Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/LcVZYPcwMZTupNVQuWE_ic--elA.roa
File:                     LcVZYPcwMZTupNVQuWE_ic--elA.roa (raw, json)
Hash identifier:          NE2nX1Ep+a9us3ojpCRcSh7vlpw8wK+CACmoXHlFXDI=
Subject key identifier:   2D:C5:59:60:F7:30:31:94:EE:A4:D5:50:B9:61:3F:89:CF:BE:7A:50
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FA72A4CDF95B9CD64E7FBDD79EE4283
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/LcVZYPcwMZTupNVQuWE_ic--elA.roa
Signing time:             Tue 06 Feb 2024 18:21:18 +0000
ROA not before:           Tue 06 Feb 2024 18:21:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     199514
IP address blocks:        2a0f:b241:84::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:a7:2a:4c:df:95:b9:cd:64:e7:fb:dd:79:ee:42:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:21:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2dc55960f7303194eea4d550b9613f89cfbe7a50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:fa:a8:0e:b5:66:9a:35:02:4b:0b:71:aa:53:
                    de:99:75:2e:07:a5:95:83:3d:b6:4e:d7:49:e2:a9:
                    a0:0a:ed:61:70:e7:89:ee:27:51:0b:d6:bd:8d:16:
                    2c:e2:97:c6:a4:ae:07:52:55:36:01:74:6b:e6:92:
                    6e:ec:fa:ad:13:3f:cf:af:58:14:3a:27:85:c4:91:
                    62:c6:e9:21:96:51:f3:9c:47:b0:16:de:bf:aa:49:
                    0d:18:b7:b2:a2:69:06:20:ba:aa:48:d4:80:c1:9b:
                    2c:1b:9e:e4:f3:7e:68:56:e7:62:17:c0:53:a3:06:
                    ee:46:20:eb:99:4a:2c:3d:ff:85:1a:1d:c6:28:7f:
                    12:29:b9:2c:dd:f9:0f:6e:b3:97:05:c5:20:f7:c1:
                    6a:a6:0f:cd:8a:e7:de:cb:cc:68:46:38:70:82:6c:
                    e7:74:ef:56:17:c3:0e:a4:08:c5:5e:ba:2a:a1:b4:
                    bb:9f:19:02:60:90:1f:62:5e:d2:31:91:f2:bd:4e:
                    80:d1:29:80:78:f9:c0:67:cf:60:0d:7c:6d:99:e4:
                    c6:a6:1e:29:8a:d8:55:53:bb:d5:15:d3:1a:ba:fa:
                    95:14:ed:e4:4b:32:7e:20:af:97:f4:ee:a6:01:22:
                    e3:f3:00:01:1b:5d:38:79:d7:3e:f8:f2:cf:d9:90:
                    ea:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:C5:59:60:F7:30:31:94:EE:A4:D5:50:B9:61:3F:89:CF:BE:7A:50
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/LcVZYPcwMZTupNVQuWE_ic--elA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:84::/48

    Signature Algorithm: sha256WithRSAEncryption
         81:9e:4b:97:2e:70:2c:0b:b6:66:7b:4c:74:22:f8:c8:28:c9:
         78:98:bd:e1:90:03:bf:13:ab:9d:cb:24:e7:4d:ce:5b:67:02:
         48:8a:08:c4:92:ed:9b:ec:9f:de:64:da:89:a3:5a:72:b2:56:
         86:29:a8:1e:2f:fd:25:c0:3d:36:7d:5f:bb:e1:7c:b1:aa:bf:
         c6:35:f7:04:5f:0e:1b:4e:57:87:9f:1e:4f:45:4a:2d:e1:b1:
         70:7f:34:5f:0c:f3:27:71:3e:ba:d9:a4:6b:5e:83:0c:6f:5c:
         12:d1:29:20:72:4c:60:c4:3a:cd:e0:26:b1:dc:b4:5b:30:fd:
         9b:df:f8:16:7d:c8:1b:1b:f7:a7:ac:2c:06:22:7e:a1:3c:e2:
         c8:eb:45:b8:e3:1c:23:49:c3:de:dc:86:1f:54:6a:cb:96:15:
         70:27:3a:74:2a:c3:30:d4:d5:6c:28:87:12:4c:0a:88:c7:43:
         12:39:ea:c7:bc:12:c9:e2:ec:d0:3b:29:f7:d3:e0:b2:98:5e:
         a7:01:2d:66:66:ae:6e:a3:a3:9d:01:27:67:1d:0d:3e:6f:86:
         88:3c:a3:d1:91:8b:fb:af:17:d2:e0:a8:40:76:a5:11:86:04:
         9f:2a:5e:37:90:e1:27:65:1f:4f:32:a2:c3:df:e4:43:5f:02:
         d0:89:4a:3a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/pypM35W5zWTn+9157kKDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGM1NTk2MGY3MzAzMTk0ZWVhNGQ1NTBiOTYxM2Y4OWNmYmU3YTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PqoDrVmmjUCSwtxqlPemXUuB6WV
gz22TtdJ4qmgCu1hcOeJ7idRC9a9jRYs4pfGpK4HUlU2AXRr5pJu7PqtEz/Pr1gU
OieFxJFixukhllHznEewFt6/qkkNGLeyomkGILqqSNSAwZssG57k835oVudiF8BT
owbuRiDrmUosPf+FGh3GKH8SKbks3fkPbrOXBcUg98Fqpg/Niufey8xoRjhwgmzn
dO9WF8MOpAjFXroqobS7nxkCYJAfYl7SMZHyvU6A0SmAePnAZ89gDXxtmeTGph4p
ithVU7vVFdMauvqVFO3kSzJ+IK+X9O6mASLj8wABG104edc++PLP2ZDqYQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFC3FWWD3MDGU7qTVULlhP4nPvnpQMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvTGNWWllQY3dNWlR1cE5WUXVXRV9pYy0tZWxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQCE
MA0GCSqGSIb3DQEBCwUAA4IBAQCBnkuXLnAsC7Zme0x0IvjIKMl4mL3hkAO/E6ud
yyTnTc5bZwJIigjEku2b7J/eZNqJo1pyslaGKageL/0lwD02fV+74Xyxqr/GNfcE
Xw4bTleHnx5PRUot4bFwfzRfDPMncT662aRrXoMMb1wS0SkgckxgxDrN4Cax3LRb
MP2b3/gWfcgbG/enrCwGIn6hPOLI60W44xwjScPe3IYfVGrLlhVwJzp0KsMw1NVs
KIcSTAqIx0MSOerHvBLJ4uzQOyn30+CymF6nAS1mZq5uo6OdASdnHQ0+b4aIPKPR
kYv7rxfS4KhAdqURhgSfKl43kOEnZR9PMqLD3+RDXwLQiUo6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org