Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/TBYFjf0rULYIw_JE-OWsvk3Z10Q.roa
File:                     TBYFjf0rULYIw_JE-OWsvk3Z10Q.roa (raw, json)
Hash identifier:          BH8SIS2xqPOkcScWE23WjIHqAm1n7aMyYxP8PcH0gbM=
Subject key identifier:   4C:16:05:8D:FD:2B:50:B6:08:C3:F2:44:F8:E5:AC:BE:4D:D9:D7:44
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FB88C11C26021629486E4055F024A7F
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/TBYFjf0rULYIw_JE-OWsvk3Z10Q.roa
Signing time:             Tue 06 Feb 2024 18:40:17 +0000
ROA not before:           Tue 06 Feb 2024 18:40:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215660
IP address blocks:        2a0f:b241:150::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:b8:8c:11:c2:60:21:62:94:86:e4:05:5f:02:4a:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:40:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4c16058dfd2b50b608c3f244f8e5acbe4dd9d744
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:67:95:71:1a:2d:bb:f5:07:4b:ac:f5:b7:9d:
                    3f:3e:06:bf:bb:f9:21:f8:a9:32:64:95:5e:35:be:
                    86:c2:73:94:25:e2:cd:f9:f1:0b:f4:23:54:5f:d7:
                    fa:90:7e:ab:3a:19:3e:0d:8e:b0:39:61:74:77:de:
                    8d:ae:ed:8b:8c:e2:76:57:3c:ff:10:57:0b:7c:59:
                    57:bd:c8:78:d4:be:e8:7d:25:9d:73:3d:33:eb:00:
                    fc:3a:b9:33:ef:80:21:4b:d1:23:92:f4:78:fd:bb:
                    05:e0:16:77:a3:6f:43:53:e4:bc:f3:ac:d5:97:d1:
                    49:7d:83:92:f2:5d:7e:0a:f0:bc:d0:b7:e5:d0:2b:
                    23:aa:1c:6d:aa:de:6e:8d:12:7a:0c:48:d3:7c:9e:
                    83:99:93:1a:06:e2:b7:99:7f:6a:2d:26:ef:cf:fc:
                    c3:9c:84:33:be:71:bf:5a:20:b7:33:1d:e3:8b:d0:
                    fd:6f:4d:4f:f6:d1:9f:2b:71:ae:1d:b7:b6:c3:7c:
                    e4:5c:ac:29:d4:b8:cf:ef:e5:cf:77:06:d5:58:9f:
                    02:a6:57:3f:1b:05:fb:92:af:ec:dc:ce:fc:05:6c:
                    d6:5e:ad:5f:17:02:0c:bd:ae:0d:00:12:12:09:e2:
                    5a:27:19:96:97:d0:69:c0:62:8e:3e:10:94:62:20:
                    f7:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:16:05:8D:FD:2B:50:B6:08:C3:F2:44:F8:E5:AC:BE:4D:D9:D7:44
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/TBYFjf0rULYIw_JE-OWsvk3Z10Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:150::/48

    Signature Algorithm: sha256WithRSAEncryption
         7d:62:5e:55:d2:6f:4c:b4:fd:71:26:d8:fa:37:8c:7f:14:a3:
         05:2d:0e:96:57:16:d0:19:01:2c:90:49:e3:53:7b:c1:05:cb:
         b8:fd:91:7f:f6:f3:2a:f6:71:70:13:28:ab:31:a3:f8:7a:07:
         06:0d:13:3e:dc:cb:e6:76:65:7a:df:e6:3f:f9:d7:1c:7a:3f:
         37:27:9c:08:ab:e9:af:ce:d5:d7:c8:a1:6d:e7:2f:9a:79:a2:
         d7:23:d1:15:b3:f4:d4:66:d0:5d:57:1c:32:d6:8c:65:98:28:
         a0:b4:f5:ce:3d:99:5f:8c:d0:16:72:5b:8d:c0:db:5d:14:8f:
         a4:d1:05:5b:0e:31:50:8e:dc:d9:47:c5:1f:2d:2d:0d:48:f4:
         98:5f:ac:38:b8:c5:a5:3e:da:96:b8:b8:8f:d8:ba:74:a8:53:
         74:7e:ee:35:6e:dd:23:14:ac:3e:31:5d:3c:68:af:80:cb:13:
         fd:bc:9e:44:2c:23:c2:97:4f:8e:90:20:3d:6c:1c:a1:c8:a3:
         ff:6e:90:95:14:f6:30:85:fd:ed:1a:9d:61:dd:55:46:a1:07:
         b5:80:37:8e:5c:65:71:21:a2:00:46:76:7a:61:75:c8:6a:ef:
         7b:19:e9:e2:40:24:bf:fc:41:65:d7:64:d5:45:93:00:e3:11:
         46:ae:2c:e3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/uIwRwmAhYpSG5AVfAkp/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTg0MDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzE2MDU4ZGZkMmI1MGI2MDhjM2YyNDRmOGU1YWNiZTRkZDlkNzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGeVcRotu/UHS6z1t50/Pga/u/kh
+KkyZJVeNb6GwnOUJeLN+fEL9CNUX9f6kH6rOhk+DY6wOWF0d96Nru2LjOJ2Vzz/
EFcLfFlXvch41L7ofSWdcz0z6wD8Orkz74AhS9EjkvR4/bsF4BZ3o29DU+S886zV
l9FJfYOS8l1+CvC80Lfl0Csjqhxtqt5ujRJ6DEjTfJ6DmZMaBuK3mX9qLSbvz/zD
nIQzvnG/WiC3Mx3ji9D9b01P9tGfK3GuHbe2w3zkXKwp1LjP7+XPdwbVWJ8Cplc/
GwX7kq/s3M78BWzWXq1fFwIMva4NABISCeJaJxmWl9BpwGKOPhCUYiD3HwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEwWBY39K1C2CMPyRPjlrL5N2ddEMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvVEJZRmpmMHJVTFlJd19KRS1PV3N2azNaMTBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB9Yl5V0m9MtP1xJtj6N4x/FKMFLQ6WVxbQGQEs
kEnjU3vBBcu4/ZF/9vMq9nFwEyirMaP4egcGDRM+3MvmdmV63+Y/+dccej83J5wI
q+mvztXXyKFt5y+aeaLXI9EVs/TUZtBdVxwy1oxlmCigtPXOPZlfjNAWcluNwNtd
FI+k0QVbDjFQjtzZR8UfLS0NSPSYX6w4uMWlPtqWuLiP2Lp0qFN0fu41bt0jFKw+
MV08aK+AyxP9vJ5ELCPCl0+OkCA9bByhyKP/bpCVFPYwhf3tGp1h3VVGoQe1gDeO
XGVxIaIARnZ6YXXIau97GeniQCS//EFl12TVRZMA4xFGrizj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org