Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/uGSWBfvRLlDUHk_zmYb2uNqj6OM.roa
File:                     uGSWBfvRLlDUHk_zmYb2uNqj6OM.roa (raw, json)
Hash identifier:          pqyF1UpFv3VUMKdw5RDMpCjjXtTRGRdSjz6UBZFJTc4=
Subject key identifier:   B8:64:96:05:FB:D1:2E:50:D4:1E:4F:F3:99:86:F6:B8:DA:A3:E8:E3
Certificate issuer:       /CN=ee370985f83f41330111c350cd6b1e1eead526aa
Certificate serial:       019784A1AE53ABB1392BC57ED0293E8C171B
Authority key identifier: EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/uGSWBfvRLlDUHk_zmYb2uNqj6OM.roa
Signing time:             Wed 18 Jun 2025 20:01:17 +0000
ROA not before:           Wed 18 Jun 2025 20:01:17 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     6205
IP address blocks:        31.7.32.0/24 maxlen: 24
                          31.7.33.0/24 maxlen: 24
                          31.7.34.0/24 maxlen: 24
                          31.7.36.0/24 maxlen: 24
                          31.7.38.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Fri 20 Jun 2025 12:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:84:a1:ae:53:ab:b1:39:2b:c5:7e:d0:29:3e:8c:17:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee370985f83f41330111c350cd6b1e1eead526aa
        Validity
            Not Before: Jun 18 20:01:17 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=b8649605fbd12e50d41e4ff39986f6b8daa3e8e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:b9:7b:fd:38:58:ac:7c:75:50:ff:43:40:c6:
                    72:c3:49:35:27:38:9f:3a:b5:45:3a:38:b8:bd:6d:
                    78:35:44:6e:7d:a4:50:3f:5c:33:83:cf:56:ea:74:
                    20:ea:48:5d:e7:a0:47:d7:af:f2:26:83:ef:3c:0f:
                    89:21:d9:dc:69:5d:2b:73:c2:72:3c:52:d6:d2:73:
                    95:96:4f:2a:64:52:f5:d2:ab:e1:a9:7a:03:85:cc:
                    2a:84:ab:3b:04:59:47:a9:8e:76:b5:c6:80:d8:80:
                    5e:56:81:43:e4:92:40:c0:85:41:d7:8a:d4:a4:fb:
                    49:98:72:71:71:20:83:bb:1c:5f:62:e9:6f:ca:cf:
                    f2:0c:65:cb:a8:15:cc:71:e7:d4:b8:50:d5:59:c9:
                    96:4c:cf:35:27:f2:df:ad:6c:e4:b1:57:27:09:68:
                    7f:53:aa:21:b6:53:ed:2d:dc:e9:7f:54:ad:3b:31:
                    6e:1c:c1:d3:45:a5:3d:8f:ba:54:24:23:dc:65:fc:
                    a8:20:3e:a9:c1:9c:8b:fa:8d:a1:2a:bd:c6:0c:fa:
                    88:89:f6:d0:45:a6:86:07:5b:03:60:0a:8c:74:09:
                    78:7e:2e:74:78:58:74:69:6f:db:c7:1b:aa:7a:05:
                    21:29:f0:39:5e:71:54:7f:14:c9:d5:6d:5c:ce:10:
                    4e:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:64:96:05:FB:D1:2E:50:D4:1E:4F:F3:99:86:F6:B8:DA:A3:E8:E3
            X509v3 Authority Key Identifier:
                keyid:EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/uGSWBfvRLlDUHk_zmYb2uNqj6OM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.7.32.0-31.7.34.255
                  31.7.36.0/24
                  31.7.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:9a:64:12:3b:56:3c:d9:6f:a8:cf:5a:3c:5c:62:00:8d:89:
         5d:14:8d:19:23:44:ea:ab:f6:44:6a:52:b0:84:a1:06:26:44:
         c6:8f:e2:0b:62:ef:4a:5c:4c:61:3a:f2:55:2a:28:bf:d9:f6:
         e0:a5:30:ac:1f:db:b0:db:44:57:b2:cb:8c:76:16:b8:1f:4d:
         f3:ca:eb:a8:e9:83:de:4f:a7:06:d5:67:12:6e:52:a1:19:14:
         09:13:6e:10:e0:ec:a1:2e:71:33:5f:ba:b7:bc:a9:4b:b0:ea:
         c2:dd:05:77:ea:03:4d:ab:0b:fa:a8:2c:2d:83:8e:6e:95:f0:
         cf:cc:98:a3:73:d9:17:69:21:5e:0c:c9:58:1d:0e:86:9e:35:
         1d:04:cc:4c:ad:2e:47:f5:bf:dc:ea:33:82:34:23:d9:0c:e7:
         96:6e:00:3a:05:73:f8:f0:4a:b5:32:5a:59:16:69:cf:35:72:
         5b:6a:3f:5a:86:57:9c:39:92:d2:fb:84:fd:ed:dd:96:14:ef:
         38:b0:de:a0:f7:c5:21:f6:68:bb:b9:53:03:59:62:41:91:6a:
         ab:44:7d:47:5b:e5:a6:17:2d:c9:be:c6:60:6e:ef:ea:3b:ee:
         a8:b4:53:b8:c4:9e:b2:c6:61:e5:7c:a9:a6:f3:46:a3:9b:b5:
         f6:f6:88:e1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZeEoa5Tq7E5K8V+0Ck+jBcbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzcwOTg1ZjgzZjQxMzMwMTExYzM1MGNkNmIxZTFlZWFk
NTI2YWEwHhcNMjUwNjE4MjAwMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODY0OTYwNWZiZDEyZTUwZDQxZTRmZjM5OTg2ZjZiOGRhYTNlOGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbl7/ThYrHx1UP9DQMZyw0k1Jzif
OrVFOji4vW14NURufaRQP1wzg89W6nQg6khd56BH16/yJoPvPA+JIdncaV0rc8Jy
PFLW0nOVlk8qZFL10qvhqXoDhcwqhKs7BFlHqY52tcaA2IBeVoFD5JJAwIVB14rU
pPtJmHJxcSCDuxxfYulvys/yDGXLqBXMcefUuFDVWcmWTM81J/LfrWzksVcnCWh/
U6ohtlPtLdzpf1StOzFuHMHTRaU9j7pUJCPcZfyoID6pwZyL+o2hKr3GDPqIifbQ
RaaGB1sDYAqMdAl4fi50eFh0aW/bxxuqegUhKfA5XnFUfxTJ1W1czhBOBQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLhklgX70S5Q1B5P85mG9rjao+jjMB8GA1UdIwQY
MBaAFO43CYX4P0EzARHDUM1rHh7q1SaqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pjSmhmZ19RVE1CRWNOUXpXc2VIdXJWSnFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8yNzQ0ZDAtNDFhMC00NDM0LWI2OTAt
MzI0NDU0NmY4Y2JmLzEvdUdTV0JmdlJMbERVSGtfem1ZYjJ1TnFqNk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8yNzQ0ZDAtNDFhMC00NDM0LWI2OTAtMzI0NDU0NmY4Y2Jm
LzEvN2pjSmhmZ19RVE1CRWNOUXpXc2VIdXJWSnFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUfByAD
BAAfByIDBAAfByQDBAAfByYwDQYJKoZIhvcNAQELBQADggEBAGSaZBI7VjzZb6jP
WjxcYgCNiV0UjRkjROqr9kRqUrCEoQYmRMaP4gti70pcTGE68lUqKL/Z9uClMKwf
27DbRFeyy4x2FrgfTfPK66jpg95PpwbVZxJuUqEZFAkTbhDg7KEucTNfure8qUuw
6sLdBXfqA02rC/qoLC2Djm6V8M/MmKNz2RdpIV4MyVgdDoaeNR0EzEytLkf1v9zq
M4I0I9kM55ZuADoFc/jwSrUyWlkWac81cltqP1qGV5w5ktL7hP3t3ZYU7ziw3qD3
xSH2aLu5UwNZYkGRaqtEfUdb5aYXLcm+xmBu7+o77qi0U7jEnrLGYeV8qabzRqOb
tfb2iOE=
-----END CERTIFICATE-----
Generated at Sun Jul 27 08:43:55 2025 by rpki-client