Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/bLdpQRkcVen1g51Zri8xxNnm2uA.roa
File:                     bLdpQRkcVen1g51Zri8xxNnm2uA.roa (raw, json)
Hash identifier:          4AfSFrSdrLzw9d0mJQypdY0NbfNSDLL1LthgoPXrgHY=
Subject key identifier:   6C:B7:69:41:19:1C:55:E9:F5:83:9D:59:AE:2F:31:C4:D9:E6:DA:E0
Certificate issuer:       /CN=ed6da82dbc7d7e2818f96680b66efcedb1087947
Certificate serial:       0197BEC4DF67311BA34D510FD7AE9D4705E4
Authority key identifier: ED:6D:A8:2D:BC:7D:7E:28:18:F9:66:80:B6:6E:FC:ED:B1:08:79:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7W2oLbx9figY-WaAtm787bEIeUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/bLdpQRkcVen1g51Zri8xxNnm2uA.roa
Signing time:             Mon 30 Jun 2025 02:57:42 +0000
ROA not before:           Mon 30 Jun 2025 02:57:42 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     29551
IP address blocks:        46.253.112.0/20 maxlen: 20
                          80.66.204.0/22 maxlen: 22
                          82.149.224.0/19 maxlen: 19
                          82.149.232.0/24 maxlen: 24
                          82.149.233.0/24 maxlen: 24
                          82.149.234.0/24 maxlen: 24
                          82.149.235.0/24 maxlen: 24
                          83.141.0.0/18 maxlen: 18
                          83.141.10.0/24 maxlen: 24
                          83.141.15.0/24 maxlen: 24
                          83.141.16.0/24 maxlen: 24
                          83.141.26.0/24 maxlen: 24
                          83.141.27.0/24 maxlen: 24
                          83.141.28.0/24 maxlen: 24
                          83.141.29.0/24 maxlen: 24
                          83.141.57.0/24 maxlen: 24
                          83.141.60.0/22 maxlen: 22
                          83.141.60.0/24 maxlen: 24
                          83.141.62.0/24 maxlen: 24
                          83.141.63.0/24 maxlen: 24
                          109.71.24.0/21 maxlen: 21
                          109.71.31.0/24 maxlen: 24
                          178.19.64.0/20 maxlen: 20
                          195.225.196.0/22 maxlen: 22
                          2a01:440::/29 maxlen: 48
                          2a01:440:50f::/48 maxlen: 48
                          2a01:440:1509::/48 maxlen: 48
Validation:               Failed, certificate revoked on Tue 01 Jul 2025 17:08:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:be:c4:df:67:31:1b:a3:4d:51:0f:d7:ae:9d:47:05:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed6da82dbc7d7e2818f96680b66efcedb1087947
        Validity
            Not Before: Jun 30 02:57:42 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=6cb76941191c55e9f5839d59ae2f31c4d9e6dae0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:33:77:60:94:1b:7c:a1:cb:43:81:17:f0:81:
                    23:3a:56:ad:65:26:08:7c:d4:80:a8:74:42:ea:1e:
                    75:9c:20:b5:c2:92:9b:10:a7:61:0a:7b:2b:98:34:
                    c9:ee:4a:28:19:6c:a3:4f:b4:59:0b:72:e8:34:91:
                    39:b0:0a:f3:86:3e:ef:05:c2:31:89:f7:67:2c:9c:
                    8f:0c:5c:79:91:d6:8a:7a:b0:5e:58:c3:60:30:8f:
                    c8:b9:55:70:bc:3e:c3:af:51:3c:aa:86:f9:07:85:
                    3a:1f:f5:d8:ca:b2:0d:fa:54:da:14:7b:3e:42:d5:
                    16:cd:96:6c:aa:bb:bf:af:00:67:59:83:de:fc:2a:
                    99:84:59:fd:1e:5a:f7:03:14:16:16:dd:01:46:80:
                    fd:18:7d:a8:bd:ac:26:bd:2f:6d:78:0e:bc:49:36:
                    1a:92:d9:43:08:35:26:46:d9:19:d7:84:f4:0c:fc:
                    fd:a8:a6:82:8f:35:20:9c:66:97:21:66:49:37:35:
                    16:e1:06:3e:43:d6:76:24:f7:4e:5b:32:97:88:6f:
                    1c:14:12:ff:c1:95:02:58:3a:bb:7c:ac:ed:b7:86:
                    4a:df:76:fe:c5:b4:93:05:e1:96:68:8a:ba:13:63:
                    4a:f0:e0:9a:ba:cd:34:1d:9a:26:f9:1d:da:9c:ee:
                    91:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:B7:69:41:19:1C:55:E9:F5:83:9D:59:AE:2F:31:C4:D9:E6:DA:E0
            X509v3 Authority Key Identifier:
                keyid:ED:6D:A8:2D:BC:7D:7E:28:18:F9:66:80:B6:6E:FC:ED:B1:08:79:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2oLbx9figY-WaAtm787bEIeUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/bLdpQRkcVen1g51Zri8xxNnm2uA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/7W2oLbx9figY-WaAtm787bEIeUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.253.112.0/20
                  80.66.204.0/22
                  82.149.224.0/19
                  83.141.0.0/18
                  109.71.24.0/21
                  178.19.64.0/20
                  195.225.196.0/22
                IPv6:
                  2a01:440::/29

    Signature Algorithm: sha256WithRSAEncryption
         9b:0e:3e:cf:3d:f7:9f:41:35:9f:3e:06:93:6a:e1:29:7d:1e:
         69:56:96:74:e2:dc:91:e9:72:04:75:0b:71:62:99:8b:92:8b:
         68:fe:3f:e3:90:f0:71:ad:e6:37:6c:a3:21:aa:94:51:c4:e6:
         fa:5b:28:bd:f7:2b:cd:07:34:2b:b1:8b:1d:18:63:22:96:f9:
         40:fe:b4:73:d4:f8:8a:1e:47:88:9c:74:d1:13:5d:87:b4:07:
         5d:3d:93:b4:5f:de:dc:a2:f4:8e:bd:c7:19:43:0d:33:ee:af:
         3c:5a:1a:63:40:3f:11:9f:7e:0f:ee:36:9e:37:35:c1:f5:57:
         c4:1f:52:f3:1e:bd:a7:90:5a:2b:04:d6:a5:56:f5:44:7c:ec:
         40:23:5c:43:fe:10:01:f6:50:d4:43:61:d0:f2:bc:38:f4:01:
         e0:cb:7f:52:b0:fa:72:96:10:60:04:b4:ad:99:6c:3c:79:94:
         15:fb:dc:5c:b3:db:58:d1:d6:31:5c:37:5d:e4:35:56:c4:a8:
         2b:f2:b6:61:21:41:82:2f:37:d1:3e:e3:7c:2e:3d:1c:15:2b:
         d7:19:42:0c:ad:20:69:4b:06:10:b9:e5:51:c0:dc:8c:a1:f3:
         49:44:f6:48:98:67:0c:8c:4e:d8:6d:8c:4c:f7:6f:fc:90:df:
         95:2c:19:06
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZe+xN9nMRujTVEP166dRwXkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNmRhODJkYmM3ZDdlMjgxOGY5NjY4MGI2NmVmY2VkYjEw
ODc5NDcwHhcNMjUwNjMwMDI1NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2I3Njk0MTE5MWM1NWU5ZjU4MzlkNTlhZTJmMzFjNGQ5ZTZkYWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjN3YJQbfKHLQ4EX8IEjOlatZSYI
fNSAqHRC6h51nCC1wpKbEKdhCnsrmDTJ7kooGWyjT7RZC3LoNJE5sArzhj7vBcIx
ifdnLJyPDFx5kdaKerBeWMNgMI/IuVVwvD7Dr1E8qob5B4U6H/XYyrIN+lTaFHs+
QtUWzZZsqru/rwBnWYPe/CqZhFn9Hlr3AxQWFt0BRoD9GH2ovawmvS9teA68STYa
ktlDCDUmRtkZ14T0DPz9qKaCjzUgnGaXIWZJNzUW4QY+Q9Z2JPdOWzKXiG8cFBL/
wZUCWDq7fKztt4ZK33b+xbSTBeGWaIq6E2NK8OCaus00HZom+R3anO6R2wIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFGy3aUEZHFXp9YOdWa4vMcTZ5trgMB8GA1UdIwQY
MBaAFO1tqC28fX4oGPlmgLZu/O2xCHlHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1cyb0xieDlmaWdZLVdhQXRtNzg3YkVJZVVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8zNTQ5ZmItZTNhMy00MTI0LWIzYjAt
NTk5NTc3ODdiMDE1LzEvYkxkcFFSa2NWZW4xZzUxWnJpOHh4Tm5tMnVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8zNTQ5ZmItZTNhMy00MTI0LWIzYjAtNTk5NTc3ODdiMDE1
LzEvN1cyb0xieDlmaWdZLVdhQXRtNzg3YkVJZVVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQELv1wAwQC
UELMAwQFUpXgAwQGU40AAwQDbUcYAwQEshNAAwQCw+HEMA0EAgACMAcDBQMqAQRA
MA0GCSqGSIb3DQEBCwUAA4IBAQCbDj7PPfefQTWfPgaTauEpfR5pVpZ04tyR6XIE
dQtxYpmLkoto/j/jkPBxreY3bKMhqpRRxOb6Wyi99yvNBzQrsYsdGGMilvlA/rRz
1PiKHkeInHTRE12HtAddPZO0X97covSOvccZQw0z7q88WhpjQD8Rn34P7jaeNzXB
9VfEH1LzHr2nkForBNalVvVEfOxAI1xD/hAB9lDUQ2HQ8rw49AHgy39SsPpylhBg
BLStmWw8eZQV+9xcs9tY0dYxXDdd5DVWxKgr8rZhIUGCLzfRPuN8Lj0cFSvXGUIM
rSBpSwYQueVRwNyMofNJRPZImGcMjE7YbYxM92/8kN+VLBkG
-----END CERTIFICATE-----
Generated at Sun Jul 27 09:20:38 2025 by rpki-client