Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/iRAJ2k2SDYiGbT8hH5918DD_erg.roa
File:                     iRAJ2k2SDYiGbT8hH5918DD_erg.roa (raw, json)
Hash identifier:          hKT6To43zOhgm1fOJ0SrzkxuIBqWCX18/arZM5ph9/I=
Subject key identifier:   89:10:09:DA:4D:92:0D:88:86:6D:3F:21:1F:9F:75:F0:30:FF:7A:B8
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D81F0B97C662B328303CA4D984EFAD283
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/iRAJ2k2SDYiGbT8hH5918DD_erg.roa
Signing time:             Wed 07 Feb 2024 05:00:53 +0000
ROA not before:           Wed 07 Feb 2024 05:00:53 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215999
IP address blocks:        2a0f:b241:5a::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:81:f0:b9:7c:66:2b:32:83:03:ca:4d:98:4e:fa:d2:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  7 05:00:53 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=891009da4d920d88866d3f211f9f75f030ff7ab8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:92:5d:43:95:78:76:f3:ef:92:3c:58:85:c6:
                    b4:fc:2f:82:b4:e0:66:01:d3:41:b9:db:96:a8:e8:
                    98:ab:91:66:d4:72:60:c2:e2:ea:31:f2:17:9c:65:
                    15:a7:44:b0:a9:4f:b2:bc:3d:67:0d:f2:db:82:b0:
                    9e:26:c8:5f:8c:a4:5f:1a:eb:58:d2:18:2e:6b:28:
                    5a:af:58:3a:13:11:ec:2c:ea:2b:66:66:e5:a0:9d:
                    36:f5:83:c5:ff:5e:0b:4d:41:78:c5:63:28:74:56:
                    60:30:ab:72:54:2d:1b:b7:65:3f:cd:4e:21:15:7c:
                    91:00:3a:6d:3d:12:f4:be:bf:d2:0f:60:95:49:8e:
                    75:9d:e6:48:22:29:dc:64:8c:8c:32:4f:53:b0:2f:
                    a4:15:f5:ef:cf:1b:c5:ec:03:b4:c0:2a:f7:96:6e:
                    e1:da:df:3c:48:09:b6:49:cf:2e:eb:e0:37:45:e5:
                    01:83:1d:77:13:0c:69:09:98:2d:e2:1f:93:06:82:
                    3e:63:72:de:28:8c:14:42:7a:17:ba:d2:e4:3b:e8:
                    65:a5:05:f6:aa:10:39:37:fa:8d:fa:4e:d2:76:3e:
                    54:dc:0c:d7:f0:6e:c0:be:94:9b:44:d6:94:c0:6e:
                    dd:12:bd:77:89:33:b0:ba:f5:80:3f:98:69:19:a5:
                    65:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:10:09:DA:4D:92:0D:88:86:6D:3F:21:1F:9F:75:F0:30:FF:7A:B8
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/iRAJ2k2SDYiGbT8hH5918DD_erg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:5a::/48

    Signature Algorithm: sha256WithRSAEncryption
         59:08:5b:55:f0:97:11:d0:00:57:55:72:c3:35:8f:96:25:ff:
         47:42:3e:18:4e:a3:f6:dd:bd:09:3b:00:02:61:8f:40:d6:b6:
         93:11:ce:da:fb:06:b1:b8:24:e5:20:17:53:f5:23:e4:4f:d0:
         ea:19:da:31:2e:7a:cc:8d:79:eb:18:43:b7:18:31:bb:33:a1:
         b1:db:43:1a:28:7f:d6:e6:1f:81:7a:6f:65:53:88:00:88:5f:
         29:ad:06:e4:86:e2:98:86:17:71:73:b5:b7:f8:c8:09:9b:a8:
         06:97:05:b2:94:ee:f1:4a:81:6c:af:d9:47:3d:22:38:b6:9d:
         53:6b:cf:3a:53:b7:45:02:5d:e5:e1:5f:f8:9a:5a:d5:5f:a4:
         82:b6:c0:0e:72:1a:d9:86:60:94:b9:7e:7a:24:50:bb:d8:bf:
         a6:21:c3:b0:1c:eb:9f:8e:b7:e5:fe:d8:27:9e:36:44:37:d7:
         f9:d7:80:ee:a9:6e:b6:ea:02:44:27:64:5f:c8:a7:8c:56:a4:
         50:b9:fd:ac:12:b7:6f:40:87:01:5c:7a:bf:61:a7:8e:ab:31:
         fb:ae:41:93:21:5c:60:71:dc:27:9f:e9:55:39:35:58:9e:ce:
         96:c8:0c:01:77:7b:06:1c:fb:a3:50:12:69:03:d5:25:e7:ba:
         1a:50:77:bb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8Ll8ZisygwPKTZhO+tKDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTEwMDlkYTRkOTIwZDg4ODY2ZDNmMjExZjlmNzVmMDMwZmY3YWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5JdQ5V4dvPvkjxYhca0/C+CtOBm
AdNBuduWqOiYq5Fm1HJgwuLqMfIXnGUVp0SwqU+yvD1nDfLbgrCeJshfjKRfGutY
0hguayhar1g6ExHsLOorZmbloJ029YPF/14LTUF4xWModFZgMKtyVC0bt2U/zU4h
FXyRADptPRL0vr/SD2CVSY51neZIIincZIyMMk9TsC+kFfXvzxvF7AO0wCr3lm7h
2t88SAm2Sc8u6+A3ReUBgx13EwxpCZgt4h+TBoI+Y3LeKIwUQnoXutLkO+hlpQX2
qhA5N/qN+k7Sdj5U3AzX8G7AvpSbRNaUwG7dEr13iTOwuvWAP5hpGaVlzQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIkQCdpNkg2Ihm0/IR+fdfAw/3q4MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvaVJBSjJrMlNEWWlHYlQ4aEg1OTE4RERfZXJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBa
MA0GCSqGSIb3DQEBCwUAA4IBAQBZCFtV8JcR0ABXVXLDNY+WJf9HQj4YTqP23b0J
OwACYY9A1raTEc7a+waxuCTlIBdT9SPkT9DqGdoxLnrMjXnrGEO3GDG7M6Gx20Ma
KH/W5h+Bem9lU4gAiF8prQbkhuKYhhdxc7W3+MgJm6gGlwWylO7xSoFsr9lHPSI4
tp1Ta886U7dFAl3l4V/4mlrVX6SCtsAOchrZhmCUuX56JFC72L+mIcOwHOufjrfl
/tgnnjZEN9f514DuqW626gJEJ2RfyKeMVqRQuf2sErdvQIcBXHq/YaeOqzH7rkGT
IVxgcdwnn+lVOTVYns6WyAwBd3sGHPujUBJpA9Ul57oaUHe7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org