Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/9ZZtcJdAQaJfgyojEsqYR0TkrNE.roa
File:                     9ZZtcJdAQaJfgyojEsqYR0TkrNE.roa (raw, json)
Hash identifier:          8AhNv5Fff27Q1Edw8dB12Dp8Ucd60f7BDn2upPY9Wbc=
Subject key identifier:   F5:96:6D:70:97:40:41:A2:5F:83:2A:23:12:CA:98:47:44:E4:AC:D1
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FB6B52CDED4B642D25B2B2F981EA855
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/9ZZtcJdAQaJfgyojEsqYR0TkrNE.roa
Signing time:             Tue 06 Feb 2024 18:38:16 +0000
ROA not before:           Tue 06 Feb 2024 18:38:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     199950
IP address blocks:        2a0f:b241:130::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:b6:b5:2c:de:d4:b6:42:d2:5b:2b:2f:98:1e:a8:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:38:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f5966d70974041a25f832a2312ca984744e4acd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:5b:db:a9:9d:da:ab:34:c6:cb:78:5d:0f:49:
                    fb:6e:42:f0:2e:6a:cb:f2:fc:05:2d:ef:19:e0:15:
                    f5:6a:c6:6e:30:59:0b:6c:ac:66:9f:a7:a6:86:0e:
                    21:53:67:63:d6:6f:66:98:50:1f:80:21:a5:1f:19:
                    08:41:24:43:a2:26:e6:0b:ac:cc:42:a4:36:24:c3:
                    4e:73:67:c2:9e:5e:21:fe:11:28:d7:2f:5d:21:47:
                    0b:06:de:81:7c:31:d7:88:16:60:09:16:b2:cf:9a:
                    9f:fe:14:98:ac:de:a2:7d:36:7a:9e:39:05:d3:74:
                    78:00:43:d8:8f:8b:fd:31:ab:ab:74:6e:38:f4:03:
                    47:62:af:9c:19:a5:99:1d:b5:07:f7:44:13:2a:bc:
                    37:53:4b:29:8a:84:41:a1:94:db:29:c3:56:f9:31:
                    51:22:90:e9:92:78:cb:76:11:44:6f:c8:4d:f0:c8:
                    3c:6c:b2:39:39:f2:b3:46:68:49:48:e8:9f:f1:38:
                    df:a7:24:64:c8:16:aa:25:8f:d0:48:64:b1:09:88:
                    6f:cb:a9:0a:b0:50:2f:4d:7c:32:34:54:c3:83:40:
                    6e:c8:86:41:67:b2:f6:49:b7:0d:36:e6:95:0d:af:
                    fb:77:85:93:f3:0e:e1:74:94:f4:ea:30:27:06:5c:
                    a4:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:96:6D:70:97:40:41:A2:5F:83:2A:23:12:CA:98:47:44:E4:AC:D1
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/9ZZtcJdAQaJfgyojEsqYR0TkrNE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:130::/48

    Signature Algorithm: sha256WithRSAEncryption
         28:63:8e:bb:d6:d5:d8:58:75:a5:a2:88:e3:77:fc:90:76:86:
         6e:bc:e7:a2:ea:0a:13:cd:4e:28:4d:61:40:1e:10:00:b1:b8:
         82:72:36:f7:72:b5:aa:cb:53:19:35:5a:f1:cc:5b:9a:bd:ed:
         99:c5:66:a6:d0:5a:08:d6:a8:42:12:f1:8c:f3:cc:8f:59:c9:
         4f:dd:dc:47:4e:c3:2e:78:27:87:dc:46:2f:f2:08:97:5b:6e:
         a1:3c:83:49:1c:8b:7f:b6:f0:49:e1:5c:a6:29:53:3b:62:40:
         a9:c3:66:ea:3a:d2:a5:f7:a7:b1:3e:ae:d4:89:b7:3d:21:d6:
         43:0d:ce:d7:a2:6c:96:85:a9:da:4b:a0:a7:ff:8e:4d:56:ce:
         84:6f:2d:d4:5e:d7:0a:b0:fc:c5:aa:a5:d3:52:3a:7d:2a:0f:
         0b:d8:8d:74:4b:dd:ac:c5:ab:99:21:ec:bc:f4:a9:1a:0d:5a:
         2a:d9:60:fe:34:df:c2:ac:4a:df:31:be:69:76:10:8e:cf:ec:
         d7:f4:c1:38:1b:17:d0:6f:2c:04:63:74:e2:cc:21:38:f1:5b:
         4b:a5:1b:c3:21:37:fb:48:89:4b:b2:58:15:14:e3:00:41:4d:
         f3:80:14:90:d1:4c:2c:92:05:82:74:cb:53:09:67:8d:ff:ad:
         51:89:43:92
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/trUs3tS2QtJbKy+YHqhVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTk2NmQ3MDk3NDA0MWEyNWY4MzJhMjMxMmNhOTg0NzQ0ZTRhY2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllvbqZ3aqzTGy3hdD0n7bkLwLmrL
8vwFLe8Z4BX1asZuMFkLbKxmn6emhg4hU2dj1m9mmFAfgCGlHxkIQSRDoibmC6zM
QqQ2JMNOc2fCnl4h/hEo1y9dIUcLBt6BfDHXiBZgCRayz5qf/hSYrN6ifTZ6njkF
03R4AEPYj4v9MaurdG449ANHYq+cGaWZHbUH90QTKrw3U0spioRBoZTbKcNW+TFR
IpDpknjLdhFEb8hN8Mg8bLI5OfKzRmhJSOif8TjfpyRkyBaqJY/QSGSxCYhvy6kK
sFAvTXwyNFTDg0BuyIZBZ7L2SbcNNuaVDa/7d4WT8w7hdJT06jAnBlykewIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPWWbXCXQEGiX4MqIxLKmEdE5KzRMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvOVpadGNKZEFRYUpmZ3lvakVzcVlSMFRrck5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEw
MA0GCSqGSIb3DQEBCwUAA4IBAQAoY4671tXYWHWloojjd/yQdoZuvOei6goTzU4o
TWFAHhAAsbiCcjb3crWqy1MZNVrxzFuave2ZxWam0FoI1qhCEvGM88yPWclP3dxH
TsMueCeH3EYv8giXW26hPINJHIt/tvBJ4VymKVM7YkCpw2bqOtKl96exPq7Uibc9
IdZDDc7XomyWhanaS6Cn/45NVs6Eby3UXtcKsPzFqqXTUjp9Kg8L2I10S92sxauZ
Iey89KkaDVoq2WD+NN/CrErfMb5pdhCOz+zX9ME4GxfQbywEY3TizCE48VtLpRvD
ITf7SIlLslgVFOMAQU3zgBSQ0UwskgWCdMtTCWeN/61RiUOS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:07 2024 by rpki-client on console-ams.rpki-client.org