Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/uE1S0Qw4FRbiWBQNnQe0IXszYUg.roa
File:                     uE1S0Qw4FRbiWBQNnQe0IXszYUg.roa (raw, json)
Hash identifier:          TzxuaddOZ9jbcN+tCFPgZ8fmLd3xGcowBLBd9iW4gYo=
Subject key identifier:   B8:4D:52:D1:0C:38:15:16:E2:58:14:0D:9D:07:B4:21:7B:33:61:48
Certificate issuer:       /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial:       019727C200299B24A6ED869101DAF54AB483
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/uE1S0Qw4FRbiWBQNnQe0IXszYUg.roa
Signing time:             Sat 31 May 2025 19:11:54 +0000
ROA not before:           Sat 31 May 2025 19:11:54 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     0
IP address blocks:        2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
                          2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
                          2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation:               Failed, certificate revoked on Sat 31 May 2025 20:04:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:27:c2:00:29:9b:24:a6:ed:86:91:01:da:f5:4a:b4:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
        Validity
            Not Before: May 31 19:11:54 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=b84d52d10c381516e258140d9d07b4217b336148
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:7a:86:4b:1d:41:f1:2d:da:c5:0c:42:ba:49:
                    26:b4:2f:bb:b4:ca:21:d3:6e:c3:07:11:d2:4b:a3:
                    cf:09:b3:4e:de:89:85:84:47:0e:08:61:96:dc:4b:
                    56:b4:54:cb:6c:24:1f:45:fa:d5:09:62:c5:ea:7d:
                    43:db:de:77:21:7e:f2:57:d8:e6:a4:d9:28:c7:dc:
                    89:54:5e:9b:0c:bb:20:b4:82:fa:9b:a4:6b:d4:54:
                    d7:d1:a4:41:fc:c9:cb:7f:c9:91:16:0d:c9:3d:f6:
                    8a:d5:0b:aa:be:16:fa:4e:5c:1f:b1:6a:24:23:e9:
                    ec:d1:db:88:76:63:5a:e8:8c:ed:84:db:81:d6:3a:
                    d6:be:b3:f2:b8:2a:3d:b2:1b:5f:b5:83:6f:bf:43:
                    d0:67:7a:61:81:a1:07:a2:96:45:2a:52:d3:04:7a:
                    1d:21:18:57:37:26:f6:61:0f:a2:a3:c1:69:3d:89:
                    60:01:6d:2d:34:b5:72:f1:cf:03:60:f6:5b:a9:4f:
                    89:eb:90:ec:30:83:84:63:c5:ba:88:75:d2:eb:10:
                    67:d9:f8:d5:0c:3a:cc:a5:f2:45:55:e9:7e:8d:29:
                    ef:64:87:42:f8:80:e0:26:56:96:67:4c:35:c5:6e:
                    92:dc:d3:6c:04:e4:3b:7f:b9:f8:ff:d6:7e:7d:b4:
                    7c:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:4D:52:D1:0C:38:15:16:E2:58:14:0D:9D:07:B4:21:7B:33:61:48
            X509v3 Authority Key Identifier:
                keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/uE1S0Qw4FRbiWBQNnQe0IXszYUg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:64:ffff:0:196:ed5d:8c28/128
                  2001:67c:64:ffff:0:197:108e:927e/128
                  2001:67c:64:ffff:0:197:15eb:6226/128

    Signature Algorithm: sha256WithRSAEncryption
         a2:eb:b4:cc:43:5f:c9:c4:ab:b7:d8:f0:c6:7e:16:b6:36:60:
         96:08:48:5a:e9:33:4a:4f:c0:03:68:17:83:72:fb:b1:be:0d:
         5b:e0:20:6d:f7:3e:1f:4b:7d:72:ec:e5:70:ba:26:7a:df:1d:
         5a:76:83:60:86:42:ec:8c:9e:f0:00:57:60:f0:d8:df:65:ad:
         6a:6e:64:6c:5c:73:7f:91:c6:78:f2:c0:a4:6d:83:03:bf:e0:
         2b:b1:dc:c4:fa:72:1b:da:81:e2:d0:0b:84:5c:45:08:e0:fe:
         a9:37:0a:35:11:c2:17:8c:2a:e1:83:c5:07:c8:04:a2:e6:7e:
         63:c0:21:8d:a3:e1:80:f0:26:9d:a0:ec:75:c8:96:a9:4f:58:
         ff:cb:90:1f:fc:e2:6f:56:6f:18:4b:3f:d4:a3:92:cb:c8:86:
         9f:36:06:5f:81:c8:5c:39:46:ba:e6:8e:50:d8:e3:b8:a4:6b:
         b9:12:a8:db:a4:b9:d7:cc:22:7f:9c:d0:07:1b:2d:cb:d4:15:
         d2:ec:de:a0:6b:31:72:01:09:a0:eb:cf:78:2d:0a:c0:dd:90:
         ae:63:0a:d7:1f:0f:e4:46:2a:10:cf:6d:a8:d8:e5:ec:79:d7:
         e8:77:3e:d7:fd:ad:dc:db:e0:df:f4:24:1a:6c:70:e9:9b:4d:
         61:a2:be:4c
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcnwgApmySm7YaRAdr1SrSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTMxMTkxMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODRkNTJkMTBjMzgxNTE2ZTI1ODE0MGQ5ZDA3YjQyMTdiMzM2MTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3qGSx1B8S3axQxCukkmtC+7tMoh
027DBxHSS6PPCbNO3omFhEcOCGGW3EtWtFTLbCQfRfrVCWLF6n1D2953IX7yV9jm
pNkox9yJVF6bDLsgtIL6m6Rr1FTX0aRB/MnLf8mRFg3JPfaK1Quqvhb6TlwfsWok
I+ns0duIdmNa6IzthNuB1jrWvrPyuCo9shtftYNvv0PQZ3phgaEHopZFKlLTBHod
IRhXNyb2YQ+io8FpPYlgAW0tNLVy8c8DYPZbqU+J65DsMIOEY8W6iHXS6xBn2fjV
DDrMpfJFVel+jSnvZIdC+IDgJlaWZ0w1xW6S3NNsBOQ7f7n4/9Z+fbR8rQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFLhNUtEMOBUW4lgUDZ0HtCF7M2FIMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvdUUxUzBRdzRGUmJpV0JRTm5RZTBJWHN6WVVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQCi67TMQ1/JxKu32PDGfha2NmCWCEha6TNKT8AD
aBeDcvuxvg1b4CBt9z4fS31y7OVwuiZ63x1adoNghkLsjJ7wAFdg8NjfZa1qbmRs
XHN/kcZ48sCkbYMDv+ArsdzE+nIb2oHi0AuEXEUI4P6pNwo1EcIXjCrhg8UHyASi
5n5jwCGNo+GA8CadoOx1yJapT1j/y5Af/OJvVm8YSz/Uo5LLyIafNgZfgchcOUa6
5o5Q2OO4pGu5EqjbpLnXzCJ/nNAHGy3L1BXS7N6gazFyAQmg6894LQrA3ZCuYwrX
Hw/kRioQz22o2OXsedfodz7X/a3c2+Df9CQabHDpm01hor5M
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:38:41 2025 by rpki-client