Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/x_4i9LMI5mdLffAwUmTVjtubOmY.roa
File:                     x_4i9LMI5mdLffAwUmTVjtubOmY.roa (raw, json)
Hash identifier:          K657WPIiSgJms9cPyIo4gkJyo5OzIAlFAlJbKj6aR5A=
Subject key identifier:   C7:FE:22:F4:B3:08:E6:67:4B:7D:F0:30:52:64:D5:8E:DB:9B:3A:66
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       0196E7ABFCDE7C780A2ABDC0AD9CCA1A8949
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/x_4i9LMI5mdLffAwUmTVjtubOmY.roa
Signing time:             Mon 19 May 2025 08:32:10 +0000
ROA not before:           Mon 19 May 2025 08:32:10 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     0
IP address blocks:        45.92.218.0/23 maxlen: 23
                          45.134.36.0/24 maxlen: 24
                          45.142.105.0/24 maxlen: 24
                          45.151.56.0/24 maxlen: 24
                          45.152.162.0/23 maxlen: 23
                          92.118.204.0/22 maxlen: 22
Validation:               Failed, certificate revoked on Tue 27 May 2025 11:33:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:e7:ab:fc:de:7c:78:0a:2a:bd:c0:ad:9c:ca:1a:89:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: May 19 08:32:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=c7fe22f4b308e6674b7df0305264d58edb9b3a66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:e4:26:6e:21:fb:64:b4:35:20:31:32:01:18:
                    03:fb:ac:d4:07:00:b5:cd:e9:5b:1b:0e:a5:88:77:
                    03:97:26:6d:e1:ae:b4:c0:16:c5:4e:60:16:f9:76:
                    df:a3:a1:ad:b3:fd:23:4f:63:d2:82:79:78:20:d8:
                    88:dc:c3:f4:47:3d:5a:cb:4c:2e:1a:19:15:49:9d:
                    f7:bc:74:97:37:91:63:bd:2c:ce:5a:9a:c9:f6:d0:
                    5e:a8:61:5b:63:c1:af:59:86:30:51:e1:28:fc:50:
                    c3:d9:b3:d6:a2:da:6d:58:22:ca:7b:bc:68:1b:21:
                    d5:f2:6c:f5:37:84:0e:57:d4:f3:08:83:3b:c4:83:
                    d0:f4:30:1c:8f:13:26:70:ad:5d:35:a4:bf:d8:4a:
                    c0:cd:75:d1:d0:b5:f9:f7:0c:33:09:1c:0e:73:d6:
                    fc:90:c2:05:ba:c2:ff:2c:ee:29:43:8b:48:b0:07:
                    49:eb:c5:4e:59:61:0b:c3:a5:f2:be:f0:61:53:8a:
                    aa:8a:4a:fa:cf:7c:b9:a9:b0:b7:40:b2:83:98:23:
                    0f:8a:fd:73:a0:61:c7:e7:22:45:d1:db:6d:d6:00:
                    c6:10:e6:2d:3b:ca:a0:4a:40:41:3c:d7:f0:7d:6e:
                    51:47:52:6a:0d:37:de:3b:88:f8:1b:9c:76:32:3b:
                    13:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:FE:22:F4:B3:08:E6:67:4B:7D:F0:30:52:64:D5:8E:DB:9B:3A:66
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/x_4i9LMI5mdLffAwUmTVjtubOmY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.92.218.0/23
                  45.134.36.0/24
                  45.142.105.0/24
                  45.151.56.0/24
                  45.152.162.0/23
                  92.118.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         65:fd:5e:b2:1c:62:0e:69:7d:68:db:24:e6:ff:3f:f2:be:2c:
         a5:c6:f9:69:ae:27:59:50:8b:cb:04:81:b4:ce:25:96:2c:27:
         c9:89:2e:4a:a0:a2:4d:de:83:df:05:a2:b1:f9:7b:a6:c0:69:
         cb:20:5d:52:e4:4c:31:1b:c7:9c:e4:23:07:92:72:b8:da:74:
         ff:4b:8a:b6:29:80:2b:da:39:0e:15:a9:3b:10:c0:10:b6:81:
         28:5b:6f:dc:62:0d:dc:6a:7e:de:f0:46:ad:0a:5c:97:21:e3:
         d0:55:93:44:d9:c8:3b:fc:f4:5d:a2:13:9f:10:42:3a:1a:47:
         fc:e3:cb:42:4d:2a:61:c1:b4:bf:36:3b:b1:8f:68:e1:87:59:
         54:79:22:55:c1:52:47:ee:9c:02:c9:f3:67:ac:e7:80:03:26:
         78:c6:35:98:2f:b8:9d:d4:5d:3b:16:f4:f2:e5:e8:bc:94:43:
         c5:75:ef:12:63:b5:73:21:85:b1:ed:3f:4c:d5:bb:fc:aa:0c:
         92:94:5a:59:cb:00:c4:cf:87:55:22:0f:78:cb:fe:49:3b:69:
         16:13:d5:4a:71:29:19:8a:4f:0f:d6:01:d3:0a:1f:09:2c:79:
         c2:f6:97:07:ce:63:b4:15:5a:71:a5:d9:33:c9:98:2d:bf:58:
         20:30:25:a1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZbnq/zefHgKKr3ArZzKGolJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwNTE5MDgzMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2ZlMjJmNGIzMDhlNjY3NGI3ZGYwMzA1MjY0ZDU4ZWRiOWIzYTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOQmbiH7ZLQ1IDEyARgD+6zUBwC1
zelbGw6liHcDlyZt4a60wBbFTmAW+Xbfo6Gts/0jT2PSgnl4INiI3MP0Rz1ay0wu
GhkVSZ33vHSXN5FjvSzOWprJ9tBeqGFbY8GvWYYwUeEo/FDD2bPWotptWCLKe7xo
GyHV8mz1N4QOV9TzCIM7xIPQ9DAcjxMmcK1dNaS/2ErAzXXR0LX59wwzCRwOc9b8
kMIFusL/LO4pQ4tIsAdJ68VOWWELw6XyvvBhU4qqikr6z3y5qbC3QLKDmCMPiv1z
oGHH5yJF0dtt1gDGEOYtO8qgSkBBPNfwfW5RR1JqDTfeO4j4G5x2MjsT3QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMf+IvSzCOZnS33wMFJk1Y7bmzpmMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEveF80aTlMTUk1bWRMZmZBd1VtVFZqdHViT21ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLVzaAwQA
LYYkAwQALY5pAwQALZc4AwQBLZiiAwQCXHbMMA0GCSqGSIb3DQEBCwUAA4IBAQBl
/V6yHGIOaX1o2yTm/z/yviylxvlpridZUIvLBIG0ziWWLCfJiS5KoKJN3oPfBaKx
+XumwGnLIF1S5EwxG8ec5CMHknK42nT/S4q2KYAr2jkOFak7EMAQtoEoW2/cYg3c
an7e8EatClyXIePQVZNE2cg7/PRdohOfEEI6Gkf848tCTSphwbS/Njuxj2jhh1lU
eSJVwVJH7pwCyfNnrOeAAyZ4xjWYL7id1F07FvTy5ei8lEPFde8SY7VzIYWx7T9M
1bv8qgySlFpZywDEz4dVIg94y/5JO2kWE9VKcSkZik8P1gHTCh8JLHnC9pcHzmO0
FVpxpdkzyZgtv1ggMCWh
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:23:45 2025 by rpki-client