Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/9DnO6I5uXPLVeBK2-GoqLGfmZ3s.roa
File:                     9DnO6I5uXPLVeBK2-GoqLGfmZ3s.roa (raw, json)
Hash identifier:          zqi4eQZZc6qB82+ixXhzrFwR3ZsYJGKAj4NIre1m+o8=
Subject key identifier:   F4:39:CE:E8:8E:6E:5C:F2:D5:78:12:B6:F8:6A:2A:2C:67:E6:67:7B
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FAD91F92D6CB7A3042E8DB9D33C5089
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/9DnO6I5uXPLVeBK2-GoqLGfmZ3s.roa
Signing time:             Tue 06 Feb 2024 18:28:17 +0000
ROA not before:           Tue 06 Feb 2024 18:28:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216124
IP address blocks:        2a0f:b241:10c::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:ad:91:f9:2d:6c:b7:a3:04:2e:8d:b9:d3:3c:50:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:28:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f439cee88e6e5cf2d57812b6f86a2a2c67e6677b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:eb:2d:cb:c2:a8:4d:23:3e:37:b3:7f:4b:30:
                    36:10:2d:d1:88:7d:c8:0b:d3:29:1d:9b:34:95:15:
                    9e:7b:9a:c7:13:3f:ac:84:48:48:9e:fc:a0:f4:13:
                    a7:3d:cc:e7:23:19:55:19:85:92:5b:1b:f0:ea:59:
                    c3:c4:6f:e7:93:8c:3c:1f:6d:2c:b8:4f:9b:c3:f2:
                    11:5e:83:08:44:b8:cc:b5:b8:5a:f6:26:4b:35:10:
                    50:af:c1:ca:4b:64:38:7d:b0:ee:eb:31:57:03:6d:
                    03:29:29:28:c6:6b:e7:d5:7f:a2:4a:d8:7f:3e:89:
                    06:2c:a5:b6:76:a8:aa:49:ad:77:7e:94:c7:00:4a:
                    2a:31:f3:05:0e:cf:2b:a8:ae:8a:fe:ed:9a:9f:73:
                    28:e0:83:59:b1:a6:67:6a:bd:de:19:60:77:30:f3:
                    d5:da:d5:55:b3:f3:48:77:18:0a:e8:41:9c:fe:60:
                    23:82:7f:90:67:d6:a1:4a:a0:d6:11:7c:fb:c0:c2:
                    81:1d:19:04:35:ca:92:de:0c:98:af:ee:a8:19:1e:
                    95:84:8a:25:97:53:fd:1c:1f:cf:9e:00:0a:85:ab:
                    34:82:93:3e:52:91:55:49:2d:e1:68:01:79:71:62:
                    2e:51:da:68:6b:05:1e:16:45:c4:91:85:b4:67:61:
                    62:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:39:CE:E8:8E:6E:5C:F2:D5:78:12:B6:F8:6A:2A:2C:67:E6:67:7B
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/9DnO6I5uXPLVeBK2-GoqLGfmZ3s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:10c::/48

    Signature Algorithm: sha256WithRSAEncryption
         7f:c3:04:60:04:21:ce:b3:b8:61:0f:7a:aa:5f:35:7d:7d:86:
         7d:a5:9c:90:43:8d:51:6b:9e:02:88:0a:da:d9:bb:d5:c0:43:
         f8:ad:ea:c8:d3:e0:e9:92:f6:d8:e9:cc:2d:f7:d1:20:9c:38:
         23:93:d9:f6:b5:d3:c0:43:ec:4d:ef:a2:41:1c:4a:79:9f:2e:
         0d:81:bb:c4:f1:1a:a4:f4:91:3e:a0:03:26:43:f6:44:ad:92:
         5b:4c:a8:37:bb:5b:91:83:83:c2:51:40:93:64:a8:f6:1f:b4:
         be:aa:92:e4:9c:1a:29:ca:4b:52:7c:77:6f:5e:30:20:5b:ce:
         04:5b:ef:32:5f:eb:c0:4f:bf:a7:33:d8:87:06:c9:97:0d:82:
         1c:c1:3e:f4:ce:01:01:4a:cf:39:e2:b2:10:c4:5d:9d:89:bc:
         99:dc:bb:e1:dc:b1:87:5a:c4:af:2b:4b:57:25:72:8b:ed:38:
         88:9b:9e:ea:d0:be:15:cc:0d:2c:99:a2:4e:36:1d:f7:b4:64:
         23:e1:27:cd:c6:79:2d:41:ad:a1:d3:27:b5:92:be:b6:6f:dd:
         56:43:2f:2c:79:cd:15:fe:1d:6d:d9:c5:cd:ab:46:80:6f:3a:
         f6:28:b6:5f:44:6b:00:a1:5b:a4:4b:23:be:c4:17:5c:d7:91:
         2b:d8:ad:12
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/rZH5LWy3owQujbnTPFCJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDM5Y2VlODhlNmU1Y2YyZDU3ODEyYjZmODZhMmEyYzY3ZTY2NzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOsty8KoTSM+N7N/SzA2EC3RiH3I
C9MpHZs0lRWee5rHEz+shEhInvyg9BOnPcznIxlVGYWSWxvw6lnDxG/nk4w8H20s
uE+bw/IRXoMIRLjMtbha9iZLNRBQr8HKS2Q4fbDu6zFXA20DKSkoxmvn1X+iSth/
PokGLKW2dqiqSa13fpTHAEoqMfMFDs8rqK6K/u2an3Mo4INZsaZnar3eGWB3MPPV
2tVVs/NIdxgK6EGc/mAjgn+QZ9ahSqDWEXz7wMKBHRkENcqS3gyYr+6oGR6VhIol
l1P9HB/PngAKhas0gpM+UpFVSS3haAF5cWIuUdpoawUeFkXEkYW0Z2FijwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPQ5zuiOblzy1XgStvhqKixn5md7MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvOURuTzZJNXVYUExWZUJLMi1Hb3FMR2ZtWjNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEM
MA0GCSqGSIb3DQEBCwUAA4IBAQB/wwRgBCHOs7hhD3qqXzV9fYZ9pZyQQ41Ra54C
iAra2bvVwEP4rerI0+DpkvbY6cwt99EgnDgjk9n2tdPAQ+xN76JBHEp5ny4NgbvE
8Rqk9JE+oAMmQ/ZErZJbTKg3u1uRg4PCUUCTZKj2H7S+qpLknBopyktSfHdvXjAg
W84EW+8yX+vAT7+nM9iHBsmXDYIcwT70zgEBSs854rIQxF2dibyZ3Lvh3LGHWsSv
K0tXJXKL7TiIm57q0L4VzA0smaJONh33tGQj4SfNxnktQa2h0ye1kr62b91WQy8s
ec0V/h1t2cXNq0aAbzr2KLZfRGsAoVukSyO+xBdc15Er2K0S
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:07 2024 by rpki-client on console-ams.rpki-client.org