Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/maEuZTiiVtqkHU1wHGkTyiqXt7c.roa
File:                     maEuZTiiVtqkHU1wHGkTyiqXt7c.roa (raw, json)
Hash identifier:          bwTD90c/lfVFAEHczy2EBEpeSg/muXZm8NNp71WvNGY=
Subject key identifier:   99:A1:2E:65:38:A2:56:DA:A4:1D:4D:70:1C:69:13:CA:2A:97:B7:B7
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D81F06BF1C02B3538D2AE05A5A799F58E
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/maEuZTiiVtqkHU1wHGkTyiqXt7c.roa
Signing time:             Wed 07 Feb 2024 05:00:33 +0000
ROA not before:           Wed 07 Feb 2024 05:00:33 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197624
IP address blocks:        2a0f:b241:d::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:81:f0:6b:f1:c0:2b:35:38:d2:ae:05:a5:a7:99:f5:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  7 05:00:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=99a12e6538a256daa41d4d701c6913ca2a97b7b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:71:c8:26:fd:51:7d:20:6d:af:cb:d7:d7:c3:
                    85:63:7e:2b:db:0a:8e:49:42:28:43:0f:7a:ad:e2:
                    1d:9e:86:a3:90:fd:3a:e7:68:34:4d:51:fe:f0:6c:
                    29:0e:86:62:21:dc:33:18:3f:c1:e9:fc:c1:7b:43:
                    60:76:f1:43:e7:f9:9c:db:de:3b:29:7f:64:cc:e6:
                    a2:b1:65:62:75:d8:13:64:a2:cb:c4:3e:eb:f7:3c:
                    a5:83:74:b5:8c:18:3a:9f:2b:43:cb:70:0f:62:7a:
                    7b:b8:b8:65:c6:1a:98:a7:24:b1:bb:08:50:36:71:
                    5f:24:79:ca:bb:55:93:b4:84:db:bd:50:d0:73:c9:
                    9b:9d:29:9d:76:de:e1:f7:fd:ef:aa:fd:f4:6e:14:
                    88:d4:73:b2:5c:97:14:e6:e6:d5:6a:52:22:74:76:
                    e4:ca:0c:db:4a:b9:71:9f:98:79:fd:05:56:d1:dc:
                    e7:32:92:96:5d:66:82:36:21:a4:a8:f7:26:61:47:
                    15:c7:b7:e3:8d:52:cc:7c:2b:06:7c:a6:71:d4:c0:
                    ef:18:ce:30:8b:6b:2a:93:44:1b:ae:35:0d:4f:23:
                    c0:6b:42:d0:7f:ce:87:0f:8b:3a:5c:f2:ec:fe:0a:
                    39:11:02:db:0a:e8:8b:da:51:b8:73:f7:2e:42:50:
                    97:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:A1:2E:65:38:A2:56:DA:A4:1D:4D:70:1C:69:13:CA:2A:97:B7:B7
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/maEuZTiiVtqkHU1wHGkTyiqXt7c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:d::/48

    Signature Algorithm: sha256WithRSAEncryption
         89:f7:58:b1:f6:8a:55:94:aa:af:ae:0c:27:0f:eb:c0:79:5b:
         d1:f3:c2:72:8c:fa:a2:e2:24:7d:42:70:12:b9:83:46:85:19:
         87:d4:da:34:f6:37:35:30:b5:c9:dd:08:59:cb:34:1b:a8:96:
         c4:e6:c0:81:44:66:dc:1f:d7:fb:ce:23:01:48:6a:94:3b:b9:
         68:e1:d8:74:7e:a4:ed:86:a7:90:c6:c3:16:fc:62:27:38:e1:
         27:dc:bb:3b:d5:84:94:d1:bb:b3:46:63:7b:28:c2:4c:e2:fc:
         52:3b:e0:37:c4:63:a7:09:70:52:20:43:61:14:2d:52:bb:e7:
         e9:e5:fe:1e:3d:79:9f:ad:53:d4:34:3b:af:7a:16:da:ae:62:
         50:70:b0:5c:8a:9f:ca:11:52:d8:83:1b:00:dc:24:3b:16:9a:
         d8:07:6f:8a:81:8f:0d:50:d5:67:8b:06:6c:05:42:0d:36:41:
         c2:b4:79:8c:53:09:e7:cd:78:8f:ff:e6:26:df:e3:65:29:b0:
         49:a2:52:b9:0b:cf:5f:e5:0c:66:47:0a:3a:b0:c9:cb:2b:fa:
         f8:3f:9c:d0:4d:5f:a6:68:d7:94:92:4c:5f:d7:9d:c9:7f:96:
         85:02:0b:6e:8c:3e:48:66:fe:d0:d6:78:8a:94:49:d6:73:8f:
         97:7c:6d:0f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8GvxwCs1ONKuBaWnmfWOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWExMmU2NTM4YTI1NmRhYTQxZDRkNzAxYzY5MTNjYTJhOTdiN2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnHIJv1RfSBtr8vX18OFY34r2wqO
SUIoQw96reIdnoajkP0652g0TVH+8GwpDoZiIdwzGD/B6fzBe0NgdvFD5/mc2947
KX9kzOaisWViddgTZKLLxD7r9zylg3S1jBg6nytDy3APYnp7uLhlxhqYpySxuwhQ
NnFfJHnKu1WTtITbvVDQc8mbnSmddt7h9/3vqv30bhSI1HOyXJcU5ubValIidHbk
ygzbSrlxn5h5/QVW0dznMpKWXWaCNiGkqPcmYUcVx7fjjVLMfCsGfKZx1MDvGM4w
i2sqk0QbrjUNTyPAa0LQf86HD4s6XPLs/go5EQLbCuiL2lG4c/cuQlCXFwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJmhLmU4olbapB1NcBxpE8oql7e3MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvbWFFdVpUaWlWdHFrSFUxd0hHa1R5aXFYdDdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAN
MA0GCSqGSIb3DQEBCwUAA4IBAQCJ91ix9opVlKqvrgwnD+vAeVvR88JyjPqi4iR9
QnASuYNGhRmH1No09jc1MLXJ3QhZyzQbqJbE5sCBRGbcH9f7ziMBSGqUO7lo4dh0
fqTthqeQxsMW/GInOOEn3Ls71YSU0buzRmN7KMJM4vxSO+A3xGOnCXBSIENhFC1S
u+fp5f4ePXmfrVPUNDuvehbarmJQcLBcip/KEVLYgxsA3CQ7FprYB2+KgY8NUNVn
iwZsBUINNkHCtHmMUwnnzXiP/+Ym3+NlKbBJolK5C89f5QxmRwo6sMnLK/r4P5zQ
TV+maNeUkkxf153Jf5aFAgtujD5IZv7Q1niKlEnWc4+XfG0P
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org