Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/k_NjyMMT6GKtmAyglnnNGIaxyPA.roa
File:                     k_NjyMMT6GKtmAyglnnNGIaxyPA.roa (raw, json)
Hash identifier:          YddMkEVhGCVtwOUmcZ0TmLmXZ0bFrpVe0reNdRiXcqM=
Subject key identifier:   93:F3:63:C8:C3:13:E8:62:AD:98:0C:A0:96:79:CD:18:86:B1:C8:F0
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FB5CE85A8350598A12516ADA397A856
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/k_NjyMMT6GKtmAyglnnNGIaxyPA.roa
Signing time:             Tue 06 Feb 2024 18:37:17 +0000
ROA not before:           Tue 06 Feb 2024 18:37:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     199307
IP address blocks:        2a0f:b241:12d::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:b5:ce:85:a8:35:05:98:a1:25:16:ad:a3:97:a8:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:37:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=93f363c8c313e862ad980ca09679cd1886b1c8f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:fe:63:9d:f0:71:09:8d:68:83:73:92:e7:a6:
                    97:10:a2:4e:cd:ea:03:81:b3:c8:58:b8:4e:e7:77:
                    da:58:11:a0:a3:57:c4:92:1f:31:50:08:dc:86:6a:
                    65:84:40:11:09:56:45:4b:3a:6b:34:58:22:4c:f5:
                    94:86:b7:a0:f3:16:59:8b:82:1a:21:5a:2c:6e:e9:
                    8f:05:1a:1a:42:6e:ec:a2:4f:a2:da:80:25:dd:f4:
                    d0:83:3a:d4:92:1b:be:9c:2c:5c:ff:7e:b8:4e:50:
                    c3:2c:48:75:b2:c9:a4:8b:ec:c1:de:8b:5d:63:72:
                    1e:68:2f:7a:84:50:77:ec:a5:28:56:53:15:5e:2c:
                    36:77:89:c7:94:77:d5:ea:7d:cc:64:58:38:b4:16:
                    02:e4:4c:d5:ff:cc:bb:06:8c:84:0f:71:e8:e5:e7:
                    41:a0:ee:28:d7:3b:37:09:f4:67:2e:5c:b0:e1:71:
                    02:7f:bc:03:13:31:5c:2b:03:1e:00:5d:34:68:7f:
                    ce:77:eb:ed:be:2a:54:57:70:bc:a7:63:02:e8:59:
                    cf:d9:25:32:a1:65:20:3c:c4:59:bf:16:86:b4:ce:
                    e9:7f:7a:82:6d:a1:d7:c5:cc:81:fe:84:82:1f:be:
                    df:f8:80:50:dd:6f:13:70:92:d9:65:58:c4:c9:dd:
                    e2:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:F3:63:C8:C3:13:E8:62:AD:98:0C:A0:96:79:CD:18:86:B1:C8:F0
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/k_NjyMMT6GKtmAyglnnNGIaxyPA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:12d::/48

    Signature Algorithm: sha256WithRSAEncryption
         04:f5:19:c3:a7:c0:f2:c6:9a:8f:45:21:ac:67:fd:db:fe:37:
         49:13:b6:05:f8:69:54:70:fa:ce:b6:95:39:2a:0f:c5:1a:ce:
         f5:fb:bd:1c:99:13:4e:68:b5:01:81:52:40:9f:4b:49:d5:2c:
         0b:15:45:b3:fa:10:d1:d6:1b:f9:03:2a:e6:be:69:df:da:40:
         b4:e3:99:6f:c4:0c:a9:36:22:1f:cd:b8:dc:44:a7:3d:8f:b2:
         3d:87:73:5c:1c:9d:e9:9d:12:94:de:ba:47:18:06:89:b5:bb:
         c2:3f:59:4a:fa:7c:54:cd:e8:75:89:ee:29:e2:89:92:79:33:
         27:85:5e:4d:c1:72:48:85:a0:6e:98:84:5d:4f:2f:73:3f:20:
         7f:56:b8:96:e8:2c:6b:aa:64:31:e2:6d:11:62:12:50:7f:39:
         bc:c2:04:0f:ca:40:cc:e4:b9:11:3c:4e:dc:38:36:c5:80:2a:
         03:a4:7a:ec:08:21:50:e5:12:87:6c:df:a2:a4:ad:0b:ce:ae:
         a7:c2:15:3e:ab:2e:78:0a:49:98:20:ae:cf:4f:80:9e:2d:ff:
         55:87:e5:9f:cb:c3:1e:45:b9:bb:c1:4e:d4:30:e8:03:17:4e:
         37:ad:a4:cf:1c:73:43:59:26:9b:d5:4d:8a:b0:ee:bc:69:83:
         e9:8f:6b:a2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/tc6FqDUFmKElFq2jl6hWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzNzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2YzNjNjOGMzMTNlODYyYWQ5ODBjYTA5Njc5Y2QxODg2YjFjOGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvP5jnfBxCY1og3OS56aXEKJOzeoD
gbPIWLhO53faWBGgo1fEkh8xUAjchmplhEARCVZFSzprNFgiTPWUhreg8xZZi4Ia
IVosbumPBRoaQm7sok+i2oAl3fTQgzrUkhu+nCxc/364TlDDLEh1ssmki+zB3otd
Y3IeaC96hFB37KUoVlMVXiw2d4nHlHfV6n3MZFg4tBYC5EzV/8y7BoyED3Ho5edB
oO4o1zs3CfRnLlyw4XECf7wDEzFcKwMeAF00aH/Od+vtvipUV3C8p2MC6FnP2SUy
oWUgPMRZvxaGtM7pf3qCbaHXxcyB/oSCH77f+IBQ3W8TcJLZZVjEyd3ifQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJPzY8jDE+hirZgMoJZ5zRiGscjwMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEva19OanlNTVQ2R0t0bUF5Z2xubk5HSWF4eVBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEt
MA0GCSqGSIb3DQEBCwUAA4IBAQAE9RnDp8DyxpqPRSGsZ/3b/jdJE7YF+GlUcPrO
tpU5Kg/FGs71+70cmRNOaLUBgVJAn0tJ1SwLFUWz+hDR1hv5Ayrmvmnf2kC045lv
xAypNiIfzbjcRKc9j7I9h3NcHJ3pnRKU3rpHGAaJtbvCP1lK+nxUzeh1ie4p4omS
eTMnhV5NwXJIhaBumIRdTy9zPyB/VriW6CxrqmQx4m0RYhJQfzm8wgQPykDM5LkR
PE7cODbFgCoDpHrsCCFQ5RKHbN+ipK0Lzq6nwhU+qy54CkmYIK7PT4CeLf9Vh+Wf
y8MeRbm7wU7UMOgDF043raTPHHNDWSab1U2KsO68aYPpj2ui
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org