Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/jyaTxSp5hGU-dtrP5Kza-EFBh8o.roa
File:                     jyaTxSp5hGU-dtrP5Kza-EFBh8o.roa (raw, json)
Hash identifier:          ZjKAgCZgi3Ro2AJes1NgxGBsQJOV/JCZUUtGMwfeGc8=
Subject key identifier:   8F:26:93:C5:2A:79:84:65:3E:76:DA:CF:E4:AC:DA:F8:41:41:87:CA
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FB892BBD0F518028C78559BAE6C6BA0
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/jyaTxSp5hGU-dtrP5Kza-EFBh8o.roa
Signing time:             Tue 06 Feb 2024 18:40:18 +0000
ROA not before:           Tue 06 Feb 2024 18:40:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216340
IP address blocks:        2a0f:b241:157::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:b8:92:bb:d0:f5:18:02:8c:78:55:9b:ae:6c:6b:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:40:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8f2693c52a7984653e76dacfe4acdaf8414187ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:0b:ef:de:50:5b:67:af:86:d7:a2:ee:42:47:
                    f2:b0:f1:0b:49:4b:38:e6:df:cd:1f:6f:64:e0:4e:
                    d5:f3:d8:5d:d9:66:7a:17:f3:55:78:9a:e3:aa:c0:
                    3a:96:2e:4b:cc:5f:b5:51:9b:47:35:2c:ce:ba:d8:
                    59:19:a3:79:ab:d5:db:42:8c:91:ef:d3:3f:c3:d2:
                    f5:9f:ee:65:e3:f4:f4:24:c4:ca:25:de:62:b3:71:
                    c8:80:60:91:f0:fa:48:eb:93:4b:fd:61:37:52:8b:
                    f2:48:ed:dc:ac:52:53:40:e2:93:67:04:7c:f3:8c:
                    1b:b3:f7:a3:dc:d4:4c:0b:29:0d:21:dc:3c:f9:27:
                    54:87:be:09:7f:29:62:57:12:24:d2:7f:19:47:e9:
                    09:70:a9:c4:30:9a:c7:25:64:84:02:c1:18:d3:f0:
                    ec:07:8f:e6:74:10:61:b1:a4:ef:9d:fd:86:c1:2c:
                    52:ff:88:02:b1:4d:54:17:0b:23:6a:64:88:e4:3b:
                    06:af:f4:d0:96:e1:6a:40:d3:99:fb:db:ae:cd:e5:
                    13:b6:53:d9:4b:14:68:54:b8:b8:48:6d:fe:29:3d:
                    54:80:6a:de:33:dc:8b:b3:40:cf:5f:d8:40:a8:d8:
                    df:e0:59:1e:b2:3b:90:e5:84:85:5e:e1:38:f3:69:
                    42:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:26:93:C5:2A:79:84:65:3E:76:DA:CF:E4:AC:DA:F8:41:41:87:CA
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/jyaTxSp5hGU-dtrP5Kza-EFBh8o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:157::/48

    Signature Algorithm: sha256WithRSAEncryption
         39:1a:68:e7:f4:e7:c2:0c:ab:3d:59:4d:a1:b2:45:13:15:b4:
         b6:b3:ca:6b:4c:fc:fb:3c:ea:12:09:63:45:66:16:fc:55:20:
         f4:86:d2:16:44:05:ff:72:92:22:90:a9:c6:67:69:94:2a:e6:
         ac:94:01:6f:c9:90:63:0e:e3:82:01:72:f7:6c:a5:ff:c9:30:
         dc:29:6c:89:ea:0b:fe:ad:20:28:18:39:42:28:da:66:77:7e:
         26:02:45:7c:2f:4a:e9:66:59:64:4f:82:68:6e:3a:4f:58:93:
         16:03:b6:c9:37:f3:6e:52:b8:d0:b4:30:e8:fd:2e:17:6b:97:
         77:65:5c:1c:1f:12:71:d5:65:5f:18:0b:6c:2a:95:28:58:42:
         4c:fe:86:36:96:6b:ee:eb:28:01:d2:79:19:2d:7e:35:77:6c:
         7a:aa:ac:82:d0:04:96:c1:b5:c8:9c:35:52:23:e4:1a:e5:e4:
         88:85:36:b7:70:ea:c2:ce:23:4c:f5:9a:d0:76:c0:19:e3:18:
         0d:9a:8e:34:97:72:e8:ee:e9:52:ef:57:d8:55:9c:70:5c:4f:
         14:35:c2:c6:29:16:44:e5:e9:31:ec:c2:49:cf:98:91:22:95:
         01:4e:03:ca:f1:76:c0:57:53:e9:e1:ed:04:e2:fe:64:b0:92:
         70:d6:a2:8c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/uJK70PUYAox4VZuubGugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTg0MDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjI2OTNjNTJhNzk4NDY1M2U3NmRhY2ZlNGFjZGFmODQxNDE4N2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgvv3lBbZ6+G16LuQkfysPELSUs4
5t/NH29k4E7V89hd2WZ6F/NVeJrjqsA6li5LzF+1UZtHNSzOuthZGaN5q9XbQoyR
79M/w9L1n+5l4/T0JMTKJd5is3HIgGCR8PpI65NL/WE3UovySO3crFJTQOKTZwR8
84wbs/ej3NRMCykNIdw8+SdUh74JfyliVxIk0n8ZR+kJcKnEMJrHJWSEAsEY0/Ds
B4/mdBBhsaTvnf2GwSxS/4gCsU1UFwsjamSI5DsGr/TQluFqQNOZ+9uuzeUTtlPZ
SxRoVLi4SG3+KT1UgGreM9yLs0DPX9hAqNjf4FkesjuQ5YSFXuE482lC1wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI8mk8UqeYRlPnbaz+Ss2vhBQYfKMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvanlhVHhTcDVoR1UtZHRyUDVLemEtRUZCaDhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFX
MA0GCSqGSIb3DQEBCwUAA4IBAQA5Gmjn9OfCDKs9WU2hskUTFbS2s8prTPz7POoS
CWNFZhb8VSD0htIWRAX/cpIikKnGZ2mUKuaslAFvyZBjDuOCAXL3bKX/yTDcKWyJ
6gv+rSAoGDlCKNpmd34mAkV8L0rpZllkT4JobjpPWJMWA7bJN/NuUrjQtDDo/S4X
a5d3ZVwcHxJx1WVfGAtsKpUoWEJM/oY2lmvu6ygB0nkZLX41d2x6qqyC0ASWwbXI
nDVSI+Qa5eSIhTa3cOrCziNM9ZrQdsAZ4xgNmo40l3Lo7ulS71fYVZxwXE8UNcLG
KRZE5ekx7MJJz5iRIpUBTgPK8XbAV1Pp4e0E4v5ksJJw1qKM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org