Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/YByHN_qAGWf540vweZoRqS8E8rc.roa
File:                     YByHN_qAGWf540vweZoRqS8E8rc.roa (raw, json)
Hash identifier:          zvRlpgZ91DfzHT26w2L0mDeDcvVnjXLhY0JdbDojzmQ=
Subject key identifier:   60:1C:87:37:FA:80:19:67:F9:E3:4B:F0:79:9A:11:A9:2F:04:F2:B7
Certificate issuer:       /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial:       0197F45260727A76AB86F05388B975F4DC16
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/YByHN_qAGWf540vweZoRqS8E8rc.roa
Signing time:             Thu 10 Jul 2025 12:32:08 +0000
ROA not before:           Thu 10 Jul 2025 12:32:08 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     209847
IP address blocks:        94.131.13.0/24 maxlen: 24
                          94.131.14.0/24 maxlen: 24
                          103.113.69.0/24 maxlen: 24
                          103.231.72.0/24 maxlen: 24
                          103.231.73.0/24 maxlen: 24
                          146.19.170.0/24 maxlen: 24
                          176.120.67.0/24 maxlen: 24
                          185.242.84.0/24 maxlen: 24
                          213.159.69.0/24 maxlen: 24
                          2a09:7c43::/32 maxlen: 32
                          2a0b:cf43::/32 maxlen: 32
                          2a11:3803::/32 maxlen: 32
                          2a11:3c01::/32 maxlen: 32
                          2a11:4c00::/32 maxlen: 32
                          2a11:4c04::/32 maxlen: 32
                          2a11:7e06::/32 maxlen: 32
                          2a14:3081::/32 maxlen: 32
                          2a14:3086::/32 maxlen: 32
Validation:               Failed, certificate revoked on Mon 21 Jul 2025 23:56:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:f4:52:60:72:7a:76:ab:86:f0:53:88:b9:75:f4:dc:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
        Validity
            Not Before: Jul 10 12:32:08 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=601c8737fa801967f9e34bf0799a11a92f04f2b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ea:e6:cb:49:bf:49:d2:ad:1c:ec:76:0b:85:
                    bf:cf:33:17:87:75:38:7c:63:47:36:46:30:fb:05:
                    c0:e3:93:e3:45:bd:bd:49:b9:fc:4e:42:c0:dc:3e:
                    22:72:99:d9:4a:e5:ef:cf:41:4e:28:73:d4:0e:16:
                    cb:4f:b5:b0:99:c5:89:60:26:21:14:99:4d:95:e1:
                    b6:1f:86:4c:70:a1:35:82:bc:84:29:54:d1:91:5f:
                    75:28:52:d5:af:48:66:9c:1b:32:68:85:e2:49:7c:
                    cd:ad:38:5e:c8:91:85:34:43:73:c8:c0:05:68:c3:
                    dd:85:bd:0e:f0:91:8b:1e:5e:99:5c:fb:26:12:6c:
                    6e:03:60:70:18:27:ee:dd:6c:22:25:0f:f9:53:c8:
                    39:0c:2b:98:da:4d:ae:0a:f4:25:1f:26:e3:cd:df:
                    6c:b6:42:b9:8b:59:c1:c5:4b:0b:31:e6:f8:10:a1:
                    41:1d:49:2e:61:35:e3:e3:78:b0:de:f8:87:ae:5e:
                    f9:72:6d:85:dc:ce:94:6f:f5:74:d8:3b:a6:79:25:
                    c7:50:b1:f7:ed:b9:c1:0c:ce:5e:3b:70:4a:99:cb:
                    6d:98:73:b2:17:e3:72:e2:02:b9:b6:8e:1f:1f:be:
                    98:1c:e1:10:0b:7d:f9:03:95:57:96:55:a4:f4:08:
                    aa:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:1C:87:37:FA:80:19:67:F9:E3:4B:F0:79:9A:11:A9:2F:04:F2:B7
            X509v3 Authority Key Identifier:
                keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/YByHN_qAGWf540vweZoRqS8E8rc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.131.13.0-94.131.14.255
                  103.113.69.0/24
                  103.231.72.0/23
                  146.19.170.0/24
                  176.120.67.0/24
                  185.242.84.0/24
                  213.159.69.0/24
                IPv6:
                  2a09:7c43::/32
                  2a0b:cf43::/32
                  2a11:3803::/32
                  2a11:3c01::/32
                  2a11:4c00::/32
                  2a11:4c04::/32
                  2a11:7e06::/32
                  2a14:3081::/32
                  2a14:3086::/32

    Signature Algorithm: sha256WithRSAEncryption
         8c:c0:3d:3b:e1:8f:25:e3:b0:b0:a3:01:23:30:2a:9c:8d:4b:
         8a:77:38:83:95:49:f1:b0:49:02:a3:32:f1:6c:17:55:cd:5a:
         1e:a9:0b:dd:c8:fe:e0:22:a3:c8:b6:10:08:9f:fa:f7:7d:bc:
         15:1e:73:4b:09:30:05:e5:fd:38:81:e8:5e:ba:28:26:e7:16:
         cb:43:84:80:4f:15:7b:1f:d1:14:cc:25:c2:9e:14:18:9f:49:
         a4:4d:d1:02:bb:ee:49:1e:98:b3:c3:29:cc:2d:30:6b:87:1b:
         3f:8d:0b:21:02:03:94:7c:51:35:bd:3b:fa:88:eb:c1:92:e8:
         c5:35:4f:9a:90:5b:79:17:51:3c:2e:4e:23:72:c1:86:84:95:
         88:41:57:0f:3d:e7:3e:d7:41:80:8b:57:f3:b0:d3:6f:a7:74:
         da:8b:f4:40:ce:19:72:bc:69:6e:a4:7c:2d:a6:60:54:4c:7c:
         1e:88:56:1d:9e:be:7b:2a:3c:51:db:41:03:79:e8:e2:3c:f7:
         6c:28:d2:59:4d:30:96:df:54:70:6f:58:99:85:5f:63:12:e5:
         7e:33:9d:34:cb:2f:c4:e2:31:bd:2d:1b:62:d1:76:76:46:0f:
         85:8b:23:89:4b:95:70:1b:b7:be:18:30:24:74:6e:4b:6b:48:
         57:1d:19:4b
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZf0UmByenarhvBTiLl19NwWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjUwNzEwMTIzMjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDFjODczN2ZhODAxOTY3ZjllMzRiZjA3OTlhMTFhOTJmMDRmMmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvermy0m/SdKtHOx2C4W/zzMXh3U4
fGNHNkYw+wXA45PjRb29Sbn8TkLA3D4icpnZSuXvz0FOKHPUDhbLT7WwmcWJYCYh
FJlNleG2H4ZMcKE1gryEKVTRkV91KFLVr0hmnBsyaIXiSXzNrTheyJGFNENzyMAF
aMPdhb0O8JGLHl6ZXPsmEmxuA2BwGCfu3WwiJQ/5U8g5DCuY2k2uCvQlHybjzd9s
tkK5i1nBxUsLMeb4EKFBHUkuYTXj43iw3viHrl75cm2F3M6Ub/V02DumeSXHULH3
7bnBDM5eO3BKmcttmHOyF+Ny4gK5to4fH76YHOEQC335A5VXllWk9AiqhwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFGAchzf6gBln+eNL8HmaEakvBPK3MB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvWUJ5SE5fcUFHV2Y1NDB2d2Vab1JxUzhFOHJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTA4BAIAATAyMAwDBABe
gw0DBABegw4DBABncUUDBAFn50gDBACSE6oDBACweEMDBAC58lQDBADVn0UwRQQC
AAIwPwMFACoJfEMDBQAqC89DAwUAKhE4AwMFACoRPAEDBQAqEUwAAwUAKhFMBAMF
ACoRfgYDBQAqFDCBAwUAKhQwhjANBgkqhkiG9w0BAQsFAAOCAQEAjMA9O+GPJeOw
sKMBIzAqnI1Linc4g5VJ8bBJAqMy8WwXVc1aHqkL3cj+4CKjyLYQCJ/69328FR5z
SwkwBeX9OIHoXrooJucWy0OEgE8Vex/RFMwlwp4UGJ9JpE3RArvuSR6Ys8MpzC0w
a4cbP40LIQIDlHxRNb07+ojrwZLoxTVPmpBbeRdRPC5OI3LBhoSViEFXDz3nPtdB
gItX87DTb6d02ov0QM4ZcrxpbqR8LaZgVEx8HohWHZ6+eyo8UdtBA3no4jz3bCjS
WU0wlt9UcG9YmYVfYxLlfjOdNMsvxOIxvS0bYtF2dkYPhYsjiUuVcBu3vhgwJHRu
S2tIVx0ZSw==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:41:44 2025 by rpki-client