Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/MXltxgx3nSjWF0dLIjdVU3X9UUw.roa
File:                     MXltxgx3nSjWF0dLIjdVU3X9UUw.roa (raw, json)
Hash identifier:          i1mULbJjtELtCWpIqAuVmGDedrO416eUNp05ecLPpSM=
Subject key identifier:   31:79:6D:C6:0C:77:9D:28:D6:17:47:4B:22:37:55:53:75:FD:51:4C
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D81F0BEEA05FAD1CD4B4C017C7FD8573E
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/MXltxgx3nSjWF0dLIjdVU3X9UUw.roa
Signing time:             Wed 07 Feb 2024 05:00:54 +0000
ROA not before:           Wed 07 Feb 2024 05:00:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216111
IP address blocks:        2a0f:b241:5d::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:81:f0:be:ea:05:fa:d1:cd:4b:4c:01:7c:7f:d8:57:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  7 05:00:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=31796dc60c779d28d617474b2237555375fd514c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:b6:d0:c4:81:cc:4b:11:d4:d5:a1:b7:cf:c4:
                    7c:48:d0:be:5b:59:3a:02:c9:18:48:57:3a:e2:25:
                    0f:6f:23:1a:2a:2b:c5:06:d8:49:1e:5f:1e:02:bc:
                    d7:d8:ff:a8:f4:df:07:8f:1a:af:5c:d7:d0:ee:5e:
                    51:1c:44:b8:92:22:03:6f:cb:b4:32:79:0e:c8:2e:
                    d1:63:3c:59:92:ca:5e:6d:6d:1a:b6:38:dc:9b:52:
                    54:b2:d3:62:d7:2f:f7:68:db:99:01:05:99:b7:e3:
                    ca:8e:8e:e1:82:20:1c:e5:ae:09:f1:0d:16:b2:04:
                    df:d1:4f:66:b7:71:1c:ee:9d:99:c8:5f:7f:a9:d1:
                    8a:ba:8e:26:bf:39:fc:f8:7f:eb:e8:a2:35:bb:6e:
                    da:a5:d3:4b:5c:a0:86:f4:f2:f2:31:d8:ac:53:38:
                    eb:20:6f:f5:24:a0:f8:34:18:9f:12:92:00:a8:27:
                    04:0f:1a:cb:55:ff:24:76:6e:be:2a:5a:a7:98:cc:
                    02:1a:49:fa:93:18:5d:c8:69:8b:d5:94:66:6a:7b:
                    3d:d5:f6:9f:49:98:dc:10:d5:e4:72:52:c0:77:ac:
                    7c:05:14:6d:d3:c2:b7:e3:a7:9a:1b:72:f2:b7:83:
                    f0:c2:29:f1:d6:b0:bf:9f:a3:ba:6f:38:be:e4:cf:
                    a4:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:79:6D:C6:0C:77:9D:28:D6:17:47:4B:22:37:55:53:75:FD:51:4C
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/MXltxgx3nSjWF0dLIjdVU3X9UUw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:5d::/48

    Signature Algorithm: sha256WithRSAEncryption
         5f:26:84:63:22:2d:11:ad:92:1b:42:8b:a8:2f:f4:79:1b:64:
         3e:3a:f1:fd:2e:34:04:a7:18:2b:74:98:b8:67:63:50:d8:0c:
         d2:32:27:07:a8:06:66:9f:21:11:25:86:7a:0d:f4:e4:cd:fb:
         83:fa:5a:3e:a7:06:fd:ca:77:f0:ff:80:a4:df:6f:8b:c5:4e:
         fc:d2:06:6d:8e:00:4e:02:60:33:d0:50:fb:b3:3e:59:17:b9:
         c3:f3:bd:86:bc:da:28:ae:87:2b:43:5f:46:1d:ef:05:db:19:
         ee:0d:9f:d3:cc:88:ee:f3:96:3e:f3:fb:36:8a:6d:dd:ca:77:
         11:9a:55:0c:03:07:9e:0a:5a:d2:75:08:14:88:ce:48:b5:d9:
         5e:66:8c:b2:4b:6a:49:53:c8:76:59:1f:12:9d:96:ac:21:85:
         b7:e9:45:64:eb:c2:d5:8f:14:9a:b5:36:c0:b2:de:2c:d5:e8:
         93:51:36:84:6f:d6:49:0b:aa:81:e8:61:62:60:47:60:8d:ff:
         20:b5:8e:b9:20:be:fa:5c:bc:52:1d:04:25:ae:97:b2:30:ea:
         7f:85:13:ea:48:21:e5:c9:1e:fd:42:e3:0e:8a:78:0e:53:8b:
         77:58:e1:02:fc:b4:51:e0:13:97:e2:ac:6d:69:87:c0:12:24:
         40:dd:8d:bd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8L7qBfrRzUtMAXx/2Fc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTc5NmRjNjBjNzc5ZDI4ZDYxNzQ3NGIyMjM3NTU1Mzc1ZmQ1MTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLbQxIHMSxHU1aG3z8R8SNC+W1k6
AskYSFc64iUPbyMaKivFBthJHl8eArzX2P+o9N8HjxqvXNfQ7l5RHES4kiIDb8u0
MnkOyC7RYzxZkspebW0atjjcm1JUstNi1y/3aNuZAQWZt+PKjo7hgiAc5a4J8Q0W
sgTf0U9mt3Ec7p2ZyF9/qdGKuo4mvzn8+H/r6KI1u27apdNLXKCG9PLyMdisUzjr
IG/1JKD4NBifEpIAqCcEDxrLVf8kdm6+KlqnmMwCGkn6kxhdyGmL1ZRmans91faf
SZjcENXkclLAd6x8BRRt08K346eaG3Lyt4Pwwinx1rC/n6O6bzi+5M+krwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDF5bcYMd50o1hdHSyI3VVN1/VFMMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvTVhsdHhneDNuU2pXRjBkTElqZFZVM1g5VVV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBd
MA0GCSqGSIb3DQEBCwUAA4IBAQBfJoRjIi0RrZIbQouoL/R5G2Q+OvH9LjQEpxgr
dJi4Z2NQ2AzSMicHqAZmnyERJYZ6DfTkzfuD+lo+pwb9ynfw/4Ck32+LxU780gZt
jgBOAmAz0FD7sz5ZF7nD872GvNoorocrQ19GHe8F2xnuDZ/TzIju85Y+8/s2im3d
yncRmlUMAweeClrSdQgUiM5ItdleZoyyS2pJU8h2WR8SnZasIYW36UVk68LVjxSa
tTbAst4s1eiTUTaEb9ZJC6qB6GFiYEdgjf8gtY65IL76XLxSHQQlrpeyMOp/hRPq
SCHlyR79QuMOingOU4t3WOEC/LRR4BOX4qxtaYfAEiRA3Y29
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:08 2024 by rpki-client on console-ams.rpki-client.org