Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/8veFQUKMpFzhiS25vpYefpC76UM.roa
File:                     8veFQUKMpFzhiS25vpYefpC76UM.roa (raw, json)
Hash identifier:          yeslfycrdF4SB2zUqorA5vZ3PfGB9K3xnhJQYAs8g5I=
Subject key identifier:   F2:F7:85:41:42:8C:A4:5C:E1:89:2D:B9:BE:96:1E:7E:90:BB:E9:43
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FA8F8AA429E6FEAEBA052F5179817CE
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/8veFQUKMpFzhiS25vpYefpC76UM.roa
Signing time:             Tue 06 Feb 2024 18:23:16 +0000
ROA not before:           Tue 06 Feb 2024 18:23:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200230
IP address blocks:        2a0f:b241:9e::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:a8:f8:aa:42:9e:6f:ea:eb:a0:52:f5:17:98:17:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:23:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f2f78541428ca45ce1892db9be961e7e90bbe943
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:87:81:76:c9:6c:8e:8c:83:3a:e6:86:fd:21:
                    22:ae:0d:07:fb:4f:d2:67:4c:b6:d3:00:c1:c3:80:
                    9a:88:cd:5d:80:ff:2e:85:ff:18:c9:20:03:c7:f5:
                    e7:74:7a:ef:00:bf:c1:55:ff:93:e4:a8:fd:6d:44:
                    30:00:9e:cf:49:ed:1a:2a:e4:ca:76:a7:b6:5f:19:
                    15:76:57:77:d9:61:16:e1:6d:ac:07:18:ff:a2:b4:
                    ec:9b:3c:49:07:e7:20:2c:e0:4f:eb:93:ec:34:35:
                    96:f0:0b:e8:7e:0b:2d:b3:50:8f:17:ab:e3:83:92:
                    ae:99:ab:d2:85:39:d7:89:8a:f6:5b:7d:ce:8f:f9:
                    2f:3b:e8:e3:cd:67:46:4e:29:bf:ca:98:d5:12:df:
                    2b:c4:53:9c:10:24:6a:dd:be:65:aa:1c:9c:fe:d0:
                    0d:1c:08:99:59:57:1e:9a:e9:57:be:aa:63:9b:9c:
                    1c:ed:14:7b:09:7d:9f:ba:df:cd:6b:47:51:4f:44:
                    98:d9:fe:18:33:ed:2a:24:3a:64:cb:fc:76:94:6a:
                    fe:86:99:47:36:09:1a:02:a8:66:f4:5a:de:40:84:
                    7c:ed:b8:f6:29:aa:0d:0a:7d:04:ae:60:93:45:bd:
                    3b:23:f1:d5:32:d6:8a:a6:8b:31:37:89:1f:2b:02:
                    0e:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:F7:85:41:42:8C:A4:5C:E1:89:2D:B9:BE:96:1E:7E:90:BB:E9:43
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/8veFQUKMpFzhiS25vpYefpC76UM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:9e::/48

    Signature Algorithm: sha256WithRSAEncryption
         33:bb:11:4a:cd:4c:a3:1b:cb:6c:9e:bf:d2:e0:8b:82:41:96:
         a9:f9:4b:5e:95:80:29:2f:38:97:a7:73:72:e6:85:57:92:37:
         00:d0:a9:e1:2d:27:70:d3:c3:28:14:df:9c:55:b2:38:e2:31:
         5c:03:b7:67:29:6d:52:3c:fc:2f:c3:75:6b:15:8e:6b:ad:04:
         98:11:bc:aa:74:7f:63:17:1b:6d:72:c5:e4:fd:a8:13:2a:4c:
         b4:56:b9:aa:b9:e9:2a:37:72:87:dd:c2:5e:3a:b2:ba:25:a5:
         52:86:b7:33:55:b0:17:ae:f2:39:48:5e:4c:93:95:63:60:49:
         0f:da:75:14:55:c7:3c:a0:b5:31:d7:81:29:ab:dd:d8:6b:74:
         8c:e0:46:ca:80:26:62:1d:0d:f5:86:62:3a:8c:a1:f0:44:2f:
         35:c0:d0:ff:fb:97:32:fe:15:15:b4:02:a5:a4:bb:6a:cd:c0:
         56:93:0f:69:d2:f0:e9:9e:c5:20:49:89:b2:13:8d:da:80:06:
         98:d4:53:e2:4c:ef:52:78:46:74:bb:cd:de:ea:92:e8:19:c6:
         43:fa:6e:e2:4a:a7:2c:e1:46:16:1a:e1:27:bf:19:03:18:12:
         45:89:a3:b5:2c:26:8e:94:5d:23:0a:1b:97:83:ab:f5:7b:09:
         2d:29:79:1f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qPiqQp5v6uugUvUXmBfOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmY3ODU0MTQyOGNhNDVjZTE4OTJkYjliZTk2MWU3ZTkwYmJlOTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4eBdslsjoyDOuaG/SEirg0H+0/S
Z0y20wDBw4CaiM1dgP8uhf8YySADx/XndHrvAL/BVf+T5Kj9bUQwAJ7PSe0aKuTK
dqe2XxkVdld32WEW4W2sBxj/orTsmzxJB+cgLOBP65PsNDWW8Avofgsts1CPF6vj
g5KumavShTnXiYr2W33Oj/kvO+jjzWdGTim/ypjVEt8rxFOcECRq3b5lqhyc/tAN
HAiZWVcemulXvqpjm5wc7RR7CX2fut/Na0dRT0SY2f4YM+0qJDpky/x2lGr+hplH
NgkaAqhm9FreQIR87bj2KaoNCn0ErmCTRb07I/HVMtaKposxN4kfKwIOwQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPL3hUFCjKRc4Yktub6WHn6Qu+lDMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvOHZlRlFVS01wRnpoaVMyNXZwWWVmcEM3NlVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQCe
MA0GCSqGSIb3DQEBCwUAA4IBAQAzuxFKzUyjG8tsnr/S4IuCQZap+UtelYApLziX
p3Ny5oVXkjcA0KnhLSdw08MoFN+cVbI44jFcA7dnKW1SPPwvw3VrFY5rrQSYEbyq
dH9jFxttcsXk/agTKky0VrmquekqN3KH3cJeOrK6JaVShrczVbAXrvI5SF5Mk5Vj
YEkP2nUUVcc8oLUx14Epq93Ya3SM4EbKgCZiHQ31hmI6jKHwRC81wND/+5cy/hUV
tAKlpLtqzcBWkw9p0vDpnsUgSYmyE43agAaY1FPiTO9SeEZ0u83e6pLoGcZD+m7i
Sqcs4UYWGuEnvxkDGBJFiaO1LCaOlF0jChuXg6v1ewktKXkf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org