Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/sOFkGmIMij69nGtA5oLz5sxsk7Q.roa
File:                     sOFkGmIMij69nGtA5oLz5sxsk7Q.roa (raw, json)
Hash identifier:          dVbJDZGtbmfJw+fyet5QG3I6tIIk48kkBexQRTaxYoc=
Subject key identifier:   B0:E1:64:1A:62:0C:8A:3E:BD:9C:6B:40:E6:82:F3:E6:CC:6C:93:B4
Certificate issuer:       /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial:       0196FC6AB93497D3973981740EA27ACF4DF7
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/sOFkGmIMij69nGtA5oLz5sxsk7Q.roa
Signing time:             Fri 23 May 2025 09:12:54 +0000
ROA not before:           Fri 23 May 2025 09:12:54 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     0
IP address blocks:        2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation:               Failed, certificate revoked on Fri 23 May 2025 10:04:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:fc:6a:b9:34:97:d3:97:39:81:74:0e:a2:7a:cf:4d:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
        Validity
            Not Before: May 23 09:12:54 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=b0e1641a620c8a3ebd9c6b40e682f3e6cc6c93b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:97:92:6a:2f:b2:ac:ea:8b:0c:85:6d:fd:9e:
                    67:ed:c5:7b:62:41:d4:bd:c4:e8:31:17:6a:53:ca:
                    5f:ff:58:a5:6d:88:9b:43:25:c6:9e:fe:5c:eb:0d:
                    05:6d:77:65:43:6c:29:4b:2e:65:e9:9e:38:73:ec:
                    a4:b0:96:c4:5e:e5:51:d9:30:2c:97:f0:11:1a:51:
                    d7:41:69:6a:e7:8e:09:3b:5e:36:c4:d1:f4:dc:72:
                    4d:0e:b4:dc:88:07:a2:9a:29:94:fa:33:ba:45:c3:
                    2c:2f:55:a0:84:16:6c:08:60:74:ad:ee:14:ee:11:
                    a9:3c:11:a6:99:f2:86:10:79:65:f0:07:d7:7b:39:
                    4a:c0:c7:79:b6:bf:5c:06:fd:e3:d7:91:ac:7a:25:
                    f8:e1:83:c2:da:27:f1:51:bb:7b:10:46:fa:13:e2:
                    ce:f2:a6:c3:06:b0:c1:8d:5f:e0:c9:1d:13:a4:85:
                    bb:1d:11:4c:17:2c:6f:1a:8f:8a:1e:09:a1:04:41:
                    88:82:01:d6:fe:43:de:30:7a:cb:44:b4:6f:e7:18:
                    25:73:30:68:6b:21:c4:7f:0c:33:d5:89:01:04:fa:
                    d3:33:2f:5e:4b:4e:f1:84:00:49:0d:ec:71:16:65:
                    52:90:03:bc:96:6c:db:f2:d4:fc:86:0a:22:7b:b3:
                    62:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:E1:64:1A:62:0C:8A:3E:BD:9C:6B:40:E6:82:F3:E6:CC:6C:93:B4
            X509v3 Authority Key Identifier:
                keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/sOFkGmIMij69nGtA5oLz5sxsk7Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:64:ffff:0:196:ed5d:8c28/128

    Signature Algorithm: sha256WithRSAEncryption
         96:81:22:87:af:af:3e:19:47:4a:15:4c:27:73:51:41:92:f4:
         62:ce:d3:98:65:f3:9a:92:6c:6a:11:28:35:9d:54:37:23:0d:
         2b:7b:02:65:67:1b:3a:0f:e3:7c:76:5b:fc:08:26:b7:35:ef:
         b1:f1:db:1e:03:2f:f6:8a:36:a7:43:d8:2c:44:99:dc:f3:16:
         8c:c3:d3:6c:90:fc:f9:b5:f3:5d:fd:01:b8:08:aa:fa:db:90:
         0b:82:c1:1f:c5:49:12:27:b0:a8:15:8e:d4:5b:b0:84:91:1b:
         dd:e2:96:63:c4:bf:f0:ab:ad:b7:03:9b:73:61:64:ad:dd:11:
         38:31:8b:7b:35:b0:4d:f1:d9:ad:4d:1a:8a:6f:17:09:a1:80:
         c2:f4:7d:61:d2:0e:61:b5:d0:e1:dd:90:4f:e4:f8:04:5a:2b:
         94:d7:0d:e8:e4:1a:bb:67:78:83:ea:1a:d4:0c:45:60:3c:4c:
         2b:93:7c:05:28:73:73:a9:fc:dd:b7:01:f6:cb:c6:ef:30:5c:
         f7:7a:67:ff:59:53:be:43:a7:57:01:5d:50:e2:88:98:ba:6a:
         5c:8a:84:6a:35:ad:ea:11:ee:8d:ce:7d:0a:fb:c3:c6:72:3e:
         14:66:0b:58:84:32:c1:a7:6a:2c:10:15:12:d6:72:bf:00:55:
         91:f4:1b:11
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZb8ark0l9OXOYF0DqJ6z033MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIzMDkxMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGUxNjQxYTYyMGM4YTNlYmQ5YzZiNDBlNjgyZjNlNmNjNmM5M2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJeSai+yrOqLDIVt/Z5n7cV7YkHU
vcToMRdqU8pf/1ilbYibQyXGnv5c6w0FbXdlQ2wpSy5l6Z44c+yksJbEXuVR2TAs
l/ARGlHXQWlq544JO142xNH03HJNDrTciAeimimU+jO6RcMsL1WghBZsCGB0re4U
7hGpPBGmmfKGEHll8AfXezlKwMd5tr9cBv3j15GseiX44YPC2ifxUbt7EEb6E+LO
8qbDBrDBjV/gyR0TpIW7HRFMFyxvGo+KHgmhBEGIggHW/kPeMHrLRLRv5xglczBo
ayHEfwwz1YkBBPrTMy9eS07xhABJDexxFmVSkAO8lmzb8tT8hgoie7NimwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLDhZBpiDIo+vZxrQOaC8+bMbJO0MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvc09Ga0dtSU1pajY5bkd0QTVvTHo1c3hzazdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAloEih6+vPhlHShVMJ3NRQZL0
Ys7TmGXzmpJsahEoNZ1UNyMNK3sCZWcbOg/jfHZb/AgmtzXvsfHbHgMv9oo2p0PY
LESZ3PMWjMPTbJD8+bXzXf0BuAiq+tuQC4LBH8VJEiewqBWO1FuwhJEb3eKWY8S/
8KuttwObc2Fkrd0RODGLezWwTfHZrU0aim8XCaGAwvR9YdIOYbXQ4d2QT+T4BFor
lNcN6OQau2d4g+oa1AxFYDxMK5N8BShzc6n83bcB9svG7zBc93pn/1lTvkOnVwFd
UOKImLpqXIqEajWt6hHujc59CvvDxnI+FGYLWIQywadqLBAVEtZyvwBVkfQbEQ==
-----END CERTIFICATE-----
Generated at Tue Jun 10 20:11:50 2025 by rpki-client