Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/EFHYv4_LfqKpkDxvbF0FwYE2Jjw.roa
File:                     EFHYv4_LfqKpkDxvbF0FwYE2Jjw.roa (raw, json)
Hash identifier:          626N3EVcm0ABLHL8yGEvjeAxiPO2TqZ8V4bzu26MsyU=
Subject key identifier:   10:51:D8:BF:8F:CB:7E:A2:A9:90:3C:6F:6C:5D:05:C1:81:36:26:3C
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D81F08C46B2C1E42D8FB6DE3B13EAA388
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/EFHYv4_LfqKpkDxvbF0FwYE2Jjw.roa
Signing time:             Wed 07 Feb 2024 05:00:41 +0000
ROA not before:           Wed 07 Feb 2024 05:00:41 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203069
IP address blocks:        2a0f:b241:e4::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:81:f0:8c:46:b2:c1:e4:2d:8f:b6:de:3b:13:ea:a3:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  7 05:00:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1051d8bf8fcb7ea2a9903c6f6c5d05c18136263c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:13:60:c7:cb:b6:42:b2:f8:80:10:0f:6a:3f:
                    94:df:f8:9e:1e:8a:03:4c:42:50:fb:f1:6d:5e:7d:
                    e6:3c:d0:b8:06:f6:3f:f3:44:a8:63:f6:57:71:7b:
                    6b:9a:91:5a:a9:d5:a0:26:35:bd:d8:8c:04:3c:cb:
                    50:c2:fa:d6:d4:8f:75:9d:51:96:4c:98:55:36:54:
                    27:d7:a7:bb:b6:bc:ca:4b:ef:5a:cd:dd:63:d1:32:
                    0b:bd:78:b2:b7:5c:74:d0:5c:a9:1e:9a:80:48:b1:
                    0d:32:b7:01:f9:9f:bc:d5:fb:13:d4:61:00:0e:9c:
                    f6:22:22:e0:65:96:d1:1c:9a:a5:a3:c3:4e:60:b7:
                    b4:b8:b8:09:dd:e3:29:eb:43:6e:f3:ba:84:81:79:
                    eb:30:34:1e:09:8e:48:75:72:3b:ad:77:a1:b7:03:
                    ed:ce:a5:78:fc:a8:86:f7:51:59:11:ca:77:51:36:
                    56:5e:3c:04:93:a8:7d:7b:5b:c1:ec:03:de:f8:97:
                    75:95:30:a9:e7:ab:6f:84:de:51:6b:16:24:c6:63:
                    b3:09:d5:df:41:19:08:55:8e:7e:6d:13:f8:d4:02:
                    7e:65:53:d1:da:ab:65:72:4e:87:92:43:c6:96:07:
                    3e:fb:10:31:d7:e7:b1:c6:52:c3:45:15:a0:15:dd:
                    cf:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:51:D8:BF:8F:CB:7E:A2:A9:90:3C:6F:6C:5D:05:C1:81:36:26:3C
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/EFHYv4_LfqKpkDxvbF0FwYE2Jjw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:e4::/48

    Signature Algorithm: sha256WithRSAEncryption
         12:7f:e8:f7:4f:27:dc:85:17:e6:de:d4:67:0a:e0:67:d1:57:
         03:30:74:e6:02:d3:43:a7:0d:0f:c6:e3:55:4e:3b:e5:74:b0:
         58:26:bf:d2:d0:dd:8b:d3:11:5c:4a:2f:8d:ab:ab:ca:2d:31:
         7f:54:52:7a:2d:b6:cd:81:ff:de:b9:42:01:7a:0e:37:ca:09:
         af:89:95:81:e7:13:df:0f:d1:8a:4c:9e:c3:08:d3:29:b4:17:
         eb:14:1a:70:67:ca:84:47:7c:2e:c1:37:4f:dd:1b:e2:fe:99:
         c7:ef:62:98:3e:0c:3d:0e:39:59:c0:1a:0a:83:a5:18:dd:f0:
         84:68:a8:3d:fc:88:7c:63:4d:36:7d:9f:fa:eb:06:7d:f2:93:
         0a:73:bb:c6:a6:f6:24:c9:90:d2:bf:c5:84:81:8d:eb:60:42:
         ad:d5:57:b2:b9:44:33:8c:ce:e4:86:19:ab:33:46:d0:82:77:
         77:20:40:ba:b7:65:62:bd:63:21:07:38:fe:d4:cc:09:aa:a9:
         0c:84:d9:a6:e3:7e:b7:ae:98:b9:88:96:4d:04:2c:2c:fb:56:
         01:be:7c:ef:7e:26:15:28:2e:23:23:3e:f8:09:1f:c7:64:78:
         2a:11:55:20:dc:4c:2b:f1:a7:97:8b:6c:13:b4:62:3f:29:06:
         e6:16:0d:da
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8IxGssHkLY+23jsT6qOIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDUxZDhiZjhmY2I3ZWEyYTk5MDNjNmY2YzVkMDVjMTgxMzYyNjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBNgx8u2QrL4gBAPaj+U3/ieHooD
TEJQ+/FtXn3mPNC4BvY/80SoY/ZXcXtrmpFaqdWgJjW92IwEPMtQwvrW1I91nVGW
TJhVNlQn16e7trzKS+9azd1j0TILvXiyt1x00FypHpqASLENMrcB+Z+81fsT1GEA
Dpz2IiLgZZbRHJqlo8NOYLe0uLgJ3eMp60Nu87qEgXnrMDQeCY5IdXI7rXehtwPt
zqV4/KiG91FZEcp3UTZWXjwEk6h9e1vB7APe+Jd1lTCp56tvhN5RaxYkxmOzCdXf
QRkIVY5+bRP41AJ+ZVPR2qtlck6HkkPGlgc++xAx1+exxlLDRRWgFd3PxQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBBR2L+Py36iqZA8b2xdBcGBNiY8MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvRUZIWXY0X0xmcUtwa0R4dmJGMEZ3WUUySmp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDk
MA0GCSqGSIb3DQEBCwUAA4IBAQASf+j3TyfchRfm3tRnCuBn0VcDMHTmAtNDpw0P
xuNVTjvldLBYJr/S0N2L0xFcSi+Nq6vKLTF/VFJ6LbbNgf/euUIBeg43ygmviZWB
5xPfD9GKTJ7DCNMptBfrFBpwZ8qER3wuwTdP3Rvi/pnH72KYPgw9DjlZwBoKg6UY
3fCEaKg9/Ih8Y002fZ/66wZ98pMKc7vGpvYkyZDSv8WEgY3rYEKt1VeyuUQzjM7k
hhmrM0bQgnd3IEC6t2VivWMhBzj+1MwJqqkMhNmm4363rpi5iJZNBCws+1YBvnzv
fiYVKC4jIz74CR/HZHgqEVUg3Ewr8aeXi2wTtGI/KQbmFg3a
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:08 2024 by rpki-client on console-ams.rpki-client.org