Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/SzWmacqYax6toKs6Z9QksFk0XE4.roa
File:                     SzWmacqYax6toKs6Z9QksFk0XE4.roa (raw, json)
Hash identifier:          2HTzyk6ISCFMGbUXrPT2XSjn9+i/3cKtzm03jbLRsbA=
Subject key identifier:   4B:35:A6:69:CA:98:6B:1E:AD:A0:AB:3A:67:D4:24:B0:59:34:5C:4E
Certificate issuer:       /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial:       0197701165F4FE371C27C8B2B394E40A5B21
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/SzWmacqYax6toKs6Z9QksFk0XE4.roa
Signing time:             Sat 14 Jun 2025 20:11:17 +0000
ROA not before:           Sat 14 Jun 2025 20:11:17 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     0
IP address blocks:        2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation:               Failed, certificate revoked on Sat 14 Jun 2025 21:04:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:70:11:65:f4:fe:37:1c:27:c8:b2:b3:94:e4:0a:5b:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
        Validity
            Not Before: Jun 14 20:11:17 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=4b35a669ca986b1eada0ab3a67d424b059345c4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:0c:bb:99:e7:fc:89:75:68:79:1d:a0:a1:55:
                    cd:fa:fc:28:c1:ba:8b:22:ae:5a:42:c2:2a:2e:b4:
                    bb:81:d4:45:9d:07:b2:7f:39:33:da:d8:bf:cc:99:
                    4a:b2:02:2d:e9:9a:d5:44:db:3f:7b:ff:43:d1:57:
                    9a:8c:47:59:90:71:87:2b:38:16:7d:14:6b:99:ef:
                    0c:58:d9:43:7f:6d:42:12:76:86:62:8a:1f:2e:e0:
                    70:c9:72:f8:01:1d:d1:eb:39:da:ff:35:fd:98:1c:
                    2d:bb:e0:8a:32:9d:fe:4b:ff:bd:75:76:b9:44:e9:
                    ab:de:72:49:02:61:9e:94:0d:e7:50:5f:cf:64:6a:
                    12:ef:9c:b0:14:18:89:fb:d1:c0:7a:51:bb:61:21:
                    b6:a7:03:11:4c:c9:89:a8:47:6f:c9:b7:ff:dd:61:
                    53:38:2f:2d:50:de:c5:c8:ec:b9:fb:97:b8:cc:de:
                    32:79:37:0a:11:89:b3:be:a0:6e:b8:4a:14:c0:4f:
                    de:29:9e:84:15:fa:18:7e:39:ce:4b:d9:f8:b9:f8:
                    be:c4:38:04:89:40:86:c3:60:0e:bb:a4:a1:5a:52:
                    50:22:43:a5:04:b4:b4:47:3d:91:48:85:e9:f7:63:
                    1f:ab:a0:71:57:fa:0a:ce:9b:61:d9:53:48:1d:5a:
                    7f:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:35:A6:69:CA:98:6B:1E:AD:A0:AB:3A:67:D4:24:B0:59:34:5C:4E
            X509v3 Authority Key Identifier:
                keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/SzWmacqYax6toKs6Z9QksFk0XE4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:64:ffff:0:197:6851:789c/128

    Signature Algorithm: sha256WithRSAEncryption
         4d:b6:fa:08:d3:51:eb:60:bf:b3:2e:f0:ce:0d:99:04:86:a3:
         3c:c0:84:26:70:89:ea:6c:68:08:2e:44:bd:f4:7c:9f:03:21:
         5e:d0:e3:8e:f0:19:38:09:db:6b:7c:f3:f2:02:f9:f2:2e:70:
         08:c3:ae:40:e2:58:e3:98:4e:14:64:d3:bc:cb:2c:fb:ae:77:
         2c:22:ae:d6:ba:2d:f2:b4:63:65:1d:04:6c:34:f4:c5:1d:fd:
         9a:ed:fd:51:76:a0:a0:97:f6:c0:69:c2:72:ad:ab:31:7c:80:
         68:65:e7:27:69:e0:70:f7:70:e2:d8:02:fa:3b:11:3c:92:0c:
         98:8e:df:8d:6d:5d:22:dc:e1:f5:c7:fc:a5:12:2d:9b:25:f9:
         ea:ca:2c:71:e5:2f:00:d6:ad:3c:ca:fb:00:f8:4e:37:13:d5:
         99:32:18:4b:1b:24:ff:b9:1b:40:89:15:a3:bc:79:6e:dd:3b:
         b6:d4:91:22:da:54:ce:ee:95:20:32:43:0f:ac:33:1b:8f:d5:
         ac:e9:7f:16:96:3d:1d:31:db:52:83:9a:0c:52:d0:50:a7:df:
         62:da:f7:df:79:e3:64:82:63:79:7b:d5:38:f3:50:0f:73:d6:
         b6:9a:f9:d4:a5:6e:29:13:59:b4:ec:0f:14:3c:11:b1:42:34:
         64:65:26:09
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZdwEWX0/jccJ8iys5TkClshMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjE0MjAxMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjM1YTY2OWNhOTg2YjFlYWRhMGFiM2E2N2Q0MjRiMDU5MzQ1YzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQy7mef8iXVoeR2goVXN+vwowbqL
Iq5aQsIqLrS7gdRFnQeyfzkz2ti/zJlKsgIt6ZrVRNs/e/9D0VeajEdZkHGHKzgW
fRRrme8MWNlDf21CEnaGYoofLuBwyXL4AR3R6zna/zX9mBwtu+CKMp3+S/+9dXa5
ROmr3nJJAmGelA3nUF/PZGoS75ywFBiJ+9HAelG7YSG2pwMRTMmJqEdvybf/3WFT
OC8tUN7FyOy5+5e4zN4yeTcKEYmzvqBuuEoUwE/eKZ6EFfoYfjnOS9n4ufi+xDgE
iUCGw2AOu6ShWlJQIkOlBLS0Rz2RSIXp92Mfq6BxV/oKzpth2VNIHVp/IQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEs1pmnKmGseraCrOmfUJLBZNFxOMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvU3pXbWFjcVlheDZ0b0tzNlo5UWtzRmswWEU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEATbb6CNNR62C/sy7wzg2ZBIaj
PMCEJnCJ6mxoCC5EvfR8nwMhXtDjjvAZOAnba3zz8gL58i5wCMOuQOJY45hOFGTT
vMss+653LCKu1rot8rRjZR0EbDT0xR39mu39UXagoJf2wGnCcq2rMXyAaGXnJ2ng
cPdw4tgC+jsRPJIMmI7fjW1dItzh9cf8pRItmyX56sosceUvANatPMr7APhONxPV
mTIYSxsk/7kbQIkVo7x5bt07ttSRItpUzu6VIDJDD6wzG4/VrOl/FpY9HTHbUoOa
DFLQUKffYtr333njZIJjeXvVOPNQD3PWtpr51KVuKRNZtOwPFDwRsUI0ZGUmCQ==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:27:57 2025 by rpki-client