Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/2S047RbxTlonsUFioWKRBInyRXk.roa
File:                     2S047RbxTlonsUFioWKRBInyRXk.roa (raw, json)
Hash identifier:          6Vc91vvalsI7/HjvoKRZpj5sz44CxP++fW4C5hjyNo8=
Subject key identifier:   D9:2D:38:ED:16:F1:4E:5A:27:B1:41:62:A1:62:91:04:89:F2:45:79
Certificate issuer:       /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial:       019707CF98CD507E7F2569EA9A51C8C3552C
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/2S047RbxTlonsUFioWKRBInyRXk.roa
Signing time:             Sun 25 May 2025 14:18:54 +0000
ROA not before:           Sun 25 May 2025 14:18:54 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     213861
IP address blocks:        2a0e:7780::/29 maxlen: 29
                          2a0f:d480::/29 maxlen: 29
                          2a11:3b40::/29 maxlen: 32
                          2a12:6640::/29 maxlen: 29
                          2a12:6b80::/29 maxlen: 29
                          2a12:f0c0::/29 maxlen: 29
                          2a13:ba00::/29 maxlen: 29
                          2a14:c0::/29 maxlen: 29
                          2a14:f40::/29 maxlen: 32
Validation:               Failed, certificate revoked on Mon 02 Jun 2025 08:59:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:07:cf:98:cd:50:7e:7f:25:69:ea:9a:51:c8:c3:55:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
        Validity
            Not Before: May 25 14:18:54 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=d92d38ed16f14e5a27b14162a162910489f24579
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:bf:f1:47:ae:52:9b:42:54:34:62:9c:cd:6c:
                    e4:a5:d3:c2:ef:83:09:ea:08:ec:e2:17:f6:67:32:
                    a7:f0:46:9d:1b:23:86:1f:8b:fd:ab:c0:15:c0:ea:
                    bb:41:30:1a:ef:e0:13:0a:f5:12:41:ef:c2:77:63:
                    98:df:18:9d:29:25:05:ab:67:9e:45:18:b6:bb:13:
                    de:76:ff:e5:ca:a8:b5:a9:dd:e5:43:5a:aa:a0:d5:
                    66:a6:3a:6b:14:a2:3b:3e:fc:9b:cb:a3:07:56:22:
                    56:52:96:89:30:32:73:fc:94:a7:e5:ef:20:dd:7d:
                    f2:d9:f0:10:7b:02:5c:76:f2:aa:53:17:83:01:bc:
                    27:0f:0b:e8:88:e3:b3:7c:71:7a:e4:39:11:89:91:
                    c2:38:b9:7a:1a:6a:e9:25:96:9c:7b:a7:8d:b9:53:
                    a1:ab:55:a8:6a:2a:a3:08:f0:7e:6e:7b:ce:46:cb:
                    00:36:8a:6a:99:ca:1a:1a:b5:52:72:68:04:c6:a5:
                    1a:1d:26:b1:62:6e:e6:5b:40:de:a8:5e:e3:40:81:
                    5c:fd:8a:19:da:b0:6a:81:d7:34:3d:fe:ad:ab:b4:
                    ef:f4:34:e4:ff:af:5d:fd:a0:54:ba:3b:52:b2:2b:
                    e1:59:63:16:bc:b7:1b:14:ad:fd:df:65:88:e1:bd:
                    5d:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:2D:38:ED:16:F1:4E:5A:27:B1:41:62:A1:62:91:04:89:F2:45:79
            X509v3 Authority Key Identifier:
                keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/2S047RbxTlonsUFioWKRBInyRXk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:7780::/29
                  2a0f:d480::/29
                  2a11:3b40::/29
                  2a12:6640::/29
                  2a12:6b80::/29
                  2a12:f0c0::/29
                  2a13:ba00::/29
                  2a14:c0::/29
                  2a14:f40::/29

    Signature Algorithm: sha256WithRSAEncryption
         8a:1f:ed:69:33:1c:77:2b:fe:cd:fe:41:7d:83:c2:ef:5d:ac:
         37:28:47:5c:35:57:62:91:8e:d1:f8:b1:fc:35:a3:eb:85:2e:
         63:86:34:32:45:5a:01:67:42:76:2d:23:48:f8:72:af:3a:76:
         76:50:96:9a:d8:88:21:76:9f:fe:26:9c:b4:dc:9c:03:59:c2:
         4f:35:f1:f8:fa:b2:24:ca:c2:38:d2:c3:c1:cd:06:6b:32:29:
         8f:4d:db:bf:8a:b1:1b:f4:3b:d1:19:18:66:b8:3e:32:c1:15:
         e0:7d:85:bb:f9:5c:ad:18:ae:bc:18:ce:64:ac:c0:49:c7:74:
         44:82:0a:51:f8:5d:b0:9f:25:b3:a1:c2:51:dc:8a:52:ca:36:
         25:60:b2:84:ae:7e:fe:8b:de:5d:3d:8d:3c:f2:50:7f:2e:e6:
         a8:3f:53:06:18:5b:ae:a8:d1:e3:01:90:c2:50:6a:1f:82:73:
         fd:03:7c:d7:92:89:ff:3d:82:b6:14:4b:7b:3c:b7:c6:ba:81:
         7c:50:e5:27:aa:6c:c9:e7:fa:e4:96:30:15:c3:68:ca:68:b5:
         6f:cc:8d:b6:af:f3:f4:bc:93:cd:2b:00:0c:9b:71:e6:3b:ee:
         3f:20:62:74:6e:92:39:52:b3:b6:c9:fb:26:fd:4c:01:82:1a:
         e6:14:a8:78
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZcHz5jNUH5/JWnqmlHIw1UsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjUwNTI1MTQxODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTJkMzhlZDE2ZjE0ZTVhMjdiMTQxNjJhMTYyOTEwNDg5ZjI0NTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtL/xR65Sm0JUNGKczWzkpdPC74MJ
6gjs4hf2ZzKn8EadGyOGH4v9q8AVwOq7QTAa7+ATCvUSQe/Cd2OY3xidKSUFq2ee
RRi2uxPedv/lyqi1qd3lQ1qqoNVmpjprFKI7Pvyby6MHViJWUpaJMDJz/JSn5e8g
3X3y2fAQewJcdvKqUxeDAbwnDwvoiOOzfHF65DkRiZHCOLl6GmrpJZace6eNuVOh
q1WoaiqjCPB+bnvORssANopqmcoaGrVScmgExqUaHSaxYm7mW0DeqF7jQIFc/YoZ
2rBqgdc0Pf6tq7Tv9DTk/69d/aBUujtSsivhWWMWvLcbFK3932WI4b1diwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFNktOO0W8U5aJ7FBYqFikQSJ8kV5MB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvMlMwNDdSYnhUbG9uc1VGaW9XS1JCSW55UlhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUDKg53gAMF
AyoP1IADBQMqETtAAwUDKhJmQAMFAyoSa4ADBQMqEvDAAwUDKhO6AAMFAyoUAMAD
BQMqFA9AMA0GCSqGSIb3DQEBCwUAA4IBAQCKH+1pMxx3K/7N/kF9g8LvXaw3KEdc
NVdikY7R+LH8NaPrhS5jhjQyRVoBZ0J2LSNI+HKvOnZ2UJaa2Ighdp/+Jpy03JwD
WcJPNfH4+rIkysI40sPBzQZrMimPTdu/irEb9DvRGRhmuD4ywRXgfYW7+VytGK68
GM5krMBJx3REggpR+F2wnyWzocJR3IpSyjYlYLKErn7+i95dPY088lB/LuaoP1MG
GFuuqNHjAZDCUGofgnP9A3zXkon/PYK2FEt7PLfGuoF8UOUnqmzJ5/rkljAVw2jK
aLVvzI22r/P0vJPNKwAMm3HmO+4/IGJ0bpI5UrO2yfsm/UwBghrmFKh4
-----END CERTIFICATE-----
Generated at Mon Jun 9 18:34:19 2025 by rpki-client