Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c3f995-86ef-4a67-acac-e4391fbcaf14/1/Yq8G77lhAMthh3mS4Bfeh-1JeBo.roa
File:                     Yq8G77lhAMthh3mS4Bfeh-1JeBo.roa (raw, json)
Hash identifier:          sBU4e4boIymKcQlY+12NF2LuUgoKuKKemCIbRV5+9C8=
Subject key identifier:   62:AF:06:EF:B9:61:00:CB:61:87:79:92:E0:17:DE:87:ED:49:78:1A
Certificate issuer:       /CN=6ce3fb867861daafd781279897fe25a8eb371468
Certificate serial:       0193CF9A41C99EE72927B647992AC1C9F843
Authority key identifier: 6C:E3:FB:86:78:61:DA:AF:D7:81:27:98:97:FE:25:A8:EB:37:14:68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bOP7hnhh2q_XgSeYl_4lqOs3FGg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c3f995-86ef-4a67-acac-e4391fbcaf14/1/Yq8G77lhAMthh3mS4Bfeh-1JeBo.roa
Signing time:             Mon 16 Dec 2024 13:13:33 +0000
ROA not before:           Mon 16 Dec 2024 13:13:33 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     196954
IP address blocks:        185.28.116.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Wed 01 Jan 2025 17:48:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:cf:9a:41:c9:9e:e7:29:27:b6:47:99:2a:c1:c9:f8:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ce3fb867861daafd781279897fe25a8eb371468
        Validity
            Not Before: Dec 16 13:13:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=62af06efb96100cb61877992e017de87ed49781a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:82:b9:78:51:d0:40:bf:c2:a7:eb:53:cd:9d:
                    1e:08:b4:ee:46:a6:ba:04:d0:72:69:cd:e0:d3:9d:
                    13:c8:f7:2f:83:99:5b:c7:a8:94:39:8b:2c:50:e0:
                    67:ad:a9:3b:d6:7b:66:db:ed:ef:62:8e:47:d2:aa:
                    db:2c:ea:3b:3c:65:b5:55:0c:7e:62:f5:87:6c:14:
                    85:f5:ca:b3:0a:19:76:53:b0:8d:8b:ec:67:6b:17:
                    53:d0:09:03:14:21:3a:23:31:ca:44:4f:a7:90:95:
                    94:d0:e4:d2:3a:9f:b5:3b:3f:16:84:a6:7d:05:b8:
                    b1:4a:be:eb:b6:c0:f2:d2:0e:92:5a:67:24:87:ce:
                    64:cd:92:fc:c0:ba:50:e6:77:60:2c:36:6d:08:6f:
                    6e:cf:81:1b:7b:82:e4:cd:06:e5:5c:34:12:73:c4:
                    ba:73:a1:7c:d1:0b:0d:2e:bc:43:57:8a:02:c0:06:
                    2d:09:c4:df:29:4f:b3:9a:5e:5c:96:d1:bb:43:5c:
                    5f:4d:8e:a2:77:21:2c:86:d8:4f:c7:83:1e:8c:60:
                    9a:7f:38:9e:0b:be:89:41:d8:a3:77:8f:b6:9f:1d:
                    6d:20:b8:a7:9a:9c:03:4c:06:b4:0b:2e:49:99:26:
                    a0:4b:c7:b6:4f:43:0b:69:e4:fa:c4:2d:8c:62:2b:
                    2d:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:AF:06:EF:B9:61:00:CB:61:87:79:92:E0:17:DE:87:ED:49:78:1A
            X509v3 Authority Key Identifier:
                keyid:6C:E3:FB:86:78:61:DA:AF:D7:81:27:98:97:FE:25:A8:EB:37:14:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOP7hnhh2q_XgSeYl_4lqOs3FGg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c3f995-86ef-4a67-acac-e4391fbcaf14/1/Yq8G77lhAMthh3mS4Bfeh-1JeBo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c3f995-86ef-4a67-acac-e4391fbcaf14/1/bOP7hnhh2q_XgSeYl_4lqOs3FGg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.28.116.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:5b:12:66:28:8b:35:63:0c:f4:91:2f:46:fa:07:40:6f:e4:
         06:e3:d6:60:79:ee:fb:bb:47:4b:7c:f3:94:c7:9e:21:8e:dd:
         b5:37:21:c9:fb:10:c4:7d:09:15:e7:74:44:4e:df:20:76:fc:
         88:a2:67:72:ca:48:47:f8:d4:c7:12:de:2e:c7:d1:4e:72:b4:
         a5:4e:e7:df:c7:94:61:d8:c0:1c:c5:6d:1e:b4:c8:b5:aa:e3:
         f7:fb:1a:80:99:cb:44:50:6c:83:de:92:60:07:80:6d:fa:ce:
         26:84:1c:26:08:9f:e8:c0:ef:93:10:c1:f7:ac:01:3a:9a:60:
         37:30:69:66:38:d2:3f:f2:32:2d:a5:0d:87:e0:d0:24:6e:39:
         09:5a:4e:73:0b:67:0b:20:0c:20:d9:ac:d0:c0:84:6c:1d:ec:
         e6:a4:a5:27:1d:d6:0f:06:1c:45:e2:34:76:0a:a7:7c:23:70:
         ce:26:9c:44:38:0a:0c:a8:60:b9:d7:65:98:00:94:fe:b8:e6:
         5b:75:62:c2:96:bb:b2:a9:5c:ab:df:3f:4a:b2:b2:96:a1:5c:
         7d:3e:21:6d:0c:2a:54:8f:94:3e:bf:60:ac:13:f9:8e:91:81:
         c0:16:7d:61:ed:90:47:26:6c:b1:f1:32:ef:f3:4f:e3:46:79:
         cf:b9:88:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPPmkHJnucpJ7ZHmSrByfhDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTNmYjg2Nzg2MWRhYWZkNzgxMjc5ODk3ZmUyNWE4ZWIz
NzE0NjgwHhcNMjQxMjE2MTMxMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmFmMDZlZmI5NjEwMGNiNjE4Nzc5OTJlMDE3ZGU4N2VkNDk3ODFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYK5eFHQQL/Cp+tTzZ0eCLTuRqa6
BNByac3g050TyPcvg5lbx6iUOYssUOBnrak71ntm2+3vYo5H0qrbLOo7PGW1VQx+
YvWHbBSF9cqzChl2U7CNi+xnaxdT0AkDFCE6IzHKRE+nkJWU0OTSOp+1Oz8WhKZ9
BbixSr7rtsDy0g6SWmckh85kzZL8wLpQ5ndgLDZtCG9uz4Ebe4LkzQblXDQSc8S6
c6F80QsNLrxDV4oCwAYtCcTfKU+zml5cltG7Q1xfTY6idyEshthPx4MejGCafzie
C76JQdijd4+2nx1tILinmpwDTAa0Cy5JmSagS8e2T0MLaeT6xC2MYist4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGKvBu+5YQDLYYd5kuAX3oftSXgaMB8GA1UdIwQY
MBaAFGzj+4Z4Ydqv14EnmJf+JajrNxRoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9QN2huaGgycV9YZ1NlWWxfNGxxT3MzRkdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jM2Y5OTUtODZlZi00YTY3LWFjYWMt
ZTQzOTFmYmNhZjE0LzEvWXE4Rzc3bGhBTXRoaDNtUzRCZmVoLTFKZUJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jM2Y5OTUtODZlZi00YTY3LWFjYWMtZTQzOTFmYmNhZjE0
LzEvYk9QN2huaGgycV9YZ1NlWWxfNGxxT3MzRkdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRx0MA0G
CSqGSIb3DQEBCwUAA4IBAQA5WxJmKIs1Ywz0kS9G+gdAb+QG49Zgee77u0dLfPOU
x54hjt21NyHJ+xDEfQkV53RETt8gdvyIomdyykhH+NTHEt4ux9FOcrSlTuffx5Rh
2MAcxW0etMi1quP3+xqAmctEUGyD3pJgB4Bt+s4mhBwmCJ/owO+TEMH3rAE6mmA3
MGlmONI/8jItpQ2H4NAkbjkJWk5zC2cLIAwg2azQwIRsHezmpKUnHdYPBhxF4jR2
Cqd8I3DOJpxEOAoMqGC512WYAJT+uOZbdWLClruyqVyr3z9KsrKWoVx9PiFtDCpU
j5Q+v2CsE/mOkYHAFn1h7ZBHJmyx8TLv80/jRnnPuYhF
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:03:39 2025 by rpki-client