Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/HOu5wmSXajGWOICNHvlkbrTN3ms.roa
File:                     HOu5wmSXajGWOICNHvlkbrTN3ms.roa (raw, json)
Hash identifier:          J0zMSZc16AJM2RbJGwM+/AiZRkVae6Q9nHkORMXGqAk=
Subject key identifier:   1C:EB:B9:C2:64:97:6A:31:96:38:80:8D:1E:F9:64:6E:B4:CD:DE:6B
Certificate issuer:       /CN=bbffd123cb93e24e025f952842108402958d4a4c
Certificate serial:       0196C9E464BAF1589278DC9C3E5BCB582902
Authority key identifier: BB:FF:D1:23:CB:93:E2:4E:02:5F:95:28:42:10:84:02:95:8D:4A:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u__RI8uT4k4CX5UoQhCEApWNSkw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/HOu5wmSXajGWOICNHvlkbrTN3ms.roa
Signing time:             Tue 13 May 2025 13:45:10 +0000
ROA not before:           Tue 13 May 2025 13:45:10 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     15830
IP address blocks:        147.28.138.0/23 maxlen: 23
                          147.28.164.0/23 maxlen: 23
                          147.28.176.0/23 maxlen: 23
                          147.28.222.0/23 maxlen: 23
                          147.28.241.0/24 maxlen: 24
                          147.75.40.0/23 maxlen: 23
                          147.75.206.0/24 maxlen: 24
                          147.75.207.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Thu 15 May 2025 21:27:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c9:e4:64:ba:f1:58:92:78:dc:9c:3e:5b:cb:58:29:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bbffd123cb93e24e025f952842108402958d4a4c
        Validity
            Not Before: May 13 13:45:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=1cebb9c264976a319638808d1ef9646eb4cdde6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:7c:ff:4c:88:70:7f:fc:50:3b:e0:96:0f:70:
                    40:7f:0b:a1:55:30:dd:de:e6:6f:ee:47:63:89:0b:
                    c4:d3:11:28:b4:32:e1:6e:2d:8f:ea:e6:fd:36:e9:
                    76:bc:a2:3e:0e:bb:54:dc:c7:65:54:de:79:8d:e1:
                    83:ed:fe:14:90:39:68:ce:19:32:56:7b:95:40:3a:
                    16:82:99:7c:31:32:03:de:4c:c3:46:59:df:6c:75:
                    32:ab:cc:50:07:b2:3e:96:0f:e7:24:e3:52:d9:75:
                    de:f0:f8:c5:13:82:9c:80:ef:ac:da:ca:1e:b5:df:
                    de:ec:4e:49:ab:b6:d5:cd:03:78:fc:0b:19:9a:f9:
                    17:2e:45:6a:45:a7:78:b9:bb:25:0d:17:52:c1:83:
                    24:71:64:a5:09:66:95:cc:78:72:6f:88:05:f0:51:
                    de:ce:09:35:9d:54:8d:04:92:65:a1:e7:f6:01:ad:
                    dc:9b:38:d3:1b:8e:c5:6e:d2:58:ca:3b:3f:ec:27:
                    e7:93:28:9f:59:03:de:b4:68:61:26:7e:23:2b:9c:
                    9c:8c:2e:58:41:4e:f1:d1:fe:04:77:55:a4:2d:b2:
                    94:2e:15:5d:e5:79:80:c1:6c:f6:a7:62:9f:02:95:
                    68:73:cc:05:b4:4a:3c:67:3d:c0:64:87:8a:40:84:
                    8c:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:EB:B9:C2:64:97:6A:31:96:38:80:8D:1E:F9:64:6E:B4:CD:DE:6B
            X509v3 Authority Key Identifier:
                keyid:BB:FF:D1:23:CB:93:E2:4E:02:5F:95:28:42:10:84:02:95:8D:4A:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u__RI8uT4k4CX5UoQhCEApWNSkw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/HOu5wmSXajGWOICNHvlkbrTN3ms.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/u__RI8uT4k4CX5UoQhCEApWNSkw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.28.138.0/23
                  147.28.164.0/23
                  147.28.176.0/23
                  147.28.222.0/23
                  147.28.241.0/24
                  147.75.40.0/23
                  147.75.206.0/23

    Signature Algorithm: sha256WithRSAEncryption
         50:ab:31:4a:19:11:f1:1b:fe:99:7b:97:ab:77:4b:cf:6c:9f:
         df:11:9c:c5:52:aa:28:93:af:bc:01:33:10:ac:e4:53:1c:e6:
         d0:05:7b:34:74:69:20:cd:21:3c:d8:fb:26:6d:f0:3b:69:7f:
         3e:70:3d:95:ab:10:fa:dc:d3:e5:70:54:10:1f:d4:a0:44:cf:
         97:d5:96:15:02:b7:1a:8f:5c:98:c6:d0:15:9d:95:12:29:ec:
         9d:7b:d4:2d:96:eb:30:c3:b6:d6:85:8f:e0:6c:87:61:72:81:
         3b:80:a5:70:66:94:c0:3a:d2:5d:3e:ea:31:95:a5:ed:d7:bd:
         a2:3c:4b:66:0e:2e:7d:20:e6:f1:79:c0:a4:a3:af:61:06:67:
         e5:e3:33:04:3e:f3:6f:fa:92:b4:71:b0:77:8f:1f:bc:7c:3c:
         cb:2e:ab:62:5d:74:74:45:96:cf:09:c8:97:2f:ac:f0:36:8e:
         46:7d:8c:f4:ea:c6:82:75:ec:23:58:56:c4:1b:57:cc:24:a0:
         66:72:3b:21:d1:26:fb:dc:1e:61:d7:c9:c5:d0:89:c2:3e:c9:
         3a:94:52:a8:8b:32:72:7f:f7:fc:8c:56:0c:34:98:b9:b1:ad:
         d6:a9:9d:f7:0d:0d:19:19:eb:ad:6c:19:22:98:f1:1d:4b:c3:
         67:3e:f5:ed
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZbJ5GS68ViSeNycPlvLWCkCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZmZkMTIzY2I5M2UyNGUwMjVmOTUyODQyMTA4NDAyOTU4
ZDRhNGMwHhcNMjUwNTEzMTM0NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2ViYjljMjY0OTc2YTMxOTYzODgwOGQxZWY5NjQ2ZWI0Y2RkZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnz/TIhwf/xQO+CWD3BAfwuhVTDd
3uZv7kdjiQvE0xEotDLhbi2P6ub9Nul2vKI+DrtU3MdlVN55jeGD7f4UkDlozhky
VnuVQDoWgpl8MTID3kzDRlnfbHUyq8xQB7I+lg/nJONS2XXe8PjFE4KcgO+s2soe
td/e7E5Jq7bVzQN4/AsZmvkXLkVqRad4ubslDRdSwYMkcWSlCWaVzHhyb4gF8FHe
zgk1nVSNBJJloef2Aa3cmzjTG47FbtJYyjs/7CfnkyifWQPetGhhJn4jK5ycjC5Y
QU7x0f4Ed1WkLbKULhVd5XmAwWz2p2KfApVoc8wFtEo8Zz3AZIeKQISMowIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBzrucJkl2oxljiAjR75ZG60zd5rMB8GA1UdIwQY
MBaAFLv/0SPLk+JOAl+VKEIQhAKVjUpMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdV9fUkk4dVQ0azRDWDVVb1FoQ0VBcFdOU2t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC81ZGNmYzktNTdkYS00MDdmLWE2YjIt
YWM0YTQwNjE3NDZkLzEvSE91NXdtU1hhakdXT0lDTkh2bGticlROM21zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC81ZGNmYzktNTdkYS00MDdmLWE2YjItYWM0YTQwNjE3NDZk
LzEvdV9fUkk4dVQ0azRDWDVVb1FoQ0VBcFdOU2t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBkxyKAwQB
kxykAwQBkxywAwQBkxzeAwQAkxzxAwQBk0soAwQBk0vOMA0GCSqGSIb3DQEBCwUA
A4IBAQBQqzFKGRHxG/6Ze5erd0vPbJ/fEZzFUqook6+8ATMQrORTHObQBXs0dGkg
zSE82PsmbfA7aX8+cD2VqxD63NPlcFQQH9SgRM+X1ZYVArcaj1yYxtAVnZUSKeyd
e9Qtlusww7bWhY/gbIdhcoE7gKVwZpTAOtJdPuoxlaXt172iPEtmDi59IObxecCk
o69hBmfl4zMEPvNv+pK0cbB3jx+8fDzLLqtiXXR0RZbPCciXL6zwNo5GfYz06saC
dewjWFbEG1fMJKBmcjsh0Sb73B5h18nF0InCPsk6lFKoizJyf/f8jFYMNJi5sa3W
qZ33DQ0ZGeutbBkimPEdS8NnPvXt
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:22:40 2025 by rpki-client