Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/N_cyLkuKIa1BTzSe19BF1_T_XdM.roa
File:                     N_cyLkuKIa1BTzSe19BF1_T_XdM.roa (raw, json)
Hash identifier:          hEVntFibIJozgSpSoJxl5VSVf49ce+32dnutMErK8cE=
Subject key identifier:   37:F7:32:2E:4B:8A:21:AD:41:4F:34:9E:D7:D0:45:D7:F4:FF:5D:D3
Certificate issuer:       /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial:       0190FF02AD231D4363E1193E96B5D756D366
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/N_cyLkuKIa1BTzSe19BF1_T_XdM.roa
Signing time:             Mon 29 Jul 2024 15:01:23 +0000
ROA not before:           Mon 29 Jul 2024 15:01:23 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51396
IP address blocks:        2a06:b440::/29 maxlen: 32
                          2a0e:7780::/29 maxlen: 30
                          2a0f:e000::/29 maxlen: 29
                          2a11:f140::/29 maxlen: 29
                          2a12:ec0::/29 maxlen: 32
                          2a12:6740::/29 maxlen: 30
                          2a12:8ec0::/29 maxlen: 30
                          2a12:ccc0::/29 maxlen: 30
                          2a12:d3c0::/29 maxlen: 30
                          2a12:e240::/29 maxlen: 30

Validation:               Failed, certificate revoked on Sat 17 Aug 2024 11:09:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:ff:02:ad:23:1d:43:63:e1:19:3e:96:b5:d7:56:d3:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
        Validity
            Not Before: Jul 29 15:01:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=37f7322e4b8a21ad414f349ed7d045d7f4ff5dd3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:e1:c1:18:48:a3:c4:ea:de:90:ad:a7:a8:e0:
                    2b:78:10:f5:40:ad:17:51:5a:24:2d:52:7e:4a:9d:
                    6b:48:0b:8e:a9:7c:6f:6e:6c:2b:04:28:46:db:5b:
                    22:b9:ec:e2:ba:29:2b:64:75:bf:02:78:a5:3b:2b:
                    31:b6:47:72:f2:fc:95:2e:ac:93:7c:be:10:61:d3:
                    4c:0b:2d:99:2b:18:a6:b3:dc:b0:14:5b:4d:c7:ba:
                    e5:bc:1b:ff:52:72:52:e4:59:d4:01:c5:9a:44:0a:
                    53:76:da:25:fb:c2:de:61:e5:48:80:ba:33:b5:ec:
                    59:ae:2a:ab:9b:52:71:2d:08:ef:7c:3e:ff:07:dc:
                    66:f4:37:18:d4:a2:86:44:6c:28:c9:4c:4a:ef:e5:
                    a9:54:40:3f:28:15:f8:c3:b0:68:98:d3:e5:e9:7a:
                    3b:e5:35:47:27:ed:e4:f2:dc:6f:dc:2a:36:74:e9:
                    b5:a0:83:5d:c4:ea:cb:84:38:52:8b:58:01:92:5f:
                    60:cb:e5:87:0c:b2:b7:45:e3:8b:f9:c1:56:27:2d:
                    95:af:6e:cf:67:6d:b2:55:9d:32:33:65:82:d6:d7:
                    84:c1:7e:72:31:53:fb:fe:bd:00:a6:76:31:88:7a:
                    f8:f1:ed:18:8e:4c:15:cf:7a:2e:4c:3a:35:28:4e:
                    fe:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:F7:32:2E:4B:8A:21:AD:41:4F:34:9E:D7:D0:45:D7:F4:FF:5D:D3
            X509v3 Authority Key Identifier:
                keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/N_cyLkuKIa1BTzSe19BF1_T_XdM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:b440::/29
                  2a0e:7780::/29
                  2a0f:e000::/29
                  2a11:f140::/29
                  2a12:ec0::/29
                  2a12:6740::/29
                  2a12:8ec0::/29
                  2a12:ccc0::/29
                  2a12:d3c0::/29
                  2a12:e240::/29

    Signature Algorithm: sha256WithRSAEncryption
         a6:d6:67:6a:5f:13:d4:b2:e2:69:3f:90:91:e5:e1:c9:89:8c:
         56:ed:40:84:e5:aa:3f:29:78:fb:d6:09:cf:4e:92:75:a1:b5:
         62:9f:49:44:6d:0f:18:53:58:d1:ed:6b:a8:f0:89:c4:d9:b9:
         c7:14:f1:c6:8d:b8:f5:21:48:db:aa:4c:52:bc:0c:92:49:c6:
         bc:c5:40:f1:9f:ae:a9:e9:e3:5b:95:78:e4:c7:ff:6e:42:e9:
         22:5a:a5:5f:85:9c:f7:39:ab:a8:05:e4:8d:fe:27:6a:bf:54:
         7a:3c:e9:0b:55:d8:55:1c:25:94:89:3d:70:a2:21:ee:74:b8:
         1e:fe:32:f7:0d:d1:81:97:49:1a:a7:46:69:01:99:ac:02:73:
         6a:2b:cd:a6:fa:d1:27:78:7c:e8:fe:b7:74:39:79:bd:59:f4:
         63:88:4e:ad:49:79:51:5e:fb:a7:63:6e:b3:a1:61:17:85:70:
         37:f4:1e:a3:8d:e0:7f:26:2c:8a:e8:b7:5a:13:cd:d9:ea:14:
         4e:82:bb:f1:ae:fe:e7:41:29:bc:99:99:f7:42:6a:3d:bd:7d:
         f7:58:43:22:39:60:ad:40:e5:7f:db:93:10:c8:c1:42:14:f3:
         5b:7f:29:6d:13:ba:e4:95:ad:b4:d2:e6:73:57:e2:7d:f3:38:
         de:c9:e9:0b
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZD/Aq0jHUNj4Rk+lrXXVtNmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwNzI5MTUwMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2Y3MzIyZTRiOGEyMWFkNDE0ZjM0OWVkN2QwNDVkN2Y0ZmY1ZGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouHBGEijxOrekK2nqOAreBD1QK0X
UVokLVJ+Sp1rSAuOqXxvbmwrBChG21siueziuikrZHW/AnilOysxtkdy8vyVLqyT
fL4QYdNMCy2ZKxims9ywFFtNx7rlvBv/UnJS5FnUAcWaRApTdtol+8LeYeVIgLoz
texZriqrm1JxLQjvfD7/B9xm9DcY1KKGRGwoyUxK7+WpVEA/KBX4w7BomNPl6Xo7
5TVHJ+3k8txv3Co2dOm1oINdxOrLhDhSi1gBkl9gy+WHDLK3ReOL+cFWJy2Vr27P
Z22yVZ0yM2WC1teEwX5yMVP7/r0ApnYxiHr48e0YjkwVz3ouTDo1KE7+8QIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFDf3Mi5LiiGtQU80ntfQRdf0/13TMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvTl9jeUxrdUtJYTFCVHpTZTE5QkYxX1RfWGRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUDKga0QAMF
AyoOd4ADBQMqD+AAAwUDKhHxQAMFAyoSDsADBQMqEmdAAwUDKhKOwAMFAyoSzMAD
BQMqEtPAAwUDKhLiQDANBgkqhkiG9w0BAQsFAAOCAQEAptZnal8T1LLiaT+QkeXh
yYmMVu1AhOWqPyl4+9YJz06SdaG1Yp9JRG0PGFNY0e1rqPCJxNm5xxTxxo249SFI
26pMUrwMkknGvMVA8Z+uqenjW5V45Mf/bkLpIlqlX4Wc9zmrqAXkjf4nar9Uejzp
C1XYVRwllIk9cKIh7nS4Hv4y9w3RgZdJGqdGaQGZrAJzaivNpvrRJ3h86P63dDl5
vVn0Y4hOrUl5UV77p2Nus6FhF4VwN/Qeo43gfyYsiui3WhPN2eoUToK78a7+50Ep
vJmZ90JqPb1991hDIjlgrUDlf9uTEMjBQhTzW38pbRO65JWttNLmc1fiffM43snp
Cw==
-----END CERTIFICATE-----