Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/G4iPzro2PJFz5vShYkcwqDq5LSI.roa
File:                     G4iPzro2PJFz5vShYkcwqDq5LSI.roa (raw, json)
Hash identifier:          LWc9mCgcDWF2KpiwtcWVVFdJQBV3kxld6fCVJb48UeE=
Subject key identifier:   1B:88:8F:CE:BA:36:3C:91:73:E6:F4:A1:62:47:30:A8:3A:B9:2D:22
Certificate issuer:       /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial:       0192B0974785445D4F4E507CCD5378EF39AD
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/G4iPzro2PJFz5vShYkcwqDq5LSI.roa
Signing time:             Mon 21 Oct 2024 19:39:17 +0000
ROA not before:           Mon 21 Oct 2024 19:39:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     7018
IP address blocks:        2a11:fc00::/29 maxlen: 29
Validation:               Failed, certificate revoked on Mon 21 Oct 2024 19:52:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:b0:97:47:85:44:5d:4f:4e:50:7c:cd:53:78:ef:39:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
        Validity
            Not Before: Oct 21 19:39:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1b888fceba363c9173e6f4a1624730a83ab92d22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:2a:47:ce:09:07:46:d6:40:4c:48:a6:25:0b:
                    11:58:1a:57:ab:3b:02:66:fc:8a:23:05:f6:be:c2:
                    4d:76:d5:11:1a:48:8e:4a:41:0f:ef:bb:e8:d4:b9:
                    97:bd:04:d4:7a:a7:c0:27:28:d4:4d:88:75:40:d5:
                    ff:76:78:0a:49:66:b3:3f:3d:8d:36:b5:0a:d8:f8:
                    52:a8:4b:04:dd:5d:6b:fb:fc:af:23:1b:55:3f:ea:
                    fd:ea:3d:7c:1e:81:39:23:73:71:b8:e9:20:19:50:
                    bd:d3:d8:78:2b:82:92:8f:1f:e6:09:cd:41:ad:a8:
                    61:4d:c1:33:d0:42:2f:4d:f6:ed:00:27:93:4b:bd:
                    cf:80:fa:65:97:6c:71:ac:eb:a8:55:ba:93:b5:fc:
                    56:59:1f:71:cb:69:f1:a2:ac:2f:d7:a4:d9:43:ca:
                    fe:e5:af:5c:50:25:a8:a6:cd:cb:ab:3a:28:c6:51:
                    2d:b9:a7:d2:48:54:9d:35:4e:1d:40:6d:4e:b8:36:
                    cd:82:db:07:1d:32:e1:81:19:76:95:1c:8e:a2:0d:
                    50:29:7d:2f:41:38:b6:a7:ba:b3:89:68:0d:3b:89:
                    65:fa:e2:78:03:74:8a:45:0e:34:09:43:ed:f3:cb:
                    7c:7a:45:24:af:b3:6a:be:5e:1b:86:f8:3a:cb:3a:
                    d3:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:88:8F:CE:BA:36:3C:91:73:E6:F4:A1:62:47:30:A8:3A:B9:2D:22
            X509v3 Authority Key Identifier:
                keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/G4iPzro2PJFz5vShYkcwqDq5LSI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:fc00::/29

    Signature Algorithm: sha256WithRSAEncryption
         48:1e:75:55:01:c8:86:ae:20:e9:51:1c:c0:cf:ca:bc:26:f5:
         6b:64:52:8b:53:b8:1a:81:fc:76:47:99:c2:fa:91:65:cd:45:
         5a:6c:af:8b:72:b1:88:73:6a:a8:0d:69:29:bb:12:a5:14:20:
         08:81:1c:49:2d:12:27:87:98:59:ae:e7:a8:fc:67:45:36:63:
         2f:5a:21:ee:44:7c:20:19:5e:76:6e:11:e9:c1:cb:9c:dc:69:
         1e:fe:fc:4a:3a:b3:56:60:a0:50:e2:4f:f8:ec:30:28:f2:10:
         65:a4:44:aa:30:52:cc:ef:14:5f:58:9e:e2:4e:86:55:7c:05:
         ae:7b:31:88:f2:f7:e2:fa:10:52:82:7e:9a:87:88:d0:40:cf:
         3b:11:1f:49:0c:d7:e3:50:46:9d:c0:18:37:79:03:aa:0e:9c:
         6b:98:95:89:45:b9:57:43:5f:4c:f8:af:4b:fa:e9:3b:c0:ea:
         96:f2:3f:a3:72:88:d9:85:95:80:88:4f:f6:c0:da:33:a8:46:
         86:2c:c5:01:ff:1c:17:3f:51:b6:08:7b:28:21:b9:f7:f1:62:
         8b:ff:58:6d:76:be:25:05:33:7a:12:6c:5b:db:36:f4:54:da:
         18:2c:4f:49:21:82:57:f7:53:51:57:c7:a9:35:22:fb:83:2c:
         4c:57:48:49
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZKwl0eFRF1PTlB8zVN47zmtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQxMDIxMTkzOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjg4OGZjZWJhMzYzYzkxNzNlNmY0YTE2MjQ3MzBhODNhYjkyZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAripHzgkHRtZATEimJQsRWBpXqzsC
ZvyKIwX2vsJNdtURGkiOSkEP77vo1LmXvQTUeqfAJyjUTYh1QNX/dngKSWazPz2N
NrUK2PhSqEsE3V1r+/yvIxtVP+r96j18HoE5I3NxuOkgGVC909h4K4KSjx/mCc1B
rahhTcEz0EIvTfbtACeTS73PgPpll2xxrOuoVbqTtfxWWR9xy2nxoqwv16TZQ8r+
5a9cUCWops3LqzooxlEtuafSSFSdNU4dQG1OuDbNgtsHHTLhgRl2lRyOog1QKX0v
QTi2p7qziWgNO4ll+uJ4A3SKRQ40CUPt88t8ekUkr7Nqvl4bhvg6yzrTAwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBuIj866NjyRc+b0oWJHMKg6uS0iMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvRzRpUHpybzJQSkZ6NXZTaFlrY3dxRHE1TFNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhH8ADAN
BgkqhkiG9w0BAQsFAAOCAQEASB51VQHIhq4g6VEcwM/KvCb1a2RSi1O4GoH8dkeZ
wvqRZc1FWmyvi3KxiHNqqA1pKbsSpRQgCIEcSS0SJ4eYWa7nqPxnRTZjL1oh7kR8
IBledm4R6cHLnNxpHv78SjqzVmCgUOJP+OwwKPIQZaREqjBSzO8UX1ie4k6GVXwF
rnsxiPL34voQUoJ+moeI0EDPOxEfSQzX41BGncAYN3kDqg6ca5iViUW5V0NfTPiv
S/rpO8DqlvI/o3KI2YWVgIhP9sDaM6hGhizFAf8cFz9Rtgh7KCG59/Fii/9YbXa+
JQUzehJsW9s29FTaGCxPSSGCV/dTUVfHqTUi+4MsTFdISQ==
-----END CERTIFICATE-----
Generated at Tue Jun 10 23:15:58 2025 by rpki-client