Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bxuSXBqZEI_s_pwXRrVVZguX3q4.roa
File:                     bxuSXBqZEI_s_pwXRrVVZguX3q4.roa (raw, json)
Hash identifier:          uHYeFRl5c9a7cd1B5p5WbcYl0dEzZWQZ0xxlC4volxE=
Subject key identifier:   6F:1B:92:5C:1A:99:10:8F:EC:FE:9C:17:46:B5:55:66:0B:97:DE:AE
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FB6BB96B0F948DBA096521E4EC321B3
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bxuSXBqZEI_s_pwXRrVVZguX3q4.roa
Signing time:             Tue 06 Feb 2024 18:38:18 +0000
ROA not before:           Tue 06 Feb 2024 18:38:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204926
IP address blocks:        2a0f:b241:139::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:b6:bb:96:b0:f9:48:db:a0:96:52:1e:4e:c3:21:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:38:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6f1b925c1a99108fecfe9c1746b555660b97deae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:52:7d:ae:63:ae:e9:bd:51:13:0d:44:ff:0c:
                    96:27:37:d5:27:85:a1:3d:0c:65:43:ae:f7:72:af:
                    17:2b:42:58:a0:b3:96:3a:8d:ce:2c:3c:45:c4:67:
                    a6:4f:1d:5d:54:52:9c:80:ae:2d:68:96:30:8c:97:
                    57:a6:62:12:64:0f:ff:f9:d4:ea:ce:9c:d1:61:99:
                    78:4c:63:e6:27:92:0b:7a:48:32:ac:68:a8:06:10:
                    dc:ab:61:b0:47:e4:00:79:8b:3f:d0:12:92:36:4e:
                    0a:1a:b4:2a:89:cd:59:ea:d2:66:88:db:37:e1:12:
                    f5:0f:82:0b:fb:18:e8:da:47:b0:87:3c:86:f3:be:
                    7c:2c:94:d8:e4:85:3e:f7:cf:e8:20:89:cf:c5:a5:
                    8b:39:d9:6e:b8:cf:5f:9b:91:80:4b:57:2f:80:7b:
                    57:ab:97:ce:ef:5d:f6:a1:89:c3:30:de:a9:37:56:
                    ab:5e:dd:e2:13:e0:85:77:a1:d8:6e:ba:0a:6f:13:
                    a0:db:a1:4a:d7:6f:26:d7:19:31:f2:f1:0a:25:ef:
                    f1:5c:18:52:08:eb:5f:f9:02:51:9f:52:d6:da:61:
                    31:46:28:1b:30:a8:8a:d4:38:f9:53:e2:39:ad:fd:
                    c6:35:a9:f3:59:c8:c2:9d:51:88:21:2d:fb:63:46:
                    a9:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:1B:92:5C:1A:99:10:8F:EC:FE:9C:17:46:B5:55:66:0B:97:DE:AE
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bxuSXBqZEI_s_pwXRrVVZguX3q4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:139::/48

    Signature Algorithm: sha256WithRSAEncryption
         33:b0:db:f5:c4:13:fa:90:56:fd:87:91:28:ab:c9:45:9e:b9:
         45:d5:64:68:be:39:bd:24:c4:ba:27:39:66:be:53:ea:36:d8:
         82:1d:4c:25:ae:ac:d6:1f:13:4a:2d:bb:3b:be:f4:12:48:12:
         8f:67:0a:89:7f:d5:7a:d1:0b:1f:f8:3e:f7:95:05:5e:a7:99:
         7f:bb:c9:5c:8c:3e:12:56:40:20:e4:b8:16:ca:10:51:a1:f8:
         cd:08:f8:ea:12:3c:03:4d:4c:4c:95:d3:0e:ba:2f:4a:ba:5f:
         67:82:a3:ed:e0:d9:8a:44:63:d7:c1:d5:78:0b:48:3f:c2:98:
         80:fb:c4:08:5e:9e:40:8c:70:26:7c:de:e0:da:9e:41:51:54:
         03:34:9f:db:f6:21:a3:b9:17:03:49:c2:d2:03:b7:bb:24:37:
         15:42:51:50:e6:cc:74:27:2f:8b:c0:68:a4:96:8d:52:f9:4c:
         28:d2:c5:17:70:3c:60:89:5d:fd:d7:fc:04:40:74:0b:be:d0:
         90:4b:16:bc:af:d7:8f:c5:80:06:8d:0c:94:c0:97:46:c8:22:
         5d:2d:15:f7:ee:8f:5a:f9:37:5b:d3:80:ff:d2:4a:17:7b:88:
         b9:57:1a:94:b4:68:19:4e:52:ec:ca:f7:69:1d:e4:34:95:1f:
         bb:9d:52:c8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/truWsPlI26CWUh5OwyGzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjFiOTI1YzFhOTkxMDhmZWNmZTljMTc0NmI1NTU2NjBiOTdkZWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFJ9rmOu6b1REw1E/wyWJzfVJ4Wh
PQxlQ673cq8XK0JYoLOWOo3OLDxFxGemTx1dVFKcgK4taJYwjJdXpmISZA//+dTq
zpzRYZl4TGPmJ5ILekgyrGioBhDcq2GwR+QAeYs/0BKSNk4KGrQqic1Z6tJmiNs3
4RL1D4IL+xjo2kewhzyG8758LJTY5IU+98/oIInPxaWLOdluuM9fm5GAS1cvgHtX
q5fO7132oYnDMN6pN1arXt3iE+CFd6HYbroKbxOg26FK128m1xkx8vEKJe/xXBhS
COtf+QJRn1LW2mExRigbMKiK1Dj5U+I5rf3GNanzWcjCnVGIIS37Y0appQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFG8bklwamRCP7P6cF0a1VWYLl96uMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvYnh1U1hCcVpFSV9zX3B3WFJyVlZaZ3VYM3E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQE5
MA0GCSqGSIb3DQEBCwUAA4IBAQAzsNv1xBP6kFb9h5Eoq8lFnrlF1WRovjm9JMS6
JzlmvlPqNtiCHUwlrqzWHxNKLbs7vvQSSBKPZwqJf9V60Qsf+D73lQVep5l/u8lc
jD4SVkAg5LgWyhBRofjNCPjqEjwDTUxMldMOui9Kul9ngqPt4NmKRGPXwdV4C0g/
wpiA+8QIXp5AjHAmfN7g2p5BUVQDNJ/b9iGjuRcDScLSA7e7JDcVQlFQ5sx0Jy+L
wGiklo1S+Uwo0sUXcDxgiV391/wEQHQLvtCQSxa8r9ePxYAGjQyUwJdGyCJdLRX3
7o9a+Tdb04D/0koXe4i5VxqUtGgZTlLsyvdpHeQ0lR+7nVLI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org