Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/fT231JvP3ivd2AHoUgX3huK6S9E.roa
File:                     fT231JvP3ivd2AHoUgX3huK6S9E.roa (raw, json)
Hash identifier:          8td+TW54Wp8TT7PrGcDgmnnb5MSJ7K7iJKSZS01FbeU=
Subject key identifier:   7D:3D:B7:D4:9B:CF:DE:2B:DD:D8:01:E8:52:05:F7:86:E2:BA:4B:D1
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FAE786A0505B6D8683EE6A57C0A2FA0
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/fT231JvP3ivd2AHoUgX3huK6S9E.roa
Signing time:             Tue 06 Feb 2024 18:29:16 +0000
ROA not before:           Tue 06 Feb 2024 18:29:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49962
IP address blocks:        2a0f:b241:118::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:ae:78:6a:05:05:b6:d8:68:3e:e6:a5:7c:0a:2f:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:29:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7d3db7d49bcfde2bddd801e85205f786e2ba4bd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:5b:a0:06:4b:94:d2:03:7b:25:e8:ed:9f:2b:
                    cd:d0:8a:24:db:ad:31:15:bc:40:8b:36:09:1a:2e:
                    3b:63:20:12:c3:5e:5d:5f:4a:3e:d4:2b:8e:23:f0:
                    7c:01:ca:18:70:63:ed:b7:3f:44:b8:19:0c:c6:d6:
                    d8:d8:ed:1b:74:3e:3b:46:0e:54:4e:a5:69:8e:81:
                    bd:83:cd:d2:45:10:8d:1e:07:02:a5:b9:50:26:90:
                    ee:1f:1d:64:2e:ce:14:f4:72:86:20:20:9d:af:df:
                    a7:a6:c0:8f:67:f6:0b:a9:6a:37:b5:03:c5:7c:0f:
                    43:25:a5:41:6f:c7:85:18:6e:1c:5b:28:24:0f:d5:
                    b2:d1:a9:99:56:08:9f:85:56:60:19:f2:20:4f:49:
                    f4:fd:68:74:9c:96:8c:77:58:0b:92:90:eb:44:29:
                    b0:e9:a2:7e:f9:05:b5:7d:38:20:6e:54:5c:22:6a:
                    e0:72:04:66:e3:e4:19:84:d1:4b:b8:87:54:77:41:
                    25:9d:e8:25:c2:73:b0:dc:d7:b7:d5:92:3b:1b:31:
                    3e:f7:7c:50:32:4e:69:1b:08:d1:8e:68:35:2c:de:
                    2c:d1:11:e6:51:73:bc:0b:7b:07:1a:28:d1:1f:1c:
                    35:8c:73:27:56:80:26:3b:61:de:8d:35:1b:1b:89:
                    0c:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:3D:B7:D4:9B:CF:DE:2B:DD:D8:01:E8:52:05:F7:86:E2:BA:4B:D1
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/fT231JvP3ivd2AHoUgX3huK6S9E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:118::/48

    Signature Algorithm: sha256WithRSAEncryption
         30:50:99:e8:aa:48:bf:e2:c4:5b:ea:0f:12:37:64:cd:09:f0:
         fd:4d:9a:82:72:ff:73:27:1c:4a:52:c2:41:cd:59:ab:e6:9b:
         57:67:64:c8:4c:0b:6c:41:f3:25:28:ee:91:94:67:45:c6:5c:
         11:b5:89:ab:71:69:51:a2:bc:89:da:58:ec:da:00:ac:b2:c7:
         5d:7f:9f:4b:5d:5e:e3:be:c1:db:df:fb:f8:70:cc:d6:43:10:
         78:ec:1b:e4:8d:9f:86:8c:24:4b:4e:e3:81:77:2b:36:19:c7:
         99:89:01:58:2a:b8:2e:3d:b9:3e:1a:63:7a:f2:ef:9d:42:a4:
         2e:af:d5:2b:8b:6c:bd:91:4d:06:52:29:4a:ae:fa:9d:c5:f8:
         5f:dd:76:b0:0f:a2:52:d0:ae:d1:03:c1:cb:1a:31:4b:c1:6a:
         75:bc:98:5b:f6:24:84:62:ed:25:f4:ba:9f:57:49:67:aa:40:
         5b:46:27:02:0c:d9:91:dc:b3:1f:ab:e9:04:46:29:d6:07:9f:
         1a:bb:f8:25:5f:51:bd:ed:0a:7c:48:4b:52:e9:5d:da:42:c7:
         d8:51:c9:ed:36:ab:2d:f0:6b:20:cf:d1:ce:55:d0:74:df:ab:
         29:2b:fd:d5:97:35:c4:ec:7a:7f:0b:9c:86:d7:82:d5:16:3e:
         c2:17:15:20
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/rnhqBQW22Gg+5qV8Ci+gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDNkYjdkNDliY2ZkZTJiZGRkODAxZTg1MjA1Zjc4NmUyYmE0YmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1ugBkuU0gN7JejtnyvN0Iok260x
FbxAizYJGi47YyASw15dX0o+1CuOI/B8AcoYcGPttz9EuBkMxtbY2O0bdD47Rg5U
TqVpjoG9g83SRRCNHgcCpblQJpDuHx1kLs4U9HKGICCdr9+npsCPZ/YLqWo3tQPF
fA9DJaVBb8eFGG4cWygkD9Wy0amZVgifhVZgGfIgT0n0/Wh0nJaMd1gLkpDrRCmw
6aJ++QW1fTggblRcImrgcgRm4+QZhNFLuIdUd0ElneglwnOw3Ne31ZI7GzE+93xQ
Mk5pGwjRjmg1LN4s0RHmUXO8C3sHGijRHxw1jHMnVoAmO2HejTUbG4kMmQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFH09t9Sbz94r3dgB6FIF94biukvRMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvZlQyMzFKdlAzaXZkMkFIb1VnWDNodUs2UzlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEY
MA0GCSqGSIb3DQEBCwUAA4IBAQAwUJnoqki/4sRb6g8SN2TNCfD9TZqCcv9zJxxK
UsJBzVmr5ptXZ2TITAtsQfMlKO6RlGdFxlwRtYmrcWlRoryJ2ljs2gCsssddf59L
XV7jvsHb3/v4cMzWQxB47BvkjZ+GjCRLTuOBdys2GceZiQFYKrguPbk+GmN68u+d
QqQur9Uri2y9kU0GUilKrvqdxfhf3XawD6JS0K7RA8HLGjFLwWp1vJhb9iSEYu0l
9LqfV0lnqkBbRicCDNmR3LMfq+kERinWB58au/glX1G97Qp8SEtS6V3aQsfYUcnt
Nqst8Gsgz9HOVdB036spK/3VlzXE7Hp/C5yG14LVFj7CFxUg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org