Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/SsOAJS1Ob9m5sWN0nvsazUuEFPw.roa
File:                     SsOAJS1Ob9m5sWN0nvsazUuEFPw.roa (raw, json)
Hash identifier:          nkg9wDxDnaBtikz11KZunwAz+Z3q4DHL26Uu2BTwGJ0=
Subject key identifier:   4A:C3:80:25:2D:4E:6F:D9:B9:B1:63:74:9E:FB:1A:CD:4B:84:14:FC
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FAE7BE202C0891F9DF997BBE0DCA737
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/SsOAJS1Ob9m5sWN0nvsazUuEFPw.roa
Signing time:             Tue 06 Feb 2024 18:29:17 +0000
ROA not before:           Tue 06 Feb 2024 18:29:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57194
IP address blocks:        2a0f:b241:11e::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:ae:7b:e2:02:c0:89:1f:9d:f9:97:bb:e0:dc:a7:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:29:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4ac380252d4e6fd9b9b163749efb1acd4b8414fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:5a:f4:e6:d3:15:33:f2:70:20:b9:1f:c8:9c:
                    a3:f4:c1:0d:fb:5c:ea:cd:0e:56:83:95:42:c8:b2:
                    c8:78:be:ac:17:58:ec:e3:96:0f:ec:75:7e:e9:84:
                    c4:a2:d6:26:44:e5:50:3b:c0:19:ad:d9:ea:81:da:
                    e6:29:71:3f:f0:d1:e8:34:4c:65:b2:1a:69:a7:2b:
                    3e:7c:e3:7d:09:dc:96:6d:46:35:ff:51:85:2d:33:
                    17:cd:65:dd:87:66:e3:94:32:cf:87:42:a5:7a:28:
                    24:87:34:5c:f4:bc:9e:e8:c9:e5:19:d4:ca:69:72:
                    43:e9:cd:28:d0:6a:aa:4c:22:7e:75:ff:48:f5:12:
                    b9:6c:de:19:1c:2b:e5:2a:06:8b:94:c7:18:99:0a:
                    80:99:8d:6b:0a:cd:df:d5:eb:19:21:2d:1f:2e:13:
                    fd:24:a9:04:62:f2:29:29:13:96:4c:be:8c:2b:67:
                    95:e5:dd:7d:0b:e6:d7:44:c7:62:9e:77:66:8e:9b:
                    b8:eb:0b:5d:8c:4f:bb:63:a3:7c:f9:a9:33:2f:16:
                    c7:a2:fb:41:cd:0c:01:ad:13:0b:03:a0:bf:58:c1:
                    ee:f4:df:42:21:c9:e4:7a:da:6a:c3:b0:35:b9:6b:
                    88:90:fb:d7:ca:9f:22:a8:03:60:aa:7e:b9:f1:e8:
                    33:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:C3:80:25:2D:4E:6F:D9:B9:B1:63:74:9E:FB:1A:CD:4B:84:14:FC
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/SsOAJS1Ob9m5sWN0nvsazUuEFPw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:11e::/48

    Signature Algorithm: sha256WithRSAEncryption
         7a:ec:0a:22:0b:91:72:06:2e:10:d3:90:fa:2d:a1:3f:bd:28:
         85:c4:a8:76:54:ba:60:04:17:ec:6c:60:7b:b2:64:7e:9f:b8:
         41:69:c7:af:39:b5:6e:1e:23:c9:34:fc:9c:88:fc:60:26:40:
         c4:04:81:a9:76:79:1f:34:a3:c1:08:a9:8d:2c:20:60:fc:22:
         93:22:21:44:38:ae:a4:a0:44:d0:e2:69:38:34:99:5e:aa:a7:
         47:a7:8e:cb:87:5f:6a:61:29:80:c5:4e:3b:5c:51:c0:2b:a4:
         6c:90:9e:3f:36:0c:d2:0f:32:27:b8:6f:c6:f9:a4:16:2c:fd:
         29:52:cf:c8:14:d7:1d:b0:6b:dc:2c:ec:95:ab:8d:7d:18:03:
         93:e5:0d:5c:06:d0:ed:eb:3a:63:a2:48:96:b5:fd:aa:e6:29:
         9e:ce:1e:6f:ca:25:a0:56:c1:2e:c3:df:95:11:ab:b9:ed:60:
         72:a0:11:f6:28:87:52:6a:35:b1:ed:82:40:a9:4c:b8:4e:6c:
         1b:a3:58:7b:70:71:5c:64:29:47:7c:75:a9:28:73:a2:4a:46:
         a6:d8:5b:ca:55:b2:d6:f0:99:d2:39:3a:45:49:b6:76:8d:11:
         5d:6f:d3:a7:a9:6d:f7:3c:0a:01:05:b2:58:d6:a8:7d:a1:67:
         a2:b1:25:9a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/rnviAsCJH535l7vg3Kc3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWMzODAyNTJkNGU2ZmQ5YjliMTYzNzQ5ZWZiMWFjZDRiODQxNGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplr05tMVM/JwILkfyJyj9MEN+1zq
zQ5Wg5VCyLLIeL6sF1js45YP7HV+6YTEotYmROVQO8AZrdnqgdrmKXE/8NHoNExl
shpppys+fON9CdyWbUY1/1GFLTMXzWXdh2bjlDLPh0KleigkhzRc9Lye6MnlGdTK
aXJD6c0o0GqqTCJ+df9I9RK5bN4ZHCvlKgaLlMcYmQqAmY1rCs3f1esZIS0fLhP9
JKkEYvIpKROWTL6MK2eV5d19C+bXRMdinndmjpu46wtdjE+7Y6N8+akzLxbHovtB
zQwBrRMLA6C/WMHu9N9CIcnketpqw7A1uWuIkPvXyp8iqANgqn658egzYwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFErDgCUtTm/ZubFjdJ77Gs1LhBT8MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvU3NPQUpTMU9iOW01c1dOMG52c2F6VXVFRlB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEe
MA0GCSqGSIb3DQEBCwUAA4IBAQB67AoiC5FyBi4Q05D6LaE/vSiFxKh2VLpgBBfs
bGB7smR+n7hBacevObVuHiPJNPyciPxgJkDEBIGpdnkfNKPBCKmNLCBg/CKTIiFE
OK6koETQ4mk4NJleqqdHp47Lh19qYSmAxU47XFHAK6RskJ4/NgzSDzInuG/G+aQW
LP0pUs/IFNcdsGvcLOyVq419GAOT5Q1cBtDt6zpjokiWtf2q5imezh5vyiWgVsEu
w9+VEau57WByoBH2KIdSajWx7YJAqUy4Tmwbo1h7cHFcZClHfHWpKHOiSkam2FvK
VbLW8JnSOTpFSbZ2jRFdb9OnqW33PAoBBbJY1qh9oWeisSWa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org