20b210ada57733f190ce7998ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:e3:a5:c9:5a:53:e4:08:38:c0:15:8a:66:9a:
                    d3:7f:c2:6e:15:3c:03:e4:98:64:42:d4:9d:5c:a4:
                    7e:ef:1b:bb:8c:c4:38:e2:78:e7:b6:e2:08:24:1c:
                    8b:3e:7b:b2:59:d2:bb:1d:ed:0b:af:8c:8f:89:31:
                    ac:3e:71:53:16:66:67:c4:15:c2:68:15:bd:8e:ba:
                    c6:1e:0b:a7:c5:9a:11:4b:04:3c:16:22:c8:c6:57:
                    97:8f:a4:92:ed:44:c5:56:1a:65:1e:2b:e9:df:7b:
                    fe:c4:cb:ec:a0:0e:a8:7f:7e:80:93:5d:ae:b0:9f:
                    65:3b:27:01:46:42:a9:43:73:bc:76:ed:03:07:90:
                    2f:2f:4f:21:75:2f:d9:9d:8a:e5:20:3d:af:fc:2f:
                    86:63:e9:7b:1f:5b:56:2c:7e:b7:ef:3c:ed:ac:e8:
                    d9:2c:c4:cf:a7:ec:bb:0e:60:c2:2e:b1:21:1a:7f:
                    63:70:43:bc:6c:c2:4d:a3:e1:bc:c8:cb:8e:a1:15:
                    7d:f0:82:5c:57:7d:3f:0f:37:ea:6d:92:84:e0:a6:
                    68:0a:ff:de:89:88:77:ab:11:ee:85:c2:94:82:54:
                    74:eb:1e:09:ef:07:09:ce:3d:ac:57:ac:c2:72:71:
                    34:d5:8e:2c:89:21:0f:69:19:2b:c5:ce:be:cc:6e:
                    f9:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:D8:58:54:F5:D4:CE:20:B2:10:AD:A5:77:33:F1:90:CE:79:98:CA
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1thYVPXUziCyEK2ldzPxkM55mMo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:14d::/48

    Signature Algorithm: sha256WithRSAEncryption
         80:fe:32:54:84:de:7f:10:42:f9:a2:39:0b:ec:d1:33:43:50:
         ae:b4:ee:9d:cc:54:c3:67:26:09:c9:2e:fd:e3:4b:fb:a4:eb:
         ea:cc:93:89:b8:1d:e3:47:b1:6b:50:f7:b8:20:7c:26:e7:01:
         17:d4:f9:03:df:ef:20:90:b8:e5:17:b5:2d:58:b8:94:11:97:
         0d:e9:c0:88:2f:a5:04:15:ae:37:b6:b8:b9:3f:4e:32:f5:bb:
         cf:33:74:03:e2:05:6c:eb:6d:a2:59:40:02:42:79:74:d3:65:
         06:65:f3:e5:a6:41:5c:a1:d8:2c:51:95:03:fa:a6:c0:70:dc:
         ef:0c:ec:3e:da:dc:d9:da:75:73:31:04:27:60:03:a3:18:5c:
         f3:98:3a:52:8e:9c:32:2b:ba:4f:18:04:ae:a2:2e:46:cc:6b:
         d6:19:c5:d4:1d:71:ae:89:95:2f:ad:23:15:f6:c0:fb:06:8f:
         f2:c8:4f:ff:41:e3:d7:34:aa:02:c8:aa:3a:49:2d:34:b4:3b:
         17:49:01:39:47:9f:fa:ee:68:17:d8:25:8d:bb:8c:6e:3e:ce:
         b6:2d:19:01:e1:80:1d:cf:1e:fa:f5:89:ba:61:8d:48:b4:20:
         00:56:f9:31:5c:8b:98:9b:5a:26:8d:07:76:a5:22:17:34:85:
         f3:bf:e7:c7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/uItPssI22JZe4X7pqRTgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTg0MDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmQ4NTg1NGY1ZDRjZTIwYjIxMGFkYTU3NzMzZjE5MGNlNzk5OGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+OlyVpT5Ag4wBWKZprTf8JuFTwD
5JhkQtSdXKR+7xu7jMQ44njntuIIJByLPnuyWdK7He0Lr4yPiTGsPnFTFmZnxBXC
aBW9jrrGHgunxZoRSwQ8FiLIxleXj6SS7UTFVhplHivp33v+xMvsoA6of36Ak12u
sJ9lOycBRkKpQ3O8du0DB5AvL08hdS/ZnYrlID2v/C+GY+l7H1tWLH637zztrOjZ
LMTPp+y7DmDCLrEhGn9jcEO8bMJNo+G8yMuOoRV98IJcV30/DzfqbZKE4KZoCv/e
iYh3qxHuhcKUglR06x4J7wcJzj2sV6zCcnE01Y4siSEPaRkrxc6+zG75PQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNbYWFT11M4gshCtpXcz8ZDOeZjKMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMXRoWVZQWFV6aUN5RUsybGR6UHhrTTU1bU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFN
MA0GCSqGSIb3DQEBCwUAA4IBAQCA/jJUhN5/EEL5ojkL7NEzQ1CutO6dzFTDZyYJ
yS7940v7pOvqzJOJuB3jR7FrUPe4IHwm5wEX1PkD3+8gkLjlF7UtWLiUEZcN6cCI
L6UEFa43tri5P04y9bvPM3QD4gVs622iWUACQnl002UGZfPlpkFcodgsUZUD+qbA
cNzvDOw+2tzZ2nVzMQQnYAOjGFzzmDpSjpwyK7pPGASuoi5GzGvWGcXUHXGuiZUv
rSMV9sD7Bo/yyE//QePXNKoCyKo6SS00tDsXSQE5R5/67mgX2CWNu4xuPs62LRkB
4YAdzx769Ym6YY1ItCAAVvkxXIuYm1omjQd2pSIXNIXzv+fH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:07 2024 by rpki-client on console-ams.rpki-client.org