Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/Sw01Ed8mr8xpU07iWJEG--5UCKI.roa
File:                     Sw01Ed8mr8xpU07iWJEG--5UCKI.roa (raw, json)
Hash identifier:          LbfVYnbOKdVObK1lZBMF/fiE/V5NiMezB9IEGRfRydg=
Subject key identifier:   4B:0D:35:11:DF:26:AF:CC:69:53:4E:E2:58:91:06:FB:EE:54:08:A2
Certificate issuer:       /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial:       0190399AA5241F8629340B64C08B71C6A16B
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/Sw01Ed8mr8xpU07iWJEG--5UCKI.roa
Signing time:             Fri 21 Jun 2024 07:02:34 +0000
ROA not before:           Fri 21 Jun 2024 07:02:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51396
IP address blocks:        2a06:b440::/29 maxlen: 29
                          2a0e:7780::/29 maxlen: 30
                          2a0f:e000::/29 maxlen: 29
                          2a11:f140::/29 maxlen: 29
                          2a12:ec0::/29 maxlen: 32
                          2a12:6740::/29 maxlen: 30
                          2a12:8ec0::/29 maxlen: 30
                          2a12:ccc0::/29 maxlen: 30
                          2a12:d3c0::/29 maxlen: 30
                          2a12:e240::/29 maxlen: 30
                          2a12:f0c0::/29 maxlen: 30

Validation:               Failed, certificate revoked on Tue 02 Jul 2024 18:50:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:39:9a:a5:24:1f:86:29:34:0b:64:c0:8b:71:c6:a1:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
        Validity
            Not Before: Jun 21 07:02:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4b0d3511df26afcc69534ee2589106fbee5408a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:3a:ab:23:da:24:2c:1e:63:58:aa:5d:b5:68:
                    02:4d:42:f2:1d:51:fe:3a:d7:a8:3c:69:c2:eb:77:
                    4e:db:fc:5b:8a:2b:99:e7:ca:3c:4e:ca:e4:83:c2:
                    5a:c5:2c:7f:fb:c3:d4:21:d7:64:35:c6:f8:ad:2d:
                    e2:17:92:3c:28:f6:f3:f4:da:38:3c:6d:79:84:bb:
                    d4:12:69:62:1d:cb:bf:3c:f6:90:65:83:8c:d8:ce:
                    cc:29:56:8c:e3:b4:a7:e6:ef:71:d2:09:c8:c4:4e:
                    2b:db:23:35:94:dd:f1:ce:62:d1:8d:e1:38:4e:81:
                    f3:fc:d2:09:6a:43:f0:61:78:54:f8:e4:8e:0b:92:
                    83:10:13:45:07:64:15:48:ed:d8:e8:3b:04:2c:76:
                    2c:c4:6b:6f:29:53:47:c5:8f:f6:31:d8:5d:46:5b:
                    68:6d:3e:14:88:77:f3:6e:47:2b:46:c4:50:a1:02:
                    cb:f0:c2:c4:d4:13:58:a1:af:6f:7a:05:27:8c:7b:
                    af:7a:d6:0f:81:af:4e:b8:ac:69:76:d2:81:3b:c2:
                    c0:13:d2:3c:b0:88:e1:d5:f6:7d:d6:f6:2a:ba:cc:
                    05:75:b6:06:7f:3f:55:98:d2:37:c0:83:95:e2:1e:
                    8a:35:cf:61:0e:ba:ab:ee:1b:fa:b1:40:19:af:79:
                    0e:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:0D:35:11:DF:26:AF:CC:69:53:4E:E2:58:91:06:FB:EE:54:08:A2
            X509v3 Authority Key Identifier:
                keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/Sw01Ed8mr8xpU07iWJEG--5UCKI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:b440::/29
                  2a0e:7780::/29
                  2a0f:e000::/29
                  2a11:f140::/29
                  2a12:ec0::/29
                  2a12:6740::/29
                  2a12:8ec0::/29
                  2a12:ccc0::/29
                  2a12:d3c0::/29
                  2a12:e240::/29
                  2a12:f0c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         51:a3:38:38:83:70:66:77:f1:22:37:8d:73:9e:d9:65:bc:52:
         21:ad:4b:0c:37:63:4d:ee:9d:b2:37:c2:85:67:77:53:f5:f1:
         a6:88:7c:67:52:9c:dc:a0:39:38:ab:47:f1:9c:d3:5e:93:0f:
         83:15:9f:e9:53:91:0f:a4:8b:a0:e2:c6:4e:7b:f4:1a:34:92:
         34:93:ac:0b:4b:28:92:4f:3a:c5:ae:2e:01:74:cc:06:95:0b:
         83:60:22:c6:a2:10:f4:3f:8e:40:5c:75:1d:57:7d:fa:f8:16:
         e8:ff:3a:46:0e:7d:00:d7:30:d2:05:1e:9e:bf:4f:79:2a:d8:
         80:be:a0:67:1a:76:88:85:5b:f1:69:17:b5:2a:ba:81:d1:f6:
         70:ad:fd:da:03:6d:8c:ff:85:10:66:a6:9c:1e:17:ed:6f:f7:
         ca:31:c8:07:49:59:98:0d:02:b2:76:5d:0e:33:a0:d2:e0:c2:
         9a:e6:a3:5c:d6:19:c4:54:6c:24:a1:65:8a:4e:6c:59:9b:4a:
         16:7a:2e:d4:cb:7c:12:b5:e7:c7:a1:c3:11:82:03:76:b2:c1:
         37:7d:2c:02:27:3e:0f:f0:6b:e3:29:7b:e1:d4:a2:59:d9:f0:
         56:fe:d9:f8:dc:af:9a:d4:45:1b:a0:7b:5c:92:4a:c0:92:7f:
         4a:b1:d3:e9
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZA5mqUkH4YpNAtkwItxxqFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwNjIxMDcwMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjBkMzUxMWRmMjZhZmNjNjk1MzRlZTI1ODkxMDZmYmVlNTQwOGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTqrI9okLB5jWKpdtWgCTULyHVH+
OteoPGnC63dO2/xbiiuZ58o8Tsrkg8JaxSx/+8PUIddkNcb4rS3iF5I8KPbz9No4
PG15hLvUEmliHcu/PPaQZYOM2M7MKVaM47Sn5u9x0gnIxE4r2yM1lN3xzmLRjeE4
ToHz/NIJakPwYXhU+OSOC5KDEBNFB2QVSO3Y6DsELHYsxGtvKVNHxY/2MdhdRlto
bT4UiHfzbkcrRsRQoQLL8MLE1BNYoa9vegUnjHuvetYPga9OuKxpdtKBO8LAE9I8
sIjh1fZ91vYquswFdbYGfz9VmNI3wIOV4h6KNc9hDrqr7hv6sUAZr3kOpQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFEsNNRHfJq/MaVNO4liRBvvuVAiiMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvU3cwMUVkOG1yOHhwVTA3aVdKRUctLTVVQ0tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBTBAIAAjBNAwUDKga0QAMF
AyoOd4ADBQMqD+AAAwUDKhHxQAMFAyoSDsADBQMqEmdAAwUDKhKOwAMFAyoSzMAD
BQMqEtPAAwUDKhLiQAMFAyoS8MAwDQYJKoZIhvcNAQELBQADggEBAFGjODiDcGZ3
8SI3jXOe2WW8UiGtSww3Y03unbI3woVnd1P18aaIfGdSnNygOTirR/Gc016TD4MV
n+lTkQ+ki6Dixk579Bo0kjSTrAtLKJJPOsWuLgF0zAaVC4NgIsaiEPQ/jkBcdR1X
ffr4Fuj/OkYOfQDXMNIFHp6/T3kq2IC+oGcadoiFW/FpF7UquoHR9nCt/doDbYz/
hRBmppweF+1v98oxyAdJWZgNArJ2XQ4zoNLgwprmo1zWGcRUbCShZYpObFmbShZ6
LtTLfBK158ehwxGCA3aywTd9LAInPg/wa+Mpe+HUolnZ8Fb+2fjcr5rURRuge1yS
SsCSf0qx0+k=
-----END CERTIFICATE-----