Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2ou8bDpcJtUogWbEm-mimKSLTAk.roa
File:                     2ou8bDpcJtUogWbEm-mimKSLTAk.roa (raw, json)
Hash identifier:          fZVLLU/b7ylQLBPzr+5OY9ex9PJ6QTMt5yb23ogTbco=
Subject key identifier:   DA:8B:BC:6C:3A:5C:26:D5:28:81:66:C4:9B:E9:A2:98:A4:8B:4C:09
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D81F0624A5DB60768956B08212995F70D
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2ou8bDpcJtUogWbEm-mimKSLTAk.roa
Signing time:             Wed 07 Feb 2024 05:00:31 +0000
ROA not before:           Wed 07 Feb 2024 05:00:31 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     50755
IP address blocks:        2a0f:b241:11b::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:81:f0:62:4a:5d:b6:07:68:95:6b:08:21:29:95:f7:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  7 05:00:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=da8bbc6c3a5c26d5288166c49be9a298a48b4c09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:9c:5f:16:b2:7f:e3:cc:02:28:6d:20:d2:e8:
                    41:eb:4b:5b:36:14:52:44:fb:5b:d3:58:be:f6:34:
                    8e:db:a2:59:de:e3:2d:ea:f0:b5:e5:77:55:f8:89:
                    1d:fb:14:02:04:b2:e6:13:74:31:43:bd:7c:5b:8d:
                    7c:68:b1:4f:d7:62:d5:0b:3a:82:46:f2:97:4e:67:
                    6b:de:25:7a:9d:67:12:57:2a:62:4b:aa:d1:3c:82:
                    0a:94:1d:8c:f8:77:92:af:07:ae:21:14:08:24:e7:
                    e7:ae:bb:6c:00:77:82:25:79:01:34:88:c6:3f:70:
                    7e:42:57:fa:a0:8d:a2:7e:27:ef:50:ff:36:7d:42:
                    1c:79:92:df:4e:91:9a:69:12:80:95:10:a8:47:e5:
                    3d:7b:80:0c:af:bc:e1:93:5d:78:7d:e5:15:1f:52:
                    2f:6a:cb:e5:c1:c5:ad:aa:e0:cd:58:f6:6a:16:5f:
                    b6:eb:90:9b:f3:cd:20:e7:e9:ec:fd:f3:1b:4f:f7:
                    27:7f:88:d5:cc:56:15:ed:cf:a7:03:64:8b:b5:af:
                    e4:10:39:cc:8e:ab:01:cb:ce:6d:77:ec:fb:be:97:
                    df:0b:d6:c6:6d:06:67:1c:9d:d6:ba:67:8e:33:be:
                    a3:9c:1a:92:47:d4:42:3e:a3:9f:6d:14:8d:64:10:
                    12:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:8B:BC:6C:3A:5C:26:D5:28:81:66:C4:9B:E9:A2:98:A4:8B:4C:09
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2ou8bDpcJtUogWbEm-mimKSLTAk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:11b::/48

    Signature Algorithm: sha256WithRSAEncryption
         57:c6:ff:be:f4:f0:11:2c:8a:88:54:f6:77:5d:57:61:d5:6f:
         f7:6b:50:d8:3e:a8:dc:ba:26:a2:15:88:b2:b8:15:3c:0b:2f:
         79:d2:e4:ad:c4:73:e9:65:cd:62:aa:5d:91:b4:77:e3:fe:97:
         37:07:3e:ce:4a:19:b0:4e:49:be:dd:77:5e:63:35:b0:2a:2c:
         e7:76:ad:63:40:16:15:0e:c8:9b:4c:a6:b7:2c:2a:43:09:8f:
         01:d3:ab:2a:4e:ec:6d:18:90:12:76:2a:cd:d1:22:0e:2a:f2:
         f6:24:b3:36:8b:16:5f:0a:93:5e:e6:2f:92:20:9e:df:24:40:
         90:94:7d:ab:65:39:21:06:b3:fe:7c:13:26:c8:12:83:ca:13:
         8b:70:d1:3c:8c:28:50:8e:2d:1b:bb:4d:84:d1:64:ab:d0:c5:
         92:1f:36:9a:3f:e2:f2:4d:ae:eb:ac:ba:6a:73:39:ea:07:b4:
         5d:a4:d8:95:36:39:ee:e1:ec:f7:43:70:56:4b:9e:e1:0f:54:
         a0:58:af:ad:2c:c0:76:72:94:89:0c:4d:b3:f7:e1:2c:22:09:
         6d:65:e9:0d:24:2c:37:08:66:60:52:34:38:38:9a:8c:57:39:
         b1:b8:e6:ed:ad:f3:24:ba:74:91:d1:26:a2:ab:c0:06:64:2e:
         06:04:de:96
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8GJKXbYHaJVrCCEplfcNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYThiYmM2YzNhNWMyNmQ1Mjg4MTY2YzQ5YmU5YTI5OGE0OGI0YzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZxfFrJ/48wCKG0g0uhB60tbNhRS
RPtb01i+9jSO26JZ3uMt6vC15XdV+Ikd+xQCBLLmE3QxQ718W418aLFP12LVCzqC
RvKXTmdr3iV6nWcSVypiS6rRPIIKlB2M+HeSrweuIRQIJOfnrrtsAHeCJXkBNIjG
P3B+Qlf6oI2ififvUP82fUIceZLfTpGaaRKAlRCoR+U9e4AMr7zhk114feUVH1Iv
asvlwcWtquDNWPZqFl+265Cb880g5+ns/fMbT/cnf4jVzFYV7c+nA2SLta/kEDnM
jqsBy85td+z7vpffC9bGbQZnHJ3WumeOM76jnBqSR9RCPqOfbRSNZBASMwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNqLvGw6XCbVKIFmxJvpopiki0wJMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMm91OGJEcGNKdFVvZ1diRW0tbWltS1NMVEFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEb
MA0GCSqGSIb3DQEBCwUAA4IBAQBXxv++9PARLIqIVPZ3XVdh1W/3a1DYPqjcuiai
FYiyuBU8Cy950uStxHPpZc1iql2RtHfj/pc3Bz7OShmwTkm+3XdeYzWwKizndq1j
QBYVDsibTKa3LCpDCY8B06sqTuxtGJASdirN0SIOKvL2JLM2ixZfCpNe5i+SIJ7f
JECQlH2rZTkhBrP+fBMmyBKDyhOLcNE8jChQji0bu02E0WSr0MWSHzaaP+LyTa7r
rLpqcznqB7RdpNiVNjnu4ez3Q3BWS57hD1SgWK+tLMB2cpSJDE2z9+EsIgltZekN
JCw3CGZgUjQ4OJqMVzmxuObtrfMkunSR0Saiq8AGZC4GBN6W
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org