Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/yfgvNlaGUiTec2AFcX7CghCA89o.roa
File:                     yfgvNlaGUiTec2AFcX7CghCA89o.roa (raw, json)
Hash identifier:          mUNCVyl5blVHSf/99YMVzGu3s4gbvw23jVXFD4ltcpI=
Subject key identifier:   C9:F8:2F:36:56:86:52:24:DE:73:60:05:71:7E:C2:82:10:80:F3:DA
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FAF615B6AD26B256CC06EA76F072F00
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/yfgvNlaGUiTec2AFcX7CghCA89o.roa
Signing time:             Tue 06 Feb 2024 18:30:16 +0000
ROA not before:           Tue 06 Feb 2024 18:30:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62435
IP address blocks:        2a0f:b241:126::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:af:61:5b:6a:d2:6b:25:6c:c0:6e:a7:6f:07:2f:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:30:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c9f82f3656865224de736005717ec2821080f3da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:d9:b5:24:c9:eb:e1:dd:c5:ad:e7:fb:6b:fe:
                    a2:16:6b:59:1a:a5:f6:f6:57:21:7f:3f:b4:c7:b3:
                    e7:08:29:da:9c:2c:bb:23:f8:91:22:d9:17:01:bc:
                    81:1b:2a:73:8d:2a:db:ad:4b:d2:7b:de:80:73:cf:
                    75:7c:3c:26:e8:50:a9:e1:79:dd:b8:44:1b:59:f9:
                    7f:f5:98:0e:33:51:13:57:9b:02:ac:31:83:15:82:
                    41:f0:62:14:20:7a:43:85:d5:ce:fc:05:65:85:a6:
                    2d:91:5b:45:69:70:20:90:ab:1d:d2:ea:e7:87:12:
                    e0:6e:aa:52:e7:1a:f7:76:88:98:ce:ea:c6:02:95:
                    5b:a7:b4:a6:3f:91:9f:b5:04:48:7c:3f:2a:47:e8:
                    53:a3:6d:c1:c5:c0:45:71:40:d3:3b:42:28:0e:bd:
                    c1:b9:b8:31:65:c4:de:5a:46:7a:44:86:52:59:92:
                    39:be:ca:88:2f:64:f2:f3:84:5c:e7:f2:5d:10:2a:
                    59:c7:63:ab:42:d3:17:a3:00:cc:be:ad:09:cf:ad:
                    84:3b:9e:47:cb:8f:af:04:05:f2:1f:94:46:ee:6d:
                    b5:d5:c8:e3:df:89:be:66:eb:19:44:1f:30:ef:26:
                    5d:24:12:75:3c:3f:38:30:41:61:df:82:1e:35:5e:
                    30:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:F8:2F:36:56:86:52:24:DE:73:60:05:71:7E:C2:82:10:80:F3:DA
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/yfgvNlaGUiTec2AFcX7CghCA89o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:126::/48

    Signature Algorithm: sha256WithRSAEncryption
         53:a7:c1:3b:a2:bd:8d:5f:6d:af:0b:8e:4b:87:b5:f7:ef:47:
         9c:78:5a:9c:0a:fe:16:8c:07:02:43:2b:15:a9:7c:29:a4:93:
         83:02:44:a3:5c:7a:72:0f:2b:ca:50:81:90:58:b0:95:30:d3:
         3c:b5:0b:39:73:dc:9b:1f:23:00:c8:23:3d:8f:a8:78:ee:d8:
         9f:b6:05:d4:a5:7b:60:78:a3:e3:b6:6b:ad:82:ca:1d:1e:c4:
         ac:76:3e:be:24:bd:e4:05:ef:ad:47:a6:11:82:a9:95:a0:eb:
         ee:48:f8:e8:41:fa:0b:29:ca:b3:b6:51:50:92:dd:54:d0:0d:
         f6:9d:e0:c4:45:04:9d:54:fb:ee:2b:6c:3c:ce:fd:49:88:df:
         d3:10:4e:b0:8e:97:e0:0c:fe:f6:17:ab:a9:07:57:f5:53:64:
         ca:45:5a:e4:8a:e3:ae:f5:73:7f:f4:05:e7:c0:68:91:8d:9f:
         b1:e0:8e:ef:fb:ce:9e:d8:7d:af:a6:58:04:50:ab:a1:52:8f:
         2b:56:bc:af:7a:26:47:f1:d2:12:8e:eb:9c:aa:6b:7f:14:cc:
         d4:cb:81:98:79:0c:4d:a3:d1:be:c5:7f:5c:2b:db:34:01:f0:
         e9:e9:94:5e:c4:6d:f9:51:6e:e2:c0:91:8a:6c:ef:b6:24:a6:
         d1:7e:c9:37
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/r2FbatJrJWzAbqdvBy8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWY4MmYzNjU2ODY1MjI0ZGU3MzYwMDU3MTdlYzI4MjEwODBmM2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9m1JMnr4d3Fref7a/6iFmtZGqX2
9lchfz+0x7PnCCnanCy7I/iRItkXAbyBGypzjSrbrUvSe96Ac891fDwm6FCp4Xnd
uEQbWfl/9ZgOM1ETV5sCrDGDFYJB8GIUIHpDhdXO/AVlhaYtkVtFaXAgkKsd0urn
hxLgbqpS5xr3doiYzurGApVbp7SmP5GftQRIfD8qR+hTo23BxcBFcUDTO0IoDr3B
ubgxZcTeWkZ6RIZSWZI5vsqIL2Ty84Rc5/JdECpZx2OrQtMXowDMvq0Jz62EO55H
y4+vBAXyH5RG7m211cjj34m+ZusZRB8w7yZdJBJ1PD84MEFh34IeNV4wjQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMn4LzZWhlIk3nNgBXF+woIQgPPaMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEveWZndk5sYUdVaVRlYzJBRmNYN0NnaENBODlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEm
MA0GCSqGSIb3DQEBCwUAA4IBAQBTp8E7or2NX22vC45Lh7X370eceFqcCv4WjAcC
QysVqXwppJODAkSjXHpyDyvKUIGQWLCVMNM8tQs5c9ybHyMAyCM9j6h47tiftgXU
pXtgeKPjtmutgsodHsSsdj6+JL3kBe+tR6YRgqmVoOvuSPjoQfoLKcqztlFQkt1U
0A32neDERQSdVPvuK2w8zv1JiN/TEE6wjpfgDP72F6upB1f1U2TKRVrkiuOu9XN/
9AXnwGiRjZ+x4I7v+86e2H2vplgEUKuhUo8rVryveiZH8dISjuucqmt/FMzUy4GY
eQxNo9G+xX9cK9s0AfDp6ZRexG35UW7iwJGKbO+2JKbRfsk3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:14 2024 by rpki-client on console-fra.rpki-client.org