Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/9c5f06-59a7-4588-ac28-efd20f6c2ec3/1/Wfp8G5KTO3LfriCjtYO9UubFiT8.roa
File:                     Wfp8G5KTO3LfriCjtYO9UubFiT8.roa (raw, json)
Hash identifier:          0uX5dd18zWOnIn8iaD+2zsOnnsof8RZBmix1cFfYc/M=
Subject key identifier:   59:FA:7C:1B:92:93:3B:72:DF:AE:20:A3:B5:83:BD:52:E6:C5:89:3F
Certificate issuer:       /CN=334f9f83d2d74c0c0fd00da735578f737dd7da03
Certificate serial:       0196E9A55BE8AEC1CC6E2DB2C61F56E9C3E2
Authority key identifier: 33:4F:9F:83:D2:D7:4C:0C:0F:D0:0D:A7:35:57:8F:73:7D:D7:DA:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M0-fg9LXTAwP0A2nNVePc33X2gM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/9c5f06-59a7-4588-ac28-efd20f6c2ec3/1/Wfp8G5KTO3LfriCjtYO9UubFiT8.roa
Signing time:             Mon 19 May 2025 17:44:10 +0000
ROA not before:           Mon 19 May 2025 17:44:10 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     16276
IP address blocks:        2a12:5340:8::/48 maxlen: 48
Validation:               Failed, certificate revoked on Fri 06 Jun 2025 17:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:e9:a5:5b:e8:ae:c1:cc:6e:2d:b2:c6:1f:56:e9:c3:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=334f9f83d2d74c0c0fd00da735578f737dd7da03
        Validity
            Not Before: May 19 17:44:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=59fa7c1b92933b72dfae20a3b583bd52e6c5893f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:4d:2e:3f:d8:4b:76:6e:04:e4:96:e2:a3:cf:
                    cb:e5:f5:00:15:cf:6d:74:56:a1:36:e9:66:33:4a:
                    b0:da:05:24:28:00:bd:5b:b3:ae:68:87:f6:c6:82:
                    b5:7b:ce:cc:e7:3e:79:e2:f2:59:f6:13:13:e8:ee:
                    b0:69:08:f8:a5:00:78:d5:c5:09:76:3d:9e:b1:a6:
                    08:cc:7b:a5:15:d4:73:0a:41:56:0c:c1:96:2e:2e:
                    d7:05:fd:35:2e:7e:62:6b:d8:a6:d2:01:f0:ae:6c:
                    1a:cf:a4:59:2e:d7:44:5f:0c:97:a1:fc:c6:ac:53:
                    b9:7d:d5:05:5c:d4:20:39:35:fa:93:1f:5b:44:3e:
                    e7:0b:88:0e:4d:6b:67:d0:6d:a6:21:2a:ba:d1:a1:
                    a5:2a:68:b0:4e:5b:22:6e:3d:aa:d2:4c:a7:c1:20:
                    da:6a:e4:a9:05:01:6c:89:2e:ec:cb:d5:e9:40:df:
                    b8:56:c3:18:27:62:78:83:03:88:84:0f:88:1c:2d:
                    10:23:22:73:a0:f5:43:40:a7:f0:71:f3:bb:74:82:
                    7f:e3:04:47:bd:84:87:ee:76:bc:3f:9c:6d:e5:e0:
                    b0:34:64:f2:09:61:f4:b0:53:43:8f:5a:1b:7e:e6:
                    00:c7:dc:48:02:df:03:7b:74:47:b0:4e:7a:49:88:
                    d3:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:FA:7C:1B:92:93:3B:72:DF:AE:20:A3:B5:83:BD:52:E6:C5:89:3F
            X509v3 Authority Key Identifier:
                keyid:33:4F:9F:83:D2:D7:4C:0C:0F:D0:0D:A7:35:57:8F:73:7D:D7:DA:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M0-fg9LXTAwP0A2nNVePc33X2gM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9c5f06-59a7-4588-ac28-efd20f6c2ec3/1/Wfp8G5KTO3LfriCjtYO9UubFiT8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9c5f06-59a7-4588-ac28-efd20f6c2ec3/1/M0-fg9LXTAwP0A2nNVePc33X2gM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:5340:8::/48

    Signature Algorithm: sha256WithRSAEncryption
         6c:11:2d:92:cd:7e:89:58:f0:79:6f:e9:95:e6:d2:20:be:ce:
         b6:fd:89:57:14:ba:ea:b4:8b:fa:a9:14:e1:3e:1d:e0:65:00:
         ac:9b:88:cf:a3:de:00:13:5c:c6:32:96:58:75:80:89:65:1f:
         2e:b4:76:ed:5b:36:80:b5:24:f9:b5:67:dd:2d:c0:38:28:ee:
         d6:e3:d4:42:aa:3b:45:a5:40:27:58:16:49:04:22:1d:19:b0:
         e1:a2:91:2f:c8:db:aa:d4:9d:00:39:0c:df:8b:8b:99:3b:94:
         8a:a6:3f:56:c0:1f:24:55:25:ce:ad:92:64:7f:07:1d:1a:4d:
         5a:7b:d2:df:0e:2a:8b:5d:49:a7:65:8c:c0:e9:9a:52:29:cc:
         b5:a6:dd:71:c2:bf:ad:b4:16:a4:0d:9c:92:be:51:fc:bd:43:
         b0:1e:12:65:24:e8:14:8e:cc:9a:67:fa:bb:81:1e:18:f3:1a:
         96:63:3d:28:87:0e:7a:b2:ac:d5:39:67:90:b9:34:bc:38:aa:
         9d:20:3e:b0:61:c9:b6:ce:a1:1f:5a:e6:48:3f:89:33:f1:3a:
         b7:80:76:d1:8f:7e:02:61:8d:f3:11:f4:db:c6:1f:6c:26:fb:
         ff:23:0c:e6:13:b1:a9:94:86:77:ee:7b:7b:11:38:b3:66:b3:
         64:ce:7b:3d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZbppVvorsHMbi2yxh9W6cPiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNGY5ZjgzZDJkNzRjMGMwZmQwMGRhNzM1NTc4ZjczN2Rk
N2RhMDMwHhcNMjUwNTE5MTc0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWZhN2MxYjkyOTMzYjcyZGZhZTIwYTNiNTgzYmQ1MmU2YzU4OTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk00uP9hLdm4E5Jbio8/L5fUAFc9t
dFahNulmM0qw2gUkKAC9W7OuaIf2xoK1e87M5z554vJZ9hMT6O6waQj4pQB41cUJ
dj2esaYIzHulFdRzCkFWDMGWLi7XBf01Ln5ia9im0gHwrmwaz6RZLtdEXwyXofzG
rFO5fdUFXNQgOTX6kx9bRD7nC4gOTWtn0G2mISq60aGlKmiwTlsibj2q0kynwSDa
auSpBQFsiS7sy9XpQN+4VsMYJ2J4gwOIhA+IHC0QIyJzoPVDQKfwcfO7dIJ/4wRH
vYSH7na8P5xt5eCwNGTyCWH0sFNDj1obfuYAx9xIAt8De3RHsE56SYjTNQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFn6fBuSkzty364go7WDvVLmxYk/MB8GA1UdIwQY
MBaAFDNPn4PS10wMD9ANpzVXj3N919oDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTAtZmc5TFhUQXdQMEEybk5WZVBjMzNYMmdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85YzVmMDYtNTlhNy00NTg4LWFjMjgt
ZWZkMjBmNmMyZWMzLzEvV2ZwOEc1S1RPM0xmcmlDanRZTzlVdWJGaVQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85YzVmMDYtNTlhNy00NTg4LWFjMjgtZWZkMjBmNmMyZWMz
LzEvTTAtZmc5TFhUQXdQMEEybk5WZVBjMzNYMmdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhJTQAAI
MA0GCSqGSIb3DQEBCwUAA4IBAQBsES2SzX6JWPB5b+mV5tIgvs62/YlXFLrqtIv6
qRThPh3gZQCsm4jPo94AE1zGMpZYdYCJZR8utHbtWzaAtST5tWfdLcA4KO7W49RC
qjtFpUAnWBZJBCIdGbDhopEvyNuq1J0AOQzfi4uZO5SKpj9WwB8kVSXOrZJkfwcd
Gk1ae9LfDiqLXUmnZYzA6ZpSKcy1pt1xwr+ttBakDZySvlH8vUOwHhJlJOgUjsya
Z/q7gR4Y8xqWYz0ohw56sqzVOWeQuTS8OKqdID6wYcm2zqEfWuZIP4kz8Tq3gHbR
j34CYY3zEfTbxh9sJvv/IwzmE7GplIZ37nt7ETizZrNkzns9
-----END CERTIFICATE-----
Generated at Mon Jun 9 16:39:59 2025 by rpki-client