Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/nFuG0KSBr2PgJ5ekIQE5p9mOKK4.roa
File:                     nFuG0KSBr2PgJ5ekIQE5p9mOKK4.roa (raw, json)
Hash identifier:          C7FXIAhTNnOFgDUJUZ+jaImsvpUWO5F3YigTpDlhbz8=
Subject key identifier:   9C:5B:86:D0:A4:81:AF:63:E0:27:97:A4:21:01:39:A7:D9:8E:28:AE
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D81F09EAA1D8223D28973A2BC0CF5B247
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/nFuG0KSBr2PgJ5ekIQE5p9mOKK4.roa
Signing time:             Wed 07 Feb 2024 05:00:46 +0000
ROA not before:           Wed 07 Feb 2024 05:00:46 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209574
IP address blocks:        2a0f:b241:f6::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:81:f0:9e:aa:1d:82:23:d2:89:73:a2:bc:0c:f5:b2:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  7 05:00:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9c5b86d0a481af63e02797a4210139a7d98e28ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:90:ca:5a:39:7a:2c:65:e3:a5:e2:05:5d:f9:
                    f6:97:fb:fb:83:82:7c:a4:78:da:5a:99:69:d9:83:
                    af:29:46:bd:f2:84:b8:16:11:84:e9:72:ea:fc:d8:
                    2b:7e:d2:3b:85:40:c1:7a:82:03:26:4f:fc:d8:11:
                    aa:62:77:ea:67:37:39:10:02:70:d5:aa:34:eb:aa:
                    10:30:18:7c:65:e9:bb:e2:a1:6d:b8:36:ba:75:01:
                    47:61:e2:fb:19:9f:27:39:87:88:a2:67:6b:26:d4:
                    48:b8:f0:1b:ad:19:27:69:43:39:28:cd:85:d1:cf:
                    2b:2f:05:d8:d9:ca:9e:51:0b:7f:3f:9b:b6:12:e7:
                    b2:e1:24:61:cb:48:ff:47:d5:e3:03:d4:6a:ff:ca:
                    19:1c:c2:ad:13:fd:df:50:75:95:87:0b:5b:7e:3b:
                    4f:03:e4:dc:49:69:ee:41:35:3c:b6:79:1c:55:88:
                    57:1d:2c:27:79:79:27:a3:c8:9b:a5:8f:4e:e6:ea:
                    9b:ce:21:4c:81:e6:7b:28:12:60:6a:34:b6:40:81:
                    f1:99:96:79:a5:77:24:14:e4:1e:a0:15:68:da:96:
                    91:29:b3:ab:ae:ad:ba:60:f6:87:1a:f5:f2:68:d3:
                    81:56:7e:17:d4:b7:fd:91:34:23:3f:82:cf:8f:44:
                    2e:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:5B:86:D0:A4:81:AF:63:E0:27:97:A4:21:01:39:A7:D9:8E:28:AE
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/nFuG0KSBr2PgJ5ekIQE5p9mOKK4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:f6::/48

    Signature Algorithm: sha256WithRSAEncryption
         8b:0e:a6:4e:d6:24:4a:3f:77:ae:a7:f3:3e:0d:c0:c7:22:77:
         4d:81:e8:ff:97:05:ed:17:02:29:91:93:8b:f6:d2:ea:f5:70:
         22:08:b1:4e:00:4e:fd:65:f1:af:d4:11:ba:b8:63:e8:1b:a4:
         c5:3b:92:14:c3:22:9d:b2:99:64:02:2d:8f:5d:82:8c:8d:54:
         ea:f6:24:40:3c:8c:ea:77:79:6c:9a:3a:a4:5b:ea:64:cc:3e:
         6c:77:f3:c7:49:67:6b:ca:0b:78:ef:d9:c0:94:e4:bf:14:aa:
         ff:6b:dc:a7:33:7d:1a:45:51:7e:7c:ed:d4:1b:4f:77:3e:82:
         f4:17:6b:59:b3:9f:8e:6a:43:47:42:c1:c5:75:1e:82:8a:e7:
         58:bf:15:b8:5c:ea:be:07:22:6a:8a:d5:e7:3b:53:75:36:36:
         53:80:cb:13:33:90:7b:0a:31:89:ea:17:85:13:b3:24:12:ba:
         f6:f7:d1:fa:cc:9d:bf:a8:00:eb:4b:9d:ae:27:d7:22:8c:27:
         c1:2e:5f:89:3a:c2:55:c6:26:2e:b7:61:fb:ef:7f:48:17:a8:
         b6:33:b0:80:bf:fb:b5:c7:c9:48:f5:f5:45:55:c8:8b:82:66:
         84:80:a5:19:85:98:18:af:57:01:a5:97:9e:4a:0a:0f:d9:c2:
         9a:0d:8f:4c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8J6qHYIj0olzorwM9bJHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzViODZkMGE0ODFhZjYzZTAyNzk3YTQyMTAxMzlhN2Q5OGUyOGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZDKWjl6LGXjpeIFXfn2l/v7g4J8
pHjaWplp2YOvKUa98oS4FhGE6XLq/NgrftI7hUDBeoIDJk/82BGqYnfqZzc5EAJw
1ao066oQMBh8Zem74qFtuDa6dQFHYeL7GZ8nOYeIomdrJtRIuPAbrRknaUM5KM2F
0c8rLwXY2cqeUQt/P5u2Euey4SRhy0j/R9XjA9Rq/8oZHMKtE/3fUHWVhwtbfjtP
A+TcSWnuQTU8tnkcVYhXHSwneXkno8ibpY9O5uqbziFMgeZ7KBJgajS2QIHxmZZ5
pXckFOQeoBVo2paRKbOrrq26YPaHGvXyaNOBVn4X1Lf9kTQjP4LPj0QuNwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJxbhtCkga9j4CeXpCEBOafZjiiuMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvbkZ1RzBLU0JyMlBnSjVla0lRRTVwOW1PS0s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQD2
MA0GCSqGSIb3DQEBCwUAA4IBAQCLDqZO1iRKP3eup/M+DcDHIndNgej/lwXtFwIp
kZOL9tLq9XAiCLFOAE79ZfGv1BG6uGPoG6TFO5IUwyKdsplkAi2PXYKMjVTq9iRA
PIzqd3lsmjqkW+pkzD5sd/PHSWdrygt479nAlOS/FKr/a9ynM30aRVF+fO3UG093
PoL0F2tZs5+OakNHQsHFdR6CiudYvxW4XOq+ByJqitXnO1N1NjZTgMsTM5B7CjGJ
6heFE7MkErr299H6zJ2/qADrS52uJ9cijCfBLl+JOsJVxiYut2H7739IF6i2M7CA
v/u1x8lI9fVFVciLgmaEgKUZhZgYr1cBpZeeSgoP2cKaDY9M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org