Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/74UyXGNwgvVckh7WH9aRMc9J_rM.roa
File:                     74UyXGNwgvVckh7WH9aRMc9J_rM.roa (raw, json)
Hash identifier:          wZnn1ETMoCpe1hfmBQLArUe0IZ9Cdcx4gW9KLh3f0oI=
Subject key identifier:   EF:85:32:5C:63:70:82:F5:5C:92:1E:D6:1F:D6:91:31:CF:49:FE:B3
Certificate issuer:       /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial:       0194B32E8C35A400CD0763381A5DC391182A
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/74UyXGNwgvVckh7WH9aRMc9J_rM.roa
Signing time:             Wed 29 Jan 2025 17:49:19 +0000
ROA not before:           Wed 29 Jan 2025 17:49:19 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     209641
IP address blocks:        2a09:e302::/32 maxlen: 32
                          2a09:e306::/32 maxlen: 32
                          2a09:ef02::/32 maxlen: 32
                          2a09:ef05::/32 maxlen: 32
                          2a09:ef07::/32 maxlen: 32
                          2a0a:b385::/32 maxlen: 32
                          2a0b:9001::/32 maxlen: 32
                          2a0b:9005::/32 maxlen: 32
                          2a0d:afc6::/32 maxlen: 32
                          2a0f:3105::/32 maxlen: 32
Validation:               Failed, certificate revoked on Thu 06 Feb 2025 17:45:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:b3:2e:8c:35:a4:00:cd:07:63:38:1a:5d:c3:91:18:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
        Validity
            Not Before: Jan 29 17:49:19 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=ef85325c637082f55c921ed61fd69131cf49feb3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:2e:22:ee:8a:bd:bf:9f:6b:18:a9:77:b7:b5:
                    a9:a9:37:af:c9:45:a2:a9:94:f2:d7:c8:b1:3d:d4:
                    b2:5c:e8:f1:06:af:0f:d6:90:03:db:95:c2:9a:a3:
                    b3:42:0b:54:3c:23:99:6d:b6:0f:e2:3a:03:9d:54:
                    dc:6d:ac:11:d0:ea:f6:1f:2b:8d:82:dc:ea:c8:e4:
                    2c:b4:0d:7f:84:22:b6:0f:f9:ea:9c:0f:2c:75:c7:
                    27:84:1a:21:4c:aa:07:8f:39:b9:0d:6c:55:c5:d8:
                    c1:cc:6a:8d:71:55:1d:fc:56:3f:4e:f7:10:5a:af:
                    37:f3:a0:07:48:1f:17:7c:47:c4:45:19:61:2d:eb:
                    1a:e2:41:45:54:59:09:9d:d7:8f:c0:48:c3:3d:82:
                    ca:cc:44:b0:5e:ae:65:78:60:51:84:e4:5e:66:42:
                    db:a9:58:1f:c5:f7:95:ab:19:2a:7e:4b:13:12:e2:
                    ad:bc:38:0d:b8:80:e3:94:b0:c7:50:a7:38:14:b6:
                    3e:1c:ad:dc:64:6a:e2:ff:7c:83:5a:04:ae:85:59:
                    fd:6e:42:79:37:a4:09:27:2c:ea:04:a1:8e:fc:14:
                    fc:47:ff:2e:55:81:4e:db:30:98:cf:6d:84:e0:4f:
                    ea:f6:1c:bc:ca:57:2f:80:5f:59:94:8a:65:54:62:
                    c0:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:85:32:5C:63:70:82:F5:5C:92:1E:D6:1F:D6:91:31:CF:49:FE:B3
            X509v3 Authority Key Identifier:
                keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/74UyXGNwgvVckh7WH9aRMc9J_rM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:e302::/32
                  2a09:e306::/32
                  2a09:ef02::/32
                  2a09:ef05::/32
                  2a09:ef07::/32
                  2a0a:b385::/32
                  2a0b:9001::/32
                  2a0b:9005::/32
                  2a0d:afc6::/32
                  2a0f:3105::/32

    Signature Algorithm: sha256WithRSAEncryption
         9a:28:4f:52:9d:45:c1:cf:90:76:7f:db:ea:b6:ce:92:57:66:
         e1:9e:96:c5:2c:ce:3e:52:e7:17:c0:07:6c:eb:7d:3e:72:96:
         22:40:c8:20:82:42:e1:c9:30:e9:da:a5:5e:fe:1b:dc:d4:92:
         2a:a6:bd:83:d7:fb:df:5f:fa:4a:76:3d:b5:51:bd:39:68:d2:
         4b:b3:b2:b5:dc:1b:8c:5f:77:1b:61:87:10:26:57:2e:16:b2:
         f6:bc:3a:da:c8:68:60:59:c5:d2:78:9a:1f:be:fc:7c:0a:e6:
         52:72:4c:bc:ea:40:f3:46:5c:46:5e:36:a8:4c:46:3b:6a:3a:
         01:70:64:6d:07:80:e1:23:a7:ba:e9:f9:5f:d2:2a:72:bc:18:
         a6:a0:b4:55:ae:95:20:3d:1a:51:f8:29:8f:82:5c:2f:06:10:
         ff:ee:bf:82:29:56:d5:0e:0a:93:ec:ac:ae:20:cf:7b:09:f1:
         88:22:06:4e:bb:84:95:02:01:ac:17:80:54:56:c3:cb:38:d2:
         a2:d2:45:d2:39:62:48:3d:20:e9:38:05:87:06:89:0e:de:24:
         27:b9:3d:b0:a1:7c:ae:3c:4d:08:ad:42:b1:12:cf:f7:42:24:
         c5:01:c1:cf:6c:ea:0f:cc:17:6c:d2:2e:ae:bb:4d:40:d5:99:
         00:eb:f9:bc
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZSzLow1pADNB2M4Gl3DkRgqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjUwMTI5MTc0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjg1MzI1YzYzNzA4MmY1NWM5MjFlZDYxZmQ2OTEzMWNmNDlmZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzC4i7oq9v59rGKl3t7WpqTevyUWi
qZTy18ixPdSyXOjxBq8P1pAD25XCmqOzQgtUPCOZbbYP4joDnVTcbawR0Or2HyuN
gtzqyOQstA1/hCK2D/nqnA8sdccnhBohTKoHjzm5DWxVxdjBzGqNcVUd/FY/TvcQ
Wq8386AHSB8XfEfERRlhLesa4kFFVFkJndePwEjDPYLKzESwXq5leGBRhOReZkLb
qVgfxfeVqxkqfksTEuKtvDgNuIDjlLDHUKc4FLY+HK3cZGri/3yDWgSuhVn9bkJ5
N6QJJyzqBKGO/BT8R/8uVYFO2zCYz22E4E/q9hy8ylcvgF9ZlIplVGLApQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFO+FMlxjcIL1XJIe1h/WkTHPSf6zMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvNzRVeVhHTndndlZja2g3V0g5YVJNYzlKX3JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUAKgnjAgMF
ACoJ4wYDBQAqCe8CAwUAKgnvBQMFACoJ7wcDBQAqCrOFAwUAKguQAQMFACoLkAUD
BQAqDa/GAwUAKg8xBTANBgkqhkiG9w0BAQsFAAOCAQEAmihPUp1Fwc+Qdn/b6rbO
kldm4Z6WxSzOPlLnF8AHbOt9PnKWIkDIIIJC4ckw6dqlXv4b3NSSKqa9g9f731/6
SnY9tVG9OWjSS7OytdwbjF93G2GHECZXLhay9rw62shoYFnF0niaH778fArmUnJM
vOpA80ZcRl42qExGO2o6AXBkbQeA4SOnuun5X9IqcrwYpqC0Va6VID0aUfgpj4Jc
LwYQ/+6/gilW1Q4Kk+ysriDPewnxiCIGTruElQIBrBeAVFbDyzjSotJF0jliSD0g
6TgFhwaJDt4kJ7k9sKF8rjxNCK1CsRLP90IkxQHBz2zqD8wXbNIurrtNQNWZAOv5
vA==
-----END CERTIFICATE-----