Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/CJVdvEZOUzb6P5lT5Zm9Ws-ZddA.roa
File:                     CJVdvEZOUzb6P5lT5Zm9Ws-ZddA.roa (raw, json)
Hash identifier:          6tigdcBHi2n/jY5hrrVrFtHowcTvAZM+NYoBCX++bd4=
Subject key identifier:   08:95:5D:BC:46:4E:53:36:FA:3F:99:53:E5:99:BD:5A:CF:99:75:D0
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FA8F8F7F786E5601E0C2ECB35E9C054
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/CJVdvEZOUzb6P5lT5Zm9Ws-ZddA.roa
Signing time:             Tue 06 Feb 2024 18:23:16 +0000
ROA not before:           Tue 06 Feb 2024 18:23:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200234
IP address blocks:        2a0f:b241:9f::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:a8:f8:f7:f7:86:e5:60:1e:0c:2e:cb:35:e9:c0:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:23:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=08955dbc464e5336fa3f9953e599bd5acf9975d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:f3:da:59:96:b0:93:7d:f8:57:ac:f5:8f:ca:
                    9e:1a:02:7d:9b:8b:e6:ef:58:0f:7d:8c:1d:b6:e7:
                    8d:04:ea:cc:6a:64:57:6e:a1:21:df:9a:32:ae:45:
                    73:f5:9a:22:24:81:b3:cc:0b:46:0f:8d:15:c9:3f:
                    71:c5:ab:2e:cc:94:14:31:40:70:17:52:63:1f:b8:
                    d8:f6:67:cc:7c:7a:b8:f8:55:4b:81:6c:5f:ba:a6:
                    40:a1:2d:74:b0:79:77:74:52:5f:c5:31:d5:54:89:
                    96:82:5b:ba:f7:a2:7e:15:f6:aa:00:33:37:06:63:
                    b9:70:d8:d7:7c:7c:ea:06:36:88:09:cf:01:ac:cf:
                    11:f0:c4:db:5f:6a:e6:65:41:75:e7:5b:3d:d3:b5:
                    f3:24:6d:03:44:86:47:ab:a3:da:d3:ae:50:0e:72:
                    d3:06:c1:29:14:0d:0d:6d:bd:92:54:fe:61:c4:7d:
                    09:18:68:6d:52:a2:43:91:a3:b1:4c:ed:4d:97:68:
                    b6:60:b2:84:2f:be:ef:96:3d:71:e3:54:37:89:e1:
                    f6:c4:bc:03:57:4a:15:a9:9c:64:aa:ed:11:83:9f:
                    6b:ea:52:a7:cc:ac:b8:80:ac:09:9a:77:12:e1:0a:
                    0e:55:1f:6c:71:53:cd:5e:1d:3a:24:2c:ce:da:98:
                    b7:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:95:5D:BC:46:4E:53:36:FA:3F:99:53:E5:99:BD:5A:CF:99:75:D0
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/CJVdvEZOUzb6P5lT5Zm9Ws-ZddA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:9f::/48

    Signature Algorithm: sha256WithRSAEncryption
         21:d1:c0:f0:b9:92:fe:c7:73:5a:19:75:a9:e2:6c:d4:8c:7a:
         a1:79:e1:db:5b:5a:9d:72:71:5a:bc:c0:e8:14:c9:93:a8:65:
         df:c6:17:15:f6:8a:ae:58:6b:e7:fd:18:cb:fd:69:1a:e7:0a:
         ef:b2:32:ff:88:11:96:71:1e:c2:12:22:60:79:94:7a:c1:d0:
         7a:fc:66:a7:85:e4:26:82:19:4a:ee:d1:4f:fd:84:1a:53:36:
         f0:18:44:c6:e1:dd:fe:82:7b:b0:27:39:a5:62:fb:b1:31:54:
         37:2b:0f:be:7d:f5:ec:ba:d4:54:b5:95:d7:16:e5:63:d8:a0:
         e0:b6:70:97:c3:e6:9e:47:06:43:1a:62:70:0c:da:f2:a4:4c:
         61:36:8c:0f:d6:92:db:ba:56:a4:66:8f:a5:03:ce:78:49:1b:
         33:7e:82:72:80:6f:e2:52:26:7f:57:50:47:bb:8c:53:9f:d6:
         d2:87:ea:6c:00:ea:6b:8c:82:04:70:76:d8:c1:c0:bb:e4:9f:
         94:65:19:a1:56:d6:2a:7e:34:65:3d:07:01:ea:df:d6:d1:a2:
         53:d2:34:fc:90:8c:43:ec:6b:2d:c6:f6:20:f6:be:92:1e:26:
         9e:8a:d3:b1:2d:96:f0:22:3f:41:9b:4c:e8:f9:0f:50:c9:17:
         b7:d1:0c:5c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qPj394blYB4MLss16cBUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODk1NWRiYzQ2NGU1MzM2ZmEzZjk5NTNlNTk5YmQ1YWNmOTk3NWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfPaWZawk334V6z1j8qeGgJ9m4vm
71gPfYwdtueNBOrMamRXbqEh35oyrkVz9ZoiJIGzzAtGD40VyT9xxasuzJQUMUBw
F1JjH7jY9mfMfHq4+FVLgWxfuqZAoS10sHl3dFJfxTHVVImWglu696J+FfaqADM3
BmO5cNjXfHzqBjaICc8BrM8R8MTbX2rmZUF151s907XzJG0DRIZHq6Pa065QDnLT
BsEpFA0Nbb2SVP5hxH0JGGhtUqJDkaOxTO1Nl2i2YLKEL77vlj1x41Q3ieH2xLwD
V0oVqZxkqu0Rg59r6lKnzKy4gKwJmncS4QoOVR9scVPNXh06JCzO2pi34wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAiVXbxGTlM2+j+ZU+WZvVrPmXXQMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvQ0pWZHZFWk9VemI2UDVsVDVabTlXcy1aZGRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQCf
MA0GCSqGSIb3DQEBCwUAA4IBAQAh0cDwuZL+x3NaGXWp4mzUjHqheeHbW1qdcnFa
vMDoFMmTqGXfxhcV9oquWGvn/RjL/Wka5wrvsjL/iBGWcR7CEiJgeZR6wdB6/Gan
heQmghlK7tFP/YQaUzbwGETG4d3+gnuwJzmlYvuxMVQ3Kw++ffXsutRUtZXXFuVj
2KDgtnCXw+aeRwZDGmJwDNrypExhNowP1pLbulakZo+lA854SRszfoJygG/iUiZ/
V1BHu4xTn9bSh+psAOprjIIEcHbYwcC75J+UZRmhVtYqfjRlPQcB6t/W0aJT0jT8
kIxD7GstxvYg9r6SHiaeitOxLZbwIj9Bm0zo+Q9QyRe30Qxc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org