Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/gJTj1_2xLGlEUguJ6d1tLvGqukw.roa
File:                     gJTj1_2xLGlEUguJ6d1tLvGqukw.roa (raw, json)
Hash identifier:          mdOLO914qtj6KueVveKmIjr0wxxNRC5YUuPR8zS0P+g=
Subject key identifier:   80:94:E3:D7:FD:B1:2C:69:44:52:0B:89:E9:DD:6D:2E:F1:AA:BA:4C
Certificate issuer:       /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial:       019552790D173437A25D589280007A95EB44
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/gJTj1_2xLGlEUguJ6d1tLvGqukw.roa
Signing time:             Sat 01 Mar 2025 16:10:19 +0000
ROA not before:           Sat 01 Mar 2025 16:10:19 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     58305
IP address blocks:        107.161.163.0/24 maxlen: 24
                          107.161.164.0/24 maxlen: 24
                          107.161.165.0/24 maxlen: 24
                          107.161.166.0/24 maxlen: 24
                          107.161.167.0/24 maxlen: 24
                          107.161.172.0/24 maxlen: 24
                          107.161.173.0/24 maxlen: 24
                          155.254.63.0/24 maxlen: 24
                          162.217.251.0/24 maxlen: 24
                          2a07:9942:39d6::/48 maxlen: 48
                          2a07:9944:40::/48 maxlen: 48
                          2a07:9945:45::/48 maxlen: 48
                          2a07:9946::/32 maxlen: 48
                          2a07:9947::/32 maxlen: 48
Validation:               Failed, certificate revoked on Sat 01 Mar 2025 23:59:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:52:79:0d:17:34:37:a2:5d:58:92:80:00:7a:95:eb:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
        Validity
            Not Before: Mar  1 16:10:19 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=8094e3d7fdb12c6944520b89e9dd6d2ef1aaba4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:c1:25:12:f7:f9:c2:26:6d:fd:28:ef:5d:d9:
                    5b:ca:66:d4:ab:0a:e6:3f:3e:b0:b5:74:25:87:87:
                    e3:66:09:11:ef:a1:e1:82:bc:53:f8:3e:55:e2:24:
                    95:8b:4e:01:b4:ec:90:7e:4d:4a:56:df:7b:7a:7e:
                    54:b0:74:05:92:94:99:16:f9:31:ca:3a:56:2a:27:
                    4f:35:93:cb:89:7e:ea:70:44:6e:21:86:60:e3:27:
                    7b:58:9e:1c:00:b7:a2:17:ff:c0:35:81:71:e7:c2:
                    d5:d0:9b:bf:52:37:cf:f2:c0:ef:1a:bb:e5:5b:ed:
                    29:4b:8f:b4:06:ef:35:e9:66:9e:85:c1:2e:c4:47:
                    1b:39:dd:15:4b:c9:29:02:de:fa:b0:92:9b:e9:0f:
                    92:79:21:29:9e:7f:15:32:fa:d2:5f:75:89:40:d6:
                    30:01:c4:e2:5f:14:b2:fd:1b:2b:78:c5:e2:90:d0:
                    6a:13:97:f5:fd:f7:47:49:f0:27:98:81:b9:ab:85:
                    0e:05:00:f3:2b:8d:db:c6:1b:20:dd:4f:3b:2d:5a:
                    52:94:e9:e9:57:f5:c8:a2:e6:db:b2:1a:7b:b6:86:
                    37:a4:9e:3f:56:4a:c8:c8:c0:78:ee:84:25:5b:73:
                    0c:12:38:3c:bd:95:29:51:c8:11:9b:ba:db:1e:64:
                    25:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:94:E3:D7:FD:B1:2C:69:44:52:0B:89:E9:DD:6D:2E:F1:AA:BA:4C
            X509v3 Authority Key Identifier:
                keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/gJTj1_2xLGlEUguJ6d1tLvGqukw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  107.161.163.0-107.161.167.255
                  107.161.172.0/23
                  155.254.63.0/24
                  162.217.251.0/24
                IPv6:
                  2a07:9942:39d6::/48
                  2a07:9944:40::/48
                  2a07:9945:45::/48
                  2a07:9946::/31

    Signature Algorithm: sha256WithRSAEncryption
         81:57:7e:bb:e0:ed:cf:f5:ed:48:f6:12:01:83:6e:52:a4:2f:
         0c:9a:87:a3:0a:86:6f:fc:b2:ef:7a:69:08:0b:5e:c8:ef:de:
         98:c2:d6:fb:ee:50:d0:6d:4e:0c:4f:07:93:c5:c1:63:9a:a4:
         53:a5:9d:0a:24:c3:d2:d4:7f:ff:e4:9b:32:65:b7:20:06:4b:
         fb:44:56:7d:20:a8:07:2a:20:6d:fb:99:1f:91:40:20:f9:e0:
         5e:9a:52:b3:ad:24:59:cc:b6:8d:80:f6:2a:14:bf:a9:de:98:
         e1:3d:53:4e:a1:e1:f4:91:af:5c:ce:3e:ec:5a:c6:83:f8:d5:
         41:ad:1e:61:ca:30:78:77:20:c5:e4:ac:28:be:f7:a7:bd:98:
         94:e4:bd:56:f2:e3:d3:25:3d:89:57:d1:d7:aa:c6:f0:42:9a:
         f9:d9:df:3b:96:58:94:ea:c5:79:b2:2c:77:c7:b0:01:c8:a9:
         86:0f:dc:ca:a7:c4:d6:f5:77:f3:d4:b1:e8:62:3d:80:35:2c:
         34:25:86:e1:4f:03:24:d3:91:66:ca:93:d3:61:d9:ab:2e:49:
         52:b9:41:9e:2b:6b:43:e5:15:66:df:ba:b5:cb:0c:07:54:4b:
         42:59:b8:6b:04:8e:35:04:6d:7a:c9:09:c9:5f:d8:f6:a1:81:
         01:1c:e0:25
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZVSeQ0XNDeiXViSgAB6letEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjUwMzAxMTYxMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDk0ZTNkN2ZkYjEyYzY5NDQ1MjBiODllOWRkNmQyZWYxYWFiYTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sElEvf5wiZt/SjvXdlbymbUqwrm
Pz6wtXQlh4fjZgkR76HhgrxT+D5V4iSVi04BtOyQfk1KVt97en5UsHQFkpSZFvkx
yjpWKidPNZPLiX7qcERuIYZg4yd7WJ4cALeiF//ANYFx58LV0Ju/UjfP8sDvGrvl
W+0pS4+0Bu816WaehcEuxEcbOd0VS8kpAt76sJKb6Q+SeSEpnn8VMvrSX3WJQNYw
AcTiXxSy/RsreMXikNBqE5f1/fdHSfAnmIG5q4UOBQDzK43bxhsg3U87LVpSlOnp
V/XIoubbshp7toY3pJ4/VkrIyMB47oQlW3MMEjg8vZUpUcgRm7rbHmQlRQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFICU49f9sSxpRFILiendbS7xqrpMMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvZ0pUajFfMnhMR2xFVWd1SjZkMXRMdkdxdWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjAmBAIAATAgMAwDBABroaMD
BANroaADBAFroawDBACb/j8DBACi2fswKAQCAAIwIgMHACoHmUI51gMHACoHmUQA
QAMHACoHmUUARQMFASoHmUYwDQYJKoZIhvcNAQELBQADggEBAIFXfrvg7c/17Uj2
EgGDblKkLwyah6MKhm/8su96aQgLXsjv3pjC1vvuUNBtTgxPB5PFwWOapFOlnQok
w9LUf//kmzJltyAGS/tEVn0gqAcqIG37mR+RQCD54F6aUrOtJFnMto2A9ioUv6ne
mOE9U06h4fSRr1zOPuxaxoP41UGtHmHKMHh3IMXkrCi+96e9mJTkvVby49MlPYlX
0deqxvBCmvnZ3zuWWJTqxXmyLHfHsAHIqYYP3MqnxNb1d/PUsehiPYA1LDQlhuFP
AyTTkWbKk9Nh2asuSVK5QZ4ra0PlFWbfurXLDAdUS0JZuGsEjjUEbXrJCclf2Pah
gQEc4CU=
-----END CERTIFICATE-----