Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/XAXL_bDogdp8NCJcFhG6PUo_Yxg.roa
File:                     XAXL_bDogdp8NCJcFhG6PUo_Yxg.roa (raw, json)
Hash identifier:          49yOLzvcjNhouStHRXMP8rhAGc0d/bgG0VzqrI3E7uM=
Subject key identifier:   5C:05:CB:FD:B0:E8:81:DA:7C:34:22:5C:16:11:BA:3D:4A:3F:63:18
Certificate issuer:       /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial:       01987B8BB347DA49C57E7C1C79C7DA112535
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/XAXL_bDogdp8NCJcFhG6PUo_Yxg.roa
Signing time:             Tue 05 Aug 2025 18:43:29 +0000
ROA not before:           Tue 05 Aug 2025 18:43:29 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     206174
IP address blocks:        2a06:4382::/32 maxlen: 32
                          2a09:a506::/32 maxlen: 32
                          2a0c:72c0::/29 maxlen: 29
                          2a0c:9486::/32 maxlen: 32
                          2a0d:f846::/32 maxlen: 32
                          2a0e:7f06::/32 maxlen: 32
                          2a0f:1803::/32 maxlen: 32
                          2a0f:1805::/32 maxlen: 32
                          2a0f:9d02::/32 maxlen: 32
                          2a0f:9d06::/32 maxlen: 32
                          2a11:3c43::/32 maxlen: 32
                          2a11:6bc3::/32 maxlen: 32
                          2a12:2fc2::/32 maxlen: 32
                          2a12:3044::/32 maxlen: 32
                          2a12:38c5::/32 maxlen: 32
                          2a12:39c2::/32 maxlen: 32
Validation:               Failed, certificate revoked on Wed 06 Aug 2025 17:28:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7b:8b:b3:47:da:49:c5:7e:7c:1c:79:c7:da:11:25:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
        Validity
            Not Before: Aug  5 18:43:29 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=5c05cbfdb0e881da7c34225c1611ba3d4a3f6318
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:96:50:0b:8d:28:8f:ef:cd:2b:63:19:d0:af:
                    67:cd:34:0e:38:04:aa:c4:78:e4:c5:98:be:3a:12:
                    45:a9:79:c0:f4:b4:1a:88:33:c2:1c:b7:2d:53:1c:
                    3b:93:2f:72:37:7d:24:21:2c:bb:60:dd:f3:5a:77:
                    ca:08:c4:a3:01:bd:12:2c:9d:5e:f4:0d:b4:70:c9:
                    cb:9e:8f:d6:6c:1d:84:41:ac:86:f5:3d:cf:06:dc:
                    78:87:cc:f2:b9:2a:92:8f:57:b1:87:f9:68:e0:8d:
                    61:b8:ca:df:0e:60:52:f9:eb:0f:5c:9e:6e:4f:08:
                    b5:1b:d1:d8:34:a8:df:2a:e6:b1:54:99:72:92:d3:
                    2a:d5:1d:ba:f8:8e:c1:71:b7:c1:4b:e6:16:95:71:
                    d9:f8:d8:b8:84:c6:5a:20:e0:e2:dc:55:5a:10:0c:
                    c8:ed:dc:db:ee:bc:9e:85:70:57:b1:c2:db:b9:5b:
                    83:0d:5f:c2:1b:fd:00:bc:5e:9c:5a:2d:6e:40:96:
                    f0:09:26:0e:e5:cb:fa:48:2c:4c:4d:e5:95:7e:97:
                    e7:1e:23:d7:1e:0b:45:7c:ad:4f:49:ed:d3:6a:ee:
                    81:63:32:3d:93:c9:1a:1a:2c:88:49:3a:ff:e3:a0:
                    49:ea:69:da:f1:8e:5e:3f:0d:33:cb:51:83:6b:0a:
                    b2:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:05:CB:FD:B0:E8:81:DA:7C:34:22:5C:16:11:BA:3D:4A:3F:63:18
            X509v3 Authority Key Identifier:
                keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/XAXL_bDogdp8NCJcFhG6PUo_Yxg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:4382::/32
                  2a09:a506::/32
                  2a0c:72c0::/29
                  2a0c:9486::/32
                  2a0d:f846::/32
                  2a0e:7f06::/32
                  2a0f:1803::/32
                  2a0f:1805::/32
                  2a0f:9d02::/32
                  2a0f:9d06::/32
                  2a11:3c43::/32
                  2a11:6bc3::/32
                  2a12:2fc2::/32
                  2a12:3044::/32
                  2a12:38c5::/32
                  2a12:39c2::/32

    Signature Algorithm: sha256WithRSAEncryption
         68:af:d4:55:54:36:59:d7:a9:21:6d:a3:c8:0a:3f:34:27:0c:
         d1:ee:bd:4c:17:10:63:70:d9:91:e3:71:a3:d7:1c:82:7b:d7:
         3c:1f:c2:cc:40:cf:c0:26:d4:ee:63:45:9a:c3:1e:5e:39:77:
         7e:6b:52:f7:28:4d:14:7c:1e:39:ca:10:f6:06:51:4a:50:2f:
         59:b9:73:3b:08:b8:48:6f:2c:49:72:b5:80:b6:a0:bf:04:ec:
         42:70:15:3f:e4:32:c2:72:4d:7c:6c:ee:17:26:9c:ce:fa:a1:
         c4:b4:66:a2:a3:92:45:52:8c:01:8c:c1:68:8e:d3:d2:77:25:
         e2:b4:8c:5c:d5:b2:99:23:cf:a5:66:a6:8b:cb:45:ef:68:ad:
         3a:57:92:0a:48:7e:03:45:7a:af:df:24:4d:ed:68:12:1e:90:
         6e:33:d5:10:db:0c:1a:66:34:0c:07:aa:65:20:5b:c6:5b:b6:
         27:48:6e:9f:a3:15:c3:0c:f0:36:a9:6d:87:b1:4e:d8:1b:36:
         c9:98:07:08:9f:3d:00:30:cc:2c:5a:86:a4:69:24:3b:12:0a:
         42:cc:15:5c:a8:eb:20:09:17:6d:7d:99:e6:02:41:d0:43:54:
         24:25:d6:e1:98:af:1d:03:df:59:37:96:a7:66:25:92:6d:58:
         99:4f:a8:be
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZh7i7NH2knFfnwcecfaESU1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUwODA1MTg0MzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzA1Y2JmZGIwZTg4MWRhN2MzNDIyNWMxNjExYmEzZDRhM2Y2MzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpZQC40oj+/NK2MZ0K9nzTQOOASq
xHjkxZi+OhJFqXnA9LQaiDPCHLctUxw7ky9yN30kISy7YN3zWnfKCMSjAb0SLJ1e
9A20cMnLno/WbB2EQayG9T3PBtx4h8zyuSqSj1exh/lo4I1huMrfDmBS+esPXJ5u
Twi1G9HYNKjfKuaxVJlyktMq1R26+I7BcbfBS+YWlXHZ+Ni4hMZaIODi3FVaEAzI
7dzb7ryehXBXscLbuVuDDV/CG/0AvF6cWi1uQJbwCSYO5cv6SCxMTeWVfpfnHiPX
HgtFfK1PSe3Tau6BYzI9k8kaGiyISTr/46BJ6mna8Y5ePw0zy1GDawqy0QIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFFwFy/2w6IHafDQiXBYRuj1KP2MYMB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvWEFYTF9iRG9nZHA4TkNKY0ZoRzZQVW9fWXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAIwcAMFACoGQ4ID
BQAqCaUGAwUDKgxywAMFACoMlIYDBQAqDfhGAwUAKg5/BgMFACoPGAMDBQAqDxgF
AwUAKg+dAgMFACoPnQYDBQAqETxDAwUAKhFrwwMFACoSL8IDBQAqEjBEAwUAKhI4
xQMFACoSOcIwDQYJKoZIhvcNAQELBQADggEBAGiv1FVUNlnXqSFto8gKPzQnDNHu
vUwXEGNw2ZHjcaPXHIJ71zwfwsxAz8Am1O5jRZrDHl45d35rUvcoTRR8HjnKEPYG
UUpQL1m5czsIuEhvLElytYC2oL8E7EJwFT/kMsJyTXxs7hcmnM76ocS0ZqKjkkVS
jAGMwWiO09J3JeK0jFzVspkjz6VmpovLRe9orTpXkgpIfgNFeq/fJE3taBIekG4z
1RDbDBpmNAwHqmUgW8ZbtidIbp+jFcMM8DapbYexTtgbNsmYBwifPQAwzCxahqRp
JDsSCkLMFVyo6yAJF219meYCQdBDVCQl1uGYrx0D31k3lqdmJZJtWJlPqL4=
-----END CERTIFICATE-----
Generated at Thu Aug 7 00:30:49 2025 by rpki-client