Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2B-IaIGjHlFhTa1SpdEVwQWkY-Q.roa
File:                     2B-IaIGjHlFhTa1SpdEVwQWkY-Q.roa (raw, json)
Hash identifier:          8ze+Bl2ORiEFY5Kgm/PmJEsrzzwoQ0XS/KWh41jNYyA=
Subject key identifier:   D8:1F:88:68:81:A3:1E:51:61:4D:AD:52:A5:D1:15:C1:05:A4:63:E4
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FA9E63CCD6978BD82DE0269A2426677
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2B-IaIGjHlFhTa1SpdEVwQWkY-Q.roa
Signing time:             Tue 06 Feb 2024 18:24:17 +0000
ROA not before:           Tue 06 Feb 2024 18:24:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200809
IP address blocks:        2a0f:b241:d3::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:a9:e6:3c:cd:69:78:bd:82:de:02:69:a2:42:66:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:24:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d81f886881a31e51614dad52a5d115c105a463e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:97:57:21:46:18:5c:a5:49:66:aa:56:95:49:
                    2e:91:19:25:af:1e:ad:dd:27:4e:25:07:04:ff:50:
                    a9:a9:bc:2b:54:48:7a:3b:60:6f:46:c1:2b:88:a3:
                    4d:3d:b1:cc:86:db:6b:1b:67:2a:70:cf:b0:10:43:
                    2d:32:d9:99:34:a4:49:0a:47:b0:20:46:ed:3c:98:
                    2c:a2:3e:97:1a:01:d3:a9:85:08:f9:6e:82:8e:b9:
                    ca:95:7f:5a:f9:52:88:5e:23:8f:40:48:c6:c8:4d:
                    34:aa:f3:9a:18:63:a9:27:99:87:3a:78:6c:18:5d:
                    df:a6:5a:f3:78:b3:79:0a:32:c0:d5:0c:49:e8:49:
                    a5:94:ed:0c:6a:ca:49:c1:60:26:59:bd:25:ec:43:
                    4d:a2:f7:09:8f:dc:e6:c3:c3:9b:8b:76:de:6f:52:
                    b7:b7:17:5e:2a:14:55:65:86:19:a8:c9:8b:10:b8:
                    78:81:d1:16:af:db:34:ed:48:16:d2:2a:7a:5b:a0:
                    04:3e:93:aa:79:91:2d:b4:18:4f:4f:28:69:27:ab:
                    da:3d:7b:0b:66:74:e5:15:c1:1e:a1:95:af:14:ec:
                    a7:fb:e8:e7:d4:af:f2:c8:6a:bd:d0:25:9b:c9:66:
                    09:0a:6d:57:59:1d:60:c1:42:73:2f:b1:c5:53:8b:
                    ac:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:1F:88:68:81:A3:1E:51:61:4D:AD:52:A5:D1:15:C1:05:A4:63:E4
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2B-IaIGjHlFhTa1SpdEVwQWkY-Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:d3::/48

    Signature Algorithm: sha256WithRSAEncryption
         41:75:40:f6:2e:09:73:9f:08:b3:82:9e:16:06:0b:ad:9b:f4:
         ee:95:1f:9b:bd:57:d0:07:1c:1e:3e:78:a4:77:25:bd:bf:62:
         a9:9b:43:09:9d:9c:01:e9:8f:b4:d4:7d:65:a8:f7:1c:ce:fe:
         e5:ba:be:34:81:e9:7a:58:1a:a3:4b:22:58:d3:a9:a6:9d:e1:
         bd:81:bf:44:20:96:df:20:3e:cc:b3:07:e2:b2:38:f0:33:f6:
         99:40:cd:4b:66:f3:29:0a:1d:4b:45:40:8a:50:d5:ea:71:8b:
         09:c5:7d:92:8f:f3:19:e2:a7:4e:84:fc:30:9d:1d:99:2c:5c:
         67:d8:3c:dc:2e:23:eb:5b:3e:48:2a:87:e6:11:6b:ae:72:8a:
         69:67:0f:dd:fb:db:6f:d8:37:40:d2:58:ea:eb:31:ed:f4:93:
         fd:ca:5f:ac:e8:ec:a5:4a:d5:42:71:a0:85:5c:87:14:22:0a:
         eb:c8:f9:4b:ea:3c:1f:bf:1f:1b:ae:67:27:c8:25:90:5f:50:
         41:a2:5f:c0:04:02:a5:fb:93:b0:f6:07:93:a1:bb:c1:60:82:
         82:41:ad:d0:c0:b0:1c:ab:84:6d:10:98:d8:e9:c4:df:f4:4d:
         8d:dd:1d:7c:84:d3:51:0a:b7:70:f9:8a:26:85:42:93:d8:4f:
         19:37:05:30
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qeY8zWl4vYLeAmmiQmZ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODFmODg2ODgxYTMxZTUxNjE0ZGFkNTJhNWQxMTVjMTA1YTQ2M2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZdXIUYYXKVJZqpWlUkukRklrx6t
3SdOJQcE/1CpqbwrVEh6O2BvRsEriKNNPbHMhttrG2cqcM+wEEMtMtmZNKRJCkew
IEbtPJgsoj6XGgHTqYUI+W6CjrnKlX9a+VKIXiOPQEjGyE00qvOaGGOpJ5mHOnhs
GF3fplrzeLN5CjLA1QxJ6EmllO0MaspJwWAmWb0l7ENNovcJj9zmw8Obi3beb1K3
txdeKhRVZYYZqMmLELh4gdEWr9s07UgW0ip6W6AEPpOqeZEttBhPTyhpJ6vaPXsL
ZnTlFcEeoZWvFOyn++jn1K/yyGq90CWbyWYJCm1XWR1gwUJzL7HFU4us1wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNgfiGiBox5RYU2tUqXRFcEFpGPkMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMkItSWFJR2pIbEZoVGExU3BkRVZ3UVdrWS1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDT
MA0GCSqGSIb3DQEBCwUAA4IBAQBBdUD2Lglznwizgp4WBgutm/TulR+bvVfQBxwe
PnikdyW9v2Kpm0MJnZwB6Y+01H1lqPcczv7lur40gel6WBqjSyJY06mmneG9gb9E
IJbfID7MswfisjjwM/aZQM1LZvMpCh1LRUCKUNXqcYsJxX2Sj/MZ4qdOhPwwnR2Z
LFxn2DzcLiPrWz5IKofmEWuucoppZw/d+9tv2DdA0ljq6zHt9JP9yl+s6OylStVC
caCFXIcUIgrryPlL6jwfvx8brmcnyCWQX1BBol/ABAKl+5Ow9geTobvBYIKCQa3Q
wLAcq4RtEJjY6cTf9E2N3R18hNNRCrdw+YomhUKT2E8ZNwUw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:07 2024 by rpki-client on console-ams.rpki-client.org