Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/6n7TUxYvNKQWavb3atbNpav32yA.roa
File:                     6n7TUxYvNKQWavb3atbNpav32yA.roa (raw, json)
Hash identifier:          xigdygp0VGE6hBTr6rmeV6spV0jqfoUKAP1firItDDg=
Subject key identifier:   EA:7E:D3:53:16:2F:34:A4:16:6A:F6:F7:6A:D6:CD:A5:AB:F7:DB:20
Certificate issuer:       /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial:       0192E34D38320E50B9439F0C5184742CA8E7
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/6n7TUxYvNKQWavb3atbNpav32yA.roa
Signing time:             Thu 31 Oct 2024 15:59:01 +0000
ROA not before:           Thu 31 Oct 2024 15:59:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     214610
IP address blocks:        2a0f:7803:f7c0::/44 maxlen: 48
                          2a0f:7803:f7d0::/44 maxlen: 48
                          2a0f:7803:f7e0::/44 maxlen: 48
                          2a0f:7803:f7f0::/44 maxlen: 48
                          2a0f:7803:f800::/44 maxlen: 48
                          2a0f:7803:f810::/44 maxlen: 48
                          2a0f:7803:f840::/44 maxlen: 48
                          2a0f:7803:f860::/44 maxlen: 48
                          2a0f:7803:f8b0::/44 maxlen: 48
                          2a0f:7803:f970::/44 maxlen: 48
Validation:               Failed, certificate revoked on Tue 05 Nov 2024 09:12:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:e3:4d:38:32:0e:50:b9:43:9f:0c:51:84:74:2c:a8:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
        Validity
            Not Before: Oct 31 15:59:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ea7ed353162f34a4166af6f76ad6cda5abf7db20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:a4:f7:f5:76:2a:20:a6:ea:d1:53:d8:85:3b:
                    fb:7a:e1:82:e8:85:b0:35:bd:21:d6:24:89:ef:9f:
                    e5:8a:49:bf:b6:bc:47:83:fd:94:9b:4c:fa:30:bf:
                    43:29:07:f8:79:08:b0:91:31:5b:c7:d2:e0:a1:65:
                    07:27:ef:62:d7:99:7d:ce:3a:a5:15:f2:c6:63:45:
                    aa:e3:e0:3e:7e:62:1e:ac:9a:81:7c:01:ab:ae:d8:
                    f5:f6:7f:ad:15:6b:5d:14:48:b5:88:e3:21:fb:b3:
                    19:75:75:53:c6:fb:69:27:e0:02:37:d2:48:d2:7f:
                    2a:cc:38:f5:61:a4:27:fd:06:fd:5f:6c:fe:5b:04:
                    1e:5b:36:d6:48:e6:29:86:0d:84:4f:9b:38:fe:2b:
                    c0:d5:3a:3e:4c:0e:50:0f:0f:ef:df:83:80:a3:90:
                    64:95:91:8e:23:9d:67:40:9e:68:d4:8a:f2:c9:ef:
                    c9:52:60:8f:66:c6:d1:38:fd:ba:c3:e3:f9:39:d1:
                    99:cb:77:06:6d:47:78:ff:06:78:0a:c9:a4:d8:89:
                    24:b2:fa:ea:7b:12:a9:96:e0:38:dc:4e:40:51:6f:
                    3e:84:23:1f:5f:81:52:46:a8:25:a2:5c:3a:a5:36:
                    d1:a3:11:25:ad:67:35:ec:16:bf:90:f5:a9:03:32:
                    cf:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:7E:D3:53:16:2F:34:A4:16:6A:F6:F7:6A:D6:CD:A5:AB:F7:DB:20
            X509v3 Authority Key Identifier:
                keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/6n7TUxYvNKQWavb3atbNpav32yA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:7803:f7c0::-2a0f:7803:f81f:ffff:ffff:ffff:ffff:ffff
                  2a0f:7803:f840::/44
                  2a0f:7803:f860::/44
                  2a0f:7803:f8b0::/44
                  2a0f:7803:f970::/44

    Signature Algorithm: sha256WithRSAEncryption
         82:a3:da:09:44:32:4d:7d:a6:a8:97:20:86:db:91:cb:05:13:
         e6:eb:00:f3:ec:4f:2b:55:27:6a:2c:c9:db:84:66:e8:14:c4:
         3d:5d:45:dc:08:4d:a3:1a:69:c4:4f:3f:21:dd:1c:db:2b:17:
         72:8c:42:73:5d:b5:94:93:5a:1e:ce:30:f5:f5:6e:cb:8f:f9:
         2d:cd:b5:87:f8:60:e2:56:a5:11:3c:56:a3:8d:5f:eb:79:e8:
         34:87:e8:4e:2e:d5:a1:13:73:11:85:19:4a:8c:e2:80:50:1c:
         94:5c:3f:d0:da:1a:08:c6:76:18:4a:2e:c6:af:81:93:82:15:
         60:22:62:4c:69:4b:a3:42:62:98:89:5e:db:8c:f8:07:f4:86:
         b7:e7:dd:6b:6f:91:64:96:b9:5c:60:db:66:fe:4c:ca:76:16:
         ff:83:e9:1d:c5:67:27:f0:96:fd:08:d0:18:d1:bc:da:6a:d4:
         19:28:ac:dd:93:47:ca:cc:be:1c:e4:23:47:28:23:4f:c4:fc:
         fb:b2:cf:dc:2c:53:8e:90:77:75:4c:2c:d8:f6:26:c5:52:58:
         4b:56:31:26:c3:b3:98:89:e5:e2:a2:35:6c:57:08:48:5a:77:
         66:2e:01:37:ec:00:7e:02:1a:db:c5:26:ce:00:79:b2:c7:dd:
         6f:a8:23:2d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZLjTTgyDlC5Q58MUYR0LKjnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjQxMDMxMTU1OTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTdlZDM1MzE2MmYzNGE0MTY2YWY2Zjc2YWQ2Y2RhNWFiZjdkYjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKT39XYqIKbq0VPYhTv7euGC6IWw
Nb0h1iSJ75/likm/trxHg/2Um0z6ML9DKQf4eQiwkTFbx9LgoWUHJ+9i15l9zjql
FfLGY0Wq4+A+fmIerJqBfAGrrtj19n+tFWtdFEi1iOMh+7MZdXVTxvtpJ+ACN9JI
0n8qzDj1YaQn/Qb9X2z+WwQeWzbWSOYphg2ET5s4/ivA1To+TA5QDw/v34OAo5Bk
lZGOI51nQJ5o1Iryye/JUmCPZsbROP26w+P5OdGZy3cGbUd4/wZ4Csmk2Ikksvrq
exKpluA43E5AUW8+hCMfX4FSRqglolw6pTbRoxElrWc17Ba/kPWpAzLPJwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFOp+01MWLzSkFmr292rWzaWr99sgMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvNm43VFV4WXZOS1FXYXZiM2F0Yk5wYXYzMnlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4MBIDBwYqD3gD
98ADBwUqD3gD+AADBwQqD3gD+EADBwQqD3gD+GADBwQqD3gD+LADBwQqD3gD+XAw
DQYJKoZIhvcNAQELBQADggEBAIKj2glEMk19pqiXIIbbkcsFE+brAPPsTytVJ2os
yduEZugUxD1dRdwITaMaacRPPyHdHNsrF3KMQnNdtZSTWh7OMPX1bsuP+S3NtYf4
YOJWpRE8VqONX+t56DSH6E4u1aETcxGFGUqM4oBQHJRcP9DaGgjGdhhKLsavgZOC
FWAiYkxpS6NCYpiJXtuM+Af0hrfn3WtvkWSWuVxg22b+TMp2Fv+D6R3FZyfwlv0I
0BjRvNpq1BkorN2TR8rMvhzkI0coI0/E/Puyz9wsU46Qd3VMLNj2JsVSWEtWMSbD
s5iJ5eKiNWxXCEhad2YuATfsAH4CGtvFJs4AebLH3W+oIy0=
-----END CERTIFICATE-----