Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/7srI46Je6HFBvOx2m-7M2ZxR3ls.roa
File:                     7srI46Je6HFBvOx2m-7M2ZxR3ls.roa (raw, json)
Hash identifier:          tm+/bGe3LiNly7rb8FHd8FglkAAmUJU8Hh7nHe5ApEE=
Subject key identifier:   EE:CA:C8:E3:A2:5E:E8:71:41:BC:EC:76:9B:EE:CC:D9:9C:51:DE:5B
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D81F0B7B49F312C926429A1533606C2A1
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/7srI46Je6HFBvOx2m-7M2ZxR3ls.roa
Signing time:             Wed 07 Feb 2024 05:00:52 +0000
ROA not before:           Wed 07 Feb 2024 05:00:52 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215885
IP address blocks:        2a0f:b241:57::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:81:f0:b7:b4:9f:31:2c:92:64:29:a1:53:36:06:c2:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  7 05:00:52 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=eecac8e3a25ee87141bcec769beeccd99c51de5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:b5:6a:f7:ba:73:23:70:f5:df:6e:98:78:17:
                    41:38:b4:e4:4c:e4:77:33:f8:bc:6c:d7:9a:6d:1a:
                    c1:ac:9b:16:02:40:12:20:bb:b3:d4:a6:1f:67:c7:
                    54:59:9a:de:51:c6:e6:12:47:35:b0:27:6a:e4:20:
                    37:2c:0e:59:b2:a6:f7:b4:12:12:b5:e4:aa:57:12:
                    28:4b:18:2f:4b:7e:2f:69:e1:8b:bb:36:56:49:00:
                    fd:7f:de:5c:4b:42:db:4a:60:63:73:4b:15:17:c6:
                    a0:d5:97:91:60:53:0f:fe:e1:1d:62:f1:0e:78:9f:
                    04:58:b0:dd:f8:25:6d:e5:14:a3:3f:f1:5d:da:92:
                    8c:a8:d9:51:34:35:97:5c:e6:07:8d:b1:81:3a:e6:
                    3a:73:bd:c3:d8:72:30:48:1e:b0:73:40:a8:5e:5f:
                    21:ca:31:20:bd:1a:c9:78:53:a6:c4:e2:5f:40:4c:
                    c1:48:6e:be:1a:33:85:f2:1a:0f:05:0d:ed:ab:9b:
                    9c:ce:1d:78:23:1d:76:96:3d:36:49:9b:95:ca:a7:
                    df:6a:cf:ce:f3:25:82:a7:a8:3a:18:56:aa:91:f4:
                    23:d3:19:8f:4e:f3:95:7d:6e:e8:7d:c7:05:42:fc:
                    94:f5:25:5d:2f:c9:79:b7:e7:7a:44:c1:4e:e0:26:
                    fe:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:CA:C8:E3:A2:5E:E8:71:41:BC:EC:76:9B:EE:CC:D9:9C:51:DE:5B
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/7srI46Je6HFBvOx2m-7M2ZxR3ls.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:57::/48

    Signature Algorithm: sha256WithRSAEncryption
         8a:ff:0c:f8:8e:0a:cf:89:f1:fd:03:92:98:57:cb:bb:ad:a8:
         c6:bf:1b:3b:77:34:ae:74:86:ab:eb:6d:c7:ce:8f:63:c2:10:
         87:8e:22:d5:aa:ee:3b:69:b3:7d:80:dd:16:71:3f:e5:9e:b3:
         f6:5a:b2:28:f3:eb:79:33:12:eb:c3:c7:81:9d:02:c0:fc:f9:
         cc:36:7b:b1:25:99:8c:33:2c:58:2d:e2:39:4b:32:dd:ab:ea:
         62:94:ac:1a:7b:cc:16:94:77:20:15:a0:13:46:c5:31:f4:99:
         28:ab:d6:c7:50:3b:07:05:a8:f5:7b:a7:d7:9e:a6:2a:12:ba:
         2a:ff:07:2c:da:4c:62:72:67:d4:4b:d0:04:92:59:bd:4e:7c:
         62:cf:44:87:87:84:e0:6b:76:14:97:5b:d8:bd:67:28:e8:c7:
         ab:66:a5:65:8c:ea:60:d8:11:82:2d:a7:35:b7:1f:a7:e7:82:
         77:ab:80:b3:b8:56:74:6e:91:ae:6c:0a:34:c3:e0:0e:04:9c:
         a0:e5:bf:20:be:3e:8c:78:2b:85:3b:81:4d:11:0e:71:e4:7a:
         6a:62:e9:3a:f4:85:74:02:ac:4c:a0:7a:71:06:fb:3b:4e:30:
         40:dd:67:24:af:bd:26:8f:ae:31:9c:1a:0b:2d:f0:13:06:3f:
         ce:57:4c:a6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8Le0nzEskmQpoVM2BsKhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWNhYzhlM2EyNWVlODcxNDFiY2VjNzY5YmVlY2NkOTljNTFkZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirVq97pzI3D1326YeBdBOLTkTOR3
M/i8bNeabRrBrJsWAkASILuz1KYfZ8dUWZreUcbmEkc1sCdq5CA3LA5Zsqb3tBIS
teSqVxIoSxgvS34vaeGLuzZWSQD9f95cS0LbSmBjc0sVF8ag1ZeRYFMP/uEdYvEO
eJ8EWLDd+CVt5RSjP/Fd2pKMqNlRNDWXXOYHjbGBOuY6c73D2HIwSB6wc0CoXl8h
yjEgvRrJeFOmxOJfQEzBSG6+GjOF8hoPBQ3tq5uczh14Ix12lj02SZuVyqffas/O
8yWCp6g6GFaqkfQj0xmPTvOVfW7ofccFQvyU9SVdL8l5t+d6RMFO4Cb+/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFO7KyOOiXuhxQbzsdpvuzNmcUd5bMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvN3NySTQ2SmU2SEZCdk94Mm0tN00yWnhSM2xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBX
MA0GCSqGSIb3DQEBCwUAA4IBAQCK/wz4jgrPifH9A5KYV8u7rajGvxs7dzSudIar
623Hzo9jwhCHjiLVqu47abN9gN0WcT/lnrP2WrIo8+t5MxLrw8eBnQLA/PnMNnux
JZmMMyxYLeI5SzLdq+pilKwae8wWlHcgFaATRsUx9Jkoq9bHUDsHBaj1e6fXnqYq
Eroq/wcs2kxicmfUS9AEklm9Tnxiz0SHh4Tga3YUl1vYvWco6MerZqVljOpg2BGC
Lac1tx+n54J3q4CzuFZ0bpGubAo0w+AOBJyg5b8gvj6MeCuFO4FNEQ5x5HpqYuk6
9IV0AqxMoHpxBvs7TjBA3Wckr70mj64xnBoLLfATBj/OV0ym
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:07 2024 by rpki-client on console-ams.rpki-client.org