Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/YgQXHIIATLFuuFeWSwh8T2ICPa0.roa
File:                     YgQXHIIATLFuuFeWSwh8T2ICPa0.roa (raw, json)
Hash identifier:          Xl8S0ukbQdFGYTZ9YYCHKJk77hF6EQtNuuVvaMwDBGc=
Subject key identifier:   62:04:17:1C:82:00:4C:B1:6E:B8:57:96:4B:08:7C:4F:62:02:3D:AD
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FAD8CDDA6D6CCF1DD790C3F804C6C38
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/YgQXHIIATLFuuFeWSwh8T2ICPa0.roa
Signing time:             Tue 06 Feb 2024 18:28:16 +0000
ROA not before:           Tue 06 Feb 2024 18:28:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48606
IP address blocks:        2a0f:b241:112::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:ad:8c:dd:a6:d6:cc:f1:dd:79:0c:3f:80:4c:6c:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:28:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6204171c82004cb16eb857964b087c4f62023dad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:1b:69:a1:72:43:27:ac:b9:ab:fe:ad:07:94:
                    c4:dd:ce:b7:56:dc:7c:bf:d7:9a:61:80:f4:64:2d:
                    99:3b:47:a0:89:8d:00:79:ed:c2:da:e7:e8:6e:0c:
                    54:1f:d6:9b:6c:40:84:5f:f9:4b:56:d9:b1:9f:a9:
                    82:3c:dc:83:a5:aa:bf:3e:26:a2:a1:08:97:92:91:
                    99:b1:1b:1a:b6:a6:c8:16:2e:c9:d6:97:02:06:71:
                    93:30:2b:72:41:a2:44:b7:4c:8b:f2:e1:c1:60:3c:
                    9c:3f:b5:4b:cb:20:39:4e:07:1c:91:03:ab:d6:db:
                    2a:b9:6e:b5:d4:c6:c4:17:c4:bd:c1:a1:01:4c:89:
                    fb:fa:ef:01:f3:38:8c:25:67:d7:0b:88:0e:98:a2:
                    a5:04:11:a8:3f:49:3a:b6:3e:6c:a1:38:ee:7a:99:
                    86:62:ba:8d:91:f4:ad:62:38:40:f8:b2:7b:44:72:
                    0a:24:a2:6d:31:b1:87:44:7f:51:1e:62:31:ed:44:
                    8a:59:66:eb:9b:b9:57:37:a3:17:9f:7d:d7:2e:96:
                    0f:ea:e7:6b:09:cf:60:93:e4:0e:d6:ee:29:fa:6a:
                    82:12:90:16:f9:fe:c2:89:8e:4b:e2:e2:7f:f2:01:
                    24:9d:28:28:bf:5b:43:29:ed:25:cb:e2:67:f2:89:
                    94:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:04:17:1C:82:00:4C:B1:6E:B8:57:96:4B:08:7C:4F:62:02:3D:AD
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/YgQXHIIATLFuuFeWSwh8T2ICPa0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:112::/48

    Signature Algorithm: sha256WithRSAEncryption
         11:76:2f:cc:40:13:ff:db:a7:3c:82:c3:a8:aa:4b:42:17:3d:
         99:55:57:7c:1c:df:03:fe:cf:55:e0:f7:b6:69:c6:37:e2:e4:
         fb:ac:35:74:b8:77:48:36:cb:40:06:90:14:39:45:cf:9d:99:
         24:72:51:59:67:f9:64:56:35:02:3f:84:83:ed:f1:a0:e9:ea:
         92:ae:87:9b:67:6d:16:e9:17:2c:67:93:9a:9c:fd:c4:d1:53:
         0a:37:72:a6:0e:c6:a4:e1:e8:a8:86:40:1c:26:34:d6:2d:69:
         cc:e5:f3:ff:f5:b4:e4:ae:39:d1:61:d0:14:31:9f:b0:d5:37:
         3e:80:66:94:05:15:89:cb:5b:c9:76:43:8c:8a:ca:b8:10:86:
         ac:d8:9b:66:94:77:67:10:23:4c:b6:7f:8d:ac:95:62:47:ca:
         49:c4:55:be:c6:94:50:11:27:cc:b4:ed:90:1a:0e:d4:db:a0:
         e3:d0:72:a3:4b:e0:f0:5d:6d:77:31:0f:01:84:e7:a3:80:80:
         09:b5:4b:63:7f:b3:e4:cd:f3:da:0b:b6:97:70:b3:15:1e:0f:
         77:ac:1c:82:d1:63:49:f5:00:b3:3f:d6:da:e2:16:d4:e2:b7:
         71:af:28:bb:63:17:fb:8d:4c:94:28:88:ae:8f:31:92:b0:9f:
         d2:bf:d3:87
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/rYzdptbM8d15DD+ATGw4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjA0MTcxYzgyMDA0Y2IxNmViODU3OTY0YjA4N2M0ZjYyMDIzZGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghtpoXJDJ6y5q/6tB5TE3c63Vtx8
v9eaYYD0ZC2ZO0egiY0Aee3C2ufobgxUH9abbECEX/lLVtmxn6mCPNyDpaq/Piai
oQiXkpGZsRsatqbIFi7J1pcCBnGTMCtyQaJEt0yL8uHBYDycP7VLyyA5TgcckQOr
1tsquW611MbEF8S9waEBTIn7+u8B8ziMJWfXC4gOmKKlBBGoP0k6tj5soTjuepmG
YrqNkfStYjhA+LJ7RHIKJKJtMbGHRH9RHmIx7USKWWbrm7lXN6MXn33XLpYP6udr
Cc9gk+QO1u4p+mqCEpAW+f7CiY5L4uJ/8gEknSgov1tDKe0ly+Jn8omUFQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGIEFxyCAEyxbrhXlksIfE9iAj2tMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvWWdRWEhJSUFUTEZ1dUZlV1N3aDhUMklDUGEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQES
MA0GCSqGSIb3DQEBCwUAA4IBAQARdi/MQBP/26c8gsOoqktCFz2ZVVd8HN8D/s9V
4Pe2acY34uT7rDV0uHdINstABpAUOUXPnZkkclFZZ/lkVjUCP4SD7fGg6eqSroeb
Z20W6RcsZ5OanP3E0VMKN3KmDsak4eiohkAcJjTWLWnM5fP/9bTkrjnRYdAUMZ+w
1Tc+gGaUBRWJy1vJdkOMisq4EIas2JtmlHdnECNMtn+NrJViR8pJxFW+xpRQESfM
tO2QGg7U26Dj0HKjS+DwXW13MQ8BhOejgIAJtUtjf7PkzfPaC7aXcLMVHg93rByC
0WNJ9QCzP9ba4hbU4rdxryi7Yxf7jUyUKIiujzGSsJ/Sv9OH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org