Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/waSwrOEjPu3cp57xhVanE8mRxsg.roa
File:                     waSwrOEjPu3cp57xhVanE8mRxsg.roa (raw, json)
Hash identifier:          314DppQruUn8IpZtFn/TypWkZ84EJgnYFKt8K/Gsjfg=
Subject key identifier:   C1:A4:B0:AC:E1:23:3E:ED:DC:A7:9E:F1:85:56:A7:13:C9:91:C6:C8
Certificate issuer:       /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial:       0197E1DB1CC438E274E3DD10614A2143981F
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/waSwrOEjPu3cp57xhVanE8mRxsg.roa
Signing time:             Sun 06 Jul 2025 22:28:42 +0000
ROA not before:           Sun 06 Jul 2025 22:28:42 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     209242
IP address blocks:        45.142.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 14 Jul 2025 16:12:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:e1:db:1c:c4:38:e2:74:e3:dd:10:61:4a:21:43:98:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
        Validity
            Not Before: Jul  6 22:28:42 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=c1a4b0ace1233eeddca79ef18556a713c991c6c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:35:4b:f4:20:71:8a:3e:f7:0b:cb:b5:86:ea:
                    57:7b:e0:60:d5:7d:a9:4e:76:61:bc:1e:9d:e1:fe:
                    c5:43:21:65:97:36:e5:95:8d:9a:d5:d5:f2:84:b1:
                    aa:d8:38:84:6e:a3:20:b4:38:15:63:46:b5:7f:7c:
                    2b:9c:5e:f8:81:ac:eb:57:81:7d:74:7f:88:e5:61:
                    b2:8a:4d:96:07:c1:bc:ab:2a:05:49:2a:10:58:55:
                    bf:bc:99:7c:ab:8d:bb:cd:d5:7f:33:48:0d:61:c3:
                    22:76:52:dc:43:a4:01:06:eb:49:45:2f:08:18:77:
                    3d:62:34:25:0e:39:8c:91:32:31:74:9e:31:bc:24:
                    d2:f9:9e:3d:a4:fe:5b:a6:65:19:66:62:97:7a:12:
                    b3:52:6d:4c:68:1a:1c:52:55:02:ac:dc:cc:48:20:
                    b8:b6:74:8d:d6:f6:0f:e2:30:a5:f8:f1:ca:1f:43:
                    74:f4:05:60:1d:59:1a:3f:4f:55:24:87:98:3a:82:
                    73:a0:76:e8:bc:4f:18:04:68:cc:6e:db:9c:72:d1:
                    72:e4:79:12:6c:c4:bd:1c:bc:64:77:68:c9:9e:23:
                    40:4d:51:58:0a:52:3b:ae:7f:d0:33:7d:6c:a8:20:
                    a8:9f:4a:34:59:7b:fc:9c:7c:fe:5c:21:2e:28:88:
                    72:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:A4:B0:AC:E1:23:3E:ED:DC:A7:9E:F1:85:56:A7:13:C9:91:C6:C8
            X509v3 Authority Key Identifier:
                keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/waSwrOEjPu3cp57xhVanE8mRxsg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:cc:19:06:10:2a:73:e4:07:47:c1:16:35:d0:5a:8e:99:fd:
         a4:90:96:af:18:95:b3:0f:8f:49:73:c3:45:63:e9:f1:e4:94:
         4f:fa:74:34:05:44:9b:2a:60:7b:5e:24:93:77:21:9a:46:ac:
         d5:6e:a5:0d:f4:a1:7a:f0:09:ab:7a:e9:d2:7e:fe:ab:dd:44:
         28:ad:6f:db:ce:45:86:1c:59:d7:b1:ad:08:89:5c:68:07:04:
         9b:f8:7f:19:70:ca:40:4e:5d:e4:48:8b:f8:13:56:a9:05:2c:
         fa:21:32:b4:85:7d:58:cc:39:55:3c:3f:68:48:1d:3f:96:a3:
         d5:33:79:b4:ec:9f:28:33:08:f6:4b:fe:46:b5:aa:65:84:e2:
         69:62:9c:3d:e6:3c:40:9f:7c:67:98:b8:23:14:62:7f:5d:cc:
         56:e4:1b:61:84:00:c8:26:d8:aa:a6:b7:e3:33:d1:ee:e0:61:
         7d:98:e9:e8:51:3a:a0:32:2d:b8:f6:cd:69:c4:54:d6:91:e1:
         71:cd:cb:f3:fa:1d:3d:e9:9c:02:a8:94:12:78:11:37:89:c7:
         85:58:fe:2a:d9:b7:24:29:de:29:81:d9:9d:9f:73:ab:92:ea:
         c8:d3:3f:66:46:2d:9d:64:cf:74:ec:bc:03:e4:e1:ee:00:ac:
         94:5a:18:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfh2xzEOOJ0490QYUohQ5gfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzA2MjIyODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWE0YjBhY2UxMjMzZWVkZGNhNzllZjE4NTU2YTcxM2M5OTFjNmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjVL9CBxij73C8u1hupXe+Bg1X2p
TnZhvB6d4f7FQyFllzbllY2a1dXyhLGq2DiEbqMgtDgVY0a1f3wrnF74gazrV4F9
dH+I5WGyik2WB8G8qyoFSSoQWFW/vJl8q427zdV/M0gNYcMidlLcQ6QBButJRS8I
GHc9YjQlDjmMkTIxdJ4xvCTS+Z49pP5bpmUZZmKXehKzUm1MaBocUlUCrNzMSCC4
tnSN1vYP4jCl+PHKH0N09AVgHVkaP09VJIeYOoJzoHbovE8YBGjMbtucctFy5HkS
bMS9HLxkd2jJniNATVFYClI7rn/QM31sqCCon0o0WXv8nHz+XCEuKIhyHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMGksKzhIz7t3Kee8YVWpxPJkcbIMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvd2FTd3JPRWpQdTNjcDU3eGhWYW5FOG1SeHNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY54MA0G
CSqGSIb3DQEBCwUAA4IBAQCgzBkGECpz5AdHwRY10FqOmf2kkJavGJWzD49Jc8NF
Y+nx5JRP+nQ0BUSbKmB7XiSTdyGaRqzVbqUN9KF68AmreunSfv6r3UQorW/bzkWG
HFnXsa0IiVxoBwSb+H8ZcMpATl3kSIv4E1apBSz6ITK0hX1YzDlVPD9oSB0/lqPV
M3m07J8oMwj2S/5GtaplhOJpYpw95jxAn3xnmLgjFGJ/XcxW5BthhADIJtiqprfj
M9Hu4GF9mOnoUTqgMi249s1pxFTWkeFxzcvz+h096ZwCqJQSeBE3iceFWP4q2bck
Kd4pgdmdn3OrkurI0z9mRi2dZM907LwD5OHuAKyUWhhc
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:30:02 2025 by rpki-client