Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/tm6QIwzio_QsIhHNebdt0fOvunM.roa
File:                     tm6QIwzio_QsIhHNebdt0fOvunM.roa (raw, json)
Hash identifier:          6QnDPgg15nMQPLVhwTmR+UmY/eAfulJykBkAQPcf47A=
Subject key identifier:   B6:6E:90:23:0C:E2:A3:F4:2C:22:11:CD:79:B7:6D:D1:F3:AF:BA:73
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FB7A4EA6A9B2C911F687515E5491842
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/tm6QIwzio_QsIhHNebdt0fOvunM.roa
Signing time:             Tue 06 Feb 2024 18:39:18 +0000
ROA not before:           Tue 06 Feb 2024 18:39:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211738
IP address blocks:        2a0f:b241:148::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:b7:a4:ea:6a:9b:2c:91:1f:68:75:15:e5:49:18:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:39:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b66e90230ce2a3f42c2211cd79b76dd1f3afba73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:06:2a:e8:a7:2c:4e:b9:74:52:0d:c6:92:3e:
                    17:60:cb:01:36:19:40:60:17:be:a0:7c:08:bd:cc:
                    d3:4e:cc:ca:00:62:80:1e:13:f4:18:79:a6:17:f8:
                    26:23:fe:d9:9a:e2:e9:b0:ec:b6:1a:19:c1:a9:f4:
                    2e:8b:eb:25:be:01:61:fb:b9:37:f3:4b:dd:8d:c3:
                    a4:f2:04:8c:74:37:31:b0:12:ee:cc:80:64:14:1d:
                    d4:05:92:08:20:8d:56:14:2d:85:4f:05:e5:e1:28:
                    b5:90:c8:87:ab:37:7c:91:78:f6:78:73:96:6b:22:
                    1e:a9:6c:74:af:91:b0:37:41:a6:2e:62:da:13:13:
                    d0:b7:45:6c:cb:61:bd:58:3a:5f:56:b8:57:74:7d:
                    16:11:3e:b2:6e:bf:e5:4c:27:81:a3:ea:ed:48:80:
                    fe:ab:ee:0b:3e:0e:e9:61:a8:c8:ba:cf:ae:3c:78:
                    1b:40:37:74:4e:10:22:7f:7d:ba:1a:85:d0:0c:4c:
                    0a:f1:57:af:ed:fb:33:60:f1:75:2d:2d:25:7d:97:
                    8a:c1:b9:67:7b:0e:07:10:d0:a4:03:66:e0:0c:c8:
                    3b:4f:f9:ef:46:93:36:4f:75:84:bf:45:d7:03:56:
                    d9:7b:da:a8:e6:a6:06:bd:a7:9a:08:bf:a2:32:6d:
                    da:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:6E:90:23:0C:E2:A3:F4:2C:22:11:CD:79:B7:6D:D1:F3:AF:BA:73
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/tm6QIwzio_QsIhHNebdt0fOvunM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:148::/48

    Signature Algorithm: sha256WithRSAEncryption
         41:1a:ab:a6:f9:ca:ba:2d:53:97:67:49:a5:70:da:4f:83:49:
         cc:dc:03:6f:92:18:ce:ce:08:45:95:a2:65:ed:20:44:99:bf:
         c2:4a:b9:0d:63:ab:c1:e2:46:24:16:2b:92:77:bd:1a:ea:c4:
         88:2c:11:0e:2f:a4:a2:4f:06:e6:9d:37:48:cf:81:0e:c2:04:
         6d:2c:6c:1f:a3:1c:07:ab:92:1f:94:a3:9e:c9:85:ab:6a:ce:
         d9:fe:6b:0f:27:ae:06:02:b1:6a:87:1c:72:11:84:b2:f0:ad:
         46:ae:82:25:40:5f:12:aa:fa:89:18:3f:b8:15:66:72:17:d8:
         ef:60:1d:76:81:39:d7:2d:56:c9:db:3a:ff:a3:2f:d5:3c:92:
         54:e4:fb:c8:e4:96:95:29:df:e1:47:31:6a:ba:19:04:a8:5f:
         0a:40:aa:90:1e:06:b1:f6:78:1f:89:02:d4:08:48:bf:4b:c0:
         72:d9:44:67:b8:67:8a:ee:db:9b:be:13:17:f2:7e:d8:2c:93:
         d6:be:24:9f:c9:6c:f0:a8:49:de:a6:49:ef:1c:63:d5:e4:d9:
         99:cd:3f:7a:e0:68:32:c1:70:e6:d7:15:c8:51:e1:5f:22:22:
         5f:da:a2:e3:99:67:8b:8a:2a:4f:69:57:35:29:5b:9f:5d:e1:
         bf:93:d9:74
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/t6TqapsskR9odRXlSRhCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjZlOTAyMzBjZTJhM2Y0MmMyMjExY2Q3OWI3NmRkMWYzYWZiYTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6wYq6KcsTrl0Ug3Gkj4XYMsBNhlA
YBe+oHwIvczTTszKAGKAHhP0GHmmF/gmI/7ZmuLpsOy2GhnBqfQui+slvgFh+7k3
80vdjcOk8gSMdDcxsBLuzIBkFB3UBZIIII1WFC2FTwXl4Si1kMiHqzd8kXj2eHOW
ayIeqWx0r5GwN0GmLmLaExPQt0Vsy2G9WDpfVrhXdH0WET6ybr/lTCeBo+rtSID+
q+4LPg7pYajIus+uPHgbQDd0ThAif326GoXQDEwK8Vev7fszYPF1LS0lfZeKwbln
ew4HENCkA2bgDMg7T/nvRpM2T3WEv0XXA1bZe9qo5qYGvaeaCL+iMm3aQQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLZukCMM4qP0LCIRzXm3bdHzr7pzMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvdG02UUl3emlvX1FzSWhITmViZHQwZk92dW5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFI
MA0GCSqGSIb3DQEBCwUAA4IBAQBBGqum+cq6LVOXZ0mlcNpPg0nM3ANvkhjOzghF
laJl7SBEmb/CSrkNY6vB4kYkFiuSd70a6sSILBEOL6SiTwbmnTdIz4EOwgRtLGwf
oxwHq5IflKOeyYWras7Z/msPJ64GArFqhxxyEYSy8K1GroIlQF8SqvqJGD+4FWZy
F9jvYB12gTnXLVbJ2zr/oy/VPJJU5PvI5JaVKd/hRzFquhkEqF8KQKqQHgax9ngf
iQLUCEi/S8By2URnuGeK7tubvhMX8n7YLJPWviSfyWzwqEnepknvHGPV5NmZzT96
4GgywXDm1xXIUeFfIiJf2qLjmWeLiipPaVc1KVufXeG/k9l0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:11 2024 by rpki-client on console-ams.rpki-client.org