Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/yQin2L_6WCwVhcon1TNxVVDYkaQ.roa
File:                     yQin2L_6WCwVhcon1TNxVVDYkaQ.roa (raw, json)
Hash identifier:          jhzECpVraH4YMrzQY9N4QUslvw+YylMbbLZmGbZn8Bo=
Subject key identifier:   C9:08:A7:D8:BF:FA:58:2C:15:85:CA:27:D5:33:71:55:50:D8:91:A4
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FA9E68897FF3D7317569CF96970B34B
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/yQin2L_6WCwVhcon1TNxVVDYkaQ.roa
Signing time:             Tue 06 Feb 2024 18:24:17 +0000
ROA not before:           Tue 06 Feb 2024 18:24:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200840
IP address blocks:        2a0f:b241:d5::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:a9:e6:88:97:ff:3d:73:17:56:9c:f9:69:70:b3:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:24:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c908a7d8bffa582c1585ca27d533715550d891a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:ea:cd:d9:04:8a:18:f2:5f:c0:8a:c6:6e:24:
                    56:55:48:1f:5a:75:eb:26:14:be:da:d6:5d:00:96:
                    bf:59:ec:6b:cc:9a:54:4f:f4:4e:bb:b5:3f:f0:5e:
                    bb:81:4a:2d:d5:54:cb:cf:eb:b7:02:27:1c:97:0c:
                    fc:b7:d2:86:3f:3e:7b:84:f2:fc:d8:4f:65:43:1e:
                    a6:86:6e:2e:d1:b6:7c:06:9a:d1:d6:e2:aa:ff:30:
                    d3:7d:88:5e:7b:9d:fe:78:26:99:4f:c2:0c:b3:f4:
                    31:8c:ac:d7:60:ce:7e:a2:ac:e4:ee:54:fe:b9:60:
                    8f:de:52:b6:ae:02:32:b6:bc:81:73:ae:12:02:e1:
                    e1:01:d4:6c:12:16:d1:2c:d9:d9:eb:23:fb:4b:ab:
                    4d:66:61:1b:29:12:fe:93:39:ca:1f:ba:0c:ad:f6:
                    b0:dc:7d:0e:2c:e8:97:1a:c1:ca:f2:48:2a:54:77:
                    53:93:40:39:45:42:8f:96:50:ec:b7:64:bd:39:e4:
                    fe:f3:cf:28:fb:4e:c7:d0:1d:fe:8c:a8:ba:be:43:
                    54:9b:89:0a:78:b2:36:4b:68:ec:e8:26:1c:62:d2:
                    33:89:d6:33:08:9b:88:05:76:a2:04:31:a0:28:81:
                    06:83:84:66:e0:7d:fc:e5:cd:13:64:7c:55:2f:36:
                    45:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:08:A7:D8:BF:FA:58:2C:15:85:CA:27:D5:33:71:55:50:D8:91:A4
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/yQin2L_6WCwVhcon1TNxVVDYkaQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:d5::/48

    Signature Algorithm: sha256WithRSAEncryption
         5a:eb:60:a0:c4:a7:18:28:ae:be:07:c6:64:84:ee:42:26:a6:
         01:94:4d:5f:56:04:44:5c:60:36:7d:d8:af:fa:4b:d2:01:5a:
         59:77:c7:f0:49:19:6b:a9:bd:2d:f8:99:27:bd:83:47:c3:f2:
         df:d2:e7:a4:c3:42:fd:30:c4:70:c0:41:38:09:26:f3:3e:8e:
         e0:d2:7e:fc:04:68:4b:fc:b0:83:a6:eb:2b:ab:24:ca:07:c3:
         c5:fd:f7:08:d5:da:10:a3:46:fa:27:a5:f3:86:a9:67:37:5b:
         5d:0a:e3:4a:1a:5c:70:b6:1f:61:43:d6:3b:0a:c6:84:29:c4:
         df:e7:66:4c:bf:38:fa:66:33:bc:ae:e8:1e:4b:35:cc:28:f9:
         6c:0f:d7:c7:ed:17:37:18:14:a5:0f:f8:72:0c:fb:3c:6e:ab:
         b3:32:49:06:dc:67:e8:56:4a:12:21:a9:97:d5:46:4d:64:5e:
         b5:2f:d4:38:00:a6:a2:42:01:d4:d9:30:58:8d:ed:e4:43:2b:
         57:cd:65:a7:b2:d8:6f:fc:fd:db:56:69:86:bd:77:f1:1f:c0:
         6c:c8:83:c0:d0:d0:e3:66:e2:46:3f:23:f7:ba:98:1a:44:97:
         b4:c3:4b:3d:e7:f0:34:68:67:c1:c8:ba:70:a5:ad:60:71:09:
         82:4e:a1:a5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qeaIl/89cxdWnPlpcLNLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTA4YTdkOGJmZmE1ODJjMTU4NWNhMjdkNTMzNzE1NTUwZDg5MWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwurN2QSKGPJfwIrGbiRWVUgfWnXr
JhS+2tZdAJa/WexrzJpUT/ROu7U/8F67gUot1VTLz+u3Aicclwz8t9KGPz57hPL8
2E9lQx6mhm4u0bZ8BprR1uKq/zDTfYhee53+eCaZT8IMs/QxjKzXYM5+oqzk7lT+
uWCP3lK2rgIytryBc64SAuHhAdRsEhbRLNnZ6yP7S6tNZmEbKRL+kznKH7oMrfaw
3H0OLOiXGsHK8kgqVHdTk0A5RUKPllDst2S9OeT+888o+07H0B3+jKi6vkNUm4kK
eLI2S2js6CYcYtIzidYzCJuIBXaiBDGgKIEGg4Rm4H385c0TZHxVLzZFcwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMkIp9i/+lgsFYXKJ9UzcVVQ2JGkMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEveVFpbjJMXzZXQ3dWaGNvbjFUTnhWVkRZa2FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDV
MA0GCSqGSIb3DQEBCwUAA4IBAQBa62CgxKcYKK6+B8ZkhO5CJqYBlE1fVgREXGA2
fdiv+kvSAVpZd8fwSRlrqb0t+JknvYNHw/Lf0uekw0L9MMRwwEE4CSbzPo7g0n78
BGhL/LCDpusrqyTKB8PF/fcI1doQo0b6J6XzhqlnN1tdCuNKGlxwth9hQ9Y7CsaE
KcTf52ZMvzj6ZjO8rugeSzXMKPlsD9fH7Rc3GBSlD/hyDPs8bquzMkkG3GfoVkoS
IamX1UZNZF61L9Q4AKaiQgHU2TBYje3kQytXzWWnsthv/P3bVmmGvXfxH8BsyIPA
0NDjZuJGPyP3upgaRJe0w0s95/A0aGfByLpwpa1gcQmCTqGl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:11 2024 by rpki-client on console-ams.rpki-client.org