Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ExjRZx9zIozok8TJbx2Xmkeqy0U.roa
File:                     ExjRZx9zIozok8TJbx2Xmkeqy0U.roa (raw, json)
Hash identifier:          6PvcB4crZD3J5q3srSAHJiw6lX2CM3yuBMaQ6eBlezk=
Subject key identifier:   13:18:D1:67:1F:73:22:8C:E8:93:C4:C9:6F:1D:97:9A:47:AA:CB:45
Certificate issuer:       /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial:       0197307F39F466859AD96C97DB83B06E481E
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ExjRZx9zIozok8TJbx2Xmkeqy0U.roa
Signing time:             Mon 02 Jun 2025 11:55:33 +0000
ROA not before:           Mon 02 Jun 2025 11:55:33 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     49791
IP address blocks:        45.43.137.0/24 maxlen: 24
                          64.137.9.0/24 maxlen: 24
                          104.222.177.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 02 Jun 2025 14:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:30:7f:39:f4:66:85:9a:d9:6c:97:db:83:b0:6e:48:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
        Validity
            Not Before: Jun  2 11:55:33 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=1318d1671f73228ce893c4c96f1d979a47aacb45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:13:92:0f:24:5d:b7:a1:9a:9d:fb:00:27:95:
                    e0:11:92:d2:2a:92:af:7d:e8:10:79:16:88:8a:9b:
                    5a:8f:f1:a1:c6:ea:83:0b:d3:e6:b4:a5:5a:48:2f:
                    6c:7c:f0:9e:c1:8c:f1:47:b2:fa:2b:c7:01:1e:7c:
                    76:08:63:93:bd:74:e0:68:f7:bb:b6:4c:c6:a1:e7:
                    1e:d0:ca:2c:d9:17:b3:83:58:5a:aa:7c:31:94:8c:
                    d8:d4:45:c9:09:dc:be:4d:bd:7d:e5:3a:97:a8:26:
                    f6:07:14:85:fa:18:f4:f4:63:23:92:6c:af:a4:27:
                    c2:11:a6:6f:bc:56:dc:51:ae:58:17:1b:2b:b2:2c:
                    d1:87:1f:58:bf:7f:c4:28:a9:a8:16:eb:3b:f3:eb:
                    a5:98:04:ae:bf:68:a2:d7:d7:49:5f:81:af:80:41:
                    d1:29:94:1d:29:94:e1:e2:11:c0:41:3b:f3:f4:2b:
                    a2:35:04:c2:62:62:b6:9a:f7:12:2e:e5:35:5a:03:
                    95:a7:74:2e:59:3a:8f:d6:76:a9:be:db:7b:f0:4d:
                    61:73:44:89:58:83:d7:b0:0f:b1:54:15:6c:17:6e:
                    95:7e:9d:e0:da:62:0d:e7:ac:2b:17:18:64:6e:b4:
                    99:0b:62:2c:b2:42:7e:aa:90:a5:7f:33:da:66:01:
                    72:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:18:D1:67:1F:73:22:8C:E8:93:C4:C9:6F:1D:97:9A:47:AA:CB:45
            X509v3 Authority Key Identifier:
                keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ExjRZx9zIozok8TJbx2Xmkeqy0U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.43.137.0/24
                  64.137.9.0/24
                  104.222.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:e7:4b:0b:8a:ec:ff:da:19:a3:26:1d:30:05:80:0e:7c:74:
         f9:43:73:b9:0b:f5:02:9f:ac:a7:00:2b:0c:47:63:06:e7:7d:
         43:53:b0:b5:48:21:2e:e6:94:4a:6c:d3:0f:c9:bd:81:bc:c8:
         31:97:ab:e8:8f:bc:50:0f:04:67:b9:de:d9:88:2e:47:ec:ed:
         56:8a:cc:86:6d:84:99:43:db:50:36:8f:80:b7:55:1b:5c:01:
         8d:f5:87:8f:8d:f8:9f:3b:63:54:5d:72:00:71:69:8b:2d:8f:
         8a:9d:5a:39:ed:ba:2e:94:1b:19:70:74:56:b9:51:43:84:b2:
         b1:0c:97:52:d2:54:7e:9d:68:4f:46:73:31:cf:78:08:50:55:
         66:28:50:f8:a4:2b:9d:e5:dd:b7:53:03:03:af:81:3d:43:71:
         dd:c8:91:d1:f6:9f:1b:0a:51:d2:fa:53:73:e7:23:e5:77:eb:
         af:a6:df:cb:2b:e2:13:f0:87:9f:ca:5d:e4:ec:3b:3b:f9:b0:
         df:e1:68:56:06:78:19:0b:60:ad:e8:17:fa:02:50:14:4c:68:
         b1:97:85:52:15:6d:25:ab:c3:7d:0d:42:cf:88:ba:9d:b8:e5:
         12:07:72:cc:ab:f6:04:2b:d4:1d:7d:5e:9e:45:48:85:5a:8b:
         93:43:d6:13
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZcwfzn0ZoWa2WyX24OwbkgeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwNjAyMTE1NTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzE4ZDE2NzFmNzMyMjhjZTg5M2M0Yzk2ZjFkOTc5YTQ3YWFjYjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkROSDyRdt6GanfsAJ5XgEZLSKpKv
fegQeRaIiptaj/GhxuqDC9PmtKVaSC9sfPCewYzxR7L6K8cBHnx2CGOTvXTgaPe7
tkzGoece0Mos2Rezg1haqnwxlIzY1EXJCdy+Tb195TqXqCb2BxSF+hj09GMjkmyv
pCfCEaZvvFbcUa5YFxsrsizRhx9Yv3/EKKmoFus78+ulmASuv2ii19dJX4GvgEHR
KZQdKZTh4hHAQTvz9CuiNQTCYmK2mvcSLuU1WgOVp3QuWTqP1napvtt78E1hc0SJ
WIPXsA+xVBVsF26Vfp3g2mIN56wrFxhkbrSZC2IsskJ+qpClfzPaZgFyCwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBMY0WcfcyKM6JPEyW8dl5pHqstFMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvRXhqUlp4OXpJb3pvazhUSmJ4Mlhta2VxeTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALSuJAwQA
QIkJAwQAaN6xMA0GCSqGSIb3DQEBCwUAA4IBAQBp50sLiuz/2hmjJh0wBYAOfHT5
Q3O5C/UCn6ynACsMR2MG531DU7C1SCEu5pRKbNMPyb2BvMgxl6voj7xQDwRnud7Z
iC5H7O1WisyGbYSZQ9tQNo+At1UbXAGN9YePjfifO2NUXXIAcWmLLY+KnVo57bou
lBsZcHRWuVFDhLKxDJdS0lR+nWhPRnMxz3gIUFVmKFD4pCud5d23UwMDr4E9Q3Hd
yJHR9p8bClHS+lNz5yPld+uvpt/LK+IT8Iefyl3k7Ds7+bDf4WhWBngZC2Ct6Bf6
AlAUTGixl4VSFW0lq8N9DULPiLqduOUSB3LMq/YEK9QdfV6eRUiFWouTQ9YT
-----END CERTIFICATE-----
Generated at Tue Jun 10 17:20:27 2025 by rpki-client