Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/d-_g_xRbH7ekPbiDJhVaJ8fEKwQ.roa
File:                     d-_g_xRbH7ekPbiDJhVaJ8fEKwQ.roa (raw, json)
Hash identifier:          KY3Rn4eUBVRpXlIoX8FNnmOp7Sdy/8FVmZbDzywRkgo=
Subject key identifier:   77:EF:E0:FF:14:5B:1F:B7:A4:3D:B8:83:26:15:5A:27:C7:C4:2B:04
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FA810C241EA15D9C32B3FB223E5C104
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/d-_g_xRbH7ekPbiDJhVaJ8fEKwQ.roa
Signing time:             Tue 06 Feb 2024 18:22:17 +0000
ROA not before:           Tue 06 Feb 2024 18:22:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200074
IP address blocks:        2a0f:b241:91::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:a8:10:c2:41:ea:15:d9:c3:2b:3f:b2:23:e5:c1:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:22:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=77efe0ff145b1fb7a43db88326155a27c7c42b04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:1e:82:59:18:84:62:f7:99:1a:60:73:c1:f5:
                    73:95:0d:23:56:75:72:27:16:8f:80:45:9f:1d:3d:
                    38:fb:f0:ed:12:60:eb:11:0e:9c:25:1d:8d:84:cf:
                    ff:a7:96:ff:f9:81:ec:d5:e1:67:48:7c:b7:24:de:
                    1e:6f:94:3f:08:94:e4:8a:bf:00:06:f0:6c:d0:07:
                    c2:26:7e:4c:79:23:d2:e3:10:bf:c8:98:5e:48:1a:
                    c6:74:64:b6:ee:94:1c:20:f1:82:10:6a:18:d9:3f:
                    04:28:2a:fb:0d:4b:8f:4b:9b:b7:38:4f:29:9f:87:
                    ec:72:07:60:89:59:d5:ee:cb:21:46:3b:4b:b7:17:
                    f8:8d:4b:83:e1:74:7f:d7:85:f6:b7:f8:28:92:53:
                    86:31:0c:2e:bb:c6:93:1a:64:57:c4:0d:8d:d0:74:
                    98:60:c2:e2:21:83:84:e5:67:0d:f3:ec:c3:d4:c0:
                    80:ca:72:29:a7:bd:86:84:f9:d0:cc:45:ca:ff:55:
                    a5:28:35:61:3d:d4:36:4d:54:22:2e:ea:51:c4:dc:
                    03:36:30:97:0b:53:9b:f6:ea:8c:13:bc:38:0d:3c:
                    29:32:4d:b2:95:b0:68:da:e7:07:26:df:58:59:7d:
                    7f:30:ef:dd:3c:d2:47:1c:42:db:53:38:e3:d0:32:
                    7d:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:EF:E0:FF:14:5B:1F:B7:A4:3D:B8:83:26:15:5A:27:C7:C4:2B:04
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/d-_g_xRbH7ekPbiDJhVaJ8fEKwQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:91::/48

    Signature Algorithm: sha256WithRSAEncryption
         47:53:d9:f1:77:f0:89:ae:71:13:27:31:f2:df:40:42:b2:6e:
         6d:55:de:81:35:fa:7b:ab:e3:95:5b:dc:03:1c:00:38:5f:70:
         55:7d:a1:12:65:43:64:7e:83:94:b5:25:14:85:90:be:6c:eb:
         f3:82:ca:e2:32:60:5c:ce:7d:e1:20:a7:02:4e:96:63:41:bd:
         14:da:9b:1e:fe:3b:39:70:47:e8:1f:5b:d9:e8:43:cc:e5:ac:
         d8:47:53:07:12:3c:71:f2:ad:78:d0:09:b6:7f:87:c9:77:19:
         bf:d0:03:84:cc:ba:16:a8:10:98:b9:1f:9d:c9:8c:76:36:84:
         b7:4d:67:e9:b7:5c:a0:40:15:82:78:f2:9e:fe:8a:3e:74:24:
         90:33:4c:da:31:2c:1b:de:f5:c4:80:18:30:62:d0:c9:c7:04:
         a8:bc:d4:88:41:58:0b:4c:75:38:8b:2e:f5:62:0e:bb:07:be:
         5a:cb:09:65:ba:92:a2:f1:c1:20:09:bf:df:f0:78:32:68:eb:
         fb:fd:9b:e9:6d:76:fc:9f:7b:7e:e2:4a:e8:df:5b:b6:05:5c:
         b0:2f:59:a3:9b:08:f3:c0:b8:78:81:59:e8:46:3c:99:ac:55:
         5e:33:c0:ec:15:58:2a:c6:29:d8:f4:66:3e:62:5f:be:04:13:
         68:ce:eb:e2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qBDCQeoV2cMrP7Ij5cEEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2VmZTBmZjE0NWIxZmI3YTQzZGI4ODMyNjE1NWEyN2M3YzQyYjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3h6CWRiEYveZGmBzwfVzlQ0jVnVy
JxaPgEWfHT04+/DtEmDrEQ6cJR2NhM//p5b/+YHs1eFnSHy3JN4eb5Q/CJTkir8A
BvBs0AfCJn5MeSPS4xC/yJheSBrGdGS27pQcIPGCEGoY2T8EKCr7DUuPS5u3OE8p
n4fscgdgiVnV7sshRjtLtxf4jUuD4XR/14X2t/goklOGMQwuu8aTGmRXxA2N0HSY
YMLiIYOE5WcN8+zD1MCAynIpp72GhPnQzEXK/1WlKDVhPdQ2TVQiLupRxNwDNjCX
C1Ob9uqME7w4DTwpMk2ylbBo2ucHJt9YWX1/MO/dPNJHHELbUzjj0DJ9sQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHfv4P8UWx+3pD24gyYVWifHxCsEMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvZC1fZ194UmJIN2VrUGJpREpoVmFKOGZFS3dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQCR
MA0GCSqGSIb3DQEBCwUAA4IBAQBHU9nxd/CJrnETJzHy30BCsm5tVd6BNfp7q+OV
W9wDHAA4X3BVfaESZUNkfoOUtSUUhZC+bOvzgsriMmBczn3hIKcCTpZjQb0U2pse
/js5cEfoH1vZ6EPM5azYR1MHEjxx8q140Am2f4fJdxm/0AOEzLoWqBCYuR+dyYx2
NoS3TWfpt1ygQBWCePKe/oo+dCSQM0zaMSwb3vXEgBgwYtDJxwSovNSIQVgLTHU4
iy71Yg67B75aywllupKi8cEgCb/f8HgyaOv7/ZvpbXb8n3t+4kro31u2BVywL1mj
mwjzwLh4gVnoRjyZrFVeM8DsFVgqxinY9GY+Yl++BBNozuvi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org