Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/jhWsqvSgCu6Zajx4WZWUhqjvcXQ.roa
File:                     jhWsqvSgCu6Zajx4WZWUhqjvcXQ.roa (raw, json)
Hash identifier:          AG9sKlOpV06ldC9w1ajYlTNevvN5JyvpIV0wislH6RA=
Subject key identifier:   8E:15:AC:AA:F4:A0:0A:EE:99:6A:3C:78:59:95:94:86:A8:EF:71:74
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0195E6CB2E5C21D72CC6BEB6531B17924F33
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/jhWsqvSgCu6Zajx4WZWUhqjvcXQ.roa
Signing time:             Sun 30 Mar 2025 11:23:50 +0000
ROA not before:           Sun 30 Mar 2025 11:23:50 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     42831
IP address blocks:        163.5.86.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.155.0/24 maxlen: 24
                          163.5.242.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Sun 20 Apr 2025 01:54:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:e6:cb:2e:5c:21:d7:2c:c6:be:b6:53:1b:17:92:4f:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Mar 30 11:23:50 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=8e15acaaf4a00aee996a3c7859959486a8ef7174
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:b6:40:2d:1c:41:4a:b2:b0:1c:2c:db:f4:51:
                    d7:bd:68:fe:28:89:16:ef:b1:e9:cf:e1:51:4b:e0:
                    49:ae:5d:63:99:cd:f5:b9:3e:ee:e8:b0:2a:a5:a5:
                    28:92:e1:e7:09:a5:6b:51:9c:ba:ab:8f:29:b3:3c:
                    0d:d3:96:4c:a1:8e:2c:db:7f:e0:9f:31:8d:a2:b9:
                    e4:b8:10:74:64:a6:63:2c:84:75:5e:9e:36:18:ac:
                    55:34:2f:9f:56:b5:49:15:6a:3a:4e:53:39:0c:ad:
                    9c:10:0d:85:71:89:42:59:d0:5f:4f:be:59:a1:b4:
                    37:26:01:0a:38:2e:13:ce:c5:e4:ab:83:e4:60:7c:
                    83:e5:b2:5c:d6:14:ee:39:2c:45:92:34:fa:26:67:
                    be:2c:c6:a5:cc:69:39:4d:ff:a2:2f:14:4c:c6:59:
                    99:cd:11:d8:e6:bd:92:f2:54:ee:89:58:df:2c:90:
                    2d:cc:5c:33:12:5d:74:1a:11:0c:a1:10:f9:68:70:
                    e6:81:9b:3f:3c:61:7d:71:38:07:1f:f8:f6:a9:de:
                    6a:2a:7f:de:b4:26:5d:7b:1c:73:cc:b0:62:01:77:
                    ef:f9:ea:34:7c:57:1b:12:ea:8f:5b:09:0a:53:34:
                    1e:c3:08:45:7f:d0:a0:58:fb:39:d5:7a:78:ca:2a:
                    2b:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:15:AC:AA:F4:A0:0A:EE:99:6A:3C:78:59:95:94:86:A8:EF:71:74
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/jhWsqvSgCu6Zajx4WZWUhqjvcXQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.86.0/24
                  163.5.111.0/24
                  163.5.155.0/24
                  163.5.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:c4:16:8d:b9:e9:51:fb:c8:3d:a3:cf:7a:d1:47:85:7e:df:
         cf:e3:b5:0e:19:4f:97:b8:2e:21:16:69:12:56:63:5d:4b:b8:
         6e:db:15:fa:69:3d:c2:85:a9:f3:f3:3d:f3:8f:b6:a5:36:6b:
         71:82:37:57:4b:dd:0d:17:3b:ac:b2:4d:fe:fd:bf:c7:08:15:
         93:5b:8b:e2:d3:db:0c:37:76:fe:79:e2:38:cc:ac:cf:82:8e:
         12:66:4a:0f:4f:7d:d1:f0:51:f5:c7:15:06:a6:68:77:a5:43:
         02:8a:a7:09:d4:95:1f:de:c7:f3:3f:cd:4e:51:2c:6a:ad:62:
         b5:dd:58:76:e4:84:a4:7c:67:51:7d:5c:ee:11:3e:ac:e4:04:
         13:4d:4a:8d:04:43:41:7a:fd:db:9d:a9:16:03:9a:4e:88:7b:
         eb:27:8e:3f:e4:98:02:25:81:a9:f9:5d:a4:60:75:36:25:41:
         6e:fb:a7:fa:4c:ea:fd:04:50:73:98:67:a0:75:0d:17:ce:7a:
         79:1d:45:c6:e2:40:29:8e:7c:aa:cc:90:eb:b1:50:a1:ec:78:
         70:85:3e:fa:13:15:b8:71:c8:37:85:de:d6:e5:85:74:d0:a3:
         62:d8:f0:45:31:b7:94:28:26:90:4c:60:ed:78:4a:4b:ef:ae:
         0e:15:f6:ac
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZXmyy5cIdcsxr62UxsXkk8zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMzMwMTEyMzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTE1YWNhYWY0YTAwYWVlOTk2YTNjNzg1OTk1OTQ4NmE4ZWY3MTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLZALRxBSrKwHCzb9FHXvWj+KIkW
77Hpz+FRS+BJrl1jmc31uT7u6LAqpaUokuHnCaVrUZy6q48pszwN05ZMoY4s23/g
nzGNornkuBB0ZKZjLIR1Xp42GKxVNC+fVrVJFWo6TlM5DK2cEA2FcYlCWdBfT75Z
obQ3JgEKOC4TzsXkq4PkYHyD5bJc1hTuOSxFkjT6Jme+LMalzGk5Tf+iLxRMxlmZ
zRHY5r2S8lTuiVjfLJAtzFwzEl10GhEMoRD5aHDmgZs/PGF9cTgHH/j2qd5qKn/e
tCZdexxzzLBiAXfv+eo0fFcbEuqPWwkKUzQewwhFf9CgWPs51Xp4yioruwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI4VrKr0oArumWo8eFmVlIao73F0MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvamhXc3F2U2dDdTZaYWp4NFdaV1VocWp2Y1hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowVWAwQA
owVvAwQAowWbAwQAowXyMA0GCSqGSIb3DQEBCwUAA4IBAQCqxBaNuelR+8g9o896
0UeFft/P47UOGU+XuC4hFmkSVmNdS7hu2xX6aT3Chanz8z3zj7alNmtxgjdXS90N
Fzussk3+/b/HCBWTW4vi09sMN3b+eeI4zKzPgo4SZkoPT33R8FH1xxUGpmh3pUMC
iqcJ1JUf3sfzP81OUSxqrWK13Vh25ISkfGdRfVzuET6s5AQTTUqNBENBev3bnakW
A5pOiHvrJ44/5JgCJYGp+V2kYHU2JUFu+6f6TOr9BFBzmGegdQ0Xznp5HUXG4kAp
jnyqzJDrsVCh7HhwhT76ExW4ccg3hd7W5YV00KNi2PBFMbeUKCaQTGDteEpL764O
Ffas
-----END CERTIFICATE-----
Generated at Thu Jun 12 20:58:35 2025 by rpki-client