Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3mEJdKMqslp509j4bihVuys0mKE.roa
File:                     3mEJdKMqslp509j4bihVuys0mKE.roa (raw, json)
Hash identifier:          m3h1Y6CLC7FibqL7+G+JxAb2Lz+007eRl8xj4zWHW9A=
Subject key identifier:   DE:61:09:74:A3:2A:B2:5A:79:D3:D8:F8:6E:28:55:BB:2B:34:98:A1
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0193C0B4B4622F849B4CCD68323AE5D648A3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3mEJdKMqslp509j4bihVuys0mKE.roa
Signing time:             Fri 13 Dec 2024 15:48:08 +0000
ROA not before:           Fri 13 Dec 2024 15:48:08 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211373
IP address blocks:        193.108.112.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Thu 02 Jan 2025 17:51:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:c0:b4:b4:62:2f:84:9b:4c:cd:68:32:3a:e5:d6:48:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Dec 13 15:48:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=de610974a32ab25a79d3d8f86e2855bb2b3498a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:62:35:51:86:57:aa:c4:d7:7d:cf:54:8a:08:
                    37:58:43:e8:40:7d:be:b4:0d:2e:77:47:dd:16:86:
                    9c:f0:c1:db:a5:0e:ba:90:72:9e:5f:88:14:3c:cc:
                    85:90:6a:7c:fb:30:18:f8:6a:51:8c:1e:a3:59:31:
                    d2:2c:5b:d3:17:6e:10:68:e7:6b:da:41:69:65:cf:
                    94:86:e0:03:db:0e:b9:dd:d0:e4:07:5a:d4:5a:f9:
                    52:58:6e:15:1e:08:df:61:63:90:ba:39:fb:2f:c0:
                    e8:d7:1b:c6:2e:28:26:7a:3e:da:dd:89:bc:7d:df:
                    1f:11:5c:65:7d:66:c7:58:32:0c:18:d9:62:1f:a9:
                    aa:60:d8:ab:30:1e:7a:94:cb:cd:8e:3b:4e:11:e2:
                    54:24:fd:7f:5b:1f:ae:1d:84:3f:d8:cd:d5:34:80:
                    23:20:43:71:27:1c:4b:dc:80:d7:ad:74:1a:10:39:
                    a5:fd:48:cf:d2:a6:a9:91:f8:dc:f6:66:f5:14:a1:
                    ee:7b:42:82:cd:66:ed:3d:75:33:45:cf:8a:ea:b1:
                    c2:5b:8f:54:35:c0:0e:b6:74:95:14:32:eb:6b:07:
                    ae:c8:50:9d:01:b2:7a:39:3e:a6:b7:4f:37:e2:f0:
                    71:56:c3:1c:85:37:54:fd:dd:65:50:cc:e7:f4:b3:
                    46:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:61:09:74:A3:2A:B2:5A:79:D3:D8:F8:6E:28:55:BB:2B:34:98:A1
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3mEJdKMqslp509j4bihVuys0mKE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.108.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:8f:43:f7:26:cc:8f:36:e4:43:18:83:12:d1:45:ce:3e:4a:
         a8:89:7a:9d:ef:46:6d:d7:09:98:c7:f1:64:f9:6e:10:be:32:
         4b:1b:36:74:04:44:64:ab:bb:74:5b:c9:92:0f:b2:b1:28:1e:
         cf:48:87:04:52:70:30:b8:15:e1:19:93:b1:56:fc:85:fe:b6:
         d3:d0:32:90:93:f3:5a:51:62:b4:a7:6a:09:4b:75:a0:bc:83:
         8b:61:fc:32:12:0b:c0:bf:8d:c7:06:56:af:3c:6d:61:50:54:
         02:04:79:e5:f6:d7:ed:2c:74:5d:5b:e1:60:61:fb:b2:d7:21:
         df:a5:c0:9e:ea:c7:2d:49:5d:06:57:83:20:ff:2a:5b:22:e0:
         4f:dc:47:2e:06:c7:81:45:77:79:d4:d8:0e:f6:bf:c2:7a:be:
         a7:bb:7b:3d:56:9b:f5:a6:cd:52:d6:49:55:9c:dc:31:b5:a2:
         f4:78:79:58:00:da:4d:2a:c6:be:db:fa:99:d7:71:c8:ab:f3:
         8d:42:98:64:3b:ed:ed:23:f5:cd:83:c9:d3:01:c1:28:d5:8c:
         57:80:62:7e:cf:bb:2c:d5:03:41:f7:f6:cd:aa:f2:bf:55:00:
         15:d7:39:26:5c:52:2a:fa:af:0c:97:3b:c1:cb:bb:89:36:eb:
         97:6b:5c:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPAtLRiL4SbTM1oMjrl1kijMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMjEzMTU0ODA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTYxMDk3NGEzMmFiMjVhNzlkM2Q4Zjg2ZTI4NTViYjJiMzQ5OGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWI1UYZXqsTXfc9Uigg3WEPoQH2+
tA0ud0fdFoac8MHbpQ66kHKeX4gUPMyFkGp8+zAY+GpRjB6jWTHSLFvTF24QaOdr
2kFpZc+UhuAD2w653dDkB1rUWvlSWG4VHgjfYWOQujn7L8Do1xvGLigmej7a3Ym8
fd8fEVxlfWbHWDIMGNliH6mqYNirMB56lMvNjjtOEeJUJP1/Wx+uHYQ/2M3VNIAj
IENxJxxL3IDXrXQaEDml/UjP0qapkfjc9mb1FKHue0KCzWbtPXUzRc+K6rHCW49U
NcAOtnSVFDLraweuyFCdAbJ6OT6mt0834vBxVsMchTdU/d1lUMzn9LNGiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN5hCXSjKrJaedPY+G4oVbsrNJihMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvM21FSmRLTXFzbHA1MDlqNGJpaFZ1eXMwbUtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWxwMA0G
CSqGSIb3DQEBCwUAA4IBAQCQj0P3JsyPNuRDGIMS0UXOPkqoiXqd70Zt1wmYx/Fk
+W4QvjJLGzZ0BERkq7t0W8mSD7KxKB7PSIcEUnAwuBXhGZOxVvyF/rbT0DKQk/Na
UWK0p2oJS3WgvIOLYfwyEgvAv43HBlavPG1hUFQCBHnl9tftLHRdW+FgYfuy1yHf
pcCe6sctSV0GV4Mg/ypbIuBP3EcuBseBRXd51NgO9r/Cer6nu3s9Vpv1ps1S1klV
nNwxtaL0eHlYANpNKsa+2/qZ13HIq/ONQphkO+3tI/XNg8nTAcEo1YxXgGJ+z7ss
1QNB9/bNqvK/VQAV1zkmXFIq+q8MlzvBy7uJNuuXa1yY
-----END CERTIFICATE-----
Generated at Wed Jun 11 03:18:29 2025 by rpki-client