Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Veh5gQ4iLddoSbuLoETHh3cgR2o.roa
File:                     Veh5gQ4iLddoSbuLoETHh3cgR2o.roa (raw, json)
Hash identifier:          KVwNDVC4rP1Hlydk4f6mw/vRP8iDrJtMD127IAcnLoQ=
Subject key identifier:   55:E8:79:81:0E:22:2D:D7:68:49:BB:8B:A0:44:C7:87:77:20:47:6A
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FA9E2386EEBEC934ECD3A3BE8F1611E
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Veh5gQ4iLddoSbuLoETHh3cgR2o.roa
Signing time:             Tue 06 Feb 2024 18:24:16 +0000
ROA not before:           Tue 06 Feb 2024 18:24:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200731
IP address blocks:        2a0f:b241:cd::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:a9:e2:38:6e:eb:ec:93:4e:cd:3a:3b:e8:f1:61:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:24:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=55e879810e222dd76849bb8ba044c7877720476a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:4f:eb:33:08:00:03:99:63:48:55:aa:74:41:
                    5f:43:45:a5:ef:db:62:36:d2:a2:c8:5c:36:72:fb:
                    7c:84:53:80:2c:a4:31:c0:25:50:7b:ed:75:5d:96:
                    7d:37:b7:0f:4a:ed:3d:46:36:af:d6:94:2c:b2:2a:
                    bf:92:dc:d0:14:d3:d0:44:27:66:2a:18:f8:2c:57:
                    3d:82:ed:80:63:c0:bd:a6:45:ef:21:7e:9c:6f:12:
                    8f:97:b6:f1:3c:5a:08:b2:cd:ac:4d:bb:dc:02:76:
                    5f:73:a8:60:c2:2b:3e:86:51:8d:bc:1d:53:17:1d:
                    fd:98:c2:4d:05:d3:60:f6:9e:13:72:3c:dd:a3:c6:
                    88:fb:b7:43:0d:52:65:d9:ad:8f:cc:26:78:b4:15:
                    da:81:15:e4:88:6a:80:de:dd:a4:70:cd:56:1e:b5:
                    95:02:e0:d3:10:6b:80:75:0e:e6:46:aa:16:38:83:
                    d1:73:63:fd:81:e9:c8:41:4a:ab:93:76:e0:89:e2:
                    44:f0:33:f3:34:46:43:be:40:b9:d3:e0:bc:92:28:
                    db:f5:12:4a:b7:ef:a1:f9:a1:c7:26:f8:c8:81:d2:
                    d7:1a:01:7c:04:84:b8:b7:09:44:97:cc:00:c9:ce:
                    88:6c:07:b4:1f:7a:b6:94:83:2a:11:f3:39:62:ee:
                    6d:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:E8:79:81:0E:22:2D:D7:68:49:BB:8B:A0:44:C7:87:77:20:47:6A
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Veh5gQ4iLddoSbuLoETHh3cgR2o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:cd::/48

    Signature Algorithm: sha256WithRSAEncryption
         64:d9:c5:ad:7d:d3:f7:12:25:82:a4:3e:f6:64:17:ce:a6:8a:
         e4:73:7d:3e:7b:84:bd:0b:2b:ee:81:f8:e5:b6:16:68:46:b4:
         c7:02:67:9c:75:63:b8:4a:22:bf:29:dc:60:ee:3d:59:a9:2d:
         49:13:36:ee:55:e6:ab:16:79:7e:c6:10:9c:9f:80:ea:14:04:
         f4:d8:b2:45:03:3b:91:d3:40:6d:ce:77:07:0e:72:0e:10:90:
         a4:0d:9b:5e:08:d9:09:ef:4f:aa:54:fb:dd:67:9e:bb:7c:43:
         47:61:3f:ca:98:62:ed:4f:64:9e:13:22:94:69:e3:82:d3:68:
         f5:a6:29:b6:2f:ca:56:ed:cd:c6:5e:4a:31:9a:4f:c7:91:fc:
         71:84:9c:86:16:b8:e3:22:1d:2d:d4:ca:e9:8b:65:b1:d7:11:
         f9:10:b4:30:55:8d:2f:e9:df:6e:dc:2c:6f:b9:04:32:7c:32:
         44:c9:05:5c:be:0d:ca:96:1d:27:98:b6:c0:a9:7d:36:d2:cb:
         e5:4c:12:44:c6:b5:77:05:69:a7:72:8f:a2:bc:bc:e1:3a:e8:
         cc:5d:e0:8d:22:80:f3:f5:79:89:45:40:29:d6:2f:b7:85:c4:
         ea:c1:f1:18:c3:20:bd:08:6f:64:35:37:66:15:70:7d:94:10:
         41:fa:91:65
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qeI4buvsk07NOjvo8WEeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWU4Nzk4MTBlMjIyZGQ3Njg0OWJiOGJhMDQ0Yzc4Nzc3MjA0NzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30/rMwgAA5ljSFWqdEFfQ0Wl79ti
NtKiyFw2cvt8hFOALKQxwCVQe+11XZZ9N7cPSu09Rjav1pQssiq/ktzQFNPQRCdm
Khj4LFc9gu2AY8C9pkXvIX6cbxKPl7bxPFoIss2sTbvcAnZfc6hgwis+hlGNvB1T
Fx39mMJNBdNg9p4Tcjzdo8aI+7dDDVJl2a2PzCZ4tBXagRXkiGqA3t2kcM1WHrWV
AuDTEGuAdQ7mRqoWOIPRc2P9genIQUqrk3bgieJE8DPzNEZDvkC50+C8kijb9RJK
t++h+aHHJvjIgdLXGgF8BIS4twlEl8wAyc6IbAe0H3q2lIMqEfM5Yu5tJwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFXoeYEOIi3XaEm7i6BEx4d3IEdqMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvVmVoNWdRNGlMZGRvU2J1TG9FVEhoM2NnUjJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDN
MA0GCSqGSIb3DQEBCwUAA4IBAQBk2cWtfdP3EiWCpD72ZBfOporkc30+e4S9Cyvu
gfjlthZoRrTHAmecdWO4SiK/Kdxg7j1ZqS1JEzbuVearFnl+xhCcn4DqFAT02LJF
AzuR00BtzncHDnIOEJCkDZteCNkJ70+qVPvdZ567fENHYT/KmGLtT2SeEyKUaeOC
02j1pim2L8pW7c3GXkoxmk/HkfxxhJyGFrjjIh0t1Mrpi2Wx1xH5ELQwVY0v6d9u
3CxvuQQyfDJEyQVcvg3Klh0nmLbAqX020svlTBJExrV3BWmnco+ivLzhOujMXeCN
IoDz9XmJRUAp1i+3hcTqwfEYwyC9CG9kNTdmFXB9lBBB+pFl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org