Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/sw8v0yKf9fYFlos4cF52GRLaM0Y.roa
File:                     sw8v0yKf9fYFlos4cF52GRLaM0Y.roa (raw, json)
Hash identifier:          bs8WreHPAnlXdVy1z+vYKpAfRs2CQTM57tVEk9cCn0M=
Subject key identifier:   B3:0F:2F:D3:22:9F:F5:F6:05:96:8B:38:70:5E:76:19:12:DA:33:46
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7F8D86DC02D708E0EC6CFFA2F4E38C82
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/sw8v0yKf9fYFlos4cF52GRLaM0Y.roa
Signing time:             Tue 06 Feb 2024 17:53:17 +0000
ROA not before:           Tue 06 Feb 2024 17:53:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216058
IP address blocks:        2a0f:b241:29::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:8d:86:dc:02:d7:08:e0:ec:6c:ff:a2:f4:e3:8c:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 17:53:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b30f2fd3229ff5f605968b38705e761912da3346
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:fb:0b:6f:db:e5:1b:f6:20:d4:89:0e:de:e3:
                    26:6d:c7:c9:95:b4:a8:1a:33:07:e3:fa:33:f3:1c:
                    96:26:e3:7d:f0:47:60:66:ce:52:d6:48:81:7c:24:
                    dd:52:c2:91:20:dd:91:b9:d8:c7:cc:5e:cc:69:ca:
                    17:7a:4f:23:66:52:a5:fb:d9:05:d0:7d:3b:93:f8:
                    58:6d:95:00:16:27:13:21:0d:67:7b:0e:b4:31:64:
                    39:30:d5:77:d7:4d:e1:ae:5a:4b:8c:a4:41:af:dd:
                    57:c3:3a:84:ad:fe:7e:87:7a:6b:0c:4e:20:eb:82:
                    f5:24:e1:2f:1b:7c:ac:8b:2b:3a:7f:24:3c:ea:50:
                    25:86:61:7d:86:af:6c:51:80:8a:26:8f:13:57:a8:
                    96:47:0e:28:9e:55:b8:17:4d:36:40:2f:42:81:35:
                    1f:da:95:97:ea:94:ec:f2:50:d8:c2:6e:43:5b:5d:
                    c4:4a:7a:a0:7d:9c:fc:08:be:93:da:e4:95:0d:cf:
                    d0:d5:ac:b2:75:02:a9:23:87:bc:04:9c:f4:e8:f0:
                    93:58:4c:b2:ff:f1:ee:ff:f7:12:ad:2d:17:71:a1:
                    00:60:ab:6a:76:cb:76:4a:a2:a6:b3:65:79:c0:63:
                    67:31:68:d2:65:66:ed:8d:c4:ef:33:a4:65:50:20:
                    8c:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:0F:2F:D3:22:9F:F5:F6:05:96:8B:38:70:5E:76:19:12:DA:33:46
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/sw8v0yKf9fYFlos4cF52GRLaM0Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:29::/48

    Signature Algorithm: sha256WithRSAEncryption
         1d:75:01:cc:ee:13:e9:6a:c5:c8:f3:f3:86:63:c4:93:49:93:
         3d:c5:68:d0:97:63:f3:e0:8b:17:f7:05:9c:85:c5:6c:c7:fa:
         60:3a:82:83:2c:9a:de:2a:99:07:86:cd:0e:58:08:8a:d5:a0:
         80:4c:f1:e2:2d:12:d7:af:f9:f7:0a:b0:5c:f5:03:7c:1c:b4:
         4f:2b:cd:33:47:91:6f:f5:95:97:b0:b9:28:6b:aa:04:2d:bd:
         b5:ad:5a:e3:fc:0f:d2:61:d8:79:2b:89:77:a2:0e:1d:bd:d3:
         99:47:f8:4b:da:76:7e:9d:a6:8d:25:ec:7d:96:c4:88:2c:a4:
         3c:b9:fc:54:e7:f5:52:42:a9:a2:6f:60:26:a4:0c:b1:bb:b1:
         d4:20:01:91:07:e0:1f:85:77:87:71:3a:59:a7:f1:7c:b4:52:
         75:c3:0a:7a:db:58:94:fe:5b:bc:66:43:94:2b:48:83:9a:94:
         e1:a7:10:b2:f9:c7:08:8a:b6:65:24:0d:ef:58:2d:a6:2b:6e:
         a1:f9:c1:5d:e8:21:9e:c1:21:b4:d4:88:37:1c:52:06:dc:e7:
         e4:87:ab:71:c5:74:ac:72:3d:12:e5:88:3e:fc:b3:04:d4:4a:
         16:0d:3d:0f:8e:ba:92:b2:dc:89:7c:49:ec:a7:f3:97:be:2f:
         d4:01:01:c0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/jYbcAtcI4Oxs/6L044yCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTc1MzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzBmMmZkMzIyOWZmNWY2MDU5NjhiMzg3MDVlNzYxOTEyZGEzMzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPsLb9vlG/Yg1IkO3uMmbcfJlbSo
GjMH4/oz8xyWJuN98EdgZs5S1kiBfCTdUsKRIN2RudjHzF7MacoXek8jZlKl+9kF
0H07k/hYbZUAFicTIQ1new60MWQ5MNV3103hrlpLjKRBr91XwzqErf5+h3prDE4g
64L1JOEvG3ysiys6fyQ86lAlhmF9hq9sUYCKJo8TV6iWRw4onlW4F002QC9CgTUf
2pWX6pTs8lDYwm5DW13ESnqgfZz8CL6T2uSVDc/Q1ayydQKpI4e8BJz06PCTWEyy
//Hu//cSrS0XcaEAYKtqdst2SqKms2V5wGNnMWjSZWbtjcTvM6RlUCCMXwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLMPL9Min/X2BZaLOHBedhkS2jNGMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvc3c4djB5S2Y5ZllGbG9zNGNGNTJHUkxhTTBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAp
MA0GCSqGSIb3DQEBCwUAA4IBAQAddQHM7hPpasXI8/OGY8STSZM9xWjQl2Pz4IsX
9wWchcVsx/pgOoKDLJreKpkHhs0OWAiK1aCATPHiLRLXr/n3CrBc9QN8HLRPK80z
R5Fv9ZWXsLkoa6oELb21rVrj/A/SYdh5K4l3og4dvdOZR/hL2nZ+naaNJex9lsSI
LKQ8ufxU5/VSQqmib2AmpAyxu7HUIAGRB+AfhXeHcTpZp/F8tFJ1wwp621iU/lu8
ZkOUK0iDmpThpxCy+ccIirZlJA3vWC2mK26h+cFd6CGewSG01Ig3HFIG3Ofkh6tx
xXSscj0S5Yg+/LME1EoWDT0PjrqSstyJfEnsp/OXvi/UAQHA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:11 2024 by rpki-client on console-ams.rpki-client.org