Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/IVjw5jIjBpjivBrjY5_SGI7pVbk.roa
File:                     IVjw5jIjBpjivBrjY5_SGI7pVbk.roa (raw, json)
Hash identifier:          6kDsaIbFAhJbZU+viNbfr2HzVONgUr/5ZCtcBJP5I/0=
Subject key identifier:   21:58:F0:E6:32:23:06:98:E2:BC:1A:E3:63:9F:D2:18:8E:E9:55:B9
Certificate issuer:       /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial:       0196FF0624D58F4B7974A2D2B0D93ED48D41
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/IVjw5jIjBpjivBrjY5_SGI7pVbk.roa
Signing time:             Fri 23 May 2025 21:21:54 +0000
ROA not before:           Fri 23 May 2025 21:21:54 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     42372
IP address blocks:        62.205.133.0/24 maxlen: 24
                          193.33.64.0/23 maxlen: 23
                          2a01:d0:8000::/33 maxlen: 33
                          2a01:d0:ffff::/48 maxlen: 48
Validation:               Failed, certificate revoked on Tue 03 Jun 2025 13:47:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ff:06:24:d5:8f:4b:79:74:a2:d2:b0:d9:3e:d4:8d:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
        Validity
            Not Before: May 23 21:21:54 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=2158f0e632230698e2bc1ae3639fd2188ee955b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:fa:d5:35:d7:8e:f1:7d:64:42:43:61:8d:fb:
                    c5:cd:92:55:61:72:e5:b0:e8:32:02:2a:d6:bf:73:
                    35:ae:cd:24:63:18:34:9a:05:36:e9:b5:59:ed:40:
                    88:f6:0a:7f:a6:c8:59:e9:db:f0:2d:0a:22:80:cb:
                    5a:91:77:45:84:bf:b7:fa:38:1a:54:73:d0:55:ef:
                    fa:e1:e4:43:5b:80:20:a2:0a:ca:77:6d:92:d0:25:
                    b2:0c:67:c9:6a:b6:e8:e5:e0:0c:c1:b5:e6:1e:8a:
                    4f:f9:3c:eb:b0:40:a6:77:57:ef:96:35:8f:93:5d:
                    b3:40:46:8b:77:b2:ff:f2:0d:79:4e:23:8f:10:08:
                    e4:90:83:a1:77:32:f8:55:98:90:4c:31:17:e0:c2:
                    60:87:0b:ba:dc:61:e2:38:2b:38:73:b3:73:0e:91:
                    d7:f3:84:ed:b9:4a:66:13:ae:db:9b:ba:9f:a5:a6:
                    5c:f5:db:ac:0b:da:63:3b:5c:e1:e4:7d:d2:69:29:
                    09:b9:b9:47:12:36:7f:c6:7d:fa:be:1f:4f:0c:21:
                    b8:02:4f:b5:d5:bd:02:9b:1b:a9:81:fc:5d:e7:d5:
                    c3:f3:8b:fc:71:f7:c7:08:db:f7:83:12:5a:de:9a:
                    d4:31:b1:b2:c8:a3:47:1f:ff:f3:59:6d:04:60:41:
                    53:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:58:F0:E6:32:23:06:98:E2:BC:1A:E3:63:9F:D2:18:8E:E9:55:B9
            X509v3 Authority Key Identifier:
                keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/IVjw5jIjBpjivBrjY5_SGI7pVbk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.205.133.0/24
                  193.33.64.0/23
                IPv6:
                  2a01:d0:8000::/33

    Signature Algorithm: sha256WithRSAEncryption
         a2:76:57:e3:41:d9:d9:88:35:59:9a:ae:76:84:50:71:98:da:
         7e:ef:cb:72:24:12:99:90:6c:73:b3:4e:31:83:98:09:1b:a2:
         2f:9b:4b:d7:81:7e:f1:b1:05:2c:ab:e9:5f:a8:e7:aa:ca:fc:
         0f:d5:ed:53:13:84:f7:da:b6:b2:1d:7c:65:d1:58:80:29:5b:
         c2:75:85:15:5e:f4:48:a4:89:c6:36:df:5c:e5:54:65:1d:82:
         19:f4:67:3e:41:dd:84:f7:54:78:a1:00:cf:93:8e:4c:b1:ea:
         2e:f9:c7:45:e7:f1:8b:78:37:93:6d:98:23:20:be:62:2f:7c:
         d6:c7:1d:89:2b:77:5c:8c:d7:77:64:7d:f4:54:e5:73:18:86:
         3f:47:4d:9a:b9:07:f3:c9:37:33:b1:df:05:37:7c:e7:51:7e:
         c7:d6:b6:75:93:45:51:bf:dc:b6:35:d7:63:30:94:71:fd:3c:
         d4:88:87:d0:9b:b3:d9:cd:22:38:c5:0b:7f:e8:39:9c:4e:97:
         33:e5:5d:b6:41:02:1c:09:57:d3:2b:2b:38:bb:a3:71:0f:a6:
         77:8d:26:d4:24:df:c7:6e:27:7c:9a:76:87:4d:3f:d8:95:eb:
         4c:2b:99:43:c9:f5:17:63:77:40:c5:ff:7f:44:09:6f:fc:97:
         e7:17:7b:9b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZb/BiTVj0t5dKLSsNk+1I1BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwNTIzMjEyMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTU4ZjBlNjMyMjMwNjk4ZTJiYzFhZTM2MzlmZDIxODhlZTk1NWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvrVNdeO8X1kQkNhjfvFzZJVYXLl
sOgyAirWv3M1rs0kYxg0mgU26bVZ7UCI9gp/pshZ6dvwLQoigMtakXdFhL+3+jga
VHPQVe/64eRDW4AgogrKd22S0CWyDGfJarbo5eAMwbXmHopP+TzrsECmd1fvljWP
k12zQEaLd7L/8g15TiOPEAjkkIOhdzL4VZiQTDEX4MJghwu63GHiOCs4c7NzDpHX
84TtuUpmE67bm7qfpaZc9dusC9pjO1zh5H3SaSkJublHEjZ/xn36vh9PDCG4Ak+1
1b0Cmxupgfxd59XD84v8cffHCNv3gxJa3prUMbGyyKNHH//zWW0EYEFTlwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCFY8OYyIwaY4rwa42Of0hiO6VW5MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvSVZqdzVqSWpCcGppdkJyalk1X1NHSTdwVmJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAPs2FAwQB
wSFAMA4EAgACMAgDBgcqAQDQgDANBgkqhkiG9w0BAQsFAAOCAQEAonZX40HZ2Yg1
WZqudoRQcZjafu/LciQSmZBsc7NOMYOYCRuiL5tL14F+8bEFLKvpX6jnqsr8D9Xt
UxOE99q2sh18ZdFYgClbwnWFFV70SKSJxjbfXOVUZR2CGfRnPkHdhPdUeKEAz5OO
TLHqLvnHRefxi3g3k22YIyC+Yi981scdiSt3XIzXd2R99FTlcxiGP0dNmrkH88k3
M7HfBTd851F+x9a2dZNFUb/ctjXXYzCUcf081IiH0Juz2c0iOMULf+g5nE6XM+Vd
tkECHAlX0ysrOLujcQ+md40m1CTfx24nfJp2h00/2JXrTCuZQ8n1F2N3QMX/f0QJ
b/yX5xd7mw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:42:12 2025 by rpki-client