Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/8u2aX6ZeyjEDXgxroErhjYQp7gY.roa
File:                     8u2aX6ZeyjEDXgxroErhjYQp7gY.roa (raw, json)
Hash identifier:          HJGG1o4WTBmNoy7GxkeivsMGs+rXhhmp0wVt5gK0vtc=
Subject key identifier:   F2:ED:9A:5F:A6:5E:CA:31:03:5E:0C:6B:A0:4A:E1:8D:84:29:EE:06
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D81F098B963175EE65B9E3D45DD2B7595
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/8u2aX6ZeyjEDXgxroErhjYQp7gY.roa
Signing time:             Wed 07 Feb 2024 05:00:45 +0000
ROA not before:           Wed 07 Feb 2024 05:00:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     207529
IP address blocks:        2a0f:b241:3d::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:81:f0:98:b9:63:17:5e:e6:5b:9e:3d:45:dd:2b:75:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  7 05:00:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f2ed9a5fa65eca31035e0c6ba04ae18d8429ee06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:a7:90:eb:c9:1a:7d:d4:b9:e3:84:d4:31:26:
                    ff:f4:72:27:ca:84:39:ba:36:9f:18:8e:8b:36:e2:
                    72:d3:fd:f5:c5:47:78:5e:7d:2c:ec:0c:12:4d:51:
                    9d:72:31:a0:77:6d:1e:a6:4e:60:02:3f:6b:75:7e:
                    2f:84:71:11:3a:34:be:50:19:6a:22:db:9b:5d:69:
                    bd:2c:43:ab:69:28:7f:e9:3e:8c:41:32:a1:37:0b:
                    d6:01:7c:44:0e:3b:ea:a0:58:e3:37:41:95:8c:fc:
                    6a:f1:56:fe:d2:3d:31:0b:cd:b0:ff:6e:c0:f4:30:
                    56:9e:fe:d5:f8:4d:bf:4b:4c:37:70:bd:85:f8:cd:
                    f5:22:7b:c7:43:10:29:b3:89:18:87:a0:08:99:3c:
                    65:2b:3c:ce:6a:41:8d:73:f1:1c:44:e9:bb:2c:2a:
                    eb:c3:90:ec:26:e8:a7:62:f1:71:5c:f2:c4:b3:09:
                    a1:03:e1:1b:51:56:7a:7d:10:e9:09:f3:77:19:da:
                    65:c2:0c:bb:85:2e:8e:8d:2b:6c:6b:8c:4a:9f:2b:
                    f9:69:ec:6a:82:50:44:ed:ed:08:c1:f6:d5:36:4d:
                    b5:c9:e8:5c:44:93:1c:1c:0c:8a:49:f9:9b:7c:4b:
                    3e:be:14:89:af:78:12:14:76:0f:31:e3:c0:77:19:
                    87:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:ED:9A:5F:A6:5E:CA:31:03:5E:0C:6B:A0:4A:E1:8D:84:29:EE:06
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/8u2aX6ZeyjEDXgxroErhjYQp7gY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:3d::/48

    Signature Algorithm: sha256WithRSAEncryption
         6b:bd:0e:31:2e:95:e7:6c:74:68:61:39:f7:d5:f7:ad:4e:44:
         ed:c4:ab:85:b0:b2:62:b9:08:50:29:ea:e0:c8:32:6f:b9:d5:
         a8:bc:47:ed:bf:1b:5c:64:7f:93:72:e5:6f:f0:b7:66:57:ae:
         d0:3c:21:fe:bd:49:5c:87:5a:0c:86:b7:7e:cc:13:98:c4:bb:
         42:12:0d:51:12:7c:e4:d1:80:33:23:57:99:af:82:8b:a9:c8:
         d5:08:39:77:b8:94:2f:61:31:e6:e3:cf:33:09:58:58:72:e1:
         2b:10:8f:24:3a:5f:41:9b:34:34:24:4d:5e:a4:0f:0c:b7:dc:
         1b:5d:43:f0:3a:94:47:f2:33:5e:5c:77:dc:a1:94:19:52:e9:
         dd:ed:a0:b4:f2:8b:eb:cd:b0:15:c4:a9:4e:b0:c8:0a:74:2b:
         19:d8:9e:8f:6c:8f:77:79:4d:17:20:cd:58:72:46:f3:ee:29:
         93:a1:15:e5:ff:30:22:49:28:55:1f:29:8d:54:cd:ba:d4:5b:
         aa:4b:63:61:9d:f6:fa:df:42:2c:f0:5d:a6:5d:3c:f3:ad:b0:
         1b:e1:2e:d5:5b:2c:04:33:71:3b:36:5c:30:e4:a5:7b:1e:cf:
         11:13:bb:4f:1b:73:ba:88:1d:1b:56:3f:9f:ff:cc:c4:b9:b8:
         a1:f1:98:74
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8Ji5Yxde5luePUXdK3WVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmVkOWE1ZmE2NWVjYTMxMDM1ZTBjNmJhMDRhZTE4ZDg0MjllZTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0aeQ68kafdS544TUMSb/9HInyoQ5
ujafGI6LNuJy0/31xUd4Xn0s7AwSTVGdcjGgd20epk5gAj9rdX4vhHEROjS+UBlq
ItubXWm9LEOraSh/6T6MQTKhNwvWAXxEDjvqoFjjN0GVjPxq8Vb+0j0xC82w/27A
9DBWnv7V+E2/S0w3cL2F+M31InvHQxAps4kYh6AImTxlKzzOakGNc/EcROm7LCrr
w5DsJuinYvFxXPLEswmhA+EbUVZ6fRDpCfN3Gdplwgy7hS6OjStsa4xKnyv5aexq
glBE7e0IwfbVNk21yehcRJMcHAyKSfmbfEs+vhSJr3gSFHYPMePAdxmHhwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPLtml+mXsoxA14Ma6BK4Y2EKe4GMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvOHUyYVg2WmV5akVEWGd4cm9FcmhqWVFwN2dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQA9
MA0GCSqGSIb3DQEBCwUAA4IBAQBrvQ4xLpXnbHRoYTn31fetTkTtxKuFsLJiuQhQ
KergyDJvudWovEftvxtcZH+TcuVv8LdmV67QPCH+vUlch1oMhrd+zBOYxLtCEg1R
Enzk0YAzI1eZr4KLqcjVCDl3uJQvYTHm488zCVhYcuErEI8kOl9BmzQ0JE1epA8M
t9wbXUPwOpRH8jNeXHfcoZQZUund7aC08ovrzbAVxKlOsMgKdCsZ2J6PbI93eU0X
IM1Yckbz7imToRXl/zAiSShVHymNVM261FuqS2Nhnfb630Is8F2mXTzzrbAb4S7V
WywEM3E7Nlww5KV7Hs8RE7tPG3O6iB0bVj+f/8zEubih8Zh0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org