Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/vNSeWnSUvYFES25dtrSoV1W2gOc.roa
File:                     vNSeWnSUvYFES25dtrSoV1W2gOc.roa (raw, json)
Hash identifier:          qOY5xTXf9OrgVnaMB+9hX987UGtGx1uIbkpeCpxSUb0=
Subject key identifier:   BC:D4:9E:5A:74:94:BD:81:44:4B:6E:5D:B6:B4:A8:57:55:B6:80:E7
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D81F0605D5794C2651F594E62B1640C32
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/vNSeWnSUvYFES25dtrSoV1W2gOc.roa
Signing time:             Wed 07 Feb 2024 05:00:30 +0000
ROA not before:           Wed 07 Feb 2024 05:00:30 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49585
IP address blocks:        2a0f:b241:117::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:81:f0:60:5d:57:94:c2:65:1f:59:4e:62:b1:64:0c:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  7 05:00:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bcd49e5a7494bd81444b6e5db6b4a85755b680e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:a7:27:e1:e7:3a:b7:c6:4e:a7:25:74:15:9e:
                    21:98:b1:e1:4b:ab:5e:10:c5:5e:2c:5a:bc:2a:26:
                    4b:bf:64:51:3f:8b:94:68:65:18:d6:db:db:e1:53:
                    3e:8b:62:b0:79:74:e4:85:98:70:84:df:20:23:ea:
                    ed:91:c7:c3:4e:6f:1e:4e:93:42:42:f7:b9:df:2c:
                    7f:64:3e:83:80:3c:6b:80:8d:9d:ea:7c:cd:57:cf:
                    c5:2a:ec:21:ef:1f:15:28:12:32:d2:ed:7c:f7:7f:
                    74:ce:0d:f0:b3:bd:58:7a:74:22:1f:04:06:f1:e0:
                    60:b7:6c:86:3e:a8:f4:ff:e5:3c:0c:5a:2d:b2:bf:
                    bf:bf:3c:09:8f:0e:bc:6c:4d:89:ba:2c:26:ec:8a:
                    a4:68:9f:82:4a:07:3a:89:4f:4b:1e:2a:be:52:7c:
                    b0:70:8b:d3:6c:6a:65:28:64:00:00:78:df:e4:1d:
                    91:44:67:a4:7d:80:9f:f7:12:3f:e9:9f:fd:50:3e:
                    3d:1b:28:6f:c2:6b:f7:a2:03:21:2d:69:cd:84:43:
                    8d:ee:58:93:30:11:1e:53:b1:18:b0:1d:fc:57:ab:
                    01:31:9d:2c:e4:12:c0:70:03:0a:63:49:45:ed:bd:
                    b0:d5:1e:4f:87:fe:57:f9:73:96:e9:f9:75:41:10:
                    0b:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:D4:9E:5A:74:94:BD:81:44:4B:6E:5D:B6:B4:A8:57:55:B6:80:E7
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/vNSeWnSUvYFES25dtrSoV1W2gOc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:117::/48

    Signature Algorithm: sha256WithRSAEncryption
         89:5a:f5:ff:0f:01:dc:b4:d9:06:22:a5:ce:ea:62:a9:10:c6:
         19:04:0f:76:e8:4e:fc:35:78:2b:97:88:36:68:a5:5b:72:86:
         41:ae:8b:24:27:37:03:a2:6d:57:e5:af:e4:52:7c:c5:46:63:
         bd:da:ae:27:0b:b3:42:90:1a:b0:5d:3f:da:4e:1c:da:42:d1:
         9f:10:f0:c3:33:26:25:e7:7f:72:58:7e:bb:88:51:81:b7:7f:
         e2:08:40:58:9a:72:02:d2:60:b6:8a:be:1a:3b:cb:29:74:82:
         0a:d7:31:2f:6f:24:c6:a5:69:4a:29:b4:a8:88:ff:72:88:ba:
         d1:23:80:d1:d5:b7:b6:f2:e1:e0:d3:09:c5:17:7b:bf:3d:7d:
         c3:9a:71:b9:04:c0:28:3b:5f:5c:28:a3:e0:32:8e:ce:a0:1f:
         8d:3e:c7:30:2e:f4:81:8d:48:17:3d:8d:80:3c:07:d3:d7:ce:
         fa:31:e2:c8:3f:34:1e:b6:33:55:67:08:12:61:b4:13:ea:41:
         b2:56:2c:ec:63:5a:8b:53:78:72:d0:b7:95:c9:24:6b:67:b4:
         4d:67:a1:40:37:2d:10:c6:3c:12:5e:cd:25:a0:ab:5d:c0:d8:
         61:d7:37:60:74:54:b8:1c:e9:f7:8d:c9:3f:10:f5:27:0b:52:
         91:d1:0b:9c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8GBdV5TCZR9ZTmKxZAwyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2Q0OWU1YTc0OTRiZDgxNDQ0YjZlNWRiNmI0YTg1NzU1YjY4MGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6cn4ec6t8ZOpyV0FZ4hmLHhS6te
EMVeLFq8KiZLv2RRP4uUaGUY1tvb4VM+i2KweXTkhZhwhN8gI+rtkcfDTm8eTpNC
Qve53yx/ZD6DgDxrgI2d6nzNV8/FKuwh7x8VKBIy0u189390zg3ws71YenQiHwQG
8eBgt2yGPqj0/+U8DFotsr+/vzwJjw68bE2Juiwm7IqkaJ+CSgc6iU9LHiq+Unyw
cIvTbGplKGQAAHjf5B2RRGekfYCf9xI/6Z/9UD49Gyhvwmv3ogMhLWnNhEON7liT
MBEeU7EYsB38V6sBMZ0s5BLAcAMKY0lF7b2w1R5Ph/5X+XOW6fl1QRALYQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLzUnlp0lL2BREtuXba0qFdVtoDnMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvdk5TZVduU1V2WUZFUzI1ZHRyU29WMVcyZ09jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEX
MA0GCSqGSIb3DQEBCwUAA4IBAQCJWvX/DwHctNkGIqXO6mKpEMYZBA926E78NXgr
l4g2aKVbcoZBroskJzcDom1X5a/kUnzFRmO92q4nC7NCkBqwXT/aThzaQtGfEPDD
MyYl539yWH67iFGBt3/iCEBYmnIC0mC2ir4aO8spdIIK1zEvbyTGpWlKKbSoiP9y
iLrRI4DR1be28uHg0wnFF3u/PX3DmnG5BMAoO19cKKPgMo7OoB+NPscwLvSBjUgX
PY2APAfT1876MeLIPzQetjNVZwgSYbQT6kGyVizsY1qLU3hy0LeVySRrZ7RNZ6FA
Ny0QxjwSXs0loKtdwNhh1zdgdFS4HOn3jck/EPUnC1KR0Quc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:11 2024 by rpki-client on console-ams.rpki-client.org