Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/UtRSw5gFsH5prG1z3cgR5C_OPDM.roa
File:                     UtRSw5gFsH5prG1z3cgR5C_OPDM.roa (raw, json)
Hash identifier:          FJxI38pd0DbxoRRo/JWILjWs3LxMe9OWYGPWrYAh64Y=
Subject key identifier:   52:D4:52:C3:98:05:B0:7E:69:AC:6D:73:DD:C8:11:E4:2F:CE:3C:33
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D81F065889428AC95CD6C23776B6FBA8C
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/UtRSw5gFsH5prG1z3cgR5C_OPDM.roa
Signing time:             Wed 07 Feb 2024 05:00:31 +0000
ROA not before:           Wed 07 Feb 2024 05:00:31 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57369
IP address blocks:        2a0f:b241:120::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:81:f0:65:88:94:28:ac:95:cd:6c:23:77:6b:6f:ba:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  7 05:00:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=52d452c39805b07e69ac6d73ddc811e42fce3c33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:22:28:da:44:a8:d4:48:34:f8:17:17:ac:66:
                    18:dc:85:b5:72:bc:c1:43:70:15:d1:76:70:4b:e8:
                    0b:d5:2a:d1:4e:69:89:d0:e8:54:5b:51:b7:fb:25:
                    c5:5a:a4:f1:45:11:45:35:60:4c:77:f0:7f:10:da:
                    8e:75:00:4e:0a:fa:20:10:97:21:f2:77:6d:12:42:
                    c4:ec:5e:48:70:8a:22:94:d0:15:8e:19:08:38:3f:
                    9e:bc:e4:b3:02:40:17:fb:5d:54:e3:a4:90:b1:aa:
                    ea:aa:d2:a4:57:d1:2c:b5:66:f4:64:9e:dd:7b:37:
                    d6:72:98:cd:7c:92:4c:46:00:ee:dd:9e:3b:d4:5c:
                    32:3a:de:5d:0d:69:9e:71:05:bf:e4:7e:ed:46:34:
                    2a:1c:71:0a:1f:d3:96:fc:95:b6:02:81:f8:9c:63:
                    93:ae:5c:e5:45:ad:1d:27:b7:57:a7:65:9b:1d:a3:
                    72:f6:01:90:c7:36:7e:43:9b:e6:38:29:43:78:77:
                    e2:65:6e:20:cd:27:c1:b1:d2:9a:a4:59:27:98:bf:
                    bf:56:43:6d:52:61:e0:96:fb:5b:ab:63:5c:5a:68:
                    db:dd:18:1a:03:ca:27:2e:36:3c:b3:ac:74:df:71:
                    67:88:25:1d:92:3d:9a:6f:f1:59:a9:5e:dc:d8:09:
                    44:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:D4:52:C3:98:05:B0:7E:69:AC:6D:73:DD:C8:11:E4:2F:CE:3C:33
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/UtRSw5gFsH5prG1z3cgR5C_OPDM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:120::/48

    Signature Algorithm: sha256WithRSAEncryption
         5a:73:e9:3b:bc:f4:d3:b1:74:55:99:ea:9b:a6:25:a0:6f:51:
         a4:8a:6d:ec:0b:f0:eb:dd:85:c6:d4:40:19:2d:1f:b1:20:70:
         84:9e:ea:3b:dc:c6:53:50:69:d0:1b:18:75:4e:de:38:77:24:
         3a:e6:41:81:41:75:c5:b9:14:5e:c9:60:86:98:81:ce:15:d2:
         1c:81:86:0b:0e:79:1b:8c:fc:6e:fe:36:4d:31:7c:ab:09:ca:
         2f:eb:cf:bc:99:1a:f8:35:0b:d4:e8:a1:df:9c:37:5f:60:57:
         6e:79:fd:ed:6f:6c:8d:02:21:d0:61:60:ad:98:1d:8f:ec:08:
         32:41:30:dd:f4:0b:5a:7d:ff:b2:54:a6:40:4a:3a:53:11:b4:
         ff:23:c9:2f:e3:0f:92:d8:e8:51:08:3a:a0:16:2c:f2:96:35:
         6a:3d:87:92:a2:b5:d4:90:a9:94:cc:b8:49:6c:44:fb:b7:69:
         41:bd:7c:92:69:e6:01:31:0c:75:3c:b3:b5:2d:a8:73:50:61:
         b8:b6:08:3e:f1:94:49:aa:ea:d5:d1:37:84:55:d4:ca:5d:04:
         cf:c5:03:38:e3:cf:d2:a1:62:c5:9d:48:f2:d7:31:50:4e:47:
         f1:2f:f7:70:e9:23:94:41:b8:57:a9:db:9b:e3:d1:37:29:a2:
         a2:1f:04:ea
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8GWIlCislc1sI3drb7qMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmQ0NTJjMzk4MDViMDdlNjlhYzZkNzNkZGM4MTFlNDJmY2UzYzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCIo2kSo1Eg0+BcXrGYY3IW1crzB
Q3AV0XZwS+gL1SrRTmmJ0OhUW1G3+yXFWqTxRRFFNWBMd/B/ENqOdQBOCvogEJch
8ndtEkLE7F5IcIoilNAVjhkIOD+evOSzAkAX+11U46SQsarqqtKkV9EstWb0ZJ7d
ezfWcpjNfJJMRgDu3Z471FwyOt5dDWmecQW/5H7tRjQqHHEKH9OW/JW2AoH4nGOT
rlzlRa0dJ7dXp2WbHaNy9gGQxzZ+Q5vmOClDeHfiZW4gzSfBsdKapFknmL+/VkNt
UmHglvtbq2NcWmjb3RgaA8onLjY8s6x033FniCUdkj2ab/FZqV7c2AlEQwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFLUUsOYBbB+aaxtc93IEeQvzjwzMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvVXRSU3c1Z0ZzSDVwckcxejNjZ1I1Q19PUERNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEg
MA0GCSqGSIb3DQEBCwUAA4IBAQBac+k7vPTTsXRVmeqbpiWgb1Gkim3sC/Dr3YXG
1EAZLR+xIHCEnuo73MZTUGnQGxh1Tt44dyQ65kGBQXXFuRReyWCGmIHOFdIcgYYL
DnkbjPxu/jZNMXyrCcov68+8mRr4NQvU6KHfnDdfYFduef3tb2yNAiHQYWCtmB2P
7AgyQTDd9Ataff+yVKZASjpTEbT/I8kv4w+S2OhRCDqgFizyljVqPYeSorXUkKmU
zLhJbET7t2lBvXySaeYBMQx1PLO1LahzUGG4tgg+8ZRJqurV0TeEVdTKXQTPxQM4
48/SoWLFnUjy1zFQTkfxL/dw6SOUQbhXqdub49E3KaKiHwTq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org