Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/CtOEk24YOkSrV0O0P7lRgngkIRs.roa
File:                     CtOEk24YOkSrV0O0P7lRgngkIRs.roa (raw, json)
Hash identifier:          Y2zhm2+PYb1m+C64l0d1l+bY0IF+xJBBWGr2Fq3beXU=
Subject key identifier:   0A:D3:84:93:6E:18:3A:44:AB:57:43:B4:3F:B9:51:82:78:24:21:1B
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FB79E83CE816DD2EB6A084E2DCD5695
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/CtOEk24YOkSrV0O0P7lRgngkIRs.roa
Signing time:             Tue 06 Feb 2024 18:39:16 +0000
ROA not before:           Tue 06 Feb 2024 18:39:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209091
IP address blocks:        2a0f:b241:13e::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:b7:9e:83:ce:81:6d:d2:eb:6a:08:4e:2d:cd:56:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:39:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0ad384936e183a44ab5743b43fb951827824211b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:95:1a:f6:db:32:bb:d2:c6:d0:1e:ba:e7:5f:
                    ec:b8:b6:6b:98:ed:db:b5:56:33:24:90:8b:5b:33:
                    1e:8c:94:d7:17:7d:1b:c1:c9:35:67:a8:df:6c:de:
                    6c:e6:9c:b2:1b:1c:20:c5:a6:c0:4e:21:91:fb:1b:
                    1f:53:a1:b7:ee:c5:c8:64:b5:a4:d0:f7:91:76:65:
                    d3:57:b1:cb:46:3a:5d:9b:2a:ca:7e:6f:3a:d9:c2:
                    30:2a:ff:c3:fb:81:20:25:0a:4a:f8:93:c7:5e:a8:
                    84:85:72:82:d2:54:72:73:5a:fc:cf:ef:23:fa:8e:
                    d6:3f:58:0c:6a:bc:c4:25:d1:48:7d:2a:f2:5e:f9:
                    e3:bf:6f:55:30:fb:2a:2a:b5:c6:ca:6f:f7:6a:9e:
                    67:42:25:00:21:e4:b6:10:09:8e:ca:b5:46:10:60:
                    b7:1f:c5:51:d1:1c:f5:e1:7e:6e:9a:66:80:d3:63:
                    e9:02:26:60:88:ea:22:a3:28:9f:0d:7a:52:15:f4:
                    40:78:83:85:6a:7d:fb:da:13:cb:a2:df:ba:68:2e:
                    2a:04:54:cc:81:f4:9c:52:e5:a6:d6:cd:cd:d0:50:
                    ed:2d:f5:6e:02:36:d6:ef:9d:cf:e0:17:55:d2:6a:
                    22:15:a7:8f:6f:e1:2f:6e:a9:7c:14:64:3a:d6:5c:
                    db:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:D3:84:93:6E:18:3A:44:AB:57:43:B4:3F:B9:51:82:78:24:21:1B
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/CtOEk24YOkSrV0O0P7lRgngkIRs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:13e::/48

    Signature Algorithm: sha256WithRSAEncryption
         54:55:c6:d4:52:c0:78:1a:01:6c:70:6b:8c:22:99:ea:d9:8c:
         23:41:3a:d6:8a:ad:0c:20:a5:a6:55:9c:04:42:c0:2e:87:8b:
         23:07:0b:23:24:09:55:12:d4:fd:71:82:b1:b5:bc:08:52:83:
         84:09:6d:de:6d:8d:e7:2e:07:02:a7:7c:b1:6e:92:d9:6d:34:
         5c:c3:fa:d0:cf:65:c2:58:53:2d:35:82:0a:db:cd:c9:4c:e3:
         bf:92:fb:66:db:e3:60:79:22:0a:9f:aa:a6:0d:07:01:3e:27:
         1a:20:1e:60:01:3d:f8:17:66:6e:20:80:5e:b6:0e:7f:04:35:
         b0:80:0d:1e:4c:25:1e:e9:14:66:f3:bf:96:ae:c7:7e:5e:f4:
         8c:46:12:8c:e8:95:3b:1c:99:ea:e4:09:97:16:66:2a:ed:53:
         51:2b:c4:a2:52:46:f9:38:ec:cf:a1:17:04:0a:51:27:ef:11:
         ba:9a:76:97:07:83:2b:6b:47:20:38:81:32:a3:ab:62:da:06:
         95:99:fe:6b:03:c6:22:a8:61:30:5c:0b:b0:ae:03:88:23:37:
         c7:9c:37:1e:9d:ff:07:f5:93:6e:24:b3:93:fb:40:4f:b1:cb:
         7c:4c:8d:13:dd:5a:51:9a:5f:d1:86:39:c5:a2:dd:6d:cd:88:
         cd:f5:7f:6f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/t56DzoFt0utqCE4tzVaVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWQzODQ5MzZlMTgzYTQ0YWI1NzQzYjQzZmI5NTE4Mjc4MjQyMTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpUa9tsyu9LG0B6651/suLZrmO3b
tVYzJJCLWzMejJTXF30bwck1Z6jfbN5s5pyyGxwgxabATiGR+xsfU6G37sXIZLWk
0PeRdmXTV7HLRjpdmyrKfm862cIwKv/D+4EgJQpK+JPHXqiEhXKC0lRyc1r8z+8j
+o7WP1gMarzEJdFIfSryXvnjv29VMPsqKrXGym/3ap5nQiUAIeS2EAmOyrVGEGC3
H8VR0Rz14X5ummaA02PpAiZgiOoioyifDXpSFfRAeIOFan372hPLot+6aC4qBFTM
gfScUuWm1s3N0FDtLfVuAjbW753P4BdV0moiFaePb+Evbql8FGQ61lzbMQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFArThJNuGDpEq1dDtD+5UYJ4JCEbMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvQ3RPRWsyNFlPa1NyVjBPMFA3bFJnbmdrSVJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQE+
MA0GCSqGSIb3DQEBCwUAA4IBAQBUVcbUUsB4GgFscGuMIpnq2YwjQTrWiq0MIKWm
VZwEQsAuh4sjBwsjJAlVEtT9cYKxtbwIUoOECW3ebY3nLgcCp3yxbpLZbTRcw/rQ
z2XCWFMtNYIK283JTOO/kvtm2+NgeSIKn6qmDQcBPicaIB5gAT34F2ZuIIBetg5/
BDWwgA0eTCUe6RRm87+Wrsd+XvSMRhKM6JU7HJnq5AmXFmYq7VNRK8SiUkb5OOzP
oRcEClEn7xG6mnaXB4Mra0cgOIEyo6ti2gaVmf5rA8YiqGEwXAuwrgOIIzfHnDce
nf8H9ZNuJLOT+0BPsct8TI0T3VpRml/RhjnFot1tzYjN9X9v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org