Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ywHQFkci9RmYLNTSX0-tUrCTRaE.roa
File:                     ywHQFkci9RmYLNTSX0-tUrCTRaE.roa (raw, json)
Hash identifier:          0AK9G5UrvqRRI8tzr4VCEpAV9/gdn0AyNucO+KmTJWY=
Subject key identifier:   CB:01:D0:16:47:22:F5:19:98:2C:D4:D2:5F:4F:AD:52:B0:93:45:A1
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7F94914A5504B6EAA06C34D4097A2BC7
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ywHQFkci9RmYLNTSX0-tUrCTRaE.roa
Signing time:             Tue 06 Feb 2024 18:00:59 +0000
ROA not before:           Tue 06 Feb 2024 18:00:59 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200082
IP address blocks:        2a0f:b241:35::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:94:91:4a:55:04:b6:ea:a0:6c:34:d4:09:7a:2b:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:00:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cb01d0164722f519982cd4d25f4fad52b09345a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:24:21:62:79:3d:56:aa:e7:6a:35:3a:c7:82:
                    3b:71:6d:53:23:95:85:c6:a5:9d:11:f4:6e:df:d1:
                    e8:eb:41:fa:ca:24:53:1f:df:d7:2d:4a:cf:b7:2c:
                    42:69:ce:a0:99:9e:6f:53:be:09:eb:e5:9c:cb:46:
                    3d:45:d9:7b:54:a8:2b:c4:e9:d0:d4:f6:7a:27:69:
                    a6:e0:14:8b:a1:a1:e1:cb:16:1b:b4:1e:b8:b9:dd:
                    c8:8b:bc:02:c6:4b:29:07:68:ce:84:9c:2d:8d:76:
                    01:d0:23:fe:31:1a:6c:64:1a:02:fa:b9:34:23:95:
                    e9:3e:f4:54:e3:0d:d7:11:43:79:f2:74:12:cf:94:
                    4d:58:6b:71:2a:f0:aa:a0:49:25:ad:65:59:69:d3:
                    3c:f1:bc:2e:3f:14:c9:8e:ac:73:54:75:c2:26:be:
                    f7:09:8b:be:a9:09:71:ce:76:12:8d:61:4f:15:de:
                    7c:fd:9d:08:d0:f5:59:13:a6:74:2f:73:0d:05:ab:
                    00:e0:cb:65:af:80:97:16:3e:e8:05:3d:90:12:6a:
                    45:08:7d:22:ab:6c:0e:73:60:4a:70:39:e5:9c:cc:
                    dd:9a:f0:62:75:12:d7:dd:45:2e:9a:48:30:49:68:
                    69:b4:60:19:c7:0f:2f:8d:b3:ab:73:aa:b8:96:e7:
                    25:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:01:D0:16:47:22:F5:19:98:2C:D4:D2:5F:4F:AD:52:B0:93:45:A1
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/ywHQFkci9RmYLNTSX0-tUrCTRaE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:35::/48

    Signature Algorithm: sha256WithRSAEncryption
         2f:64:9c:c9:b8:df:4d:99:78:99:15:6a:0d:54:24:d1:14:06:
         4a:90:64:f2:c5:cf:35:8f:ab:58:93:a3:65:bf:39:57:83:74:
         59:11:58:d4:5f:e6:bd:e0:7e:ab:71:0e:1c:37:50:7c:36:ef:
         bb:5b:72:b1:97:b3:b4:85:13:d8:92:ea:5d:d1:f2:32:19:ae:
         65:e0:08:97:57:d3:47:6b:71:9a:eb:c4:fa:10:4f:c2:b9:4b:
         4e:95:f7:f8:0d:72:e2:1a:e4:77:dc:ac:22:43:df:f0:52:ec:
         de:e0:31:97:9a:16:be:32:f1:4a:ba:e0:2f:78:cc:73:ff:c9:
         87:f1:2a:7a:c2:77:60:a9:37:22:5d:28:1e:a9:ba:63:a5:a4:
         51:1d:f6:f1:6a:84:ef:cf:9f:01:6a:0a:8f:36:fa:e1:63:e6:
         ae:12:37:90:b7:4f:6c:ab:86:26:7f:f3:cd:95:9f:4d:d7:51:
         67:0e:5d:67:c5:93:49:7e:6f:60:d9:59:1d:ee:83:16:e7:33:
         bb:6d:b2:17:ae:99:1f:0e:25:9e:9a:86:6f:22:fa:c2:43:b1:
         ce:5d:97:68:14:38:40:a0:34:ee:b2:da:95:cd:9f:1d:c9:ba:
         cc:92:e8:03:a2:7e:55:3f:cf:ec:d2:bb:2b:3c:e0:c5:f8:3e:
         3f:81:7d:cc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lJFKVQS26qBsNNQJeivHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjAxZDAxNjQ3MjJmNTE5OTgyY2Q0ZDI1ZjRmYWQ1MmIwOTM0NWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiQhYnk9VqrnajU6x4I7cW1TI5WF
xqWdEfRu39Ho60H6yiRTH9/XLUrPtyxCac6gmZ5vU74J6+Wcy0Y9Rdl7VKgrxOnQ
1PZ6J2mm4BSLoaHhyxYbtB64ud3Ii7wCxkspB2jOhJwtjXYB0CP+MRpsZBoC+rk0
I5XpPvRU4w3XEUN58nQSz5RNWGtxKvCqoEklrWVZadM88bwuPxTJjqxzVHXCJr73
CYu+qQlxznYSjWFPFd58/Z0I0PVZE6Z0L3MNBasA4Mtlr4CXFj7oBT2QEmpFCH0i
q2wOc2BKcDnlnMzdmvBidRLX3UUumkgwSWhptGAZxw8vjbOrc6q4luclJQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMsB0BZHIvUZmCzU0l9PrVKwk0WhMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEveXdIUUZrY2k5Um1ZTE5UU1gwLXRVckNUUmFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQA1
MA0GCSqGSIb3DQEBCwUAA4IBAQAvZJzJuN9NmXiZFWoNVCTRFAZKkGTyxc81j6tY
k6NlvzlXg3RZEVjUX+a94H6rcQ4cN1B8Nu+7W3Kxl7O0hRPYkupd0fIyGa5l4AiX
V9NHa3Ga68T6EE/CuUtOlff4DXLiGuR33KwiQ9/wUuze4DGXmha+MvFKuuAveMxz
/8mH8Sp6wndgqTciXSgeqbpjpaRRHfbxaoTvz58BagqPNvrhY+auEjeQt09sq4Ym
f/PNlZ9N11FnDl1nxZNJfm9g2Vkd7oMW5zO7bbIXrpkfDiWemoZvIvrCQ7HOXZdo
FDhAoDTustqVzZ8dybrMkugDon5VP8/s0rsrPODF+D4/gX3M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:11 2024 by rpki-client on console-ams.rpki-client.org