Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/YIgikGE1jJKmoRKfx805iJRm5nA.roa
File:                     YIgikGE1jJKmoRKfx805iJRm5nA.roa (raw, json)
Hash identifier:          8qBuj9OmhlqHnr/b2XS81Cka0fMOH+AAeCWO35bbIT4=
Subject key identifier:   60:88:22:90:61:35:8C:92:A6:A1:12:9F:C7:CD:39:88:94:66:E6:70
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D81F0B83258EE24812C63D91A3B7AFB5B
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/YIgikGE1jJKmoRKfx805iJRm5nA.roa
Signing time:             Wed 07 Feb 2024 05:00:53 +0000
ROA not before:           Wed 07 Feb 2024 05:00:53 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215899
IP address blocks:        2a0f:b241:58::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:81:f0:b8:32:58:ee:24:81:2c:63:d9:1a:3b:7a:fb:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  7 05:00:53 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6088229061358c92a6a1129fc7cd39889466e670
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:81:d9:51:4f:8b:f3:55:f6:b3:62:af:5c:1e:
                    56:28:05:d2:97:9d:e5:47:3a:f9:4c:e1:51:ca:84:
                    cf:c9:9b:c1:62:a5:75:9e:1c:90:99:97:c3:fb:1f:
                    8e:96:68:23:fd:00:60:a3:dc:19:d5:27:86:34:4a:
                    0f:1b:39:84:f5:bb:93:cf:1f:e6:f2:42:d7:a8:73:
                    3f:20:b2:ea:b3:ac:1b:2b:b9:6a:7f:43:ab:b2:93:
                    a3:50:93:62:d6:47:32:a2:9c:71:a4:47:f7:89:d7:
                    5c:42:ab:55:a1:cb:cb:9d:b1:65:25:73:02:ae:76:
                    05:5f:79:eb:78:f9:dd:57:c7:a0:e2:5d:5d:1b:c5:
                    d0:23:9f:8a:c5:6d:cd:ee:ad:81:6c:3e:ef:52:62:
                    03:07:6f:e3:4f:0c:32:f2:9d:92:80:5a:37:e3:83:
                    d5:c4:dd:e6:26:4c:60:05:d1:72:ed:5e:53:d4:b7:
                    51:36:f8:3b:69:ee:30:4d:d7:fc:a4:ba:28:55:81:
                    fc:c0:69:70:66:29:25:52:77:51:cf:0d:ce:c1:6e:
                    27:91:81:b9:03:83:29:47:a9:48:8c:0b:8e:17:4c:
                    36:94:bb:0f:90:81:9d:d3:4a:c5:57:36:fa:80:b7:
                    1f:47:18:7c:cf:e0:ed:d5:55:1d:19:32:1a:e7:27:
                    10:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:88:22:90:61:35:8C:92:A6:A1:12:9F:C7:CD:39:88:94:66:E6:70
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/YIgikGE1jJKmoRKfx805iJRm5nA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:58::/48

    Signature Algorithm: sha256WithRSAEncryption
         43:33:9b:26:fa:6c:8f:0d:9e:da:e8:a2:91:2a:32:d8:7d:a2:
         22:8d:f3:d8:b4:7b:05:95:0c:a1:19:bd:70:1d:fe:92:d9:55:
         8b:8b:e3:6c:c7:5c:9e:f7:04:c2:e7:11:d0:f4:99:3f:65:35:
         e9:3c:32:96:5c:b6:fe:a8:62:8c:30:42:72:98:76:3d:fe:c1:
         6f:b0:da:c4:29:1d:68:ea:f5:c5:48:4f:0b:c1:73:54:54:b0:
         62:0d:b3:d8:6d:2f:ab:7d:55:02:e2:8a:a9:49:a3:43:e4:b4:
         12:0b:7d:ab:97:fb:5c:41:0b:e7:45:fa:55:51:f2:44:80:6b:
         c1:5e:31:97:0f:af:6b:ff:3c:a6:c9:5c:95:d0:9e:5f:4f:ac:
         c2:77:01:a4:a8:c1:f8:95:8b:02:ea:fb:39:a6:36:54:ea:ef:
         a5:ed:be:94:1c:3e:84:79:91:40:50:e5:0a:fe:32:6a:2e:a1:
         48:99:ea:66:41:40:4d:4a:a3:ab:87:a0:2d:34:c2:1a:10:5b:
         be:62:ad:b1:2e:26:06:de:be:b4:78:c5:25:37:f8:9d:e9:2a:
         20:23:d5:2e:78:1b:29:ff:f6:c7:0e:9c:e8:fe:32:6b:43:1f:
         96:5c:6d:ef:9e:8f:ed:da:9d:db:11:c5:96:a3:58:27:2e:d9:
         6e:3f:22:0c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8LgyWO4kgSxj2Ro7evtbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDg4MjI5MDYxMzU4YzkyYTZhMTEyOWZjN2NkMzk4ODk0NjZlNjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIHZUU+L81X2s2KvXB5WKAXSl53l
Rzr5TOFRyoTPyZvBYqV1nhyQmZfD+x+Olmgj/QBgo9wZ1SeGNEoPGzmE9buTzx/m
8kLXqHM/ILLqs6wbK7lqf0OrspOjUJNi1kcyopxxpEf3iddcQqtVocvLnbFlJXMC
rnYFX3nrePndV8eg4l1dG8XQI5+KxW3N7q2BbD7vUmIDB2/jTwwy8p2SgFo344PV
xN3mJkxgBdFy7V5T1LdRNvg7ae4wTdf8pLooVYH8wGlwZiklUndRzw3OwW4nkYG5
A4MpR6lIjAuOF0w2lLsPkIGd00rFVzb6gLcfRxh8z+Dt1VUdGTIa5ycQrwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGCIIpBhNYySpqESn8fNOYiUZuZwMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvWUlnaWtHRTFqSkttb1JLZng4MDVpSlJtNW5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBY
MA0GCSqGSIb3DQEBCwUAA4IBAQBDM5sm+myPDZ7a6KKRKjLYfaIijfPYtHsFlQyh
Gb1wHf6S2VWLi+Nsx1ye9wTC5xHQ9Jk/ZTXpPDKWXLb+qGKMMEJymHY9/sFvsNrE
KR1o6vXFSE8LwXNUVLBiDbPYbS+rfVUC4oqpSaND5LQSC32rl/tcQQvnRfpVUfJE
gGvBXjGXD69r/zymyVyV0J5fT6zCdwGkqMH4lYsC6vs5pjZU6u+l7b6UHD6EeZFA
UOUK/jJqLqFImepmQUBNSqOrh6AtNMIaEFu+Yq2xLiYG3r60eMUlN/id6SogI9Uu
eBsp//bHDpzo/jJrQx+WXG3vno/t2p3bEcWWo1gnLtluPyIM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:09 2024 by rpki-client on console-ams.rpki-client.org