Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/50a4c4-91d1-4311-b67b-e45fa64d4d2d/1/bSw3YJbSScPRDEqllp1SFX74Bgs.roa
File:                     bSw3YJbSScPRDEqllp1SFX74Bgs.roa (raw, json)
Hash identifier:          mlZCCOTOpiRgxMSopvnkhMo8TT+iy9AMORZrNzw/Yvc=
Subject key identifier:   6D:2C:37:60:96:D2:49:C3:D1:0C:4A:A5:96:9D:52:15:7E:F8:06:0B
Certificate issuer:       /CN=edb04a943332768017266f4e5f56c006d98ebbb4
Certificate serial:       0196C510DD1B2A24609BBA2D3D56E22AE712
Authority key identifier: ED:B0:4A:94:33:32:76:80:17:26:6F:4E:5F:56:C0:06:D9:8E:BB:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7bBKlDMydoAXJm9OX1bABtmOu7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/50a4c4-91d1-4311-b67b-e45fa64d4d2d/1/bSw3YJbSScPRDEqllp1SFX74Bgs.roa
Signing time:             Mon 12 May 2025 15:15:38 +0000
ROA not before:           Mon 12 May 2025 15:15:38 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     396253
IP address blocks:        2a03:b8c0:15::/48 maxlen: 48
                          2a03:b8c0:19::/48 maxlen: 48
                          2a03:b8c0:1a::/48 maxlen: 48
                          2a03:b8c0:1b::/48 maxlen: 48
                          2a03:b8c0:1c::/48 maxlen: 48
                          2a03:b8c0:1d::/48 maxlen: 48
                          2a03:b8c0:1e::/48 maxlen: 48
                          2a03:b8c0:20::/48 maxlen: 48
                          2a03:b8c0:21::/48 maxlen: 48
                          2a03:b8c0:22::/48 maxlen: 48
                          2a03:b8c0:23::/48 maxlen: 48
                          2a03:b8c0:24::/48 maxlen: 48
                          2a03:b8c0:25::/48 maxlen: 48
                          2a03:b8c0:29::/48 maxlen: 48
                          2a03:b8c0:2a::/48 maxlen: 48
                          2a03:b8c0:2b::/48 maxlen: 48
                          2a03:b8c0:2c::/48 maxlen: 48
                          2a03:b8c0:2d::/48 maxlen: 48
                          2a03:b8c0:2e::/48 maxlen: 48
Validation:               Failed, certificate revoked on Tue 13 May 2025 14:35:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:10:dd:1b:2a:24:60:9b:ba:2d:3d:56:e2:2a:e7:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=edb04a943332768017266f4e5f56c006d98ebbb4
        Validity
            Not Before: May 12 15:15:38 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=6d2c376096d249c3d10c4aa5969d52157ef8060b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:79:08:10:62:54:ee:6e:99:e3:97:2b:55:8b:
                    a2:9e:8c:25:1e:af:7f:ab:0d:e6:99:ea:e0:ff:51:
                    c2:3d:12:b5:3a:81:d7:8d:b6:19:61:90:ff:82:b0:
                    51:df:20:77:85:f0:07:5a:cd:94:f2:e2:47:c9:e3:
                    44:12:51:d8:d8:47:0f:01:e2:b2:2c:73:a6:17:c2:
                    97:2a:01:e9:a2:f5:d6:b7:93:60:22:71:1f:63:8e:
                    5c:65:08:9e:71:32:19:4d:13:e7:b3:ff:32:fa:45:
                    07:b2:23:d6:ff:45:72:d9:17:c0:63:88:97:05:3e:
                    b4:3c:71:dd:b0:f7:a3:a7:57:0f:60:84:2e:6b:27:
                    8c:12:99:a5:db:51:a9:42:a5:7f:63:b1:80:b2:5b:
                    fa:aa:2e:a4:35:89:cf:8d:c6:4b:06:92:01:8c:67:
                    ad:8a:ee:38:dc:22:14:a7:7a:1a:fd:7f:10:03:ce:
                    93:87:dc:43:12:09:0b:02:b0:eb:1c:c6:ef:08:1e:
                    42:64:80:9d:82:1f:c8:94:a4:6b:08:19:b7:b5:24:
                    d0:74:aa:d2:8e:a0:d8:35:f1:9a:d7:08:0b:ab:6c:
                    74:d7:1a:57:9c:97:de:7b:ef:d4:b0:72:90:44:93:
                    f0:98:a8:0a:28:19:c4:ef:59:71:98:36:bf:7d:b9:
                    93:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:2C:37:60:96:D2:49:C3:D1:0C:4A:A5:96:9D:52:15:7E:F8:06:0B
            X509v3 Authority Key Identifier:
                keyid:ED:B0:4A:94:33:32:76:80:17:26:6F:4E:5F:56:C0:06:D9:8E:BB:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7bBKlDMydoAXJm9OX1bABtmOu7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/50a4c4-91d1-4311-b67b-e45fa64d4d2d/1/bSw3YJbSScPRDEqllp1SFX74Bgs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/50a4c4-91d1-4311-b67b-e45fa64d4d2d/1/7bBKlDMydoAXJm9OX1bABtmOu7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a03:b8c0:15::/48
                  2a03:b8c0:19::-2a03:b8c0:1e:ffff:ffff:ffff:ffff:ffff
                  2a03:b8c0:20::-2a03:b8c0:25:ffff:ffff:ffff:ffff:ffff
                  2a03:b8c0:29::-2a03:b8c0:2e:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         52:92:c0:60:af:79:42:a9:e7:1a:84:67:69:5a:9e:65:4d:50:
         62:0d:83:63:43:71:a3:2d:af:31:a5:cc:db:02:9d:0c:6f:a1:
         ff:02:bf:a0:73:d0:43:af:a9:a6:cc:c0:a1:95:1d:45:3e:17:
         4d:f5:39:fe:47:bf:ef:6d:89:47:8f:7b:ea:32:94:92:ec:19:
         af:ee:b6:8d:79:83:01:43:0f:db:4e:3f:0a:0a:af:a0:2e:4a:
         4b:7a:c5:c1:c9:af:67:86:06:d6:1e:7d:38:e2:48:fd:5d:3a:
         1f:c5:fb:0b:4c:f7:23:7f:4a:0a:db:52:14:d5:df:f7:44:6a:
         ca:6e:2f:71:8c:4b:50:b6:87:8c:5d:fd:bb:c0:85:bb:3b:88:
         ab:98:22:f8:50:32:c6:ae:60:34:90:48:c8:ff:a0:62:64:1e:
         1c:a7:74:7a:dc:36:dc:e9:27:11:c9:dd:0a:a5:89:0a:98:e6:
         57:c0:7f:ef:c0:29:3e:45:2b:7e:17:a5:b5:d9:6f:1d:d7:dc:
         e4:2b:36:21:1f:16:3f:b3:f0:77:7d:96:f0:f5:0a:96:18:83:
         e4:27:05:57:98:ff:4d:aa:2d:d1:97:56:c0:89:98:77:3c:5b:
         74:81:2c:84:a4:bf:1e:b5:2c:a3:4a:8e:5f:9b:4e:bf:99:96:
         be:81:97:88
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZbFEN0bKiRgm7otPVbiKucSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYjA0YTk0MzMzMjc2ODAxNzI2NmY0ZTVmNTZjMDA2ZDk4
ZWJiYjQwHhcNMjUwNTEyMTUxNTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDJjMzc2MDk2ZDI0OWMzZDEwYzRhYTU5NjlkNTIxNTdlZjgwNjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3kIEGJU7m6Z45crVYuinowlHq9/
qw3mmerg/1HCPRK1OoHXjbYZYZD/grBR3yB3hfAHWs2U8uJHyeNEElHY2EcPAeKy
LHOmF8KXKgHpovXWt5NgInEfY45cZQiecTIZTRPns/8y+kUHsiPW/0Vy2RfAY4iX
BT60PHHdsPejp1cPYIQuayeMEpml21GpQqV/Y7GAslv6qi6kNYnPjcZLBpIBjGet
iu443CIUp3oa/X8QA86Th9xDEgkLArDrHMbvCB5CZICdgh/IlKRrCBm3tSTQdKrS
jqDYNfGa1wgLq2x01xpXnJfee+/UsHKQRJPwmKgKKBnE71lxmDa/fbmTiQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFG0sN2CW0knD0QxKpZadUhV++AYLMB8GA1UdIwQY
MBaAFO2wSpQzMnaAFyZvTl9WwAbZjru0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2JCS2xETXlkb0FYSm05T1gxYkFCdG1PdTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC81MGE0YzQtOTFkMS00MzExLWI2N2It
ZTQ1ZmE2NGQ0ZDJkLzEvYlN3M1lKYlNTY1BSREVxbGxwMVNGWDc0QmdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC81MGE0YzQtOTFkMS00MzExLWI2N2ItZTQ1ZmE2NGQ0ZDJk
LzEvN2JCS2xETXlkb0FYSm05T1gxYkFCdG1PdTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTBLBAIAAjBFAwcAKgO4wAAV
MBIDBwAqA7jAABkDBwAqA7jAAB4wEgMHBSoDuMAAIAMHASoDuMAAJDASAwcAKgO4
wAApAwcAKgO4wAAuMA0GCSqGSIb3DQEBCwUAA4IBAQBSksBgr3lCqecahGdpWp5l
TVBiDYNjQ3GjLa8xpczbAp0Mb6H/Ar+gc9BDr6mmzMChlR1FPhdN9Tn+R7/vbYlH
j3vqMpSS7Bmv7raNeYMBQw/bTj8KCq+gLkpLesXBya9nhgbWHn044kj9XTofxfsL
TPcjf0oK21IU1d/3RGrKbi9xjEtQtoeMXf27wIW7O4irmCL4UDLGrmA0kEjI/6Bi
ZB4cp3R63Dbc6ScRyd0KpYkKmOZXwH/vwCk+RSt+F6W12W8d19zkKzYhHxY/s/B3
fZbw9QqWGIPkJwVXmP9Nqi3Rl1bAiZh3PFt0gSyEpL8etSyjSo5fm06/mZa+gZeI
-----END CERTIFICATE-----