Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/52e0e2-478b-401d-9385-8ff6cd7747c4/1/aAD3G7tzbfcWo1NIZVzJ0SlBLDI.roa
File:                     aAD3G7tzbfcWo1NIZVzJ0SlBLDI.roa (raw, json)
Hash identifier:          vKejFSKtvWpvMtkYZZVFsd3f/Gt1eQgi+ve29X5k3JQ=
Subject key identifier:   68:00:F7:1B:BB:73:6D:F7:16:A3:53:48:65:5C:C9:D1:29:41:2C:32
Certificate issuer:       /CN=15c181706f61c4b737cd7eb78f7230e34cdfc14c
Certificate serial:       019818A4BB722C224C4ADCA7044958F903F3
Authority key identifier: 15:C1:81:70:6F:61:C4:B7:37:CD:7E:B7:8F:72:30:E3:4C:DF:C1:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FcGBcG9hxLc3zX63j3Iw40zfwUw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/52e0e2-478b-401d-9385-8ff6cd7747c4/1/aAD3G7tzbfcWo1NIZVzJ0SlBLDI.roa
Signing time:             Thu 17 Jul 2025 13:48:25 +0000
ROA not before:           Thu 17 Jul 2025 13:48:25 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     14618
IP address blocks:        145.36.0.0/19 maxlen: 19
Validation:               Failed, certificate revoked on Fri 18 Jul 2025 10:25:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:18:a4:bb:72:2c:22:4c:4a:dc:a7:04:49:58:f9:03:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15c181706f61c4b737cd7eb78f7230e34cdfc14c
        Validity
            Not Before: Jul 17 13:48:25 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=6800f71bbb736df716a35348655cc9d129412c32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:94:3d:7c:f9:da:21:aa:5b:f0:4c:32:f8:68:
                    dd:bb:94:b4:57:33:09:57:2c:8e:b8:87:a8:93:b9:
                    39:c5:9d:15:88:af:6c:c7:4e:3c:db:0a:cc:79:45:
                    05:a8:a0:d6:05:66:35:d4:ac:eb:4a:b4:e7:8a:e7:
                    e2:f0:0a:eb:0a:0d:ee:ba:08:ba:53:35:8f:3d:41:
                    84:60:c8:56:74:62:59:11:7d:cc:62:9e:4d:8a:71:
                    25:61:83:f5:22:e2:fc:bb:a3:b0:21:0a:30:26:37:
                    d6:9b:0e:7e:7e:6a:af:85:36:ba:f7:70:1b:f8:dd:
                    1e:2e:2d:1a:c4:95:a4:13:d8:21:69:66:21:2a:59:
                    0c:a6:21:19:34:4c:70:96:64:06:34:38:83:4b:06:
                    c0:73:9c:ef:77:22:63:ed:49:25:21:5e:c4:27:b4:
                    e5:21:4d:ad:1c:3c:7e:a8:4c:6c:f9:ce:09:c3:0a:
                    62:18:27:46:e0:a3:cb:af:1d:90:37:07:27:6b:6e:
                    22:26:bd:64:a6:56:98:dc:6e:de:43:8a:53:9a:0a:
                    96:33:5d:d0:0e:db:6c:72:69:25:0f:54:89:0e:66:
                    10:61:a9:f6:a1:2c:8e:d7:b5:42:9c:0e:8f:b9:b5:
                    72:eb:1a:7b:8e:f8:b7:69:c7:46:c8:bc:ba:22:03:
                    79:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:00:F7:1B:BB:73:6D:F7:16:A3:53:48:65:5C:C9:D1:29:41:2C:32
            X509v3 Authority Key Identifier:
                keyid:15:C1:81:70:6F:61:C4:B7:37:CD:7E:B7:8F:72:30:E3:4C:DF:C1:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FcGBcG9hxLc3zX63j3Iw40zfwUw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/52e0e2-478b-401d-9385-8ff6cd7747c4/1/aAD3G7tzbfcWo1NIZVzJ0SlBLDI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/52e0e2-478b-401d-9385-8ff6cd7747c4/1/FcGBcG9hxLc3zX63j3Iw40zfwUw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  145.36.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         0c:d8:aa:5f:94:30:64:21:19:61:ec:46:8b:ea:d0:09:0b:0a:
         14:3f:27:e8:88:02:ea:b4:93:8b:f9:11:b6:5e:6a:21:8e:82:
         a0:ee:d7:a9:a3:88:86:ed:e6:12:42:ca:00:42:f6:02:5d:4f:
         3e:5d:0b:c4:8a:42:20:4c:98:a8:34:63:dc:68:c1:d4:6e:06:
         6c:da:f8:b8:cd:8b:7b:08:48:c3:67:76:ee:2a:ae:b7:56:59:
         29:f6:db:0f:8a:32:fa:bf:cb:6c:c6:14:1a:08:01:57:92:23:
         81:8b:a0:36:f6:9c:6b:20:49:e2:ee:1c:6b:7d:b5:82:25:33:
         97:95:66:5e:0b:e0:c2:11:ce:06:51:6d:da:16:89:dd:ad:72:
         99:11:0f:f1:69:d2:d2:20:cb:3b:ff:ff:98:8f:37:97:48:e1:
         a2:d8:8f:e9:a2:10:ff:96:29:1a:3b:4f:bf:37:9f:b8:c3:34:
         c8:2c:ce:4f:2f:50:66:e9:70:0f:d3:16:a7:e8:b1:c6:d7:2f:
         41:02:dd:a0:d6:48:e2:68:9b:5b:e8:9c:29:f7:f5:85:d5:4b:
         1a:27:c4:6a:f4:45:58:14:39:c4:e2:a9:53:ea:84:83:00:4d:
         60:7b:e2:6b:36:7c:8f:0d:e9:50:83:5c:d1:57:ff:cf:be:7b:
         4b:45:60:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZgYpLtyLCJMStynBElY+QPzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1YzE4MTcwNmY2MWM0YjczN2NkN2ViNzhmNzIzMGUzNGNk
ZmMxNGMwHhcNMjUwNzE3MTM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODAwZjcxYmJiNzM2ZGY3MTZhMzUzNDg2NTVjYzlkMTI5NDEyYzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpQ9fPnaIapb8Ewy+Gjdu5S0VzMJ
VyyOuIeok7k5xZ0ViK9sx0482wrMeUUFqKDWBWY11KzrSrTniufi8ArrCg3uugi6
UzWPPUGEYMhWdGJZEX3MYp5NinElYYP1IuL8u6OwIQowJjfWmw5+fmqvhTa693Ab
+N0eLi0axJWkE9ghaWYhKlkMpiEZNExwlmQGNDiDSwbAc5zvdyJj7UklIV7EJ7Tl
IU2tHDx+qExs+c4JwwpiGCdG4KPLrx2QNwcna24iJr1kplaY3G7eQ4pTmgqWM13Q
DttscmklD1SJDmYQYan2oSyO17VCnA6PubVy6xp7jvi3acdGyLy6IgN5XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGgA9xu7c233FqNTSGVcydEpQSwyMB8GA1UdIwQY
MBaAFBXBgXBvYcS3N81+t49yMONM38FMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmNHQmNHOWh4TGMzelg2M2ozSXc0MHpmd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81MmUwZTItNDc4Yi00MDFkLTkzODUt
OGZmNmNkNzc0N2M0LzEvYUFEM0c3dHpiZmNXbzFOSVpWekowU2xCTERJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC81MmUwZTItNDc4Yi00MDFkLTkzODUtOGZmNmNkNzc0N2M0
LzEvRmNHQmNHOWh4TGMzelg2M2ozSXc0MHpmd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFkSQAMA0G
CSqGSIb3DQEBCwUAA4IBAQAM2KpflDBkIRlh7EaL6tAJCwoUPyfoiALqtJOL+RG2
XmohjoKg7tepo4iG7eYSQsoAQvYCXU8+XQvEikIgTJioNGPcaMHUbgZs2vi4zYt7
CEjDZ3buKq63Vlkp9tsPijL6v8tsxhQaCAFXkiOBi6A29pxrIEni7hxrfbWCJTOX
lWZeC+DCEc4GUW3aFondrXKZEQ/xadLSIMs7//+YjzeXSOGi2I/pohD/likaO0+/
N5+4wzTILM5PL1Bm6XAP0xan6LHG1y9BAt2g1kjiaJtb6Jwp9/WF1UsaJ8Rq9EVY
FDnE4qlT6oSDAE1ge+JrNnyPDelQg1zRV//PvntLRWD3
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:57:20 2025 by rpki-client