Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/TNPfpTJ09ExzhraHjG36lBnOiFU.roa
File:                     TNPfpTJ09ExzhraHjG36lBnOiFU.roa (raw, json)
Hash identifier:          r3yTGSG+i1XksWMp/4xZG00PPaMysF/pvPsZafHcTUM=
Subject key identifier:   4C:D3:DF:A5:32:74:F4:4C:73:86:B6:87:8C:6D:FA:94:19:CE:88:55
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FACAC79EA5CC7910D891B0367689814
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/TNPfpTJ09ExzhraHjG36lBnOiFU.roa
Signing time:             Tue 06 Feb 2024 18:27:19 +0000
ROA not before:           Tue 06 Feb 2024 18:27:19 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215918
IP address blocks:        2a0f:b241:105::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:ac:ac:79:ea:5c:c7:91:0d:89:1b:03:67:68:98:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:27:19 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4cd3dfa53274f44c7386b6878c6dfa9419ce8855
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:13:2a:12:da:85:8b:ec:0f:03:5d:b4:06:0d:
                    ed:09:7a:1c:ed:a3:ed:05:b0:df:5f:c4:8b:eb:d6:
                    ee:f1:d5:bb:a7:26:8e:7a:e8:4e:ac:c3:46:99:7c:
                    60:37:f4:23:a5:c8:6a:22:0e:a2:43:ed:67:d2:52:
                    58:8d:64:2c:9f:b5:d4:43:31:37:71:e9:60:20:72:
                    a2:bd:e6:0b:fa:b7:50:0a:44:b2:dd:96:37:cb:75:
                    a6:48:f4:b0:d4:dd:f8:be:a1:03:06:77:04:d4:1c:
                    d7:0b:fc:90:c4:89:49:2c:3b:cb:62:a1:b7:a2:6e:
                    45:41:e8:43:a2:e9:29:c9:98:a6:11:8d:f3:03:ec:
                    d1:71:9d:f7:7c:98:13:b0:11:e1:a9:cd:81:6e:e3:
                    df:00:8f:1d:b5:15:43:9b:f0:25:4f:03:09:6e:4d:
                    df:25:4e:89:74:6d:fe:7c:a2:a4:a8:a1:6a:2a:71:
                    2e:33:7b:7a:41:c6:a1:97:b6:fc:ad:a9:c4:6b:cf:
                    9f:07:fa:cd:e4:76:11:5e:fe:89:3a:90:ec:0c:5a:
                    3f:a9:d2:cf:a3:0e:4d:8f:93:9c:11:52:3f:7d:6c:
                    62:98:73:a3:b3:ef:85:44:20:77:2c:4a:04:13:1c:
                    e8:02:f1:e1:6e:8e:35:3e:ad:a1:ff:95:62:90:46:
                    a5:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:D3:DF:A5:32:74:F4:4C:73:86:B6:87:8C:6D:FA:94:19:CE:88:55
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/TNPfpTJ09ExzhraHjG36lBnOiFU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:105::/48

    Signature Algorithm: sha256WithRSAEncryption
         61:64:fc:fc:63:ab:37:9e:95:01:e6:71:bf:4e:fc:9a:f7:86:
         75:81:4b:87:26:38:13:5a:b9:7f:aa:e2:ee:21:02:4b:41:75:
         6e:ec:26:db:27:e4:49:26:82:2a:d2:5d:99:5a:6c:61:30:6c:
         53:6b:23:62:8e:0f:b7:8b:2f:a2:8c:99:5b:36:40:38:c8:26:
         15:75:43:e0:72:d5:2a:f9:81:6c:ae:35:a7:7d:60:30:4e:b9:
         1c:26:79:53:26:fe:66:90:16:d3:6c:a4:eb:00:84:42:1d:72:
         38:e7:49:a3:50:bc:3e:ba:ba:a9:da:7e:45:bb:a9:d6:f9:ae:
         8f:41:6b:a6:74:7c:ac:22:62:52:20:31:3a:5c:62:73:ac:79:
         2e:74:f0:84:37:71:5e:1a:fe:7e:8d:0d:cb:02:93:05:03:84:
         0b:cb:ad:a9:61:38:fa:72:7e:4d:e1:b1:ae:42:9a:17:f3:a1:
         2e:94:3f:c0:c5:d4:8d:88:f1:ab:e4:54:a7:18:34:d3:f7:c5:
         f9:30:68:be:1a:5e:33:b5:52:6c:d4:25:f1:01:2b:26:fb:06:
         1f:6b:d5:51:07:0d:21:e5:01:69:44:51:c8:51:74:2b:25:99:
         e0:3e:58:54:f8:71:a4:e4:34:db:67:34:ec:f9:76:7e:23:3e:
         fe:99:c5:03
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/rKx56lzHkQ2JGwNnaJgUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2QzZGZhNTMyNzRmNDRjNzM4NmI2ODc4YzZkZmE5NDE5Y2U4ODU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRMqEtqFi+wPA120Bg3tCXoc7aPt
BbDfX8SL69bu8dW7pyaOeuhOrMNGmXxgN/QjpchqIg6iQ+1n0lJYjWQsn7XUQzE3
celgIHKiveYL+rdQCkSy3ZY3y3WmSPSw1N34vqEDBncE1BzXC/yQxIlJLDvLYqG3
om5FQehDoukpyZimEY3zA+zRcZ33fJgTsBHhqc2BbuPfAI8dtRVDm/AlTwMJbk3f
JU6JdG3+fKKkqKFqKnEuM3t6Qcahl7b8ranEa8+fB/rN5HYRXv6JOpDsDFo/qdLP
ow5Nj5OcEVI/fWximHOjs++FRCB3LEoEExzoAvHhbo41Pq2h/5VikEalbQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEzT36UydPRMc4a2h4xt+pQZzohVMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvVE5QZnBUSjA5RXh6aHJhSGpHMzZsQm5PaUZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEF
MA0GCSqGSIb3DQEBCwUAA4IBAQBhZPz8Y6s3npUB5nG/Tvya94Z1gUuHJjgTWrl/
quLuIQJLQXVu7CbbJ+RJJoIq0l2ZWmxhMGxTayNijg+3iy+ijJlbNkA4yCYVdUPg
ctUq+YFsrjWnfWAwTrkcJnlTJv5mkBbTbKTrAIRCHXI450mjULw+urqp2n5Fu6nW
+a6PQWumdHysImJSIDE6XGJzrHkudPCEN3FeGv5+jQ3LApMFA4QLy62pYTj6cn5N
4bGuQpoX86EulD/AxdSNiPGr5FSnGDTT98X5MGi+Gl4ztVJs1CXxASsm+wYfa9VR
Bw0h5QFpRFHIUXQrJZngPlhU+HGk5DTbZzTs+XZ+Iz7+mcUD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:09 2024 by rpki-client on console-ams.rpki-client.org