Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/UdMECDoOBveWI9SDNxeywj8Wfpg.roa
File:                     UdMECDoOBveWI9SDNxeywj8Wfpg.roa (raw, json)
Hash identifier:          6fuYMogr0rrwJskFlxsrhthRJxS98NyAee+gOET9IJI=
Subject key identifier:   51:D3:04:08:3A:0E:06:F7:96:23:D4:83:37:17:B2:C2:3F:16:7E:98
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FB6B66AD46B0DCBC3B911603A294029
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/UdMECDoOBveWI9SDNxeywj8Wfpg.roa
Signing time:             Tue 06 Feb 2024 18:38:17 +0000
ROA not before:           Tue 06 Feb 2024 18:38:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200605
IP address blocks:        2a0f:b241:132::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:b6:b6:6a:d4:6b:0d:cb:c3:b9:11:60:3a:29:40:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:38:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=51d304083a0e06f79623d4833717b2c23f167e98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:21:6b:cc:16:40:87:b3:9c:ce:26:1f:6c:38:
                    e5:0c:b9:43:c2:2a:c4:cf:4b:ee:ce:e4:e1:fe:26:
                    07:57:89:43:5b:85:56:c2:72:ef:7e:08:c3:eb:13:
                    09:df:69:14:d6:a8:c1:f0:3b:f3:77:d5:bd:86:3c:
                    cc:96:4d:67:63:f8:6e:f7:70:7c:4a:59:5b:69:19:
                    cd:20:19:18:20:2b:b1:07:74:87:45:4f:59:12:bc:
                    25:3b:1a:16:87:bc:93:76:e6:a2:4c:17:83:97:96:
                    21:6e:59:65:f8:d2:55:97:ba:0b:61:87:ff:c9:f3:
                    2a:31:71:e7:dd:15:01:a4:39:a7:c0:a6:0c:82:c4:
                    d9:ff:c8:18:12:e1:a6:16:7c:d6:9e:e9:03:6c:1f:
                    5c:2e:5a:36:e9:28:96:2e:65:a7:14:1d:08:7d:53:
                    cf:6e:ee:79:73:4c:49:43:d1:89:f7:c8:6a:f4:ee:
                    b9:08:3d:ca:3f:82:5d:d0:f2:df:8a:3a:52:7d:7d:
                    6c:ca:d6:02:83:0e:90:34:9b:bb:4b:2f:3c:3f:57:
                    2a:dd:bd:67:ba:85:d7:b1:7d:9c:a3:ed:43:45:b4:
                    49:28:53:35:4f:54:16:b0:8a:c2:c8:ad:03:1a:52:
                    48:fb:05:a5:ba:27:70:52:04:ea:01:e3:74:f0:7d:
                    c7:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:D3:04:08:3A:0E:06:F7:96:23:D4:83:37:17:B2:C2:3F:16:7E:98
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/UdMECDoOBveWI9SDNxeywj8Wfpg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:132::/48

    Signature Algorithm: sha256WithRSAEncryption
         8a:d7:ae:32:16:46:98:d6:c1:a0:b3:22:7b:24:55:98:00:7d:
         f2:54:8b:69:e7:e8:bf:a4:e3:80:a2:04:92:7b:ee:17:ad:62:
         4e:01:ba:26:75:bc:78:34:90:61:c8:d6:06:ac:f5:9d:39:8d:
         32:62:81:2a:5d:b1:97:a2:d8:05:83:ff:91:05:cf:3f:d3:1d:
         da:57:d0:75:b9:e2:3d:34:a3:85:9f:c7:f9:b8:4b:d1:c1:eb:
         29:c0:29:8a:4c:8d:f7:b9:1a:6b:4f:a8:a2:65:81:6d:38:6d:
         3e:70:7b:0d:cc:42:a3:29:4a:16:86:cc:ca:38:0d:21:17:72:
         17:18:42:97:39:20:3b:e4:87:25:ab:32:ed:a1:a8:06:36:34:
         d3:46:01:4d:4c:0b:ef:02:20:a5:68:36:83:c2:63:b1:d5:e7:
         00:5d:d1:8d:9d:54:af:94:15:5e:c9:d9:f3:db:2f:c5:ca:fe:
         96:a5:9e:0d:e6:87:87:82:72:08:15:c8:e4:3e:25:27:62:21:
         de:6c:6b:d5:4d:6b:87:ff:be:c9:b3:a2:28:56:00:02:73:dc:
         fb:39:72:94:56:2d:d3:23:78:db:17:d8:01:cf:4e:c7:db:19:
         ad:c0:6f:88:c4:04:d3:4e:97:0f:b2:d5:24:63:a8:d4:85:f5:
         62:59:d5:9b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/trZq1GsNy8O5EWA6KUApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWQzMDQwODNhMGUwNmY3OTYyM2Q0ODMzNzE3YjJjMjNmMTY3ZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyFrzBZAh7OcziYfbDjlDLlDwirE
z0vuzuTh/iYHV4lDW4VWwnLvfgjD6xMJ32kU1qjB8Dvzd9W9hjzMlk1nY/hu93B8
SllbaRnNIBkYICuxB3SHRU9ZErwlOxoWh7yTduaiTBeDl5Yhblll+NJVl7oLYYf/
yfMqMXHn3RUBpDmnwKYMgsTZ/8gYEuGmFnzWnukDbB9cLlo26SiWLmWnFB0IfVPP
bu55c0xJQ9GJ98hq9O65CD3KP4Jd0PLfijpSfX1sytYCgw6QNJu7Sy88P1cq3b1n
uoXXsX2co+1DRbRJKFM1T1QWsIrCyK0DGlJI+wWluidwUgTqAeN08H3HTwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFHTBAg6Dgb3liPUgzcXssI/Fn6YMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvVWRNRUNEb09CdmVXSTlTRE54ZXl3ajhXZnBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEy
MA0GCSqGSIb3DQEBCwUAA4IBAQCK164yFkaY1sGgsyJ7JFWYAH3yVItp5+i/pOOA
ogSSe+4XrWJOAbomdbx4NJBhyNYGrPWdOY0yYoEqXbGXotgFg/+RBc8/0x3aV9B1
ueI9NKOFn8f5uEvRwespwCmKTI33uRprT6iiZYFtOG0+cHsNzEKjKUoWhszKOA0h
F3IXGEKXOSA75IclqzLtoagGNjTTRgFNTAvvAiClaDaDwmOx1ecAXdGNnVSvlBVe
ydnz2y/Fyv6WpZ4N5oeHgnIIFcjkPiUnYiHebGvVTWuH/77Js6IoVgACc9z7OXKU
Vi3TI3jbF9gBz07H2xmtwG+IxATTTpcPstUkY6jUhfViWdWb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org