Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/cd39be-3e25-4dbc-860f-3b103d5a690a/1/xP-Ryh7KkPbDU0ztjfUDMXbaTWM.roa
File:                     xP-Ryh7KkPbDU0ztjfUDMXbaTWM.roa (raw, json)
Hash identifier:          yqnvumHxW/V+JtZNdM2tfb0JgXr/m6UQIVe9ZARnuCc=
Subject key identifier:   C4:FF:91:CA:1E:CA:90:F6:C3:53:4C:ED:8D:F5:03:31:76:DA:4D:63
Certificate issuer:       /CN=c98adafb1f31f9889aa4735792b6e3db46931bb9
Certificate serial:       0196680AA6E37C0FCB2A9779D62974246913
Authority key identifier: C9:8A:DA:FB:1F:31:F9:88:9A:A4:73:57:92:B6:E3:DB:46:93:1B:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yYra-x8x-YiapHNXkrbj20aTG7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/cd39be-3e25-4dbc-860f-3b103d5a690a/1/xP-Ryh7KkPbDU0ztjfUDMXbaTWM.roa
Signing time:             Thu 24 Apr 2025 13:44:10 +0000
ROA not before:           Thu 24 Apr 2025 13:44:10 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     49285
IP address blocks:        2a03:3600::/32 maxlen: 32
Validation:               Failed, certificate revoked on Thu 24 Apr 2025 16:38:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:68:0a:a6:e3:7c:0f:cb:2a:97:79:d6:29:74:24:69:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c98adafb1f31f9889aa4735792b6e3db46931bb9
        Validity
            Not Before: Apr 24 13:44:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=c4ff91ca1eca90f6c3534ced8df5033176da4d63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:51:fd:6b:f2:f8:37:9f:09:6a:15:47:e8:99:
                    8e:ab:89:3d:09:9e:e8:50:10:35:f1:7e:e9:cc:42:
                    93:8f:c2:45:a5:09:d3:54:4b:02:0a:a0:3d:73:6f:
                    9a:13:bb:a7:8c:67:e3:e7:0d:f7:60:7a:35:a5:75:
                    36:c8:b9:8c:5b:87:4b:75:f3:dd:30:28:08:73:87:
                    76:c1:41:77:1c:cf:e0:19:4b:0d:0e:5b:18:aa:49:
                    0c:fc:03:9a:ce:8f:f1:d7:71:b2:18:b4:b7:63:8a:
                    81:6e:cd:95:30:21:5b:ba:36:c0:77:45:c9:ea:a2:
                    d8:51:ba:7c:de:72:40:2a:20:f4:5d:f6:50:40:02:
                    9c:61:b0:6f:3b:c5:6e:f0:9e:7a:7e:cd:0d:e4:9b:
                    78:96:40:d3:2f:1f:3f:9d:95:f5:ab:03:83:02:14:
                    c8:c9:c4:2b:96:45:be:66:0c:f9:59:39:86:9c:a4:
                    2b:65:c3:ef:3c:9b:b6:a0:59:7c:6e:5e:60:41:9c:
                    92:9f:a6:a7:3e:c4:98:28:1b:09:d4:a6:8b:98:2a:
                    ec:0e:f3:85:a6:a2:d7:27:76:c0:5c:f5:6e:cb:1e:
                    41:14:1b:c4:62:da:e2:70:cc:28:31:48:ee:49:90:
                    12:be:0e:66:d5:2d:3d:ea:12:10:60:5a:a9:7a:22:
                    f6:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:FF:91:CA:1E:CA:90:F6:C3:53:4C:ED:8D:F5:03:31:76:DA:4D:63
            X509v3 Authority Key Identifier:
                keyid:C9:8A:DA:FB:1F:31:F9:88:9A:A4:73:57:92:B6:E3:DB:46:93:1B:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yYra-x8x-YiapHNXkrbj20aTG7k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/cd39be-3e25-4dbc-860f-3b103d5a690a/1/xP-Ryh7KkPbDU0ztjfUDMXbaTWM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/cd39be-3e25-4dbc-860f-3b103d5a690a/1/yYra-x8x-YiapHNXkrbj20aTG7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a03:3600::/32

    Signature Algorithm: sha256WithRSAEncryption
         87:20:f9:3b:14:53:9e:78:2c:5a:1d:43:4f:53:b0:a0:6e:2d:
         6d:88:39:07:be:ce:d7:57:47:d1:95:9f:e7:d9:12:03:7e:ab:
         5b:1f:be:bd:37:a2:71:2c:24:df:87:2c:e8:db:2c:8e:ae:69:
         8f:ee:cd:1a:ba:34:96:6f:d0:df:e6:59:67:8f:a0:bf:4a:ed:
         c3:43:b7:ce:24:fb:6a:86:71:0b:ba:c6:e8:72:95:ee:63:1f:
         90:c8:db:41:6e:bf:f4:1c:b3:f4:18:3e:81:d9:8d:56:bc:d6:
         8d:56:f4:f5:b7:c6:46:1d:1a:a3:c1:84:45:34:ef:ac:fc:5c:
         89:10:ed:04:a5:91:47:e1:97:1e:bb:07:f5:7a:bc:ce:14:31:
         29:9f:17:c9:38:a5:1b:24:06:66:a7:65:46:21:94:c1:ce:6d:
         45:45:af:14:81:99:df:75:09:fb:a7:d7:8e:d5:45:db:94:53:
         cb:6e:8a:ec:1d:79:76:cf:2f:43:c9:0e:f4:0e:e7:81:e9:c6:
         de:b8:5d:ed:bf:ea:03:a2:ae:c0:58:29:99:8b:34:7b:bd:b0:
         ec:b5:70:ec:e9:f5:16:cc:42:52:aa:12:43:42:f5:c9:b8:c5:
         81:61:f8:16:00:9f:e7:ff:5d:c3:9a:6f:9a:6a:19:fc:3f:6e:
         38:22:85:54
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZZoCqbjfA/LKpd51il0JGkTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5OGFkYWZiMWYzMWY5ODg5YWE0NzM1NzkyYjZlM2RiNDY5
MzFiYjkwHhcNMjUwNDI0MTM0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGZmOTFjYTFlY2E5MGY2YzM1MzRjZWQ4ZGY1MDMzMTc2ZGE0ZDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlH9a/L4N58JahVH6JmOq4k9CZ7o
UBA18X7pzEKTj8JFpQnTVEsCCqA9c2+aE7unjGfj5w33YHo1pXU2yLmMW4dLdfPd
MCgIc4d2wUF3HM/gGUsNDlsYqkkM/AOazo/x13GyGLS3Y4qBbs2VMCFbujbAd0XJ
6qLYUbp83nJAKiD0XfZQQAKcYbBvO8Vu8J56fs0N5Jt4lkDTLx8/nZX1qwODAhTI
ycQrlkW+Zgz5WTmGnKQrZcPvPJu2oFl8bl5gQZySn6anPsSYKBsJ1KaLmCrsDvOF
pqLXJ3bAXPVuyx5BFBvEYtricMwoMUjuSZASvg5m1S096hIQYFqpeiL2ZQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMT/kcoeypD2w1NM7Y31AzF22k1jMB8GA1UdIwQY
MBaAFMmK2vsfMfmImqRzV5K249tGkxu5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVlyYS14OHgtWWlhcEhOWGtyYmoyMGFURzdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jZDM5YmUtM2UyNS00ZGJjLTg2MGYt
M2IxMDNkNWE2OTBhLzEveFAtUnloN0trUGJEVTB6dGpmVURNWGJhVFdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jZDM5YmUtM2UyNS00ZGJjLTg2MGYtM2IxMDNkNWE2OTBh
LzEveVlyYS14OHgtWWlhcEhOWGtyYmoyMGFURzdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgM2ADAN
BgkqhkiG9w0BAQsFAAOCAQEAhyD5OxRTnngsWh1DT1OwoG4tbYg5B77O11dH0ZWf
59kSA36rWx++vTeicSwk34cs6Nssjq5pj+7NGro0lm/Q3+ZZZ4+gv0rtw0O3ziT7
aoZxC7rG6HKV7mMfkMjbQW6/9Byz9Bg+gdmNVrzWjVb09bfGRh0ao8GERTTvrPxc
iRDtBKWRR+GXHrsH9Xq8zhQxKZ8XyTilGyQGZqdlRiGUwc5tRUWvFIGZ33UJ+6fX
jtVF25RTy26K7B15ds8vQ8kO9A7ngenG3rhd7b/qA6KuwFgpmYs0e72w7LVw7On1
FsxCUqoSQ0L1ybjFgWH4FgCf5/9dw5pvmmoZ/D9uOCKFVA==
-----END CERTIFICATE-----
Generated at Tue Apr 29 19:55:06 2025 by rpki-client