Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/G1cd4vvI7NUVqgmWxdOAFjjVf0o.roa
File:                     G1cd4vvI7NUVqgmWxdOAFjjVf0o.roa (raw, json)
Hash identifier:          sXqhYCrvdiISOgimqA0fiY8R1E777vE6oGidShx/Hos=
Subject key identifier:   1B:57:1D:E2:FB:C8:EC:D5:15:AA:09:96:C5:D3:80:16:38:D5:7F:4A
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D81F0939B9A1878CC910D1F3DC268715E
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/G1cd4vvI7NUVqgmWxdOAFjjVf0o.roa
Signing time:             Wed 07 Feb 2024 05:00:43 +0000
ROA not before:           Wed 07 Feb 2024 05:00:43 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     205987
IP address blocks:        2a0f:b241:ee::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:81:f0:93:9b:9a:18:78:cc:91:0d:1f:3d:c2:68:71:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  7 05:00:43 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1b571de2fbc8ecd515aa0996c5d3801638d57f4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:d2:02:ab:4b:f5:9c:04:d8:e3:ed:86:b5:b0:
                    ba:6e:4c:fa:36:9b:21:02:3b:8a:0f:21:3c:75:ce:
                    58:33:9b:43:34:cb:16:d5:38:41:c8:29:82:f1:9b:
                    20:c0:20:7c:8d:23:c8:d8:a3:3e:ef:7e:d9:d2:e0:
                    5d:c9:00:f2:59:56:1e:46:ad:8b:d5:68:3d:86:ed:
                    7f:4a:04:96:6f:9c:99:a4:5a:51:6e:86:9d:a1:89:
                    0f:59:1e:73:93:ac:20:ea:32:82:20:fa:fa:ed:18:
                    b6:47:8a:96:f6:9a:c7:42:a9:ce:13:31:c4:2b:7a:
                    27:ff:e8:2b:b3:1e:83:ef:fd:93:98:ac:96:31:24:
                    2c:39:65:04:9d:ee:e9:28:a0:51:8d:71:57:e3:47:
                    e6:0a:d3:d7:d4:62:95:94:ff:a9:98:c4:b1:2d:95:
                    32:73:80:df:d8:a3:38:df:fa:01:e2:2b:62:62:2b:
                    e7:b4:5b:dd:23:d3:f0:0d:af:fb:78:e1:a7:07:72:
                    2a:fa:52:16:5e:dc:bf:fe:65:00:34:28:ea:9f:4a:
                    a5:b2:60:1e:a9:1a:58:76:80:b6:a0:bf:36:a7:e9:
                    3c:d9:a3:7c:b8:e8:de:6e:9f:eb:2d:5c:10:d5:7e:
                    0b:8e:ec:26:74:8a:34:7a:43:9a:77:7a:fe:2b:19:
                    d9:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:57:1D:E2:FB:C8:EC:D5:15:AA:09:96:C5:D3:80:16:38:D5:7F:4A
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/G1cd4vvI7NUVqgmWxdOAFjjVf0o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:ee::/48

    Signature Algorithm: sha256WithRSAEncryption
         55:95:95:0c:d8:fc:01:05:bc:01:d7:48:33:e4:bd:51:ae:99:
         12:f1:d3:51:4b:02:1c:55:fb:41:b8:0d:5a:bb:b0:62:2e:e2:
         eb:96:b0:86:4e:e4:35:6a:7a:ee:84:e6:8b:4e:a5:af:72:5c:
         c0:56:e9:e2:21:dd:2d:eb:c4:d4:c7:67:13:4f:aa:a0:9b:ba:
         97:83:55:eb:73:7f:f0:59:21:0c:8a:61:4f:e5:ea:06:44:85:
         20:08:70:7b:3a:ce:25:bd:92:c7:a5:7f:02:4b:c7:e4:94:51:
         62:05:6b:6f:c5:ba:f5:f6:86:bc:2b:4a:98:58:cc:5f:42:26:
         40:86:e8:a0:68:38:f3:fb:0c:cc:fc:14:01:11:d9:16:bf:25:
         dd:78:67:d4:4a:40:05:a4:aa:bf:f3:18:c2:cb:8e:f9:03:58:
         d5:c5:d3:68:5e:3e:0a:f1:57:98:10:f3:71:a9:4a:ed:5e:08:
         72:dc:06:c8:60:04:85:e2:73:3b:c3:2c:0f:4e:6d:cd:1d:8d:
         53:34:41:85:60:ea:09:e2:04:b6:d4:79:51:89:b7:80:ce:e5:
         42:f7:12:11:d0:52:ea:8f:66:75:23:3e:7d:a4:bb:c0:61:0d:
         a6:a8:38:53:ce:ec:d1:7b:1d:6c:2b:a2:46:2f:23:93:8d:2d:
         67:da:d2:26
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8JObmhh4zJENHz3CaHFeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjU3MWRlMmZiYzhlY2Q1MTVhYTA5OTZjNWQzODAxNjM4ZDU3ZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9ICq0v1nATY4+2GtbC6bkz6Npsh
AjuKDyE8dc5YM5tDNMsW1ThByCmC8ZsgwCB8jSPI2KM+737Z0uBdyQDyWVYeRq2L
1Wg9hu1/SgSWb5yZpFpRboadoYkPWR5zk6wg6jKCIPr67Ri2R4qW9prHQqnOEzHE
K3on/+grsx6D7/2TmKyWMSQsOWUEne7pKKBRjXFX40fmCtPX1GKVlP+pmMSxLZUy
c4Df2KM43/oB4itiYivntFvdI9PwDa/7eOGnB3Iq+lIWXty//mUANCjqn0qlsmAe
qRpYdoC2oL82p+k82aN8uOjebp/rLVwQ1X4LjuwmdIo0ekOad3r+KxnZawIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBtXHeL7yOzVFaoJlsXTgBY41X9KMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvRzFjZDR2dkk3TlVWcWdtV3hkT0FGampWZjBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDu
MA0GCSqGSIb3DQEBCwUAA4IBAQBVlZUM2PwBBbwB10gz5L1RrpkS8dNRSwIcVftB
uA1au7BiLuLrlrCGTuQ1anruhOaLTqWvclzAVuniId0t68TUx2cTT6qgm7qXg1Xr
c3/wWSEMimFP5eoGRIUgCHB7Os4lvZLHpX8CS8fklFFiBWtvxbr19oa8K0qYWMxf
QiZAhuigaDjz+wzM/BQBEdkWvyXdeGfUSkAFpKq/8xjCy475A1jVxdNoXj4K8VeY
EPNxqUrtXghy3AbIYASF4nM7wywPTm3NHY1TNEGFYOoJ4gS21HlRibeAzuVC9xIR
0FLqj2Z1Iz59pLvAYQ2mqDhTzuzRex1sK6JGLyOTjS1n2tIm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org