Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/zFZv0sFx_WRjZMqEA5GE0pikHp4.roa
File:                     zFZv0sFx_WRjZMqEA5GE0pikHp4.roa (raw, json)
Hash identifier:          ifZz2MgPrJNayd0/HnHjIu2Rh4sGMbpy+0VED4///W0=
Subject key identifier:   CC:56:6F:D2:C1:71:FD:64:63:64:CA:84:03:91:84:D2:98:A4:1E:9E
Certificate issuer:       /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial:       018D7FA8103AD6EB6CA72752D975155B0B37
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/zFZv0sFx_WRjZMqEA5GE0pikHp4.roa
Signing time:             Tue 06 Feb 2024 18:22:17 +0000
ROA not before:           Tue 06 Feb 2024 18:22:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     199972
IP address blocks:        2a0f:b241:90::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7f:a8:10:3a:d6:eb:6c:a7:27:52:d9:75:15:5b:0b:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
        Validity
            Not Before: Feb  6 18:22:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cc566fd2c171fd646364ca84039184d298a41e9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:98:e8:17:cc:75:82:33:d5:e1:d3:79:ca:87:
                    c1:ae:c7:75:3d:9e:dc:f7:ea:95:59:17:7f:81:fa:
                    0c:a8:e6:11:15:d1:7d:6d:3f:e4:2e:83:be:55:3f:
                    a0:38:be:17:d1:78:89:a8:d1:4c:2e:f7:3b:60:16:
                    ae:33:6d:bf:2f:c3:39:b4:c6:84:5f:03:fc:8e:4f:
                    0b:cf:25:8a:65:15:c3:6f:02:ff:94:5f:20:7d:18:
                    5b:02:03:bc:bf:ff:cd:9f:9d:23:b5:1a:b9:7c:00:
                    d1:08:88:4a:45:e8:be:27:14:f0:48:e9:44:ba:8c:
                    0b:58:77:e6:82:31:86:ba:b4:37:01:86:cf:22:41:
                    17:67:a9:5b:e3:59:1a:71:1e:9d:a2:43:46:19:41:
                    02:37:43:25:a3:a8:d5:26:4f:d0:10:4d:09:6d:97:
                    98:43:99:cc:7a:8e:9b:e6:88:b1:86:0f:9c:f9:26:
                    0a:d7:2e:17:4b:94:b8:db:9f:52:30:79:7c:47:e7:
                    93:eb:fd:b4:8c:fc:2f:ad:98:4a:eb:19:05:6d:2d:
                    2c:d7:2e:30:2c:85:8c:ae:ba:57:5f:82:1e:0d:c3:
                    ec:d8:1c:7d:0f:03:7d:1d:60:47:78:68:8b:33:f8:
                    9f:d0:08:a2:3f:5f:4b:ff:55:a9:11:2e:d9:b4:8e:
                    29:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:56:6F:D2:C1:71:FD:64:63:64:CA:84:03:91:84:D2:98:A4:1E:9E
            X509v3 Authority Key Identifier:
                keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/zFZv0sFx_WRjZMqEA5GE0pikHp4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b241:90::/48

    Signature Algorithm: sha256WithRSAEncryption
         5b:70:f8:97:80:3c:87:c4:f5:f4:a4:99:40:e8:3e:d6:59:da:
         c7:22:5b:2c:b6:22:ec:17:e3:3f:bd:7b:81:f2:83:c1:8e:56:
         5b:8a:cc:96:a8:ff:dd:d7:cf:28:f7:2a:15:dd:0b:9f:1e:e9:
         0b:8e:22:6f:ca:ae:b3:e2:dd:5c:9b:37:d2:bd:28:b1:46:93:
         88:bd:01:6b:3d:98:a8:a0:8a:dd:89:bc:af:f9:3a:7a:7a:5a:
         43:07:02:c6:5a:32:c2:ec:22:58:03:6c:94:90:33:b4:d7:00:
         24:96:d1:06:ad:42:ce:58:c2:e1:c9:99:00:bd:47:d3:26:c4:
         af:d9:09:af:d3:b5:26:a0:82:49:13:d1:06:43:97:52:13:46:
         c9:b1:87:45:29:8a:2f:95:19:16:c0:dd:be:7a:52:24:8a:1b:
         81:c5:84:2a:40:a7:7d:b9:2d:cd:b0:13:9f:ee:bb:e2:ca:ae:
         a3:65:e7:1b:88:9d:d3:89:22:c5:cf:64:4b:d3:a8:63:7d:0b:
         55:59:61:c1:2c:68:75:63:4f:39:cf:e9:67:ba:86:9c:e6:53:
         65:12:e7:84:25:f8:8a:94:98:b7:2f:fd:fd:76:5d:38:4c:a7:
         54:dd:97:27:39:22:03:8f:14:dc:6b:a3:03:9c:24:79:81:0c:
         b4:4e:71:a3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qBA61utspydS2XUVWws3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzU2NmZkMmMxNzFmZDY0NjM2NGNhODQwMzkxODRkMjk4YTQxZTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZjoF8x1gjPV4dN5yofBrsd1PZ7c
9+qVWRd/gfoMqOYRFdF9bT/kLoO+VT+gOL4X0XiJqNFMLvc7YBauM22/L8M5tMaE
XwP8jk8LzyWKZRXDbwL/lF8gfRhbAgO8v//Nn50jtRq5fADRCIhKRei+JxTwSOlE
uowLWHfmgjGGurQ3AYbPIkEXZ6lb41kacR6dokNGGUECN0Mlo6jVJk/QEE0JbZeY
Q5nMeo6b5oixhg+c+SYK1y4XS5S4259SMHl8R+eT6/20jPwvrZhK6xkFbS0s1y4w
LIWMrrpXX4IeDcPs2Bx9DwN9HWBHeGiLM/if0AiiP19L/1WpES7ZtI4p0wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMxWb9LBcf1kY2TKhAORhNKYpB6eMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvekZadjBzRnhfV1JqWk1xRUE1R0UwcGlrSHA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBbcPiXgDyHxPX0pJlA6D7WWdrHIlsstiLsF+M/
vXuB8oPBjlZbisyWqP/d188o9yoV3QufHukLjiJvyq6z4t1cmzfSvSixRpOIvQFr
PZiooIrdibyv+Tp6elpDBwLGWjLC7CJYA2yUkDO01wAkltEGrULOWMLhyZkAvUfT
JsSv2Qmv07UmoIJJE9EGQ5dSE0bJsYdFKYovlRkWwN2+elIkihuBxYQqQKd9uS3N
sBOf7rviyq6jZecbiJ3TiSLFz2RL06hjfQtVWWHBLGh1Y085z+lnuoac5lNlEueE
JfiKlJi3L/39dl04TKdU3ZcnOSIDjxTca6MDnCR5gQy0TnGj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:14 2024 by rpki-client on console-fra.rpki-client.org