Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/n71oD_5iXHvNdOXpZeUZaa4YKTA.roa
File:                     n71oD_5iXHvNdOXpZeUZaa4YKTA.roa (raw, json)
Hash identifier:          imvh2kftpGc1HlIFupdithSoGYuwYn3XQ4myrwFwQMg=
Subject key identifier:   9F:BD:68:0F:FE:62:5C:7B:CD:74:E5:E9:65:E5:19:69:AE:18:29:30
Certificate issuer:       /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial:       01978EC23B877AFE5C35A5DB5F77E29A9769
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/n71oD_5iXHvNdOXpZeUZaa4YKTA.roa
Signing time:             Fri 20 Jun 2025 19:13:03 +0000
ROA not before:           Fri 20 Jun 2025 19:13:03 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     0
IP address blocks:        2001:67c:64:ffff:0:197:6851:789c/128 maxlen: 128
Validation:               Failed, certificate revoked on Fri 20 Jun 2025 20:07:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:8e:c2:3b:87:7a:fe:5c:35:a5:db:5f:77:e2:9a:97:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
        Validity
            Not Before: Jun 20 19:13:03 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=9fbd680ffe625c7bcd74e5e965e51969ae182930
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:a0:7b:21:c4:66:1c:7d:95:92:21:fe:b6:14:
                    94:5f:3b:6d:ca:43:4b:b4:2b:61:7b:29:27:b9:a0:
                    c0:76:a6:43:1d:7f:d5:ba:53:1c:b3:aa:00:fe:f0:
                    05:ea:d4:b9:ae:75:cb:9d:4d:0c:9d:5f:74:e1:79:
                    a6:cc:90:a1:2a:aa:30:2f:6c:91:6e:44:a1:0b:ef:
                    ac:a9:ff:49:e4:28:06:56:41:20:b9:47:3f:05:00:
                    39:51:8f:ee:63:d5:34:ca:72:15:b5:6b:22:ae:f1:
                    39:6d:a3:3a:07:09:90:6a:d0:ba:50:f8:1c:d3:b9:
                    05:ce:69:6a:bd:75:45:e3:54:1b:92:1a:30:ed:b5:
                    0d:7e:3a:ce:6e:fe:70:fd:64:13:54:a8:f0:66:8b:
                    65:2e:22:85:1f:e4:d8:8e:8e:07:bd:84:43:2f:8e:
                    84:e8:9a:08:75:3d:30:fe:1e:ce:fd:bc:96:f9:e5:
                    c1:05:9c:e1:c8:b8:8c:61:2f:54:7f:97:04:28:70:
                    90:55:67:62:6b:9a:67:50:d0:21:c1:d4:45:35:b9:
                    8d:34:d2:90:8e:4d:da:a6:39:99:2e:31:46:2c:22:
                    cb:7b:3e:42:2c:dd:d3:15:43:a4:4f:71:8a:e9:62:
                    26:f6:19:a9:c1:6c:b9:53:f4:d7:de:0d:07:be:5b:
                    b9:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:BD:68:0F:FE:62:5C:7B:CD:74:E5:E9:65:E5:19:69:AE:18:29:30
            X509v3 Authority Key Identifier:
                keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/n71oD_5iXHvNdOXpZeUZaa4YKTA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:64:ffff:0:197:6851:789c/128

    Signature Algorithm: sha256WithRSAEncryption
         42:af:63:32:ed:aa:f1:f4:8a:2a:12:27:1e:93:06:d0:19:de:
         c0:21:7a:80:10:a7:4f:4a:69:e0:07:67:db:f8:80:e1:af:5a:
         7d:7a:f0:22:71:32:96:7e:54:ce:c2:11:a1:1c:f7:31:af:11:
         59:de:be:e8:05:38:64:2f:7e:9a:e8:cb:5c:0d:88:be:8e:1b:
         99:f4:0f:81:5e:05:0f:8e:2f:65:9c:9c:54:b3:2c:88:8c:03:
         0a:72:dc:39:96:9c:e8:fa:5a:ca:a6:d1:d6:00:3d:b3:09:af:
         77:4f:a9:1e:ee:f4:3b:88:d6:74:dd:37:67:46:a0:8a:05:50:
         21:a4:14:f6:fd:d5:c0:46:a9:26:cc:d0:9a:6c:62:be:3c:73:
         c6:9d:0a:76:06:e9:6d:e1:66:a6:24:a1:a2:36:11:f6:86:95:
         76:31:30:34:fe:e4:ec:6c:9d:a9:34:e3:11:ec:ba:4e:81:8a:
         5b:da:f7:7e:3e:33:31:88:0a:5a:06:aa:08:01:a7:13:62:9b:
         02:b2:9a:1a:9a:e4:ac:79:de:bf:0d:74:a0:5a:d8:9f:c7:18:
         c7:ee:49:9c:13:aa:ef:aa:f4:32:63:3b:3e:84:ee:f8:9e:72:
         a0:c8:72:cc:e2:bf:21:60:09:18:c3:4c:8e:37:f0:cb:6e:2f:
         58:c7:c6:6a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZeOwjuHev5cNaXbX3fimpdpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjIwMTkxMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmJkNjgwZmZlNjI1YzdiY2Q3NGU1ZTk2NWU1MTk2OWFlMTgyOTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6B7IcRmHH2VkiH+thSUXzttykNL
tCtheyknuaDAdqZDHX/VulMcs6oA/vAF6tS5rnXLnU0MnV904XmmzJChKqowL2yR
bkShC++sqf9J5CgGVkEguUc/BQA5UY/uY9U0ynIVtWsirvE5baM6BwmQatC6UPgc
07kFzmlqvXVF41Qbkhow7bUNfjrObv5w/WQTVKjwZotlLiKFH+TYjo4HvYRDL46E
6JoIdT0w/h7O/byW+eXBBZzhyLiMYS9Uf5cEKHCQVWdia5pnUNAhwdRFNbmNNNKQ
jk3apjmZLjFGLCLLez5CLN3TFUOkT3GK6WIm9hmpwWy5U/TX3g0Hvlu5aQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJ+9aA/+Ylx7zXTl6WXlGWmuGCkwMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvbjcxb0RfNWlYSHZOZE9YcFplVVphYTRZS1RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGXaFF4nDANBgkqhkiG9w0BAQsFAAOCAQEAQq9jMu2q8fSKKhInHpMG0Bne
wCF6gBCnT0pp4Adn2/iA4a9afXrwInEyln5UzsIRoRz3Ma8RWd6+6AU4ZC9+mujL
XA2Ivo4bmfQPgV4FD44vZZycVLMsiIwDCnLcOZac6PpayqbR1gA9swmvd0+pHu70
O4jWdN03Z0agigVQIaQU9v3VwEapJszQmmxivjxzxp0KdgbpbeFmpiShojYR9oaV
djEwNP7k7GydqTTjEey6ToGKW9r3fj4zMYgKWgaqCAGnE2KbArKaGprkrHnevw10
oFrYn8cYx+5JnBOq76r0MmM7PoTu+J5yoMhyzOK/IWAJGMNMjjfwy24vWMfGag==
-----END CERTIFICATE-----
Generated at Sat Jul 5 15:27:58 2025 by rpki-client