Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/5laHKRV1i8QqYtS4ip07tSsBcOo.roa
File:                     5laHKRV1i8QqYtS4ip07tSsBcOo.roa (raw, json)
Hash identifier:          RpC6qy6qstwXPKiiMNnPDfD8B8XdloSgV3G8Trh/UA8=
Subject key identifier:   E6:56:87:29:15:75:8B:C4:2A:62:D4:B8:8A:9D:3B:B5:2B:01:70:EA
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7F95BF3E9ECC7CAA83D07296E5907030
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/5laHKRV1i8QqYtS4ip07tSsBcOo.roa
Signing time:             Tue 06 Feb 2024 18:02:16 +0000
ROA not before:           Tue 06 Feb 2024 18:02:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210202
IP address blocks:        2a0f:b241:46::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:95:bf:3e:9e:cc:7c:aa:83:d0:72:96:e5:90:70:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:02:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e656872915758bc42a62d4b88a9d3bb52b0170ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:34:14:ff:52:cf:0d:6e:2a:91:de:a2:e8:40:
                    ee:0c:d3:3b:53:4b:2d:a7:f1:b4:86:a1:6e:72:1b:
                    15:62:ef:39:eb:cb:55:f7:b1:61:4b:f8:04:4c:8a:
                    55:e1:8e:a5:c2:6d:55:bd:01:14:1c:98:1c:16:c9:
                    05:9d:64:7e:cf:78:fc:93:7b:13:3d:6d:0e:54:e7:
                    b9:24:52:f4:cb:dc:8f:92:cb:c4:4c:b4:a2:96:2e:
                    5a:1e:b7:74:63:1a:92:45:88:3f:27:69:ea:df:02:
                    3d:3a:28:88:a6:96:09:55:c7:7d:ac:c5:0e:82:3d:
                    b6:58:d7:a4:98:4a:aa:5e:58:51:58:c2:94:cb:a7:
                    bb:13:9a:38:3f:d2:05:b1:f0:33:8e:68:22:80:3a:
                    5a:0c:8f:80:30:84:d6:fa:42:6d:7f:69:ee:ca:a2:
                    5e:f3:43:35:69:e3:93:55:3a:93:b3:4b:a1:02:1c:
                    16:94:e3:df:81:f3:73:66:e6:9a:a5:43:ac:c3:b1:
                    4d:ac:44:8a:e6:aa:18:aa:d3:d3:0f:08:24:36:1c:
                    de:21:90:2e:b0:6d:31:7c:a5:22:c9:fc:2b:b5:30:
                    42:26:89:59:4b:f0:dd:b5:66:88:5f:4f:6f:67:70:
                    ab:c9:54:45:89:0a:20:9d:b4:6e:3c:9f:a8:1e:e7:
                    2c:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:56:87:29:15:75:8B:C4:2A:62:D4:B8:8A:9D:3B:B5:2B:01:70:EA
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/5laHKRV1i8QqYtS4ip07tSsBcOo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:46::/48

    Signature Algorithm: sha256WithRSAEncryption
         6e:22:2a:2f:3b:5c:d0:66:8a:05:38:c5:d3:b6:24:24:db:02:
         6a:ec:c6:08:f6:42:54:85:0b:ab:08:13:e3:74:81:d3:a3:61:
         13:27:e8:88:11:10:ba:73:15:29:b6:a5:ed:92:f6:fd:82:1e:
         f5:ff:b4:86:3f:67:5a:cc:bc:3e:56:84:c2:61:cf:a4:6c:ea:
         fa:79:8a:46:08:09:bc:4c:3f:6b:43:7e:c2:67:48:da:95:07:
         67:66:8a:f5:3c:72:a1:71:73:70:9b:ca:cb:f0:c0:e0:71:34:
         33:86:fd:78:34:35:6e:c8:fb:3d:67:52:c2:5e:3e:1f:d4:b5:
         d8:b4:a3:91:a7:50:f6:e6:b2:54:d5:14:ff:86:4a:84:01:55:
         0f:45:1b:27:69:0b:ee:09:40:41:09:e1:71:04:9d:2e:51:e5:
         8f:ae:81:7a:e4:db:cf:68:ff:37:87:c1:6c:6b:0b:52:c4:f1:
         2d:fc:dd:ae:a4:86:0f:c4:80:1b:21:55:4c:16:46:05:a2:9e:
         a1:be:e1:a3:2f:9f:c6:3a:51:c2:ab:f4:b6:50:d4:10:5d:31:
         ce:33:c9:39:be:ee:22:0a:17:14:2a:e7:af:e4:e4:7b:6f:4e:
         55:48:9a:ba:b3:4f:25:e1:84:02:e6:80:a2:9d:24:38:7f:9d:
         49:43:3d:42
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lb8+nsx8qoPQcpblkHAwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjU2ODcyOTE1NzU4YmM0MmE2MmQ0Yjg4YTlkM2JiNTJiMDE3MGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDQU/1LPDW4qkd6i6EDuDNM7U0st
p/G0hqFuchsVYu8568tV97FhS/gETIpV4Y6lwm1VvQEUHJgcFskFnWR+z3j8k3sT
PW0OVOe5JFL0y9yPksvETLSili5aHrd0YxqSRYg/J2nq3wI9OiiIppYJVcd9rMUO
gj22WNekmEqqXlhRWMKUy6e7E5o4P9IFsfAzjmgigDpaDI+AMITW+kJtf2nuyqJe
80M1aeOTVTqTs0uhAhwWlOPfgfNzZuaapUOsw7FNrESK5qoYqtPTDwgkNhzeIZAu
sG0xfKUiyfwrtTBCJolZS/DdtWaIX09vZ3CryVRFiQognbRuPJ+oHucs7wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOZWhykVdYvEKmLUuIqdO7UrAXDqMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvNWxhSEtSVjFpOFFxWXRTNGlwMDd0U3NCY09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBG
MA0GCSqGSIb3DQEBCwUAA4IBAQBuIiovO1zQZooFOMXTtiQk2wJq7MYI9kJUhQur
CBPjdIHTo2ETJ+iIERC6cxUptqXtkvb9gh71/7SGP2dazLw+VoTCYc+kbOr6eYpG
CAm8TD9rQ37CZ0jalQdnZor1PHKhcXNwm8rL8MDgcTQzhv14NDVuyPs9Z1LCXj4f
1LXYtKORp1D25rJU1RT/hkqEAVUPRRsnaQvuCUBBCeFxBJ0uUeWProF65NvPaP83
h8FsawtSxPEt/N2upIYPxIAbIVVMFkYFop6hvuGjL5/GOlHCq/S2UNQQXTHOM8k5
vu4iChcUKuev5OR7b05VSJq6s08l4YQC5oCinSQ4f51JQz1C
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:07 2024 by rpki-client on console-ams.rpki-client.org