Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Z_Yd9YQjw98wczqBKRgkaJNAuPU.roa
File:                     Z_Yd9YQjw98wczqBKRgkaJNAuPU.roa (raw, json)
Hash identifier:          oLmJXaQybV5v43WcfjDyimr/bS1e0Pg4sS+IDHgnTiU=
Subject key identifier:   67:F6:1D:F5:84:23:C3:DF:30:73:3A:81:29:18:24:68:93:40:B8:F5
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       019735645867933B372B29256BA9BA1C8969
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Z_Yd9YQjw98wczqBKRgkaJNAuPU.roa
Signing time:             Tue 03 Jun 2025 10:44:18 +0000
ROA not before:           Tue 03 Jun 2025 10:44:18 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     214238
IP address blocks:        5.253.56.0/24 maxlen: 24
                          5.253.57.0/24 maxlen: 24
                          5.253.58.0/24 maxlen: 24
                          31.169.127.0/24 maxlen: 24
                          37.139.128.0/24 maxlen: 24
                          45.88.66.0/24 maxlen: 24
                          45.95.0.0/24 maxlen: 24
                          45.95.2.0/24 maxlen: 24
                          45.128.234.0/24 maxlen: 24
                          45.128.235.0/24 maxlen: 24
                          79.110.63.0/24 maxlen: 24
                          85.31.44.0/24 maxlen: 24
                          85.31.46.0/24 maxlen: 24
                          85.208.136.0/24 maxlen: 24
                          87.120.92.0/24 maxlen: 24
                          87.120.108.0/24 maxlen: 24
                          87.120.196.0/24 maxlen: 24
                          87.120.205.0/24 maxlen: 24
                          87.120.216.0/24 maxlen: 24
                          87.120.219.0/24 maxlen: 24
                          87.120.222.0/24 maxlen: 24
                          87.121.47.0/24 maxlen: 24
                          87.121.216.0/24 maxlen: 24
                          91.92.21.0/24 maxlen: 24
                          93.123.31.0/24 maxlen: 24
                          94.125.102.0/24 maxlen: 24
                          94.125.103.0/24 maxlen: 24
                          94.156.236.0/24 maxlen: 24
                          109.206.240.0/24 maxlen: 24
                          109.206.243.0/24 maxlen: 24
                          171.22.30.0/24 maxlen: 24
                          185.207.14.0/24 maxlen: 24
                          185.207.15.0/24 maxlen: 24
                          185.218.138.0/24 maxlen: 24
                          185.246.221.0/24 maxlen: 24
                          185.252.179.0/24 maxlen: 24
                          193.8.184.0/24 maxlen: 24
                          193.8.186.0/24 maxlen: 24
                          193.8.187.0/24 maxlen: 24
                          193.47.60.0/24 maxlen: 24
                          193.47.61.0/24 maxlen: 24
                          193.148.56.0/24 maxlen: 24
                          193.148.57.0/24 maxlen: 24
                          193.148.58.0/24 maxlen: 24
                          193.148.59.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Wed 04 Jun 2025 07:34:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:35:64:58:67:93:3b:37:2b:29:25:6b:a9:ba:1c:89:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jun  3 10:44:18 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=67f61df58423c3df30733a81291824689340b8f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:26:c4:b2:38:75:4f:9e:0f:c9:cf:cb:21:da:
                    2b:e8:72:8d:92:93:c5:26:8c:7e:bf:2b:bc:2d:50:
                    99:f2:c2:19:6c:e5:35:d8:47:03:05:8e:fb:19:f8:
                    9e:d4:0c:a8:8f:69:15:6a:18:0a:3e:bb:5d:eb:01:
                    d8:69:42:43:61:13:d2:44:b6:01:22:16:ba:0b:92:
                    3b:5d:67:2b:50:5b:1b:26:a4:e7:f0:be:a9:60:3f:
                    cc:3c:cc:cf:bc:36:9f:72:b2:76:c9:72:b7:f3:5c:
                    45:d0:1e:64:7b:61:ad:5f:71:a1:c6:c8:e0:64:1c:
                    23:45:b2:d6:c5:17:e5:99:21:6a:03:0c:e5:b7:60:
                    99:b6:59:d5:2f:e5:9f:09:17:38:16:61:bc:72:5b:
                    60:b8:7b:fd:9f:08:7f:46:95:b7:46:dd:19:62:4c:
                    cb:c6:20:41:ea:38:d5:f0:96:c9:56:a8:0e:21:85:
                    d0:5b:62:1a:4f:ea:aa:61:34:01:e9:72:9a:98:88:
                    96:c8:bd:1d:53:51:5a:67:8b:ee:bf:ec:54:0b:f7:
                    3f:a7:01:00:32:5e:1f:f9:1f:ad:a9:68:21:be:e7:
                    b0:68:ca:8a:97:34:a5:cb:67:b4:a9:ee:74:00:c7:
                    13:9e:05:0c:71:7a:b3:ee:0b:d9:e8:90:f2:9f:c8:
                    b1:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:F6:1D:F5:84:23:C3:DF:30:73:3A:81:29:18:24:68:93:40:B8:F5
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Z_Yd9YQjw98wczqBKRgkaJNAuPU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.56.0-5.253.58.255
                  31.169.127.0/24
                  37.139.128.0/24
                  45.88.66.0/24
                  45.95.0.0/24
                  45.95.2.0/24
                  45.128.234.0/23
                  79.110.63.0/24
                  85.31.44.0/24
                  85.31.46.0/24
                  85.208.136.0/24
                  87.120.92.0/24
                  87.120.108.0/24
                  87.120.196.0/24
                  87.120.205.0/24
                  87.120.216.0/24
                  87.120.219.0/24
                  87.120.222.0/24
                  87.121.47.0/24
                  87.121.216.0/24
                  91.92.21.0/24
                  93.123.31.0/24
                  94.125.102.0/23
                  94.156.236.0/24
                  109.206.240.0/24
                  109.206.243.0/24
                  171.22.30.0/24
                  185.207.14.0/23
                  185.218.138.0/24
                  185.246.221.0/24
                  185.252.179.0/24
                  193.8.184.0/24
                  193.8.186.0/23
                  193.47.60.0/23
                  193.148.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         50:f2:b6:2f:e3:45:55:ec:45:99:7b:3a:c0:5d:af:f4:c4:1d:
         d4:56:58:35:1a:be:b6:7f:41:0c:ba:87:b4:a0:5b:6a:41:a4:
         5a:58:6d:e6:e3:d2:6a:37:cb:b3:e0:1f:be:c5:e2:77:8a:fa:
         21:ab:13:10:bc:cb:2b:8e:d2:63:86:0d:bb:45:31:9d:ee:5a:
         f8:89:b2:a6:03:ab:b8:ce:39:d1:c7:01:95:78:53:ae:31:e2:
         f4:4f:90:85:5b:67:f8:2a:a4:23:d6:48:c7:42:de:8b:11:dc:
         a7:1e:64:39:56:15:97:ef:bd:d1:c6:73:5f:f8:68:2e:68:b7:
         80:f5:e9:b5:9a:4d:0b:3e:8f:88:57:b3:f4:c1:35:05:1b:65:
         08:d8:46:46:38:39:ba:0f:d7:da:3d:4a:cc:5a:7c:37:7c:53:
         0e:5e:33:cc:10:0f:02:7b:e8:63:5d:72:1d:e7:7f:b0:b9:29:
         82:6f:99:b6:c2:42:55:ab:e0:66:a8:e8:6d:81:fd:47:ad:bf:
         4e:48:ed:26:1e:3d:91:e8:3a:e4:a5:8a:fc:42:d8:bc:ff:be:
         ff:74:e7:c2:af:0b:94:05:40:6a:89:0b:de:64:0b:1b:0b:f3:
         87:24:43:88:5b:be:e7:7f:db:17:a6:ad:05:5b:1f:9c:2b:7d:
         eb:a0:f4:65
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAZc1ZFhnkzs3Kykla6m6HIlpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNjAzMTA0NDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2Y2MWRmNTg0MjNjM2RmMzA3MzNhODEyOTE4MjQ2ODkzNDBiOGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSbEsjh1T54Pyc/LIdor6HKNkpPF
Jox+vyu8LVCZ8sIZbOU12EcDBY77Gfie1Ayoj2kVahgKPrtd6wHYaUJDYRPSRLYB
Iha6C5I7XWcrUFsbJqTn8L6pYD/MPMzPvDafcrJ2yXK381xF0B5ke2GtX3Ghxsjg
ZBwjRbLWxRflmSFqAwzlt2CZtlnVL+WfCRc4FmG8cltguHv9nwh/RpW3Rt0ZYkzL
xiBB6jjV8JbJVqgOIYXQW2IaT+qqYTQB6XKamIiWyL0dU1FaZ4vuv+xUC/c/pwEA
Ml4f+R+tqWghvuewaMqKlzSly2e0qe50AMcTngUMcXqz7gvZ6JDyn8ix6QIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFGf2HfWEI8PfMHM6gSkYJGiTQLj1MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWl9ZZDlZUWp3OTh3Y3pxQktSZ2thSk5BdVBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCB4QQCAAEwgdowDAME
AwX9OAMEAAX9OgMEAB+pfwMEACWLgAMEAC1YQgMEAC1fAAMEAC1fAgMEAS2A6gME
AE9uPwMEAFUfLAMEAFUfLgMEAFXQiAMEAFd4XAMEAFd4bAMEAFd4xAMEAFd4zQME
AFd42AMEAFd42wMEAFd43gMEAFd5LwMEAFd52AMEAFtcFQMEAF17HwMEAV59ZgME
AF6c7AMEAG3O8AMEAG3O8wMEAKsWHgMEAbnPDgMEALnaigMEALn23QMEALn8swME
AMEIuAMEAcEIugMEAcEvPAMEAsGUODANBgkqhkiG9w0BAQsFAAOCAQEAUPK2L+NF
VexFmXs6wF2v9MQd1FZYNRq+tn9BDLqHtKBbakGkWlht5uPSajfLs+AfvsXid4r6
IasTELzLK47SY4YNu0Uxne5a+ImypgOruM450ccBlXhTrjHi9E+QhVtn+CqkI9ZI
x0LeixHcpx5kOVYVl++90cZzX/hoLmi3gPXptZpNCz6PiFez9ME1BRtlCNhGRjg5
ug/X2j1KzFp8N3xTDl4zzBAPAnvoY11yHed/sLkpgm+ZtsJCVavgZqjobYH9R62/
TkjtJh49keg65KWK/ELYvP++/3Tnwq8LlAVAaokL3mQLGwvzhyRDiFu+53/bF6at
BVsfnCt966D0ZQ==
-----END CERTIFICATE-----
Generated at Tue Jun 10 19:28:30 2025 by rpki-client