Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/P1eP56N2PFA_oN8clIBFS31a_VI.roa
File:                     P1eP56N2PFA_oN8clIBFS31a_VI.roa (raw, json)
Hash identifier:          nEeNZyvwM4lNlFbrMhy2rW1mfqUH03YQn3LdgqzVVNM=
Subject key identifier:   3F:57:8F:E7:A3:76:3C:50:3F:A0:DF:1C:94:80:45:4B:7D:5A:FD:52
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FABB992507FFD9EE192853F198F32BC
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/P1eP56N2PFA_oN8clIBFS31a_VI.roa
Signing time:             Tue 06 Feb 2024 18:26:17 +0000
ROA not before:           Tue 06 Feb 2024 18:26:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     205663
IP address blocks:        2a0f:b241:ed::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:ab:b9:92:50:7f:fd:9e:e1:92:85:3f:19:8f:32:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:26:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3f578fe7a3763c503fa0df1c9480454b7d5afd52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b9:61:45:d9:8b:a2:9c:d4:6e:67:b6:b1:14:
                    dd:1f:85:46:d7:25:5c:da:21:25:80:96:61:4b:ac:
                    a7:de:93:b2:8e:6e:68:30:97:45:8b:dc:78:ae:3f:
                    b9:36:95:8f:fb:ed:79:3b:39:57:60:5e:69:dc:44:
                    c3:63:10:05:ae:14:c0:63:3e:07:9c:ea:80:14:88:
                    8e:88:f9:09:2d:d2:04:75:63:dc:0c:99:cb:06:91:
                    15:43:db:92:f8:75:10:bf:8c:b0:af:4f:31:55:9e:
                    b7:5f:1f:8b:34:37:e4:d2:9a:00:9f:e5:53:a9:fe:
                    a1:d2:96:6e:32:8c:b9:48:15:43:e5:c0:2b:48:7b:
                    55:d6:8f:1b:54:c0:55:ee:75:82:b9:45:a4:64:43:
                    e9:6a:42:75:66:ff:30:11:eb:19:86:83:43:c1:60:
                    77:cf:8c:eb:0f:92:a6:30:4a:9c:f2:53:ae:2b:93:
                    17:67:cb:cc:70:5c:67:5d:9e:2d:e0:e7:8e:7e:ba:
                    f9:68:64:f5:60:8f:0c:5b:f9:bb:f4:7d:07:62:80:
                    ac:0a:6b:ad:72:0a:6d:59:bc:7b:33:d4:69:07:21:
                    07:04:1b:79:10:94:8e:e4:3a:77:ea:51:aa:ef:7c:
                    34:d9:07:d7:0a:8e:13:e7:87:88:b5:82:09:91:2d:
                    c1:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:57:8F:E7:A3:76:3C:50:3F:A0:DF:1C:94:80:45:4B:7D:5A:FD:52
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/P1eP56N2PFA_oN8clIBFS31a_VI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:ed::/48

    Signature Algorithm: sha256WithRSAEncryption
         83:39:9e:b3:c7:9c:fe:b2:03:0b:3f:72:10:aa:f5:ad:ca:1a:
         48:31:cf:ad:ec:9f:22:39:20:5b:d1:52:9b:2e:24:38:1e:17:
         95:36:82:46:48:eb:2c:b5:4a:4f:fd:7d:d7:85:ed:b5:f2:1b:
         e0:75:83:af:d0:e4:c5:87:85:9b:c0:9a:61:94:8b:ad:1a:dc:
         ec:f9:22:5b:79:53:34:5e:21:ea:c6:73:52:3a:e8:c3:8f:2c:
         83:90:8a:54:1a:d6:79:43:9f:c1:64:58:81:2a:0b:64:4d:95:
         8c:a4:f5:a7:6a:b1:2e:bf:82:9c:25:4a:a4:b6:2c:43:90:41:
         05:60:94:f8:76:80:9f:c2:bf:44:b5:fb:f0:b3:c6:8f:d1:ba:
         92:cd:ee:9b:01:44:f5:79:31:67:51:0c:41:df:39:7a:db:34:
         4f:92:0c:84:8a:b0:bb:65:1a:f7:e2:fe:dd:05:90:34:11:15:
         0b:b9:5e:9c:2b:a9:12:bd:ea:ca:03:aa:59:d5:22:10:0c:61:
         b0:da:67:f1:6c:3c:e2:af:e6:b4:4f:94:78:c3:a5:a8:3b:13:
         69:71:c7:d2:3a:96:c4:83:1f:b6:79:6f:43:ea:b8:03:dd:00:
         a4:60:a7:fa:95:a3:56:df:42:86:d1:3e:4d:3d:df:58:b3:1f:
         59:7c:89:58
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/q7mSUH/9nuGShT8ZjzK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjU3OGZlN2EzNzYzYzUwM2ZhMGRmMWM5NDgwNDU0YjdkNWFmZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArblhRdmLopzUbme2sRTdH4VG1yVc
2iElgJZhS6yn3pOyjm5oMJdFi9x4rj+5NpWP++15OzlXYF5p3ETDYxAFrhTAYz4H
nOqAFIiOiPkJLdIEdWPcDJnLBpEVQ9uS+HUQv4ywr08xVZ63Xx+LNDfk0poAn+VT
qf6h0pZuMoy5SBVD5cArSHtV1o8bVMBV7nWCuUWkZEPpakJ1Zv8wEesZhoNDwWB3
z4zrD5KmMEqc8lOuK5MXZ8vMcFxnXZ4t4OeOfrr5aGT1YI8MW/m79H0HYoCsCmut
cgptWbx7M9RpByEHBBt5EJSO5Dp36lGq73w02QfXCo4T54eItYIJkS3B9QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD9Xj+ejdjxQP6DfHJSARUt9Wv1SMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvUDFlUDU2TjJQRkFfb044Y2xJQkZTMzFhX1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDt
MA0GCSqGSIb3DQEBCwUAA4IBAQCDOZ6zx5z+sgMLP3IQqvWtyhpIMc+t7J8iOSBb
0VKbLiQ4HheVNoJGSOsstUpP/X3Xhe218hvgdYOv0OTFh4WbwJphlIutGtzs+SJb
eVM0XiHqxnNSOujDjyyDkIpUGtZ5Q5/BZFiBKgtkTZWMpPWnarEuv4KcJUqktixD
kEEFYJT4doCfwr9Etfvws8aP0bqSze6bAUT1eTFnUQxB3zl62zRPkgyEirC7ZRr3
4v7dBZA0ERULuV6cK6kSverKA6pZ1SIQDGGw2mfxbDzir+a0T5R4w6WoOxNpccfS
OpbEgx+2eW9D6rgD3QCkYKf6laNW30KG0T5NPd9Ysx9ZfIlY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org