Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/F4LfYr8L0MZcxEYroMCIJqdBBoI.roa
File:                     F4LfYr8L0MZcxEYroMCIJqdBBoI.roa (raw, json)
Hash identifier:          lUGSA6CJU//4NuB5XQhWv5ep8ABf3fv41bclItnXtEA=
Subject key identifier:   17:82:DF:62:BF:0B:D0:C6:5C:C4:46:2B:A0:C0:88:26:A7:41:06:82
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7F95BD7CCFD88760D67202B4BEF20716
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/F4LfYr8L0MZcxEYroMCIJqdBBoI.roa
Signing time:             Tue 06 Feb 2024 18:02:16 +0000
ROA not before:           Tue 06 Feb 2024 18:02:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209249
IP address blocks:        2a0f:b241:42::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:95:bd:7c:cf:d8:87:60:d6:72:02:b4:be:f2:07:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:02:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1782df62bf0bd0c65cc4462ba0c08826a7410682
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:11:ed:40:3a:8b:0f:e3:23:11:48:cd:bc:0f:
                    94:8c:0c:c9:0a:90:aa:d2:7c:bf:ef:cf:8d:93:1a:
                    16:61:d2:a8:1a:4e:e8:5b:5b:dc:7a:9e:c2:6c:d7:
                    3e:80:31:41:79:67:5d:25:d2:e8:d2:52:78:6c:b6:
                    b3:00:6f:b6:ff:df:a9:52:6e:08:fa:eb:07:c4:c5:
                    d0:39:f5:de:a9:a9:f6:8d:84:f1:a5:09:e9:54:ab:
                    64:0a:8e:d2:5f:f9:b6:5c:38:1c:d6:c0:a5:c0:4d:
                    0b:35:0a:30:f7:ed:5e:90:5c:92:9e:78:4a:a2:bb:
                    0b:d1:ac:ba:42:3f:04:23:71:91:3b:29:28:6a:34:
                    08:6e:7c:ab:4e:9a:5e:6e:00:f3:96:23:c3:de:ca:
                    78:00:ee:23:c1:46:a9:3e:2d:ca:4f:86:3c:2b:61:
                    6b:ee:8f:58:c5:43:47:81:2d:34:ce:88:34:9a:29:
                    5a:d4:c5:03:16:a6:1b:83:d8:c8:3a:b5:11:25:28:
                    16:a5:09:c5:fc:50:eb:8f:c4:c1:fb:9a:64:e1:04:
                    8c:9b:aa:0f:13:3d:e3:8f:74:9d:2b:68:a4:72:8b:
                    35:be:b6:79:ec:6c:57:64:5f:9d:e1:e6:63:dd:a5:
                    f0:b6:0c:8f:a5:7f:14:6a:2d:17:4c:28:bb:2c:f3:
                    e5:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:82:DF:62:BF:0B:D0:C6:5C:C4:46:2B:A0:C0:88:26:A7:41:06:82
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/F4LfYr8L0MZcxEYroMCIJqdBBoI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:42::/48

    Signature Algorithm: sha256WithRSAEncryption
         63:c0:d6:2b:b7:a2:2d:c0:7d:0b:46:ba:6c:60:3b:57:b7:53:
         b5:c7:4c:3c:58:3b:f3:78:5c:59:56:fd:7a:b5:3a:ac:c5:80:
         bd:f2:91:7e:f1:8c:5d:07:9f:a3:df:fa:da:cb:15:42:d7:e6:
         c8:ed:d9:39:6f:df:85:d1:6a:22:57:ef:5e:98:39:a0:cf:8c:
         d2:dd:74:d3:35:24:bb:4b:19:c0:03:63:8b:46:71:90:c6:76:
         59:fb:aa:e3:40:b5:08:16:73:b3:4d:c7:7b:f2:24:9e:a3:fb:
         f8:83:f3:86:8e:d2:39:b3:0f:d7:f7:92:ab:4f:f1:1c:6f:51:
         f8:b9:a0:6c:d4:14:d4:70:40:71:cb:27:0c:6a:1e:25:a4:1d:
         b2:47:5f:60:10:28:6e:4c:d6:db:77:f9:a6:5b:52:62:92:67:
         25:92:6e:6f:81:6b:f5:3c:03:03:e9:5a:8e:a0:4f:34:7b:bd:
         1f:d0:d2:87:91:81:85:75:c9:6e:25:27:7c:e5:c3:5f:2d:d8:
         f6:d0:0c:28:39:77:1b:47:58:c8:8c:8b:1c:64:36:b3:52:d8:
         20:11:37:e7:ec:85:17:98:92:da:a6:24:6d:e9:41:66:17:df:
         19:ac:4e:ab:70:05:9e:56:e1:8a:69:70:0a:24:17:e1:83:10:
         72:f1:c4:11
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lb18z9iHYNZyArS+8gcWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzgyZGY2MmJmMGJkMGM2NWNjNDQ2MmJhMGMwODgyNmE3NDEwNjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBHtQDqLD+MjEUjNvA+UjAzJCpCq
0ny/78+NkxoWYdKoGk7oW1vcep7CbNc+gDFBeWddJdLo0lJ4bLazAG+2/9+pUm4I
+usHxMXQOfXeqan2jYTxpQnpVKtkCo7SX/m2XDgc1sClwE0LNQow9+1ekFySnnhK
orsL0ay6Qj8EI3GROykoajQIbnyrTppebgDzliPD3sp4AO4jwUapPi3KT4Y8K2Fr
7o9YxUNHgS00zog0mila1MUDFqYbg9jIOrURJSgWpQnF/FDrj8TB+5pk4QSMm6oP
Ez3jj3SdK2ikcos1vrZ57GxXZF+d4eZj3aXwtgyPpX8Uai0XTCi7LPPlRQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBeC32K/C9DGXMRGK6DAiCanQQaCMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvRjRMZllyOEwwTVpjeEVZcm9NQ0lKcWRCQm9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBC
MA0GCSqGSIb3DQEBCwUAA4IBAQBjwNYrt6ItwH0LRrpsYDtXt1O1x0w8WDvzeFxZ
Vv16tTqsxYC98pF+8YxdB5+j3/rayxVC1+bI7dk5b9+F0WoiV+9emDmgz4zS3XTT
NSS7SxnAA2OLRnGQxnZZ+6rjQLUIFnOzTcd78iSeo/v4g/OGjtI5sw/X95KrT/Ec
b1H4uaBs1BTUcEBxyycMah4lpB2yR19gEChuTNbbd/mmW1Jikmclkm5vgWv1PAMD
6VqOoE80e70f0NKHkYGFdcluJSd85cNfLdj20AwoOXcbR1jIjIscZDazUtggETfn
7IUXmJLapiRt6UFmF98ZrE6rcAWeVuGKaXAKJBfhgxBy8cQR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:08 2024 by rpki-client on console-ams.rpki-client.org