Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/AifsAIQv0aItAdWjScUmUm98Q_o.roa
File:                     AifsAIQv0aItAdWjScUmUm98Q_o.roa (raw, json)
Hash identifier:          aaiA1CceFUT9zKyL/mruO4eAOs+zCW7clRc2iyScg3I=
Subject key identifier:   02:27:EC:00:84:2F:D1:A2:2D:01:D5:A3:49:C5:26:52:6F:7C:43:FA
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D81F0962C6B4FB8C32A7D19F498074B6B
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/AifsAIQv0aItAdWjScUmUm98Q_o.roa
Signing time:             Wed 07 Feb 2024 05:00:44 +0000
ROA not before:           Wed 07 Feb 2024 05:00:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206919
IP address blocks:        2a0f:b241:f1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:81:f0:96:2c:6b:4f:b8:c3:2a:7d:19:f4:98:07:4b:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  7 05:00:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0227ec00842fd1a22d01d5a349c526526f7c43fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:7c:f2:ab:0e:42:63:94:c6:d4:c8:6a:17:b4:
                    3a:72:cb:5a:e1:53:96:0b:d3:b6:72:77:44:2d:26:
                    fc:36:6a:27:eb:f2:36:7c:f2:ab:65:84:d0:9e:86:
                    ab:33:72:35:16:fb:be:5b:58:a4:7c:f3:10:a3:c5:
                    25:37:b5:75:c0:bb:a4:b7:f6:a9:ba:39:fc:7e:b7:
                    f5:ed:fe:f7:ce:53:1e:45:c5:61:f9:f1:d2:84:cb:
                    1b:dc:cf:a9:90:cd:2e:6a:5b:d1:9e:54:44:20:f5:
                    82:8b:3f:d3:62:9d:62:2f:15:0e:13:e3:1b:5b:b0:
                    61:da:19:fe:b1:9f:2c:30:16:0b:fb:de:8a:ea:cf:
                    61:4d:f4:56:c3:ed:aa:90:43:e0:58:11:32:c4:90:
                    4b:52:d6:e4:b4:d7:73:2c:0c:84:a7:68:cf:2c:4c:
                    17:39:a4:3a:07:f9:c4:d6:c5:bc:b4:11:79:c6:96:
                    7b:85:34:1a:8f:55:a1:ce:c8:d2:15:39:2f:c1:82:
                    4f:79:f3:ae:0a:d0:b8:71:3d:07:54:65:30:04:1f:
                    4d:56:b3:40:4b:7a:22:23:bf:74:a8:07:d0:d1:bf:
                    6b:3d:56:0e:80:4b:5e:33:71:94:47:57:fa:1f:1a:
                    06:d9:60:5d:b9:70:96:e8:73:b5:4d:87:e0:c5:e6:
                    b3:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:27:EC:00:84:2F:D1:A2:2D:01:D5:A3:49:C5:26:52:6F:7C:43:FA
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/AifsAIQv0aItAdWjScUmUm98Q_o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:f1::/48

    Signature Algorithm: sha256WithRSAEncryption
         6a:b6:ea:0d:23:b6:7c:19:67:da:17:80:ff:a9:a5:6c:6e:d6:
         2e:a9:7d:ed:f2:7e:94:ab:2a:42:be:c0:72:46:ed:7c:72:d3:
         6a:57:1a:91:81:6f:91:53:fc:60:33:3e:cf:24:d6:bf:a9:05:
         33:a6:45:e4:78:a7:f8:4d:9d:d2:07:1a:1f:44:48:e7:ea:36:
         fb:ad:14:68:ce:e0:cd:9e:18:b4:8e:44:9a:83:79:bc:71:00:
         26:05:62:25:23:fb:dc:c5:0b:96:17:c3:0f:cc:87:65:b9:f7:
         12:b5:ae:02:b2:63:4f:e3:f2:eb:b4:2a:67:22:61:16:ba:5f:
         50:cd:d9:b0:22:7f:8f:7f:d6:bb:d2:71:62:b6:89:c6:ae:a7:
         52:15:85:f2:bf:38:05:85:ca:6f:6f:0b:9c:15:6c:84:0a:bf:
         f9:74:6b:c8:12:e5:bd:c1:f8:df:12:92:00:cf:32:bd:e7:19:
         2e:60:99:3d:ea:b3:d0:c9:10:7e:f5:80:38:63:4a:a8:b8:f0:
         99:80:0b:4f:78:59:83:55:9f:47:3e:41:95:80:d7:bf:0f:7f:
         85:8c:17:17:d9:42:70:68:f7:6e:75:1f:30:10:df:d1:e3:58:
         f5:27:2a:78:c4:9e:5d:ae:fc:18:97:45:b3:91:05:69:76:94:
         95:0e:00:51
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8JYsa0+4wyp9GfSYB0trMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjI3ZWMwMDg0MmZkMWEyMmQwMWQ1YTM0OWM1MjY1MjZmN2M0M2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXzyqw5CY5TG1MhqF7Q6csta4VOW
C9O2cndELSb8Nmon6/I2fPKrZYTQnoarM3I1Fvu+W1ikfPMQo8UlN7V1wLukt/ap
ujn8frf17f73zlMeRcVh+fHShMsb3M+pkM0ualvRnlREIPWCiz/TYp1iLxUOE+Mb
W7Bh2hn+sZ8sMBYL+96K6s9hTfRWw+2qkEPgWBEyxJBLUtbktNdzLAyEp2jPLEwX
OaQ6B/nE1sW8tBF5xpZ7hTQaj1WhzsjSFTkvwYJPefOuCtC4cT0HVGUwBB9NVrNA
S3oiI790qAfQ0b9rPVYOgEteM3GUR1f6HxoG2WBduXCW6HO1TYfgxeazDQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAIn7ACEL9GiLQHVo0nFJlJvfEP6MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvQWlmc0FJUXYwYUl0QWRXalNjVW1VbTk4UV9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDx
MA0GCSqGSIb3DQEBCwUAA4IBAQBqtuoNI7Z8GWfaF4D/qaVsbtYuqX3t8n6UqypC
vsByRu18ctNqVxqRgW+RU/xgMz7PJNa/qQUzpkXkeKf4TZ3SBxofREjn6jb7rRRo
zuDNnhi0jkSag3m8cQAmBWIlI/vcxQuWF8MPzIdlufcSta4CsmNP4/LrtCpnImEW
ul9QzdmwIn+Pf9a70nFitonGrqdSFYXyvzgFhcpvbwucFWyECr/5dGvIEuW9wfjf
EpIAzzK95xkuYJk96rPQyRB+9YA4Y0qouPCZgAtPeFmDVZ9HPkGVgNe/D3+FjBcX
2UJwaPdudR8wEN/R41j1Jyp4xJ5drvwYl0WzkQVpdpSVDgBR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:07 2024 by rpki-client on console-ams.rpki-client.org