Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/gE5x85WPhlui2dU1xxIwswE-Ywo.roa
File:                     gE5x85WPhlui2dU1xxIwswE-Ywo.roa (raw, json)
Hash identifier:          i/DfH8VkYXAS4ooiXtbcgn8D14I4rtP4f60TCSzfJyQ=
Subject key identifier:   80:4E:71:F3:95:8F:86:5B:A2:D9:D5:35:C7:12:30:B3:01:3E:63:0A
Certificate issuer:       /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial:       01965A34C404EEA66ACE7C7A86623537F12A
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/gE5x85WPhlui2dU1xxIwswE-Ywo.roa
Signing time:             Mon 21 Apr 2025 21:15:29 +0000
ROA not before:           Mon 21 Apr 2025 21:15:29 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     213705
IP address blocks:        2a06:5fc0::/29 maxlen: 29
                          2a13:c244::/33 maxlen: 33
                          2a14:1100::/33 maxlen: 33
Validation:               Failed, certificate revoked on Thu 01 May 2025 06:27:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5a:34:c4:04:ee:a6:6a:ce:7c:7a:86:62:35:37:f1:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
        Validity
            Not Before: Apr 21 21:15:29 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=804e71f3958f865ba2d9d535c71230b3013e630a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:bd:1f:41:96:bf:0e:ae:b5:3e:5b:e4:da:3f:
                    79:84:dd:b8:96:df:e4:07:ee:86:01:d0:6d:e0:40:
                    a8:04:b9:d3:97:35:fa:ea:ad:ee:b1:51:1d:d5:84:
                    f9:ab:70:7c:d3:76:11:fc:e2:49:66:51:e6:ac:80:
                    54:cd:9f:5d:4c:d4:23:00:a8:ad:d7:a6:5c:f1:60:
                    e1:b5:46:3b:f8:e6:65:23:a7:11:e6:a4:bd:fe:2e:
                    07:9f:3f:69:44:d1:cc:d8:04:d6:4f:c0:2f:d9:6c:
                    68:77:5e:29:a8:e3:60:90:c8:ff:91:0f:fc:99:16:
                    e4:c2:ba:7b:0c:d2:24:35:a0:23:f1:b9:59:db:b1:
                    89:44:b8:aa:83:b4:bc:03:8f:69:a1:5a:81:b7:d4:
                    37:df:c6:14:46:65:a6:cb:18:a4:f1:31:77:df:2e:
                    31:c1:d9:09:82:e1:59:10:f1:fb:67:67:6a:24:0b:
                    4c:9e:be:0e:42:7d:a6:1b:23:4a:7e:36:54:32:8b:
                    51:85:18:ee:b7:fe:6e:75:cd:7f:79:78:5a:b6:32:
                    36:66:18:a1:06:37:c9:7d:de:9c:3c:d7:15:4c:18:
                    fa:53:1d:ca:ea:1d:c6:2d:d8:31:89:9f:10:46:d9:
                    23:86:e2:df:77:8a:05:9e:45:e8:f1:c7:8e:73:30:
                    a8:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:4E:71:F3:95:8F:86:5B:A2:D9:D5:35:C7:12:30:B3:01:3E:63:0A
            X509v3 Authority Key Identifier:
                keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/gE5x85WPhlui2dU1xxIwswE-Ywo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:5fc0::/29
                  2a13:c244::/33
                  2a14:1100::/33

    Signature Algorithm: sha256WithRSAEncryption
         06:34:be:79:cb:95:9f:45:5f:97:b8:5a:0e:8f:ef:10:fc:16:
         39:c6:30:3c:53:cf:e5:11:dd:53:9e:89:6e:ca:53:f9:49:44:
         3c:7d:d1:a2:d7:51:c3:5d:99:d2:37:92:65:62:96:99:52:93:
         37:f8:ab:48:13:f7:59:aa:5a:88:2e:d6:34:12:df:18:44:13:
         1f:2f:92:52:90:83:13:29:af:cf:1f:e6:b0:50:d9:17:f1:c0:
         93:8e:e1:66:8d:a1:c9:a6:23:ba:bd:12:cb:cd:4b:77:da:15:
         c6:a1:1c:ae:34:27:be:25:3f:35:a5:28:8d:a0:60:6b:4e:8d:
         f1:29:1a:e7:23:3d:76:db:a8:c4:0b:4c:56:96:9b:ac:c1:77:
         af:c6:cc:14:77:8d:99:43:f3:3a:d9:70:31:2a:16:92:0c:04:
         30:22:18:47:4c:26:47:2a:cc:8b:6d:90:86:6b:cd:ff:92:30:
         7d:64:60:2a:b5:17:1e:b5:f7:76:0a:86:d7:c4:ab:be:83:04:
         ca:27:b4:f5:55:00:48:d0:d4:c1:ed:0c:77:16:7c:cc:4d:b0:
         bc:22:f9:5b:2d:a9:d2:c2:a1:82:fd:9d:e9:ce:12:09:77:4b:
         cd:12:a4:32:12:89:c9:26:f9:b4:58:55:5b:6f:49:a4:e9:d0:
         f7:c6:df:f9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZZaNMQE7qZqznx6hmI1N/EqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNDIxMjExNTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDRlNzFmMzk1OGY4NjViYTJkOWQ1MzVjNzEyMzBiMzAxM2U2MzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2L0fQZa/Dq61Plvk2j95hN24lt/k
B+6GAdBt4ECoBLnTlzX66q3usVEd1YT5q3B803YR/OJJZlHmrIBUzZ9dTNQjAKit
16Zc8WDhtUY7+OZlI6cR5qS9/i4Hnz9pRNHM2ATWT8Av2Wxod14pqONgkMj/kQ/8
mRbkwrp7DNIkNaAj8blZ27GJRLiqg7S8A49poVqBt9Q338YURmWmyxik8TF33y4x
wdkJguFZEPH7Z2dqJAtMnr4OQn2mGyNKfjZUMotRhRjut/5udc1/eXhatjI2Zhih
BjfJfd6cPNcVTBj6Ux3K6h3GLdgxiZ8QRtkjhuLfd4oFnkXo8ceOczCoEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIBOcfOVj4ZbotnVNccSMLMBPmMKMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvZ0U1eDg1V1BobHVpMmRVMXh4SXdzd0UtWXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUDKgZfwAMG
ByoTwkQAAwYHKhQRAAAwDQYJKoZIhvcNAQELBQADggEBAAY0vnnLlZ9FX5e4Wg6P
7xD8FjnGMDxTz+UR3VOeiW7KU/lJRDx90aLXUcNdmdI3kmVilplSkzf4q0gT91mq
Wogu1jQS3xhEEx8vklKQgxMpr88f5rBQ2RfxwJOO4WaNocmmI7q9EsvNS3faFcah
HK40J74lPzWlKI2gYGtOjfEpGucjPXbbqMQLTFaWm6zBd6/GzBR3jZlD8zrZcDEq
FpIMBDAiGEdMJkcqzIttkIZrzf+SMH1kYCq1Fx6193YKhtfEq76DBMontPVVAEjQ
1MHtDHcWfMxNsLwi+VstqdLCoYL9nenOEgl3S80SpDISickm+bRYVVtvSaTp0PfG
3/k=
-----END CERTIFICATE-----
Generated at Fri May 2 15:36:25 2025 by rpki-client