Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/KsbDxBF1rLzccGgrZkavdO58vAs.roa
File:                     KsbDxBF1rLzccGgrZkavdO58vAs.roa (raw, json)
Hash identifier:          nQji8ZVyg1EieXsYge5A5q6zH0PfsWbEBdLPzzn8wuE=
Subject key identifier:   2A:C6:C3:C4:11:75:AC:BC:DC:70:68:2B:66:46:AF:74:EE:7C:BC:0B
Certificate issuer:       /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial:       0196EDF3A78F6F4E98500A1C2C12F2F3A8C5
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/KsbDxBF1rLzccGgrZkavdO58vAs.roa
Signing time:             Tue 20 May 2025 13:48:10 +0000
ROA not before:           Tue 20 May 2025 13:48:10 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     9009
IP address blocks:        92.71.2.0/23 maxlen: 24
                          92.71.4.0/23 maxlen: 24
                          92.71.26.0/23 maxlen: 24
                          92.71.28.0/22 maxlen: 24
                          92.71.48.0/21 maxlen: 24
                          92.71.56.0/22 maxlen: 24
                          92.71.62.0/23 maxlen: 24
Validation:               Failed, certificate revoked on Thu 22 May 2025 04:49:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ed:f3:a7:8f:6f:4e:98:50:0a:1c:2c:12:f2:f3:a8:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
        Validity
            Not Before: May 20 13:48:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=2ac6c3c41175acbcdc70682b6646af74ee7cbc0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:3d:10:4b:82:20:70:29:f7:e2:d3:00:56:ce:
                    27:23:4d:a5:b8:e9:99:8d:02:f0:c8:c4:0f:ed:9f:
                    22:d0:ab:a8:18:40:d6:3e:39:d5:57:83:03:44:14:
                    d4:aa:fd:d8:92:f6:0a:1a:f2:b7:20:ea:53:12:7e:
                    e8:08:4a:20:2b:cb:13:30:88:2c:b9:f6:a3:47:cf:
                    79:96:48:19:f2:83:94:b9:06:fd:1c:c5:76:9f:94:
                    99:52:a3:f1:9b:eb:53:16:65:e8:a3:2c:50:21:b5:
                    89:d5:f2:72:8e:6e:c3:17:f2:43:61:f6:24:4b:fb:
                    b5:19:f5:e3:68:f9:6a:47:7a:66:61:f4:d6:6c:1e:
                    19:31:41:81:ef:34:d7:15:cd:e0:f7:d4:7b:01:14:
                    1f:09:95:80:2a:94:d4:eb:16:e6:76:43:33:74:3e:
                    b3:de:f1:aa:ae:0b:aa:34:1c:07:6f:35:f6:69:2c:
                    22:19:0e:6b:8b:68:89:23:46:e8:5c:89:77:16:c8:
                    d5:f1:df:a7:00:3e:ba:fa:33:b5:a1:62:4b:28:fd:
                    49:fe:74:0f:91:75:44:67:c9:53:40:19:dd:0d:21:
                    88:ec:3f:e2:22:31:34:fc:a8:9f:55:83:67:74:ec:
                    78:8d:19:91:c8:07:6f:11:e9:da:c1:b8:0f:e2:14:
                    37:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:C6:C3:C4:11:75:AC:BC:DC:70:68:2B:66:46:AF:74:EE:7C:BC:0B
            X509v3 Authority Key Identifier:
                keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/KsbDxBF1rLzccGgrZkavdO58vAs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.71.2.0-92.71.5.255
                  92.71.26.0-92.71.31.255
                  92.71.48.0-92.71.59.255
                  92.71.62.0/23

    Signature Algorithm: sha256WithRSAEncryption
         63:7a:2d:5c:97:63:46:12:52:23:1c:f3:d5:1c:d9:e0:8d:23:
         40:b6:1e:cf:72:81:b3:2e:15:6e:fe:5f:00:91:73:f8:96:38:
         28:d6:a2:4c:1f:c8:fd:a1:b0:a0:a1:5d:de:f6:47:51:61:77:
         14:fd:21:19:b8:d3:f9:15:20:21:2f:5e:51:1f:6a:72:f7:3c:
         b2:4c:c1:88:a8:f6:92:eb:32:84:ea:88:08:68:ce:fa:1f:e3:
         36:46:ba:68:87:71:8b:e9:5c:65:6a:0f:da:12:4a:44:61:b8:
         aa:d3:ad:1f:14:36:35:dd:99:c9:44:0b:0d:67:9d:10:88:6a:
         83:b1:84:73:d9:57:81:6e:44:9e:87:a2:1e:4a:70:59:75:3b:
         1d:f6:ab:d4:e6:65:f1:1f:92:2b:21:ac:f1:d4:24:37:ef:8f:
         37:04:f5:56:f0:cc:7c:ec:0f:a0:e1:87:cb:71:02:c6:b4:62:
         a8:d5:24:54:33:e1:35:4d:b1:b9:36:76:40:5b:68:1a:c5:fb:
         e6:a6:96:d0:78:d2:83:a4:ab:1c:e8:ae:c3:d0:f7:5a:ad:e4:
         33:ce:3e:62:e0:fa:30:33:71:03:90:6e:50:4f:99:ad:d1:d0:
         92:40:7a:43:4d:b9:c2:c8:de:d6:70:1c:48:07:65:cf:08:df:
         cc:f4:7d:69
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZbt86ePb06YUAocLBLy86jFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUwNTIwMTM0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWM2YzNjNDExNzVhY2JjZGM3MDY4MmI2NjQ2YWY3NGVlN2NiYzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD0QS4IgcCn34tMAVs4nI02luOmZ
jQLwyMQP7Z8i0KuoGEDWPjnVV4MDRBTUqv3YkvYKGvK3IOpTEn7oCEogK8sTMIgs
ufajR895lkgZ8oOUuQb9HMV2n5SZUqPxm+tTFmXooyxQIbWJ1fJyjm7DF/JDYfYk
S/u1GfXjaPlqR3pmYfTWbB4ZMUGB7zTXFc3g99R7ARQfCZWAKpTU6xbmdkMzdD6z
3vGqrguqNBwHbzX2aSwiGQ5ri2iJI0boXIl3FsjV8d+nAD66+jO1oWJLKP1J/nQP
kXVEZ8lTQBndDSGI7D/iIjE0/KifVYNndOx4jRmRyAdvEenawbgP4hQ3UQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCrGw8QRday83HBoK2ZGr3TufLwLMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvS3NiRHhCRjFyTHpjY0dnclprYXZkTzU4dkFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwMAwDBAFcRwID
BAFcRwQwDAMEAVxHGgMEBVxHADAMAwQEXEcwAwQCXEc4AwQBXEc+MA0GCSqGSIb3
DQEBCwUAA4IBAQBjei1cl2NGElIjHPPVHNngjSNAth7PcoGzLhVu/l8AkXP4ljgo
1qJMH8j9obCgoV3e9kdRYXcU/SEZuNP5FSAhL15RH2py9zyyTMGIqPaS6zKE6ogI
aM76H+M2Rrpoh3GL6Vxlag/aEkpEYbiq060fFDY13ZnJRAsNZ50QiGqDsYRz2VeB
bkSeh6IeSnBZdTsd9qvU5mXxH5IrIazx1CQ37483BPVW8Mx87A+g4YfLcQLGtGKo
1SRUM+E1TbG5NnZAW2gaxfvmppbQeNKDpKsc6K7D0PdareQzzj5i4PowM3EDkG5Q
T5mt0dCSQHpDTbnCyN7WcBxIB2XPCN/M9H1p
-----END CERTIFICATE-----
Generated at Mon Jun 9 18:50:55 2025 by rpki-client