Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/1yvlxjoWQ8s63Jj3Mv1iNdi4Arc.roa
File:                     1yvlxjoWQ8s63Jj3Mv1iNdi4Arc.roa (raw, json)
Hash identifier:          MOy7d5+wFL+tLrPbv3lCHm3NrqI3/sdgf/8TuAux8HU=
Subject key identifier:   D7:2B:E5:C6:3A:16:43:CB:3A:DC:98:F7:32:FD:62:35:D8:B8:02:B7
Certificate issuer:       /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial:       0197440E00CE35CF891E063CC978DEB5E929
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/1yvlxjoWQ8s63Jj3Mv1iNdi4Arc.roa
Signing time:             Fri 06 Jun 2025 07:04:17 +0000
ROA not before:           Fri 06 Jun 2025 07:04:17 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     0
IP address blocks:        2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
                          2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
                          2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
                          2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
                          2001:67c:64:ffff:0:197:440d:fa93/128 maxlen: 128
Validation:               Failed, certificate revoked on Fri 06 Jun 2025 07:14:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:44:0e:00:ce:35:cf:89:1e:06:3c:c9:78:de:b5:e9:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
        Validity
            Not Before: Jun  6 07:04:17 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=d72be5c63a1643cb3adc98f732fd6235d8b802b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:53:5a:54:43:08:22:4b:78:55:98:91:9a:23:
                    7d:3f:e1:aa:66:eb:8f:b8:61:d6:ea:9a:32:d3:6d:
                    a9:30:0e:fb:e6:d0:8c:fe:42:7d:e1:60:89:b0:c3:
                    02:0d:45:5b:87:c9:96:37:1e:fb:72:e3:88:e8:f4:
                    8d:94:62:d5:0a:c6:4f:54:ea:60:e1:43:fa:98:eb:
                    f2:27:83:f1:8f:e8:88:87:8b:1d:e7:04:51:33:58:
                    61:1c:d2:fb:2e:64:89:99:f7:9c:dd:cb:83:18:75:
                    47:a4:7c:54:b4:d3:5c:f0:c7:0f:a3:0b:11:34:f3:
                    79:0a:84:f7:22:7e:1c:f9:7a:9d:3e:55:0f:17:d8:
                    49:9f:11:93:1b:28:05:ad:8f:85:cf:e6:2d:58:8b:
                    77:34:93:de:5d:d8:e9:23:f5:29:03:ae:14:39:e1:
                    fe:7c:eb:c1:d7:b7:4e:dc:95:67:54:8e:fa:2c:11:
                    0b:a7:14:18:05:55:13:62:cd:74:b6:d6:88:2b:1e:
                    f2:20:d3:ad:59:94:03:64:d2:bb:d4:0a:d0:46:b6:
                    0a:f7:9e:cc:ae:9a:2f:48:f0:98:ca:7c:64:aa:9f:
                    e9:6c:8e:6c:65:f7:7c:b0:bb:b8:48:ed:06:c9:6a:
                    f2:2e:e7:27:38:3c:16:e2:1d:35:25:b4:2a:97:ca:
                    48:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:2B:E5:C6:3A:16:43:CB:3A:DC:98:F7:32:FD:62:35:D8:B8:02:B7
            X509v3 Authority Key Identifier:
                keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/1yvlxjoWQ8s63Jj3Mv1iNdi4Arc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:64:ffff:0:196:ed5d:8c28/128
                  2001:67c:64:ffff:0:197:108e:927e/128
                  2001:67c:64:ffff:0:197:15eb:6226/128
                  2001:67c:64:ffff:0:197:353f:be91/128
                  2001:67c:64:ffff:0:197:440d:fa93/128

    Signature Algorithm: sha256WithRSAEncryption
         bb:eb:67:68:6d:9e:65:4c:a4:02:8c:b2:41:88:70:56:bd:75:
         6c:a9:21:99:55:08:2c:b9:73:c1:0e:b7:94:0c:aa:8f:79:23:
         5b:4a:3f:b6:9d:3e:88:f3:a0:87:41:5a:b5:2c:dd:ba:bd:85:
         9f:f0:6f:c3:5a:97:0a:51:b9:80:c1:b4:2e:af:6d:c2:52:07:
         a0:a5:9b:1a:6f:a0:7f:5a:f4:f5:d7:03:b5:3a:fa:ad:fc:3c:
         91:45:cb:d5:99:2c:7e:4a:0f:f5:7a:2f:b9:0b:2f:36:14:64:
         62:07:04:29:09:9c:06:7e:c2:54:6f:0d:e8:86:81:34:01:a6:
         9b:e2:6d:97:c1:3c:37:31:7d:98:f1:f1:cb:99:c2:8f:f4:b4:
         ef:44:0e:fa:73:43:a5:91:91:e6:37:bb:d0:dd:cc:82:d6:f1:
         08:a5:d2:b9:d2:54:45:d5:2c:55:d3:93:b7:c5:d2:4e:db:cd:
         d8:6e:77:e3:79:84:cc:18:8e:f4:ee:b0:92:fa:03:2c:8f:63:
         06:03:ac:24:92:18:6e:72:8f:be:28:0b:df:ce:c9:30:72:98:
         b6:09:9a:ec:28:6c:c4:5b:1c:b3:19:0c:6b:2c:74:d0:3e:e3:
         34:f5:47:58:d6:ae:2f:30:1a:33:7d:d0:54:6e:68:ec:80:14:
         6f:b9:f3:6d
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZdEDgDONc+JHgY8yXjetekpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA2MDcwNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzJiZTVjNjNhMTY0M2NiM2FkYzk4ZjczMmZkNjIzNWQ4YjgwMmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFNaVEMIIkt4VZiRmiN9P+GqZuuP
uGHW6poy022pMA775tCM/kJ94WCJsMMCDUVbh8mWNx77cuOI6PSNlGLVCsZPVOpg
4UP6mOvyJ4Pxj+iIh4sd5wRRM1hhHNL7LmSJmfec3cuDGHVHpHxUtNNc8McPowsR
NPN5CoT3In4c+XqdPlUPF9hJnxGTGygFrY+Fz+YtWIt3NJPeXdjpI/UpA64UOeH+
fOvB17dO3JVnVI76LBELpxQYBVUTYs10ttaIKx7yINOtWZQDZNK71ArQRrYK957M
rpovSPCYynxkqp/pbI5sZfd8sLu4SO0GyWryLucnODwW4h01JbQql8pIrwIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFNcr5cY6FkPLOtyY9zL9YjXYuAK3MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvMXl2bHhqb1dROHM2M0pqM012MWlOZGk0QXJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBlBAIAAjBfAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kQMRACABBnwAZP//AAABl0QN+pMwDQYJKoZIhvcN
AQELBQADggEBALvrZ2htnmVMpAKMskGIcFa9dWypIZlVCCy5c8EOt5QMqo95I1tK
P7adPojzoIdBWrUs3bq9hZ/wb8NalwpRuYDBtC6vbcJSB6ClmxpvoH9a9PXXA7U6
+q38PJFFy9WZLH5KD/V6L7kLLzYUZGIHBCkJnAZ+wlRvDeiGgTQBppvibZfBPDcx
fZjx8cuZwo/0tO9EDvpzQ6WRkeY3u9DdzILW8Qil0rnSVEXVLFXTk7fF0k7bzdhu
d+N5hMwYjvTusJL6AyyPYwYDrCSSGG5yj74oC9/OyTBymLYJmuwobMRbHLMZDGss
dNA+4zT1R1jWri8wGjN90FRuaOyAFG+5820=
-----END CERTIFICATE-----