Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/jJDX5BH3xXIn_By--tax-YB0pqU.roa
File:                     jJDX5BH3xXIn_By--tax-YB0pqU.roa (raw, json)
Hash identifier:          wWl0+/aRkuMgE+nQID2JE2Aj3r6h8GHK5fmPEw0tgOE=
Subject key identifier:   8C:90:D7:E4:11:F7:C5:72:27:FC:1C:BE:FA:D6:B1:F9:80:74:A6:A5
Certificate issuer:       /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial:       0196EBA7E3B5887BB228BA27F9B024FB491C
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/jJDX5BH3xXIn_By--tax-YB0pqU.roa
Signing time:             Tue 20 May 2025 03:06:10 +0000
ROA not before:           Tue 20 May 2025 03:06:10 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     0
IP address blocks:        2001:67c:64:ffff:0:196:eba7:2b93/128 maxlen: 128
Validation:               Failed, certificate revoked on Tue 20 May 2025 03:15:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:eb:a7:e3:b5:88:7b:b2:28:ba:27:f9:b0:24:fb:49:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
        Validity
            Not Before: May 20 03:06:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=8c90d7e411f7c57227fc1cbefad6b1f98074a6a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:96:16:4f:e1:42:59:22:2a:c6:59:0f:1f:7e:
                    61:68:a7:48:0f:8f:41:4a:88:88:a6:c5:29:54:59:
                    08:07:d0:d3:aa:dd:ae:47:ef:cc:52:28:75:da:ab:
                    b4:e2:13:b5:c4:0b:19:5e:99:c2:74:4a:06:4b:26:
                    fa:5b:e7:ac:0e:6e:89:c1:6f:13:bd:40:51:c5:e3:
                    ee:fc:63:5d:61:3f:c4:6a:60:8e:e8:57:de:92:05:
                    68:7a:34:62:1d:82:f7:56:80:a0:a3:f9:44:25:fb:
                    73:88:2c:23:ba:14:8b:02:b0:0c:90:e2:8d:91:cb:
                    66:4e:b1:5d:42:47:1f:61:70:c6:0e:1c:c0:ef:fa:
                    d9:39:d5:c8:89:24:42:bf:ae:b4:19:bb:ce:f6:61:
                    b7:07:77:83:3d:ad:54:a1:a7:b9:fa:76:0f:7e:1d:
                    8f:98:25:b0:b3:67:0c:2f:33:25:9f:05:a7:86:bf:
                    7a:f6:d4:7e:8c:fc:2c:31:6f:b0:40:87:7e:db:aa:
                    8a:11:b6:d1:7f:9a:83:66:7b:e1:88:35:4c:df:c6:
                    7b:03:fd:60:b2:3a:db:42:02:e2:74:b4:ba:39:16:
                    5f:d4:b2:ca:62:d7:c7:ec:7f:68:99:78:11:9a:96:
                    e0:c3:57:c2:08:b7:cb:ee:5b:87:d0:0a:7c:53:ff:
                    6a:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:90:D7:E4:11:F7:C5:72:27:FC:1C:BE:FA:D6:B1:F9:80:74:A6:A5
            X509v3 Authority Key Identifier:
                keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/jJDX5BH3xXIn_By--tax-YB0pqU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:64:ffff:0:196:eba7:2b93/128

    Signature Algorithm: sha256WithRSAEncryption
         ba:32:90:61:ed:0e:44:7f:b4:76:c6:19:a9:56:0d:7a:8a:c4:
         bd:15:82:d2:cf:8e:f0:1b:bf:4b:05:0e:cd:57:08:3b:2f:11:
         e4:57:31:24:18:c8:11:f2:7f:0c:0c:df:ae:30:0e:e8:af:0b:
         53:56:00:3a:ae:55:1a:19:9f:80:ba:8a:c4:ad:a2:f2:d8:bf:
         2b:c5:2a:f9:c8:88:42:32:5e:29:72:b6:43:9d:2a:93:d2:cc:
         26:4a:41:27:1c:d3:22:bd:d3:88:05:ef:c0:2a:4b:a9:5f:5f:
         49:6c:79:d2:1d:53:ae:68:78:b3:41:83:c8:9b:07:79:88:e6:
         7b:e7:2d:8d:47:bd:75:05:16:19:00:33:5d:1c:a7:08:22:76:
         63:a3:3c:f8:6c:35:ae:0c:8e:79:cd:0c:a6:56:73:97:23:f0:
         84:51:d6:96:49:11:94:eb:2a:52:c4:3f:63:ab:01:34:5f:89:
         ea:3e:75:5e:fe:90:fc:57:c5:1c:8d:15:52:e8:34:38:72:b0:
         52:08:5a:49:7c:e9:2d:c0:88:ae:e9:9b:f0:a2:bd:4a:df:dd:
         51:b1:d8:45:ce:f4:f2:0c:d6:ab:12:2b:b8:1b:74:7c:f2:06:
         c1:6c:b0:0b:cd:27:76:ab:00:44:cc:4c:d4:c2:42:15:8c:32:
         5c:d4:bb:c8
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZbrp+O1iHuyKLon+bAk+0kcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIwMDMwNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzkwZDdlNDExZjdjNTcyMjdmYzFjYmVmYWQ2YjFmOTgwNzRhNmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pYWT+FCWSIqxlkPH35haKdID49B
SoiIpsUpVFkIB9DTqt2uR+/MUih12qu04hO1xAsZXpnCdEoGSyb6W+esDm6JwW8T
vUBRxePu/GNdYT/EamCO6FfekgVoejRiHYL3VoCgo/lEJftziCwjuhSLArAMkOKN
kctmTrFdQkcfYXDGDhzA7/rZOdXIiSRCv660GbvO9mG3B3eDPa1Uoae5+nYPfh2P
mCWws2cMLzMlnwWnhr969tR+jPwsMW+wQId+26qKEbbRf5qDZnvhiDVM38Z7A/1g
sjrbQgLidLS6ORZf1LLKYtfH7H9omXgRmpbgw1fCCLfL7luH0Ap8U/9qcwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIyQ1+QR98VyJ/wcvvrWsfmAdKalMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvakpEWDVCSDN4WEluX0J5LS10YXgtWUIwcHFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW66crkzANBgkqhkiG9w0BAQsFAAOCAQEAujKQYe0ORH+0dsYZqVYNeorE
vRWC0s+O8Bu/SwUOzVcIOy8R5FcxJBjIEfJ/DAzfrjAO6K8LU1YAOq5VGhmfgLqK
xK2i8ti/K8Uq+ciIQjJeKXK2Q50qk9LMJkpBJxzTIr3TiAXvwCpLqV9fSWx50h1T
rmh4s0GDyJsHeYjme+ctjUe9dQUWGQAzXRynCCJ2Y6M8+Gw1rgyOec0MplZzlyPw
hFHWlkkRlOsqUsQ/Y6sBNF+J6j51Xv6Q/FfFHI0VUug0OHKwUghaSXzpLcCIrumb
8KK9St/dUbHYRc708gzWqxIruBt0fPIGwWywC80ndqsARMxM1MJCFYwyXNS7yA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 05:08:45 2025 by rpki-client