Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ZKf6FkrujL_OpjnDfLwRsCC_gMU.roa
File:                     ZKf6FkrujL_OpjnDfLwRsCC_gMU.roa (raw, json)
Hash identifier:          qFCWQ1d48ILxxswiLa8AMH+uq1AEcck3fjiRvQbI6SQ=
Subject key identifier:   64:A7:FA:16:4A:EE:8C:BF:CE:A6:39:C3:7C:BC:11:B0:20:BF:80:C5
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D81F05D4F4B94FA876AFB62FE7A5BB478
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ZKf6FkrujL_OpjnDfLwRsCC_gMU.roa
Signing time:             Wed 07 Feb 2024 05:00:29 +0000
ROA not before:           Wed 07 Feb 2024 05:00:29 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48605
IP address blocks:        2a0f:b241:112::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:81:f0:5d:4f:4b:94:fa:87:6a:fb:62:fe:7a:5b:b4:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  7 05:00:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=64a7fa164aee8cbfcea639c37cbc11b020bf80c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:5f:7d:74:2d:1e:91:8a:fb:03:8f:bd:cb:85:
                    4f:3e:65:cc:d6:e7:5f:0c:87:fc:fc:93:20:fc:7f:
                    d8:74:89:80:11:c5:81:ca:00:f7:15:6f:19:78:12:
                    e8:9f:c0:49:26:84:99:af:2b:16:a6:c5:e5:79:cd:
                    46:e4:2c:e4:ac:6b:9a:04:e8:36:a3:c8:93:58:c2:
                    8c:dd:e2:f6:a0:ba:e4:90:8c:d7:6c:a1:06:01:0b:
                    7b:5f:d0:36:03:2c:8e:57:f9:0c:e5:48:dc:f2:7a:
                    12:8a:89:3a:ac:4d:7b:e2:9e:74:ab:59:a5:18:5a:
                    db:11:8d:80:d7:9e:7f:71:c9:fb:13:7b:63:70:a8:
                    1a:7b:46:29:e8:ce:82:71:18:eb:80:7f:d4:50:a5:
                    b6:ea:ea:31:a0:dd:c5:c2:de:b2:bc:92:27:a1:e0:
                    87:7c:f4:d6:54:20:14:5e:ce:b6:1a:79:ed:51:68:
                    58:68:23:92:3b:cd:bf:94:f4:c4:0d:77:7a:77:e3:
                    91:d4:b6:cb:74:79:e4:7b:46:eb:3c:82:a2:d0:46:
                    ca:8c:83:ff:e2:b2:f4:48:49:8a:1c:95:fd:c9:b2:
                    ae:f2:78:4b:e1:89:a9:e3:8b:bd:b0:b5:97:81:13:
                    86:bb:e5:cd:83:b2:1d:65:86:d4:10:22:4e:1a:2d:
                    fb:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:A7:FA:16:4A:EE:8C:BF:CE:A6:39:C3:7C:BC:11:B0:20:BF:80:C5
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ZKf6FkrujL_OpjnDfLwRsCC_gMU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:112::/48

    Signature Algorithm: sha256WithRSAEncryption
         2d:f8:e4:00:93:50:ab:73:38:62:1b:c4:b3:78:d5:18:d3:51:
         f6:fc:e7:e6:7f:f8:b6:60:49:43:bd:79:9d:93:6d:f7:6a:0f:
         37:6a:98:76:4b:5c:88:cb:b3:99:2b:7d:0d:72:3d:c1:34:19:
         85:e8:73:07:2b:fd:d6:9f:3a:07:cd:f7:56:0a:53:57:b9:4d:
         14:68:47:c3:a1:f9:71:b8:07:bf:91:18:e8:f1:c9:ba:3c:aa:
         ca:56:47:ca:74:ab:84:43:30:b4:3a:e6:76:15:86:9d:ae:7e:
         5b:d8:7c:8f:6d:58:57:89:d1:c6:15:80:17:e0:6d:a4:76:dc:
         3a:e8:a5:dc:5f:f7:37:1d:4d:b1:54:50:a0:f0:c0:19:45:0b:
         ab:71:97:1a:83:30:c4:70:5f:01:b3:d6:d9:97:5d:14:5c:d2:
         a9:f7:7d:a1:c7:65:61:0d:36:b9:90:96:bc:f0:60:c6:6b:6b:
         97:73:17:34:57:89:ef:03:d8:97:91:fc:57:96:56:d8:fa:21:
         61:e2:d0:6e:7f:6a:0c:04:d6:ce:48:ff:3f:65:bb:37:29:0e:
         d1:48:c3:55:21:f6:bc:66:d0:54:61:87:72:91:f2:d6:4c:7a:
         70:59:03:32:65:6c:20:52:02:be:45:9c:bd:52:3a:ee:34:e5:
         f1:26:39:da
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8F1PS5T6h2r7Yv56W7R4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGE3ZmExNjRhZWU4Y2JmY2VhNjM5YzM3Y2JjMTFiMDIwYmY4MGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArF99dC0ekYr7A4+9y4VPPmXM1udf
DIf8/JMg/H/YdImAEcWBygD3FW8ZeBLon8BJJoSZrysWpsXlec1G5CzkrGuaBOg2
o8iTWMKM3eL2oLrkkIzXbKEGAQt7X9A2AyyOV/kM5Ujc8noSiok6rE174p50q1ml
GFrbEY2A155/ccn7E3tjcKgae0Yp6M6CcRjrgH/UUKW26uoxoN3Fwt6yvJInoeCH
fPTWVCAUXs62GnntUWhYaCOSO82/lPTEDXd6d+OR1LbLdHnke0brPIKi0EbKjIP/
4rL0SEmKHJX9ybKu8nhL4Ymp44u9sLWXgROGu+XNg7IdZYbUECJOGi37qQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGSn+hZK7oy/zqY5w3y8EbAgv4DFMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvWktmNkZrcnVqTF9PcGpuRGZMd1JzQ0NfZ01VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQES
MA0GCSqGSIb3DQEBCwUAA4IBAQAt+OQAk1CrczhiG8SzeNUY01H2/Ofmf/i2YElD
vXmdk233ag83aph2S1yIy7OZK30Ncj3BNBmF6HMHK/3WnzoHzfdWClNXuU0UaEfD
oflxuAe/kRjo8cm6PKrKVkfKdKuEQzC0OuZ2FYadrn5b2HyPbVhXidHGFYAX4G2k
dtw66KXcX/c3HU2xVFCg8MAZRQurcZcagzDEcF8Bs9bZl10UXNKp932hx2VhDTa5
kJa88GDGa2uXcxc0V4nvA9iXkfxXllbY+iFh4tBuf2oMBNbOSP8/Zbs3KQ7RSMNV
Ifa8ZtBUYYdykfLWTHpwWQMyZWwgUgK+RZy9UjruNOXxJjna
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org