Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/hGuyHQNqtJ_pBMB646io6ZI2kEI.roa
File:                     hGuyHQNqtJ_pBMB646io6ZI2kEI.roa (raw, json)
Hash identifier:          O3aWHYuCa3uytBkO6S2d54Ja4GutwnwN03JUFpcw/fg=
Subject key identifier:   84:6B:B2:1D:03:6A:B4:9F:E9:04:C0:7A:E3:A8:A8:E9:92:36:90:42
Certificate issuer:       /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial:       0197896E1A88F9391384056BB075835E196B
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/hGuyHQNqtJ_pBMB646io6ZI2kEI.roa
Signing time:             Thu 19 Jun 2025 18:23:03 +0000
ROA not before:           Thu 19 Jun 2025 18:23:03 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     29182
IP address blocks:        2a11:d084::/32 maxlen: 32
Validation:               Failed, certificate revoked on Fri 20 Jun 2025 10:40:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:89:6e:1a:88:f9:39:13:84:05:6b:b0:75:83:5e:19:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
        Validity
            Not Before: Jun 19 18:23:03 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=846bb21d036ab49fe904c07ae3a8a8e992369042
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:71:92:8d:aa:da:40:98:95:d0:57:6d:c7:dd:
                    bb:11:1d:c5:03:a0:19:27:75:79:73:19:0e:29:e4:
                    de:79:72:a8:8d:6f:9e:db:45:10:a2:55:83:39:36:
                    a2:14:28:5d:00:2e:d2:97:74:3d:6e:16:fd:95:98:
                    6c:83:5f:e7:a7:78:48:c6:5c:92:f2:76:31:54:d5:
                    89:86:88:f4:ea:aa:e4:89:99:43:78:d8:16:6f:91:
                    55:dd:38:ef:69:45:54:94:59:b2:a0:1f:a7:02:e8:
                    e6:fd:a4:bd:5b:48:df:1d:e5:97:06:74:1d:eb:46:
                    e8:62:1c:b2:81:39:47:75:90:a8:89:c7:4d:dd:94:
                    8d:8e:81:d5:69:89:c3:19:79:15:ae:f0:ee:98:a5:
                    ea:a7:e2:4d:42:dc:68:88:63:77:a0:c2:a4:32:75:
                    07:94:7c:f8:80:13:da:b1:5e:c7:48:22:db:42:e5:
                    9a:52:c2:7f:83:5e:69:f5:97:e8:cc:f0:e4:98:b3:
                    d2:f9:92:55:88:39:29:43:bb:71:84:71:26:17:17:
                    fa:39:f1:27:68:cd:32:ae:59:b3:6b:d0:80:de:f4:
                    48:54:96:b3:4d:10:b4:16:4b:0b:83:25:59:da:42:
                    74:50:d1:be:49:97:8b:ea:04:d7:ac:9a:d3:a2:13:
                    cc:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:6B:B2:1D:03:6A:B4:9F:E9:04:C0:7A:E3:A8:A8:E9:92:36:90:42
            X509v3 Authority Key Identifier:
                keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/hGuyHQNqtJ_pBMB646io6ZI2kEI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:d084::/32

    Signature Algorithm: sha256WithRSAEncryption
         4b:49:2f:ea:ff:54:a2:0f:40:62:ac:77:9f:c8:55:2c:df:20:
         11:db:7b:f9:2b:0b:57:71:9e:4b:69:1e:15:6f:c5:be:ae:31:
         01:0b:05:2b:77:fe:24:6c:b4:d8:53:d8:23:d5:d6:a8:5e:26:
         74:ec:0a:d0:88:4c:ca:49:c3:28:bb:4f:b3:46:15:50:a3:c6:
         7f:bd:23:10:11:bf:57:d6:5d:54:ea:7f:ad:59:be:82:72:45:
         fb:40:34:06:6c:39:01:9d:f8:be:f3:0f:9e:8f:34:82:5e:1c:
         c7:41:6d:6c:5e:5e:d0:3d:d6:a9:94:b6:47:ef:9e:6b:6d:c7:
         90:b6:63:bf:6f:70:bc:35:ee:28:ee:bd:ae:34:4f:a7:4a:2d:
         64:d0:a8:ac:6d:a5:89:24:b0:27:44:8b:4a:3d:dd:6a:a5:63:
         5c:66:f8:33:0f:5e:5d:2e:ca:e0:58:59:ba:2d:0b:81:c3:71:
         96:81:e7:64:97:61:65:39:63:56:8b:f2:98:9a:26:bc:36:96:
         28:d2:b3:ec:2c:ed:88:69:44:80:90:d3:5c:71:14:a9:04:78:
         66:35:2e:26:03:42:92:98:62:ab:d5:85:8c:89:2f:ac:38:93:
         7d:cf:85:5c:93:26:1d:4f:9f:c2:a4:6c:4b:46:96:01:6b:20:
         95:c3:23:ac
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZeJbhqI+TkThAVrsHWDXhlrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwNjE5MTgyMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDZiYjIxZDAzNmFiNDlmZTkwNGMwN2FlM2E4YThlOTkyMzY5MDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXGSjaraQJiV0Fdtx927ER3FA6AZ
J3V5cxkOKeTeeXKojW+e20UQolWDOTaiFChdAC7Sl3Q9bhb9lZhsg1/np3hIxlyS
8nYxVNWJhoj06qrkiZlDeNgWb5FV3TjvaUVUlFmyoB+nAujm/aS9W0jfHeWXBnQd
60boYhyygTlHdZCoicdN3ZSNjoHVaYnDGXkVrvDumKXqp+JNQtxoiGN3oMKkMnUH
lHz4gBPasV7HSCLbQuWaUsJ/g15p9ZfozPDkmLPS+ZJViDkpQ7txhHEmFxf6OfEn
aM0yrlmza9CA3vRIVJazTRC0FksLgyVZ2kJ0UNG+SZeL6gTXrJrTohPMbQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIRrsh0DarSf6QTAeuOoqOmSNpBCMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvaEd1eUhRTnF0Sl9wQk1CNjQ2aW82Wkkya0VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhHQhDAN
BgkqhkiG9w0BAQsFAAOCAQEAS0kv6v9Uog9AYqx3n8hVLN8gEdt7+SsLV3GeS2ke
FW/Fvq4xAQsFK3f+JGy02FPYI9XWqF4mdOwK0IhMyknDKLtPs0YVUKPGf70jEBG/
V9ZdVOp/rVm+gnJF+0A0Bmw5AZ34vvMPno80gl4cx0FtbF5e0D3WqZS2R++ea23H
kLZjv29wvDXuKO69rjRPp0otZNCorG2liSSwJ0SLSj3daqVjXGb4Mw9eXS7K4FhZ
ui0LgcNxloHnZJdhZTljVovymJomvDaWKNKz7CztiGlEgJDTXHEUqQR4ZjUuJgNC
kphiq9WFjIkvrDiTfc+FXJMmHU+fwqRsS0aWAWsglcMjrA==
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:50:17 2025 by rpki-client