Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/czdG5-8eM3KN1I0L6DAZZn49hJw.roa
File:                     czdG5-8eM3KN1I0L6DAZZn49hJw.roa (raw, json)
Hash identifier:          VqQ2uu9D2jzHte8TC9Xr+ejn5lGIPNPX+UAigWmCgpI=
Subject key identifier:   73:37:46:E7:EF:1E:33:72:8D:D4:8D:0B:E8:30:19:66:7E:3D:84:9C
Certificate issuer:       /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial:       0196E495E3621166641DEDD7B35BEA482DC4
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/czdG5-8eM3KN1I0L6DAZZn49hJw.roa
Signing time:             Sun 18 May 2025 18:09:10 +0000
ROA not before:           Sun 18 May 2025 18:09:10 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     834
IP address blocks:        144.56.13.0/24 maxlen: 24
                          144.56.17.0/24 maxlen: 24
                          144.56.31.0/24 maxlen: 24
                          144.56.33.0/24 maxlen: 24
                          144.56.34.0/24 maxlen: 24
                          144.56.42.0/24 maxlen: 24
                          144.56.43.0/24 maxlen: 24
                          144.56.44.0/24 maxlen: 24
                          144.56.45.0/24 maxlen: 24
                          144.56.46.0/24 maxlen: 24
                          144.56.47.0/24 maxlen: 24
                          144.56.48.0/24 maxlen: 24
                          144.56.49.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 19 May 2025 20:45:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:e4:95:e3:62:11:66:64:1d:ed:d7:b3:5b:ea:48:2d:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
        Validity
            Not Before: May 18 18:09:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=733746e7ef1e33728dd48d0be83019667e3d849c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:88:0c:88:0f:ae:c3:1a:89:3b:5a:e9:08:82:
                    43:d2:45:93:ef:52:ff:d9:e4:b7:29:01:b7:d8:9c:
                    d8:32:6f:03:8b:bc:37:b6:84:f4:49:79:82:dc:ae:
                    51:4d:06:0e:3c:24:b7:b6:fc:ab:fb:a8:03:55:f8:
                    f2:8e:33:29:16:dc:0d:49:7a:2b:74:b2:1c:26:b3:
                    d7:ee:20:d1:84:54:b1:6e:76:e8:40:de:41:ae:e3:
                    c0:5d:a3:6e:7b:9b:19:c4:a3:11:25:bf:46:e1:d7:
                    f1:bf:d8:61:c1:e4:01:ef:d3:eb:54:7b:1a:05:3a:
                    f5:ea:b6:6f:e8:79:14:08:40:96:70:3c:b5:6f:24:
                    24:51:a9:fa:fd:31:92:53:ba:a1:42:d4:1d:3e:ba:
                    95:ca:2f:66:f4:e7:b8:3a:6b:3e:e5:50:07:e7:e0:
                    3e:67:f3:b9:6d:22:63:41:01:9d:13:7a:50:0e:79:
                    37:dc:71:12:52:18:02:5c:9c:98:fe:aa:1d:5e:f8:
                    bb:01:72:74:5d:52:ad:a1:f9:06:4f:85:3c:f2:bb:
                    65:2a:55:8f:13:e2:6b:48:9a:25:12:71:91:82:99:
                    02:f3:69:2b:97:a7:e6:e9:3d:d0:27:7a:43:19:85:
                    0e:d9:4f:45:fd:db:9a:2d:d6:8e:38:65:7d:48:bf:
                    12:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:37:46:E7:EF:1E:33:72:8D:D4:8D:0B:E8:30:19:66:7E:3D:84:9C
            X509v3 Authority Key Identifier:
                keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/czdG5-8eM3KN1I0L6DAZZn49hJw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  144.56.13.0/24
                  144.56.17.0/24
                  144.56.31.0/24
                  144.56.33.0-144.56.34.255
                  144.56.42.0-144.56.49.255

    Signature Algorithm: sha256WithRSAEncryption
         99:db:4b:4a:3c:e9:b9:7c:74:81:06:dd:06:cb:09:a0:6c:a0:
         05:13:aa:a3:45:0e:38:e2:bd:b3:98:a3:7c:95:89:f4:2b:55:
         9d:9a:06:15:13:69:66:06:c9:5d:01:64:45:cf:23:45:3e:cb:
         01:f5:61:53:8f:5a:82:78:ae:d6:a7:90:61:00:50:9b:43:c7:
         3e:f9:01:5b:53:a5:94:3c:1f:04:11:af:1c:d1:24:e0:5a:cb:
         1a:5c:1c:b7:f7:98:cb:28:68:df:44:02:c4:fb:6d:56:98:c5:
         92:85:a0:97:ff:22:54:9d:20:06:ac:06:5a:73:ea:b2:ff:e2:
         db:e0:e6:13:f3:dd:20:79:78:84:f2:4f:ab:d7:92:90:26:5a:
         5e:05:ea:0f:92:1b:6f:7c:1f:4c:92:98:40:29:9e:1e:a6:4c:
         26:d2:0f:a3:e8:19:9b:a5:4c:bc:8e:59:f4:79:33:62:74:76:
         98:ba:ef:98:e4:ee:be:57:ae:dd:b6:2a:36:3e:ee:1c:03:66:
         78:3b:2c:d3:37:41:3e:0b:73:ee:7d:96:15:cb:67:13:f0:9a:
         5b:6a:d8:2d:c7:fc:5a:37:0c:73:06:68:ec:50:02:e8:ff:8f:
         68:9a:c0:3e:13:49:56:d9:b9:3d:9b:77:7f:42:64:0c:f9:8c:
         a6:9a:0d:84
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZbkleNiEWZkHe3Xs1vqSC3EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwNTE4MTgwOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzM3NDZlN2VmMWUzMzcyOGRkNDhkMGJlODMwMTk2NjdlM2Q4NDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ogMiA+uwxqJO1rpCIJD0kWT71L/
2eS3KQG32JzYMm8Di7w3toT0SXmC3K5RTQYOPCS3tvyr+6gDVfjyjjMpFtwNSXor
dLIcJrPX7iDRhFSxbnboQN5BruPAXaNue5sZxKMRJb9G4dfxv9hhweQB79PrVHsa
BTr16rZv6HkUCECWcDy1byQkUan6/TGSU7qhQtQdPrqVyi9m9Oe4Oms+5VAH5+A+
Z/O5bSJjQQGdE3pQDnk33HESUhgCXJyY/qodXvi7AXJ0XVKtofkGT4U88rtlKlWP
E+JrSJolEnGRgpkC82krl6fm6T3QJ3pDGYUO2U9F/duaLdaOOGV9SL8SQQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFHM3RufvHjNyjdSNC+gwGWZ+PYScMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvY3pkRzUtOGVNM0tOMUkwTDZEQVpabjQ5aEp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQAkDgNAwQA
kDgRAwQAkDgfMAwDBACQOCEDBACQOCIwDAMEAZA4KgMEAZA4MDANBgkqhkiG9w0B
AQsFAAOCAQEAmdtLSjzpuXx0gQbdBssJoGygBROqo0UOOOK9s5ijfJWJ9CtVnZoG
FRNpZgbJXQFkRc8jRT7LAfVhU49agniu1qeQYQBQm0PHPvkBW1OllDwfBBGvHNEk
4FrLGlwct/eYyyho30QCxPttVpjFkoWgl/8iVJ0gBqwGWnPqsv/i2+DmE/PdIHl4
hPJPq9eSkCZaXgXqD5Ibb3wfTJKYQCmeHqZMJtIPo+gZm6VMvI5Z9HkzYnR2mLrv
mOTuvleu3bYqNj7uHANmeDss0zdBPgtz7n2WFctnE/CaW2rYLcf8WjcMcwZo7FAC
6P+PaJrAPhNJVtm5PZt3f0JkDPmMppoNhA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:48:37 2025 by rpki-client