Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ZuW4DokMHkwkirgkHpbLAJ_F4wc.roa
File:                     ZuW4DokMHkwkirgkHpbLAJ_F4wc.roa (raw, json)
Hash identifier:          XwPQJyS7VDBjtlzpFPkcU2yNnneo0poSBu0HHwRF8ME=
Subject key identifier:   66:E5:B8:0E:89:0C:1E:4C:24:8A:B8:24:1E:96:CB:00:9F:C5:E3:07
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FB5CAC28269B19835A31F9CD975C48B
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ZuW4DokMHkwkirgkHpbLAJ_F4wc.roa
Signing time:             Tue 06 Feb 2024 18:37:16 +0000
ROA not before:           Tue 06 Feb 2024 18:37:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197900
IP address blocks:        2a0f:b241:129::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:b5:ca:c2:82:69:b1:98:35:a3:1f:9c:d9:75:c4:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:37:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=66e5b80e890c1e4c248ab8241e96cb009fc5e307
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:6e:80:e9:d7:88:15:dc:22:80:b1:60:90:55:
                    2e:c5:b9:38:fd:8b:ef:f7:b2:6f:aa:b9:4a:da:0a:
                    f4:63:78:b3:89:05:fb:04:47:0d:bd:0e:77:fc:a7:
                    a6:cf:20:dc:8d:39:56:95:6b:3f:d4:bf:84:8d:45:
                    c3:57:73:92:4a:d5:9d:00:2d:d6:c8:a8:c2:76:2b:
                    cb:2e:b4:d1:bb:91:02:55:5c:7f:fb:6a:1d:5b:0e:
                    be:c3:2c:62:8b:8d:55:89:09:78:ce:9b:3a:37:50:
                    ab:67:91:5f:20:95:ad:52:d0:e6:a1:4b:c9:db:56:
                    f7:91:9f:42:79:35:72:50:70:93:14:6f:c3:74:80:
                    78:7d:9d:f1:63:77:65:5c:d5:27:77:97:8c:45:bb:
                    57:9f:e1:6a:40:1d:45:a5:e6:b2:5a:a5:bb:64:17:
                    99:5f:51:27:cf:fb:87:f6:d3:a2:95:68:74:18:8d:
                    83:b8:ae:9f:45:84:1f:32:e1:6a:68:9e:3d:4e:12:
                    27:6c:17:4b:05:34:d4:4e:13:f2:08:c1:ff:b1:f6:
                    f9:24:03:09:ee:37:d1:90:24:be:c4:b7:b8:3c:e5:
                    30:a2:72:96:8d:23:5d:49:8b:7b:77:0c:d1:29:b7:
                    ad:ce:c8:fc:65:b4:08:0b:a0:c5:45:32:23:6e:e1:
                    77:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:E5:B8:0E:89:0C:1E:4C:24:8A:B8:24:1E:96:CB:00:9F:C5:E3:07
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ZuW4DokMHkwkirgkHpbLAJ_F4wc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:129::/48

    Signature Algorithm: sha256WithRSAEncryption
         0b:b1:9b:af:33:a3:44:d9:ee:db:70:01:6c:ba:3b:ce:23:05:
         5e:b2:17:ff:e1:c3:8f:f0:97:b2:39:42:4a:1f:58:15:65:a3:
         2c:5c:f6:6f:57:09:eb:aa:be:21:89:4b:2a:20:f8:27:fa:69:
         f2:51:f3:b1:15:e9:0b:d9:71:bb:b2:97:da:50:ef:9b:28:60:
         37:d6:93:af:78:8a:08:34:a3:19:9b:29:95:0e:cf:a4:33:47:
         a5:8d:26:c1:f5:97:5b:5e:1c:9f:cc:21:ac:49:ec:25:ae:c6:
         53:52:45:b1:06:49:e2:76:77:69:6e:ee:93:be:06:70:1d:84:
         07:7a:22:14:5a:be:0b:ed:3f:7b:11:b3:e7:30:07:21:af:43:
         b8:83:9c:34:89:b5:b1:90:5f:24:9a:cc:2e:cf:95:c7:10:08:
         a1:45:67:c0:df:1c:5e:25:81:66:90:b3:17:0f:39:e7:79:a9:
         64:03:ab:af:4f:1a:93:46:c8:58:08:51:58:af:29:30:6c:54:
         0f:49:d7:72:36:fd:b0:55:6f:c1:25:05:00:e6:46:74:c0:64:
         42:13:5c:3d:53:f3:86:1b:8d:79:bb:11:08:93:9e:a0:58:56:
         f9:ee:62:b5:02:2d:ba:05:24:10:25:80:61:c4:74:4b:ce:37:
         4b:ba:24:21
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/tcrCgmmxmDWjH5zZdcSLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmU1YjgwZTg5MGMxZTRjMjQ4YWI4MjQxZTk2Y2IwMDlmYzVlMzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxW6A6deIFdwigLFgkFUuxbk4/Yvv
97JvqrlK2gr0Y3iziQX7BEcNvQ53/KemzyDcjTlWlWs/1L+EjUXDV3OSStWdAC3W
yKjCdivLLrTRu5ECVVx/+2odWw6+wyxii41ViQl4zps6N1CrZ5FfIJWtUtDmoUvJ
21b3kZ9CeTVyUHCTFG/DdIB4fZ3xY3dlXNUnd5eMRbtXn+FqQB1FpeayWqW7ZBeZ
X1Enz/uH9tOilWh0GI2DuK6fRYQfMuFqaJ49ThInbBdLBTTUThPyCMH/sfb5JAMJ
7jfRkCS+xLe4POUwonKWjSNdSYt7dwzRKbetzsj8ZbQIC6DFRTIjbuF3eQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGbluA6JDB5MJIq4JB6WywCfxeMHMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvWnVXNERva01Ia3draXJna0hwYkxBSl9GNHdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEp
MA0GCSqGSIb3DQEBCwUAA4IBAQALsZuvM6NE2e7bcAFsujvOIwVeshf/4cOP8Jey
OUJKH1gVZaMsXPZvVwnrqr4hiUsqIPgn+mnyUfOxFekL2XG7spfaUO+bKGA31pOv
eIoINKMZmymVDs+kM0eljSbB9ZdbXhyfzCGsSewlrsZTUkWxBknidndpbu6TvgZw
HYQHeiIUWr4L7T97EbPnMAchr0O4g5w0ibWxkF8kmswuz5XHEAihRWfA3xxeJYFm
kLMXDznnealkA6uvTxqTRshYCFFYrykwbFQPSddyNv2wVW/BJQUA5kZ0wGRCE1w9
U/OGG415uxEIk56gWFb57mK1Ai26BSQQJYBhxHRLzjdLuiQh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org