Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/VVyrhFyLamJaJfAoiPsqsgtWRNo.roa
File:                     VVyrhFyLamJaJfAoiPsqsgtWRNo.roa (raw, json)
Hash identifier:          8j4pueWqC6nMzT28lk109lXasv78g1rADSMp8gCkCL0=
Subject key identifier:   55:5C:AB:84:5C:8B:6A:62:5A:25:F0:28:88:FB:2A:B2:0B:56:44:DA
Certificate issuer:       /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial:       0197B20998794A9FA49688E64743ACA8887C
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/VVyrhFyLamJaJfAoiPsqsgtWRNo.roa
Signing time:             Fri 27 Jun 2025 15:37:42 +0000
ROA not before:           Fri 27 Jun 2025 15:37:42 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     174
IP address blocks:        5.182.192.0/24 maxlen: 24
                          45.248.52.0/24 maxlen: 24
                          92.249.31.0/24 maxlen: 24
                          94.154.182.0/24 maxlen: 24
                          147.78.205.0/24 maxlen: 24
                          147.78.206.0/24 maxlen: 24
                          162.218.90.0/24 maxlen: 24
                          185.187.212.0/24 maxlen: 24
                          185.205.205.0/24 maxlen: 24
                          212.60.15.0/24 maxlen: 24
                          217.197.169.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Fri 27 Jun 2025 22:53:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b2:09:98:79:4a:9f:a4:96:88:e6:47:43:ac:a8:88:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
        Validity
            Not Before: Jun 27 15:37:42 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=555cab845c8b6a625a25f02888fb2ab20b5644da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:e3:e7:4f:ef:4c:b3:22:63:39:85:64:f0:17:
                    b8:1a:ef:99:19:56:92:79:e6:c1:d5:c3:1c:67:51:
                    20:1d:1a:84:f2:20:3d:4b:7c:36:1d:f0:44:f7:4b:
                    58:af:54:a4:cc:04:3e:11:4f:75:1e:79:6c:31:38:
                    da:ea:25:2b:ac:d7:83:65:ff:1b:c3:fe:c5:8a:c5:
                    13:e9:13:00:56:77:69:05:7c:3c:c7:73:07:08:f1:
                    ea:45:3e:ec:d0:0a:b5:4f:b9:ba:5c:a2:f9:e0:99:
                    ff:5b:41:78:b4:67:0d:9a:c7:c1:5d:ea:4f:31:d2:
                    fc:af:15:e2:d3:89:bc:bd:fb:91:f9:b0:c1:e4:ea:
                    92:98:8e:c5:83:c2:c2:9d:56:70:3c:ee:46:95:91:
                    eb:de:d7:df:ff:b7:81:9a:1b:c2:ba:90:6b:84:4c:
                    3c:58:ac:0b:0d:ab:11:63:ee:a5:fe:e4:8f:3d:a3:
                    7f:a1:cf:58:72:4e:a0:be:1a:2e:c8:ca:f1:6a:8c:
                    40:35:5f:66:b4:a0:bd:66:63:3b:d5:c2:3f:b9:8b:
                    3d:71:48:8e:d6:b0:1f:5b:ae:1c:49:d8:6e:54:86:
                    48:94:02:69:10:b0:c7:d9:88:be:e9:90:33:ed:0e:
                    96:d2:16:11:17:82:4b:11:1c:2e:30:e5:25:1f:b8:
                    1d:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:5C:AB:84:5C:8B:6A:62:5A:25:F0:28:88:FB:2A:B2:0B:56:44:DA
            X509v3 Authority Key Identifier:
                keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/VVyrhFyLamJaJfAoiPsqsgtWRNo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.182.192.0/24
                  45.248.52.0/24
                  92.249.31.0/24
                  94.154.182.0/24
                  147.78.205.0-147.78.206.255
                  162.218.90.0/24
                  185.187.212.0/24
                  185.205.205.0/24
                  212.60.15.0/24
                  217.197.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:52:e4:e1:a8:de:27:86:99:8f:31:3f:5b:07:ef:a8:60:bd:
         5b:25:1f:53:31:85:a3:1f:a9:31:ee:ba:f8:67:eb:65:20:f0:
         10:b8:87:00:80:7d:c0:19:6d:d3:2d:27:bc:2e:f7:50:86:2b:
         22:4b:e8:95:6f:4a:be:c9:f7:c6:24:11:ec:02:44:f9:a1:f7:
         71:23:fe:a1:3e:9d:ac:a2:59:9a:0a:ae:a1:10:23:98:0b:17:
         6d:8d:d4:d6:c2:85:a9:a8:58:82:ac:5d:5e:4c:f6:67:37:32:
         8d:49:9a:c7:ba:3a:36:bb:7a:18:98:ae:ab:04:a2:9f:cd:18:
         90:9c:50:29:dd:47:8d:d8:4f:1f:19:56:0e:da:db:6c:f0:25:
         bf:a6:71:f4:e8:4f:fd:d6:c4:c8:a3:62:24:98:66:c7:79:48:
         c1:7e:72:7f:56:2e:16:8a:fd:a5:47:a4:ca:ae:d1:21:7b:b4:
         ac:26:60:43:7f:ea:e1:27:df:7a:24:05:02:8c:b4:58:67:9e:
         d1:b2:a8:41:8c:57:b0:25:4d:85:98:da:ba:6c:96:10:84:c5:
         28:a0:25:b4:33:0a:5e:6f:48:6b:7e:ed:dc:c2:51:1d:d8:cf:
         4e:e3:57:73:71:4f:1b:ee:25:dd:be:7a:e0:f8:b7:7f:23:23:
         33:bb:c7:a8
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZeyCZh5Sp+klojmR0OsqIh8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwNjI3MTUzNzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTVjYWI4NDVjOGI2YTYyNWEyNWYwMjg4OGZiMmFiMjBiNTY0NGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOPnT+9MsyJjOYVk8Be4Gu+ZGVaS
eebB1cMcZ1EgHRqE8iA9S3w2HfBE90tYr1SkzAQ+EU91HnlsMTja6iUrrNeDZf8b
w/7FisUT6RMAVndpBXw8x3MHCPHqRT7s0Aq1T7m6XKL54Jn/W0F4tGcNmsfBXepP
MdL8rxXi04m8vfuR+bDB5OqSmI7Fg8LCnVZwPO5GlZHr3tff/7eBmhvCupBrhEw8
WKwLDasRY+6l/uSPPaN/oc9Yck6gvhouyMrxaoxANV9mtKC9ZmM71cI/uYs9cUiO
1rAfW64cSdhuVIZIlAJpELDH2Yi+6ZAz7Q6W0hYRF4JLERwuMOUlH7gd8wIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFFVcq4Rci2piWiXwKIj7KrILVkTaMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvVlZ5cmhGeUxhbUphSmZBb2lQc3FzZ3RXUk5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQABbbAAwQA
Lfg0AwQAXPkfAwQAXpq2MAwDBACTTs0DBACTTs4DBACi2loDBAC5u9QDBAC5zc0D
BADUPA8DBADZxakwDQYJKoZIhvcNAQELBQADggEBAE9S5OGo3ieGmY8xP1sH76hg
vVslH1MxhaMfqTHuuvhn62Ug8BC4hwCAfcAZbdMtJ7wu91CGKyJL6JVvSr7J98Yk
EewCRPmh93Ej/qE+nayiWZoKrqEQI5gLF22N1NbChamoWIKsXV5M9mc3Mo1Jmse6
Oja7ehiYrqsEop/NGJCcUCndR43YTx8ZVg7a22zwJb+mcfToT/3WxMijYiSYZsd5
SMF+cn9WLhaK/aVHpMqu0SF7tKwmYEN/6uEn33okBQKMtFhnntGyqEGMV7AlTYWY
2rpslhCExSigJbQzCl5vSGt+7dzCUR3Yz07jV3NxTxvuJd2+euD4t38jIzO7x6g=
-----END CERTIFICATE-----