Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/cn7g9QXbqhiGaIM5w9n5uSLga3Y.roa
File:                     cn7g9QXbqhiGaIM5w9n5uSLga3Y.roa (raw, json)
Hash identifier:          yerOYqbmMYLLgHacqLMHDrUgLnv4xK6rLXTsR7b1qjk=
Subject key identifier:   72:7E:E0:F5:05:DB:AA:18:86:68:83:39:C3:D9:F9:B9:22:E0:6B:76
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FA8FE93CBD97E97113F333BC5EBD80D
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/cn7g9QXbqhiGaIM5w9n5uSLga3Y.roa
Signing time:             Tue 06 Feb 2024 18:23:18 +0000
ROA not before:           Tue 06 Feb 2024 18:23:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200329
IP address blocks:        2a0f:b241:b9::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:a8:fe:93:cb:d9:7e:97:11:3f:33:3b:c5:eb:d8:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:23:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=727ee0f505dbaa1886688339c3d9f9b922e06b76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:28:cc:3b:cc:b2:ae:1b:db:1f:8f:fc:54:b4:
                    7a:50:36:18:b4:a7:86:34:6b:4a:84:84:1f:84:fd:
                    5b:fe:b9:d1:8d:a7:6c:c8:64:5a:5b:15:b3:df:31:
                    07:11:68:46:ec:88:f6:94:18:33:02:2b:28:05:55:
                    61:43:43:75:9c:c0:12:31:d1:3e:e7:d6:69:92:73:
                    09:4a:6c:4a:32:b3:88:25:11:04:00:0c:5b:9f:d5:
                    22:e0:95:3a:4e:d2:14:37:60:64:e5:20:79:75:dc:
                    31:10:7b:86:57:60:da:32:eb:a7:f1:58:83:70:d5:
                    d0:37:f1:bc:a4:03:28:22:42:9e:a1:57:98:2c:99:
                    d0:f6:df:a9:c0:c1:25:29:82:54:07:72:92:04:c2:
                    d4:34:6a:72:47:d7:46:06:e6:0c:3b:3a:0b:e8:1b:
                    30:23:11:fa:cc:87:e0:07:82:19:27:4d:5f:57:0e:
                    6c:57:f4:80:55:58:fa:8d:66:5c:33:3a:ab:97:dc:
                    bf:e4:02:b5:1a:73:27:ad:81:bb:5e:58:0a:55:77:
                    f7:a3:69:a7:c7:fe:0a:84:41:a5:e6:a4:df:38:64:
                    84:73:80:93:60:c1:be:2d:45:cd:00:75:58:52:83:
                    2c:b8:35:02:a6:5e:5c:b6:3b:4a:19:55:19:08:22:
                    fa:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:7E:E0:F5:05:DB:AA:18:86:68:83:39:C3:D9:F9:B9:22:E0:6B:76
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/cn7g9QXbqhiGaIM5w9n5uSLga3Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:b9::/48

    Signature Algorithm: sha256WithRSAEncryption
         39:06:0d:40:f9:24:2b:51:1d:8e:3e:d7:62:22:70:8b:da:94:
         ce:07:70:df:35:26:3f:af:97:5d:f6:77:3e:3f:a4:ee:e7:f0:
         b9:30:3b:af:87:35:d1:74:a7:6b:a2:3b:b4:b6:1b:e2:bf:f6:
         78:05:94:10:8a:1a:89:4b:9d:dd:7b:f7:b9:f7:42:89:26:8a:
         73:a1:c7:24:e8:50:00:fb:4c:44:fe:ef:28:a3:b8:ad:ae:67:
         4a:a3:af:45:1b:09:63:0f:50:0b:2c:ec:fc:87:fd:d7:5b:42:
         22:bc:e5:a0:a5:0f:2f:91:e7:04:86:2a:78:b4:b7:31:cf:34:
         b2:84:fc:2b:57:2d:cd:22:e8:71:6f:93:00:7f:0a:8e:70:64:
         0a:19:fb:62:16:38:0f:67:00:20:e8:6d:02:b0:7f:96:54:ce:
         fd:63:b3:eb:7e:cc:2b:85:97:b8:13:0f:3d:37:d7:09:a0:15:
         94:b3:77:43:1f:78:eb:08:b7:90:63:3e:0c:dd:86:22:8d:5f:
         32:32:07:cc:8f:f6:7c:e7:df:d0:e2:e9:49:38:98:7e:22:b9:
         78:45:b9:0f:2a:67:15:f7:1d:50:1e:cf:09:06:50:17:3d:7f:
         28:01:d2:1b:7a:01:c2:2c:cd:ed:15:35:05:7d:f5:38:8f:ef:
         db:3e:97:02
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qP6Ty9l+lxE/MzvF69gNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjdlZTBmNTA1ZGJhYTE4ODY2ODgzMzljM2Q5ZjliOTIyZTA2Yjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCjMO8yyrhvbH4/8VLR6UDYYtKeG
NGtKhIQfhP1b/rnRjadsyGRaWxWz3zEHEWhG7Ij2lBgzAisoBVVhQ0N1nMASMdE+
59ZpknMJSmxKMrOIJREEAAxbn9Ui4JU6TtIUN2Bk5SB5ddwxEHuGV2DaMuun8ViD
cNXQN/G8pAMoIkKeoVeYLJnQ9t+pwMElKYJUB3KSBMLUNGpyR9dGBuYMOzoL6Bsw
IxH6zIfgB4IZJ01fVw5sV/SAVVj6jWZcMzqrl9y/5AK1GnMnrYG7XlgKVXf3o2mn
x/4KhEGl5qTfOGSEc4CTYMG+LUXNAHVYUoMsuDUCpl5ctjtKGVUZCCL6MwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHJ+4PUF26oYhmiDOcPZ+bki4Gt2MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvY243ZzlRWGJxaGlHYUlNNXc5bjV1U0xnYTNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQC5
MA0GCSqGSIb3DQEBCwUAA4IBAQA5Bg1A+SQrUR2OPtdiInCL2pTOB3DfNSY/r5dd
9nc+P6Tu5/C5MDuvhzXRdKdroju0thviv/Z4BZQQihqJS53de/e590KJJopzocck
6FAA+0xE/u8oo7itrmdKo69FGwljD1ALLOz8h/3XW0IivOWgpQ8vkecEhip4tLcx
zzSyhPwrVy3NIuhxb5MAfwqOcGQKGftiFjgPZwAg6G0CsH+WVM79Y7PrfswrhZe4
Ew89N9cJoBWUs3dDH3jrCLeQYz4M3YYijV8yMgfMj/Z859/Q4ulJOJh+Irl4RbkP
KmcV9x1QHs8JBlAXPX8oAdIbegHCLM3tFTUFffU4j+/bPpcC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:09 2024 by rpki-client on console-ams.rpki-client.org