Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/gzcmUad_BikQA5mEBGYvq_2xm-8.roa
File:                     gzcmUad_BikQA5mEBGYvq_2xm-8.roa (raw, json)
Hash identifier:          n2aeEP02gHL1x38rzEdnFbgIoTwW0Qt3/DsBHRsqljE=
Subject key identifier:   83:37:26:51:A7:7F:06:29:10:03:99:84:04:66:2F:AB:FD:B1:9B:EF
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D81F099E7A7DEE19F5B73A157F2A6236A
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/gzcmUad_BikQA5mEBGYvq_2xm-8.roa
Signing time:             Wed 07 Feb 2024 05:00:45 +0000
ROA not before:           Wed 07 Feb 2024 05:00:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     207762
IP address blocks:        2a0f:b241:f3::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:81:f0:99:e7:a7:de:e1:9f:5b:73:a1:57:f2:a6:23:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  7 05:00:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=83372651a77f06291003998404662fabfdb19bef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:37:12:d6:70:43:e6:e7:33:48:c2:06:6b:b1:
                    9f:75:f4:cb:79:39:08:cc:9f:a9:35:95:92:c1:2e:
                    4e:31:61:de:c8:25:6a:7b:d0:91:ef:69:7d:fb:83:
                    d2:5e:84:a1:f1:68:83:67:07:e6:39:1b:2f:a1:cf:
                    4f:3f:91:33:5c:0a:6e:18:fe:eb:28:4f:1f:02:69:
                    f1:ed:6c:62:9c:5d:56:6d:c2:37:5e:e9:47:91:32:
                    d5:00:35:9b:a1:5f:b1:5a:29:a6:ff:64:cd:a0:e5:
                    02:81:88:12:47:81:90:3e:d2:f3:00:5d:87:a4:6b:
                    af:5b:eb:47:f5:07:f5:3b:bb:f4:6d:45:a8:e0:ce:
                    bb:20:b3:22:65:50:db:88:09:63:86:fb:06:32:04:
                    35:fd:46:81:d9:28:2e:8b:c4:d1:cd:95:dd:17:3a:
                    6e:32:33:7f:80:a0:29:d8:34:23:82:c1:1a:cb:c9:
                    76:b8:cf:95:7e:f6:c4:5f:b7:ae:7b:ba:62:45:64:
                    a4:1b:44:22:d4:2f:2f:b0:8c:2a:df:e1:15:b9:5e:
                    73:a0:19:bc:f7:9c:1d:67:da:a5:e6:17:f6:ae:05:
                    6a:6e:11:65:cd:b1:9b:a4:ae:97:be:76:4b:b4:12:
                    3f:66:e7:65:9f:ce:d2:2c:31:e4:df:5e:2a:79:bc:
                    0c:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:37:26:51:A7:7F:06:29:10:03:99:84:04:66:2F:AB:FD:B1:9B:EF
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/gzcmUad_BikQA5mEBGYvq_2xm-8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:f3::/48

    Signature Algorithm: sha256WithRSAEncryption
         6a:26:97:ff:b6:cd:a7:cc:c0:63:09:d7:e8:c6:9d:ac:ff:f4:
         83:97:7f:b4:aa:1b:42:ad:67:42:a3:c0:b7:1e:0b:0d:e0:0c:
         e8:50:5f:32:4e:d6:2b:0a:83:ca:7b:a1:33:d4:cf:4c:cd:45:
         56:b2:17:8a:f2:a3:01:a6:19:b2:34:2c:bb:c1:29:ad:b8:52:
         3c:66:bd:58:87:36:a9:7a:99:df:b2:61:e9:84:2e:33:24:99:
         91:bf:c9:b4:88:35:06:83:e8:9a:a9:9b:02:5f:21:f7:18:2a:
         95:ec:a7:a1:58:da:23:1e:ba:6d:84:d7:68:a5:72:cf:e9:03:
         da:53:c6:52:2c:ca:12:25:9e:c1:5b:c0:72:59:f4:58:87:c5:
         eb:88:79:d3:0d:8d:16:8e:b2:f3:e7:aa:4c:90:66:96:e6:de:
         b2:3c:30:4b:cb:36:af:e7:30:a0:8d:dc:68:17:fc:36:92:7b:
         b6:d6:08:ea:9a:c1:78:df:e2:17:6d:26:5e:bd:e3:54:33:6e:
         7a:51:e6:d8:96:b5:cf:9e:be:27:47:be:ef:5e:0a:50:55:14:
         46:05:5a:6a:0b:c6:80:96:55:94:e7:e8:15:e7:51:51:0d:a3:
         e2:c3:c5:d8:96:9c:4c:0c:90:ce:66:06:29:49:96:ad:45:b8:
         bb:fb:75:c7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8Jnnp97hn1tzoVfypiNqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzM3MjY1MWE3N2YwNjI5MTAwMzk5ODQwNDY2MmZhYmZkYjE5YmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7jcS1nBD5uczSMIGa7GfdfTLeTkI
zJ+pNZWSwS5OMWHeyCVqe9CR72l9+4PSXoSh8WiDZwfmORsvoc9PP5EzXApuGP7r
KE8fAmnx7WxinF1WbcI3XulHkTLVADWboV+xWimm/2TNoOUCgYgSR4GQPtLzAF2H
pGuvW+tH9Qf1O7v0bUWo4M67ILMiZVDbiAljhvsGMgQ1/UaB2Sgui8TRzZXdFzpu
MjN/gKAp2DQjgsEay8l2uM+VfvbEX7eue7piRWSkG0Qi1C8vsIwq3+EVuV5zoBm8
95wdZ9ql5hf2rgVqbhFlzbGbpK6XvnZLtBI/Zudln87SLDHk314qebwMHwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIM3JlGnfwYpEAOZhARmL6v9sZvvMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvZ3pjbVVhZF9CaWtRQTVtRUJHWXZxXzJ4bS04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDz
MA0GCSqGSIb3DQEBCwUAA4IBAQBqJpf/ts2nzMBjCdfoxp2s//SDl3+0qhtCrWdC
o8C3HgsN4AzoUF8yTtYrCoPKe6Ez1M9MzUVWsheK8qMBphmyNCy7wSmtuFI8Zr1Y
hzapepnfsmHphC4zJJmRv8m0iDUGg+iaqZsCXyH3GCqV7KehWNojHrpthNdopXLP
6QPaU8ZSLMoSJZ7BW8ByWfRYh8XriHnTDY0WjrLz56pMkGaW5t6yPDBLyzav5zCg
jdxoF/w2knu21gjqmsF43+IXbSZeveNUM256UebYlrXPnr4nR77vXgpQVRRGBVpq
C8aAllWU5+gV51FRDaPiw8XYlpxMDJDOZgYpSZatRbi7+3XH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org