Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/UnHpcAA5TOO4901VGnvjvPnvUio.roa
File:                     UnHpcAA5TOO4901VGnvjvPnvUio.roa (raw, json)
Hash identifier:          Fe9ZaKPifRfR3p+wirrUN8rToTxObH8PzMoacupuO9E=
Subject key identifier:   52:71:E9:70:00:39:4C:E3:B8:F7:4D:55:1A:7B:E3:BC:F9:EF:52:2A
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7F93A3D44C7CF5D48BE6F337178B1546
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/UnHpcAA5TOO4901VGnvjvPnvUio.roa
Signing time:             Tue 06 Feb 2024 17:59:58 +0000
ROA not before:           Tue 06 Feb 2024 17:59:58 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     24670
IP address blocks:        2a0f:b241:2d::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:93:a3:d4:4c:7c:f5:d4:8b:e6:f3:37:17:8b:15:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 17:59:58 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5271e97000394ce3b8f74d551a7be3bcf9ef522a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:ed:ba:45:21:68:ba:9a:49:48:13:c5:60:08:
                    7c:be:ac:60:b4:01:ad:1a:82:00:88:eb:6e:6d:3c:
                    16:22:3e:0e:23:da:9d:2c:14:32:7b:d3:68:a5:5a:
                    7b:3a:e1:aa:68:df:93:1c:a1:37:72:df:55:c3:dd:
                    82:91:af:18:1b:8a:ab:70:5a:0e:fe:94:4c:b5:58:
                    89:26:bf:46:38:2d:77:08:66:94:ea:59:f0:dc:55:
                    a2:22:83:2c:c0:12:ea:37:52:6b:0e:66:3c:6b:b4:
                    7b:09:23:20:7c:0b:42:62:a2:ac:89:8c:c4:4a:c4:
                    16:03:d4:d0:a9:78:94:59:07:87:fc:4e:56:9e:5e:
                    23:6a:e9:a2:aa:4c:8b:1b:65:d6:65:38:d0:d3:eb:
                    89:32:d3:d8:87:94:b5:1c:f9:4b:ce:8b:08:7e:b3:
                    24:f6:b5:65:75:3c:62:ec:47:28:7e:05:f6:27:c8:
                    85:58:9b:09:d5:64:ae:69:16:e6:e9:63:5c:d2:38:
                    8f:8a:30:ae:16:a5:ae:db:60:8d:62:37:62:66:eb:
                    ba:c5:6e:26:07:45:e7:5c:83:5b:c0:9a:9e:6d:b9:
                    e4:23:66:25:ec:0f:eb:e1:59:5e:f9:ef:92:0f:8c:
                    81:f9:76:52:41:3f:11:15:9b:27:c4:2e:dc:3f:2b:
                    6a:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:71:E9:70:00:39:4C:E3:B8:F7:4D:55:1A:7B:E3:BC:F9:EF:52:2A
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/UnHpcAA5TOO4901VGnvjvPnvUio.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:2d::/48

    Signature Algorithm: sha256WithRSAEncryption
         52:a1:7b:aa:7b:79:d5:51:e7:e9:67:5c:f4:eb:9a:49:41:e7:
         60:1f:4b:40:be:34:ea:2f:65:d8:95:36:76:25:6d:0b:a0:46:
         3e:24:ad:df:29:10:70:22:5c:e0:e7:64:db:89:8b:f1:6f:f6:
         20:04:16:c6:4a:47:f8:26:2e:be:92:27:00:0a:98:2f:b1:23:
         fa:16:dd:bc:ef:67:28:32:84:5b:59:d9:67:17:23:9e:01:2b:
         fa:6d:4d:43:c6:7e:47:b8:9f:6e:96:4e:7b:60:f9:e0:7f:5a:
         e0:d5:fd:d7:cc:3d:9a:78:bf:64:c9:06:43:a5:bc:44:55:27:
         14:6e:13:b0:ff:5b:ba:4c:7b:07:ca:49:26:37:6c:29:f2:03:
         47:77:d0:bd:c3:43:7c:fd:ea:9b:fa:52:05:d3:46:67:21:8c:
         20:26:cf:51:54:5d:2c:4e:55:09:5f:c2:1b:a0:bc:86:ba:65:
         d1:e3:e7:51:b8:49:73:b9:59:cf:3a:be:43:b3:22:e7:fe:47:
         96:b6:7d:4e:9b:b8:f4:53:cf:cf:c2:b8:b3:81:17:ac:39:c8:
         4c:78:99:2d:c8:a0:e6:e2:03:36:2d:a4:9f:0f:1f:74:41:e5:
         e3:d2:e0:b2:00:4c:00:e5:2c:c6:69:df:40:4b:f5:09:08:f4:
         7d:08:f0:90
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/k6PUTHz11Ivm8zcXixVGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTc1OTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjcxZTk3MDAwMzk0Y2UzYjhmNzRkNTUxYTdiZTNiY2Y5ZWY1MjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+26RSFouppJSBPFYAh8vqxgtAGt
GoIAiOtubTwWIj4OI9qdLBQye9NopVp7OuGqaN+THKE3ct9Vw92Cka8YG4qrcFoO
/pRMtViJJr9GOC13CGaU6lnw3FWiIoMswBLqN1JrDmY8a7R7CSMgfAtCYqKsiYzE
SsQWA9TQqXiUWQeH/E5Wnl4jaumiqkyLG2XWZTjQ0+uJMtPYh5S1HPlLzosIfrMk
9rVldTxi7EcofgX2J8iFWJsJ1WSuaRbm6WNc0jiPijCuFqWu22CNYjdiZuu6xW4m
B0XnXINbwJqebbnkI2Yl7A/r4Vle+e+SD4yB+XZSQT8RFZsnxC7cPytqhQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFJx6XAAOUzjuPdNVRp747z571IqMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvVW5IcGNBQTVUT080OTAxVkdudmp2UG52VWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAt
MA0GCSqGSIb3DQEBCwUAA4IBAQBSoXuqe3nVUefpZ1z065pJQedgH0tAvjTqL2XY
lTZ2JW0LoEY+JK3fKRBwIlzg52TbiYvxb/YgBBbGSkf4Ji6+kicACpgvsSP6Ft28
72coMoRbWdlnFyOeASv6bU1Dxn5HuJ9ulk57YPngf1rg1f3XzD2aeL9kyQZDpbxE
VScUbhOw/1u6THsHykkmN2wp8gNHd9C9w0N8/eqb+lIF00ZnIYwgJs9RVF0sTlUJ
X8IboLyGumXR4+dRuElzuVnPOr5DsyLn/keWtn1Om7j0U8/PwrizgResOchMeJkt
yKDm4gM2LaSfDx90QeXj0uCyAEwA5SzGad9AS/UJCPR9CPCQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org