Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/WhNpaZuxOvB3PTzkn5uOEyx8-bQ.roa
File:                     WhNpaZuxOvB3PTzkn5uOEyx8-bQ.roa (raw, json)
Hash identifier:          cVL6sIgDxxE482IJEoeXZAo1gCvvLd8yCmWZRSB93mA=
Subject key identifier:   5A:13:69:69:9B:B1:3A:F0:77:3D:3C:E4:9F:9B:8E:13:2C:7C:F9:B4
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7F94909350140CB75E3301A7C5B4EA60
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/WhNpaZuxOvB3PTzkn5uOEyx8-bQ.roa
Signing time:             Tue 06 Feb 2024 18:00:59 +0000
ROA not before:           Tue 06 Feb 2024 18:00:59 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     199830
IP address blocks:        2a0f:b241:34::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:94:90:93:50:14:0c:b7:5e:33:01:a7:c5:b4:ea:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:00:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5a1369699bb13af0773d3ce49f9b8e132c7cf9b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:64:77:1f:3c:59:1f:77:b8:db:ae:a5:b6:bb:
                    8d:87:94:70:77:8d:45:cc:e9:b2:f7:3c:d5:1b:7a:
                    94:b1:75:d3:e3:ab:f4:11:64:a9:b9:b5:1c:49:27:
                    9b:0f:cd:af:87:58:30:64:fe:0e:8e:1c:47:7f:33:
                    7f:d8:66:08:55:80:cb:b7:1e:14:49:1e:7f:05:21:
                    4a:c4:9d:cc:f8:a1:91:bb:0c:9f:19:a3:49:0f:9f:
                    e1:9c:0d:f5:1c:25:23:ee:1d:01:1f:89:a1:aa:4d:
                    8b:b6:0d:44:6b:80:f6:35:c8:6f:ff:95:5b:d8:17:
                    a7:19:bc:f0:9b:33:13:c3:bb:1f:8b:fc:31:cd:07:
                    51:84:40:34:30:f5:55:e2:b2:0c:25:0a:2d:51:f6:
                    8d:ad:3d:a5:70:15:b1:f5:1f:25:aa:dc:df:65:fe:
                    7a:6d:ea:53:9b:89:d1:85:3e:05:e0:3b:0d:d6:c2:
                    a2:c8:99:fd:5b:85:c8:77:a3:eb:78:06:6e:08:fa:
                    40:b9:20:e8:9d:f0:8a:9f:ec:34:f4:42:a9:3f:c3:
                    d2:1b:37:07:0f:b5:c1:01:da:db:fc:b8:68:c1:e7:
                    17:14:7f:26:fc:f3:93:e1:11:90:5a:2b:d7:28:64:
                    4f:9a:5c:c4:bc:dc:17:89:32:27:1c:a4:81:d8:b7:
                    99:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:13:69:69:9B:B1:3A:F0:77:3D:3C:E4:9F:9B:8E:13:2C:7C:F9:B4
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/WhNpaZuxOvB3PTzkn5uOEyx8-bQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:34::/48

    Signature Algorithm: sha256WithRSAEncryption
         07:cf:ba:69:1b:6e:1a:04:f5:e5:a3:4a:a4:67:41:9e:78:8a:
         b8:97:f3:46:69:31:c0:fc:b5:16:29:71:f5:93:24:7e:ff:dd:
         09:25:98:b9:4c:34:a7:37:19:59:3e:29:0d:b6:3d:ba:7f:2b:
         b9:47:c7:5e:ed:d9:aa:92:09:c2:d8:3f:75:f5:45:e1:aa:34:
         fd:a7:59:b2:c0:90:66:5c:f6:ce:0f:3e:a8:fb:a0:42:ed:d9:
         e6:3c:30:17:6a:b1:1c:19:99:0f:7e:cd:00:7c:e5:46:b6:1b:
         50:d4:d8:12:10:b8:16:40:f6:30:73:61:82:a7:dd:30:3d:ff:
         b9:9b:d5:6a:ff:5c:cf:96:b6:9b:83:76:ee:71:1d:96:67:27:
         3e:ce:08:2f:59:0c:1d:a5:cd:45:7e:77:eb:41:af:1d:13:df:
         28:aa:7a:82:fd:39:dc:92:14:89:61:b2:6b:74:9d:b9:27:c7:
         cc:00:14:e5:7d:c9:38:48:c1:fd:0b:24:d8:bd:f2:30:6e:40:
         41:8b:3a:69:38:4e:0e:04:a1:9b:73:75:41:56:98:21:f4:f7:
         1d:43:ab:3a:01:39:0f:2b:bf:74:86:19:d7:ed:61:b8:f7:ed:
         1f:a7:57:49:56:3a:78:2f:a0:63:4b:15:e5:a4:c7:dd:a8:35:
         4d:ca:31:a7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lJCTUBQMt14zAafFtOpgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTEzNjk2OTliYjEzYWYwNzczZDNjZTQ5ZjliOGUxMzJjN2NmOWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2R3HzxZH3e4266ltruNh5Rwd41F
zOmy9zzVG3qUsXXT46v0EWSpubUcSSebD82vh1gwZP4OjhxHfzN/2GYIVYDLtx4U
SR5/BSFKxJ3M+KGRuwyfGaNJD5/hnA31HCUj7h0BH4mhqk2Ltg1Ea4D2Nchv/5Vb
2BenGbzwmzMTw7sfi/wxzQdRhEA0MPVV4rIMJQotUfaNrT2lcBWx9R8lqtzfZf56
bepTm4nRhT4F4DsN1sKiyJn9W4XId6PreAZuCPpAuSDonfCKn+w09EKpP8PSGzcH
D7XBAdrb/LhowecXFH8m/POT4RGQWivXKGRPmlzEvNwXiTInHKSB2LeZYQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFoTaWmbsTrwdz085J+bjhMsfPm0MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvV2hOcGFadXhPdkIzUFR6a241dU9FeXg4LWJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQA0
MA0GCSqGSIb3DQEBCwUAA4IBAQAHz7ppG24aBPXlo0qkZ0GeeIq4l/NGaTHA/LUW
KXH1kyR+/90JJZi5TDSnNxlZPikNtj26fyu5R8de7dmqkgnC2D919UXhqjT9p1my
wJBmXPbODz6o+6BC7dnmPDAXarEcGZkPfs0AfOVGthtQ1NgSELgWQPYwc2GCp90w
Pf+5m9Vq/1zPlrabg3bucR2WZyc+zggvWQwdpc1FfnfrQa8dE98oqnqC/TnckhSJ
YbJrdJ25J8fMABTlfck4SMH9CyTYvfIwbkBBizppOE4OBKGbc3VBVpgh9PcdQ6s6
ATkPK790hhnX7WG49+0fp1dJVjp4L6BjSxXlpMfdqDVNyjGn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org