Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/T-CaV2oiNqByIptBSp_E7NYh4VY.roa
File:                     T-CaV2oiNqByIptBSp_E7NYh4VY.roa (raw, json)
Hash identifier:          Obn9mh18FV2sBsvPeZcUEpwGnVZ6Ow+b3xCLe1q0eZw=
Subject key identifier:   4F:E0:9A:57:6A:22:36:A0:72:22:9B:41:4A:9F:C4:EC:D6:21:E1:56
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FAE7A9D892FA33937ACCF228EF79F4B
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/T-CaV2oiNqByIptBSp_E7NYh4VY.roa
Signing time:             Tue 06 Feb 2024 18:29:17 +0000
ROA not before:           Tue 06 Feb 2024 18:29:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51312
IP address blocks:        2a0f:b241:11a::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:ae:7a:9d:89:2f:a3:39:37:ac:cf:22:8e:f7:9f:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:29:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4fe09a576a2236a072229b414a9fc4ecd621e156
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:ae:af:a9:44:f4:a5:f7:47:98:25:13:c1:89:
                    e5:dc:df:1a:e1:d5:5c:43:ed:86:c7:ee:65:2b:52:
                    23:2d:99:5c:b1:9a:fc:cf:ca:53:e3:c9:48:c2:ff:
                    36:6e:87:00:e4:a7:bb:3c:83:f8:8f:4b:0d:65:62:
                    29:83:e3:06:ee:00:23:df:4a:20:03:11:4b:b9:4a:
                    e2:33:c7:95:c4:ad:1b:a9:87:95:43:8d:f1:03:9e:
                    33:fc:f9:2d:f7:e1:24:64:da:b1:bf:2c:88:c2:82:
                    0c:17:96:fc:c4:f6:53:59:66:19:fc:6d:e7:58:13:
                    24:10:34:13:e2:cf:4e:27:c2:85:a4:e7:f0:6b:35:
                    ff:41:5f:5d:23:9a:37:69:22:16:49:fe:f5:20:11:
                    32:51:74:af:22:e0:74:5c:63:21:46:84:1b:6f:3a:
                    50:61:d2:88:bd:84:dd:a9:81:75:ae:b6:b6:a2:23:
                    36:a0:77:5f:15:69:80:7e:4d:52:03:9b:2a:9d:97:
                    4c:2f:aa:74:37:94:e8:55:7d:66:29:8b:60:a2:e3:
                    4f:db:07:f6:72:bb:a5:db:c4:c5:13:25:1b:18:50:
                    56:e4:10:96:30:16:52:86:48:d5:84:e4:58:8b:a8:
                    b4:15:e4:d1:2b:5f:1e:12:f7:00:dd:40:06:ec:0b:
                    9a:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:E0:9A:57:6A:22:36:A0:72:22:9B:41:4A:9F:C4:EC:D6:21:E1:56
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/T-CaV2oiNqByIptBSp_E7NYh4VY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:11a::/48

    Signature Algorithm: sha256WithRSAEncryption
         8c:d0:62:90:30:c4:38:38:ca:4d:a5:24:d6:66:18:08:b7:ed:
         3c:87:01:33:fa:f2:48:34:02:06:41:8e:5c:37:6d:1f:99:b1:
         84:67:a2:39:8e:7a:46:3f:d9:6f:a8:a7:e9:5a:35:96:d3:42:
         6e:46:c1:72:d6:51:04:0a:f6:83:f4:85:29:da:bc:0e:26:48:
         e0:9e:a4:f7:ea:62:7a:ba:58:fe:ba:00:ba:7a:a6:a1:9a:96:
         20:7f:28:07:90:58:03:cd:03:98:90:52:8a:b7:38:0a:6b:46:
         63:a7:a2:c7:c4:f9:4c:53:91:27:a0:a9:d7:fb:19:a2:33:57:
         39:49:96:fb:5b:69:d8:6a:cf:82:6f:de:ed:2a:76:b4:5b:9e:
         75:f0:e9:e4:18:b9:9c:be:6f:40:04:de:0b:c1:ab:dc:fc:f8:
         43:81:d7:ea:8f:24:de:a4:f3:2a:46:23:72:01:84:98:d9:37:
         b0:5e:87:70:eb:61:38:c9:a1:65:c9:fc:ca:1d:ab:43:c4:ca:
         c1:7d:1f:8d:bd:dd:f8:ef:7c:3a:83:85:6c:1c:fb:d4:58:28:
         67:60:ed:06:33:8a:85:85:f1:6b:98:19:4b:51:02:4c:13:43:
         59:14:1d:cb:86:95:93:ae:c7:8d:11:d2:b7:c6:24:14:46:99:
         24:60:11:bf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/rnqdiS+jOTeszyKO959LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmUwOWE1NzZhMjIzNmEwNzIyMjliNDE0YTlmYzRlY2Q2MjFlMTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo66vqUT0pfdHmCUTwYnl3N8a4dVc
Q+2Gx+5lK1IjLZlcsZr8z8pT48lIwv82bocA5Ke7PIP4j0sNZWIpg+MG7gAj30og
AxFLuUriM8eVxK0bqYeVQ43xA54z/Pkt9+EkZNqxvyyIwoIMF5b8xPZTWWYZ/G3n
WBMkEDQT4s9OJ8KFpOfwazX/QV9dI5o3aSIWSf71IBEyUXSvIuB0XGMhRoQbbzpQ
YdKIvYTdqYF1rra2oiM2oHdfFWmAfk1SA5sqnZdML6p0N5ToVX1mKYtgouNP2wf2
crul28TFEyUbGFBW5BCWMBZShkjVhORYi6i0FeTRK18eEvcA3UAG7Aua4QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE/gmldqIjagciKbQUqfxOzWIeFWMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvVC1DYVYyb2lOcUJ5SXB0QlNwX0U3TlloNFZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEa
MA0GCSqGSIb3DQEBCwUAA4IBAQCM0GKQMMQ4OMpNpSTWZhgIt+08hwEz+vJINAIG
QY5cN20fmbGEZ6I5jnpGP9lvqKfpWjWW00JuRsFy1lEECvaD9IUp2rwOJkjgnqT3
6mJ6ulj+ugC6eqahmpYgfygHkFgDzQOYkFKKtzgKa0Zjp6LHxPlMU5EnoKnX+xmi
M1c5SZb7W2nYas+Cb97tKna0W5518OnkGLmcvm9ABN4Lwavc/PhDgdfqjyTepPMq
RiNyAYSY2TewXodw62E4yaFlyfzKHatDxMrBfR+Nvd3473w6g4VsHPvUWChnYO0G
M4qFhfFrmBlLUQJME0NZFB3LhpWTrseNEdK3xiQURpkkYBG/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:09 2024 by rpki-client on console-ams.rpki-client.org