Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Fvp36djOyvpO2v78PkcewC2HTL4.roa
File:                     Fvp36djOyvpO2v78PkcewC2HTL4.roa (raw, json)
Hash identifier:          O1Cp1rKUVmxsQN81hGHVKCcpukv3O3+PicR5shzWzUU=
Subject key identifier:   16:FA:77:E9:D8:CE:CA:FA:4E:DA:FE:FC:3E:47:1E:C0:2D:87:4C:BE
Certificate issuer:       /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial:       01958E61825CC3629B3F0041037616A8BEB3
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Fvp36djOyvpO2v78PkcewC2HTL4.roa
Signing time:             Thu 13 Mar 2025 07:21:49 +0000
ROA not before:           Thu 13 Mar 2025 07:21:49 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     6079
IP address blocks:        2a06:35c1::/32 maxlen: 32
                          2a0d:8f80::/29 maxlen: 29
                          2a0e:1a86::/32 maxlen: 32
                          2a0e:f500::/29 maxlen: 29
                          2a0f:2100::/29 maxlen: 29
                          2a0f:31c0::/32 maxlen: 32
                          2a0f:dac0::/29 maxlen: 29
                          2a0f:e0c0::/29 maxlen: 29
                          2a10:37c0::/29 maxlen: 29
                          2a13:3380::/29 maxlen: 29
                          2a13:8100::/29 maxlen: 29
Validation:               Failed, certificate revoked on Fri 21 Mar 2025 16:08:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8e:61:82:5c:c3:62:9b:3f:00:41:03:76:16:a8:be:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
        Validity
            Not Before: Mar 13 07:21:49 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=16fa77e9d8cecafa4edafefc3e471ec02d874cbe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:4d:5f:ed:dc:c6:47:bf:49:cc:3f:08:f5:3a:
                    ec:19:f2:b1:d3:89:2b:e7:3d:e3:c1:cf:1a:4c:d9:
                    f1:f2:dd:c8:e5:b4:35:72:fc:5a:b5:ed:0e:76:7a:
                    db:7e:ce:fa:b0:34:65:36:12:fd:6f:0c:a5:b7:a2:
                    5e:bb:8a:36:65:fd:dd:ea:4d:09:ca:9b:6c:00:c9:
                    9d:43:c6:01:5f:32:60:00:63:c6:ec:13:90:03:d0:
                    73:79:37:3c:4b:55:be:0e:c0:ab:73:ea:4c:98:0b:
                    82:f1:f2:42:36:44:9d:f5:9e:ca:c3:f8:ac:ea:95:
                    ed:72:ef:29:1e:f9:e9:96:33:d0:f5:51:fe:fb:ca:
                    2d:22:de:ce:9c:bd:23:7b:fa:02:38:c9:9a:55:92:
                    13:8a:f1:1e:07:34:21:09:6f:cf:1e:ce:51:09:73:
                    1e:85:11:3c:a3:44:80:97:11:8d:78:e6:52:c6:63:
                    14:c9:80:a5:61:ea:13:41:17:33:94:fe:bb:fd:3e:
                    a4:ab:1e:48:c5:05:7a:85:a6:dc:f1:20:17:5a:70:
                    67:82:06:53:85:3f:2c:82:40:fd:9f:b8:55:0c:a1:
                    06:03:ea:b6:9f:17:45:0b:6e:41:fe:5d:81:25:4a:
                    76:59:d9:e1:12:1a:df:d5:c9:cb:f3:21:49:35:62:
                    02:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:FA:77:E9:D8:CE:CA:FA:4E:DA:FE:FC:3E:47:1E:C0:2D:87:4C:BE
            X509v3 Authority Key Identifier:
                keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Fvp36djOyvpO2v78PkcewC2HTL4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:35c1::/32
                  2a0d:8f80::/29
                  2a0e:1a86::/32
                  2a0e:f500::/29
                  2a0f:2100::/29
                  2a0f:31c0::/32
                  2a0f:dac0::/29
                  2a0f:e0c0::/29
                  2a10:37c0::/29
                  2a13:3380::/29
                  2a13:8100::/29

    Signature Algorithm: sha256WithRSAEncryption
         94:c7:3f:99:96:3e:31:53:17:02:23:66:73:96:69:f1:98:44:
         67:d9:e9:a2:d0:99:5c:aa:6d:79:e2:c5:b2:76:ef:33:3b:20:
         10:43:38:d0:55:ba:8f:60:79:d6:ae:24:ae:6a:bf:9d:c8:7e:
         73:03:50:48:84:9b:ad:e2:61:39:f8:e7:5f:c1:d0:13:f1:2f:
         cc:13:ce:90:83:9b:13:d1:fb:b6:db:12:a6:a0:05:05:e8:a1:
         0a:db:88:a0:1e:da:8d:34:22:aa:d7:9c:a3:a8:66:ed:7f:b3:
         e7:d8:5a:26:1b:19:9a:3c:20:55:31:83:95:b9:2d:b0:d9:cc:
         46:cc:67:6b:f3:80:02:82:0d:fc:f0:17:a5:f1:33:ae:ac:7b:
         e6:7c:d6:e4:8d:5f:e4:da:6c:c9:1e:2e:1a:33:3d:0c:73:89:
         34:3e:72:8c:fd:44:c2:8a:3e:3e:e4:0f:c9:df:e5:dd:bf:2d:
         12:0c:92:0e:7c:c7:12:73:b8:3b:24:94:f0:e8:74:f6:af:98:
         5f:f1:7e:b7:b6:c2:42:e6:da:06:9c:71:65:34:96:d8:ee:c2:
         b9:98:1e:80:a2:7f:62:c1:b1:bb:23:68:0b:4a:a4:c4:d6:63:
         6a:64:04:b3:a4:01:d6:b4:93:d3:aa:41:b6:c3:3f:d6:2a:e6:
         82:0d:b6:87
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZWOYYJcw2KbPwBBA3YWqL6zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzEzMDcyMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmZhNzdlOWQ4Y2VjYWZhNGVkYWZlZmMzZTQ3MWVjMDJkODc0Y2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtk1f7dzGR79JzD8I9TrsGfKx04kr
5z3jwc8aTNnx8t3I5bQ1cvxate0Odnrbfs76sDRlNhL9bwylt6Jeu4o2Zf3d6k0J
yptsAMmdQ8YBXzJgAGPG7BOQA9BzeTc8S1W+DsCrc+pMmAuC8fJCNkSd9Z7Kw/is
6pXtcu8pHvnpljPQ9VH++8otIt7OnL0je/oCOMmaVZITivEeBzQhCW/PHs5RCXMe
hRE8o0SAlxGNeOZSxmMUyYClYeoTQRczlP67/T6kqx5IxQV6habc8SAXWnBnggZT
hT8sgkD9n7hVDKEGA+q2nxdFC25B/l2BJUp2WdnhEhrf1cnL8yFJNWICRwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFBb6d+nYzsr6Ttr+/D5HHsAth0y+MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRnZwMzZkak95dnBPMnY3OFBrY2V3QzJIVEw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBTBAIAAjBNAwUAKgY1wQMF
AyoNj4ADBQAqDhqGAwUDKg71AAMFAyoPIQADBQAqDzHAAwUDKg/awAMFAyoP4MAD
BQMqEDfAAwUDKhMzgAMFAyoTgQAwDQYJKoZIhvcNAQELBQADggEBAJTHP5mWPjFT
FwIjZnOWafGYRGfZ6aLQmVyqbXnixbJ27zM7IBBDONBVuo9gedauJK5qv53IfnMD
UEiEm63iYTn451/B0BPxL8wTzpCDmxPR+7bbEqagBQXooQrbiKAe2o00IqrXnKOo
Zu1/s+fYWiYbGZo8IFUxg5W5LbDZzEbMZ2vzgAKCDfzwF6XxM66se+Z81uSNX+Ta
bMkeLhozPQxziTQ+coz9RMKKPj7kD8nf5d2/LRIMkg58xxJzuDsklPDodPavmF/x
fre2wkLm2gaccWU0ltjuwrmYHoCif2LBsbsjaAtKpMTWY2pkBLOkAda0k9OqQbbD
P9Yq5oINtoc=
-----END CERTIFICATE-----