Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/UhE3-Gayrt91PjRl5i7jwgbTmKA.roa
File:                     UhE3-Gayrt91PjRl5i7jwgbTmKA.roa (raw, json)
Hash identifier:          9aZDbWtKllRn1z0ixivXpLO8SOYRbYMp+7GVmqOLvG0=
Subject key identifier:   52:11:37:F8:66:B2:AE:DF:75:3E:34:65:E6:2E:E3:C2:06:D3:98:A0
Certificate issuer:       /CN=c44db8b0983acf97a3255152c2ea592adae7735b
Certificate serial:       0191F585711E739A5F4A0BE7FF5635CEB692
Authority key identifier: C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/UhE3-Gayrt91PjRl5i7jwgbTmKA.roa
Signing time:             Sun 15 Sep 2024 11:50:48 +0000
ROA not before:           Sun 15 Sep 2024 11:50:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     20473
IP address blocks:        91.216.138.0/24 maxlen: 24
                          91.229.228.0/24 maxlen: 24
                          93.180.208.0/22 maxlen: 24
                          119.13.224.0/20 maxlen: 20
                          134.199.64.0/19 maxlen: 19
                          136.227.160.0/19 maxlen: 19
                          193.37.136.0/24 maxlen: 24
                          193.105.176.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Sun 15 Sep 2024 14:30:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:f5:85:71:1e:73:9a:5f:4a:0b:e7:ff:56:35:ce:b6:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c44db8b0983acf97a3255152c2ea592adae7735b
        Validity
            Not Before: Sep 15 11:50:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=521137f866b2aedf753e3465e62ee3c206d398a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:0b:d9:da:51:88:f7:92:cb:4f:b5:9e:83:ab:
                    b4:27:48:a9:2e:29:4d:53:c3:08:26:ba:4e:92:11:
                    58:f9:80:a9:77:29:93:da:fd:ce:45:33:16:b5:0f:
                    c8:03:e7:a3:c7:97:28:71:2c:04:ce:b6:58:68:c7:
                    df:24:8d:19:e4:e0:16:7e:54:fb:03:a8:c2:55:0d:
                    e2:83:79:87:7d:30:a5:3e:d1:f7:70:ea:6a:00:df:
                    37:04:f5:a0:bb:3a:9f:8e:2d:49:33:ce:1a:42:9f:
                    4f:f5:ad:b1:27:c2:76:c8:5b:11:ca:49:d4:44:a1:
                    ac:6b:ed:9e:76:0c:68:9f:f9:f0:9c:1e:c7:88:28:
                    8f:6a:c0:ee:f2:c2:a8:fb:8f:5b:d3:a2:d4:ae:d1:
                    19:94:6f:48:ab:90:ef:f6:f2:5e:60:1a:20:34:d4:
                    99:b6:d0:61:1d:9f:6a:69:25:09:56:57:4d:87:da:
                    32:08:5c:7a:f3:20:42:e5:ec:da:4d:8a:b7:06:3e:
                    87:3d:28:98:ff:f7:1b:6c:2c:8b:72:1b:05:a1:e2:
                    25:ee:e6:fd:f8:66:53:f2:ef:bd:42:e9:d9:d9:da:
                    d0:ee:5a:ce:06:86:64:71:ff:df:ee:57:f6:97:14:
                    b7:76:a9:09:51:67:a9:2b:a8:98:c0:c7:fd:7f:2b:
                    cc:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:11:37:F8:66:B2:AE:DF:75:3E:34:65:E6:2E:E3:C2:06:D3:98:A0
            X509v3 Authority Key Identifier:
                keyid:C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/UhE3-Gayrt91PjRl5i7jwgbTmKA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.216.138.0/24
                  91.229.228.0/24
                  93.180.208.0/22
                  119.13.224.0/20
                  134.199.64.0/19
                  136.227.160.0/19
                  193.37.136.0/24
                  193.105.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:64:93:53:93:f0:0b:65:65:07:8d:3a:4e:4a:26:ca:3d:85:
         28:b8:95:30:de:a4:62:61:74:c5:b7:00:b3:df:ba:a7:be:62:
         74:26:c2:ee:a9:3d:ba:4c:c5:45:c7:b5:4d:20:bf:67:bc:bd:
         65:9a:7b:57:b7:a8:c8:dd:32:47:6b:f6:43:07:f9:87:5a:c6:
         9c:fb:2e:b9:6a:ed:57:e3:d4:ff:ae:c8:dc:22:a9:12:8b:c3:
         4c:4a:a5:57:66:78:42:16:77:b9:ba:85:32:1a:ca:61:85:e7:
         2c:40:f9:e3:44:da:1d:ac:ec:77:36:5d:0a:57:32:b3:ae:69:
         ab:77:1d:c6:67:af:3c:d0:79:3b:7e:e2:53:72:cb:71:8f:6e:
         e5:1e:7a:f3:8a:98:bd:1a:2a:e6:2b:d6:48:a1:61:e2:bd:5a:
         52:ec:a9:c8:bf:02:16:d4:a1:0a:c0:6d:71:de:e0:d2:22:f5:
         a8:c7:f2:5a:24:54:a1:5e:e8:e9:e8:ee:16:65:c0:28:88:96:
         d3:55:ac:09:a9:5d:05:3d:74:61:77:8f:2b:48:96:b4:bc:3d:
         67:f6:e6:bf:59:e4:cd:08:86:f2:60:00:af:11:5f:d2:cb:b5:
         48:b9:34:32:84:66:95:29:63:30:35:60:82:fa:9d:28:fd:fa:
         79:77:c8:d8
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZH1hXEec5pfSgvn/1Y1zraSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NGRiOGIwOTgzYWNmOTdhMzI1NTE1MmMyZWE1OTJhZGFl
NzczNWIwHhcNMjQwOTE1MTE1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjExMzdmODY2YjJhZWRmNzUzZTM0NjVlNjJlZTNjMjA2ZDM5OGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAvZ2lGI95LLT7Weg6u0J0ipLilN
U8MIJrpOkhFY+YCpdymT2v3ORTMWtQ/IA+ejx5cocSwEzrZYaMffJI0Z5OAWflT7
A6jCVQ3ig3mHfTClPtH3cOpqAN83BPWguzqfji1JM84aQp9P9a2xJ8J2yFsRyknU
RKGsa+2edgxon/nwnB7HiCiPasDu8sKo+49b06LUrtEZlG9Iq5Dv9vJeYBogNNSZ
ttBhHZ9qaSUJVldNh9oyCFx68yBC5ezaTYq3Bj6HPSiY//cbbCyLchsFoeIl7ub9
+GZT8u+9QunZ2drQ7lrOBoZkcf/f7lf2lxS3dqkJUWepK6iYwMf9fyvMdwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFIRN/hmsq7fdT40ZeYu48IG05igMB8GA1UdIwQY
MBaAFMRNuLCYOs+XoyVRUsLqWSra53NbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYt
ZWVkZDk0ZWMxMjhjLzEvVWhFMy1HYXlydDkxUGpSbDVpN2p3Z2JUbUtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYtZWVkZDk0ZWMxMjhj
LzEveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAW9iKAwQA
W+XkAwQCXbTQAwQEdw3gAwQFhsdAAwQFiOOgAwQAwSWIAwQAwWmwMA0GCSqGSIb3
DQEBCwUAA4IBAQBoZJNTk/ALZWUHjTpOSibKPYUouJUw3qRiYXTFtwCz37qnvmJ0
JsLuqT26TMVFx7VNIL9nvL1lmntXt6jI3TJHa/ZDB/mHWsac+y65au1X49T/rsjc
IqkSi8NMSqVXZnhCFne5uoUyGsphhecsQPnjRNodrOx3Nl0KVzKzrmmrdx3GZ688
0Hk7fuJTcstxj27lHnrzipi9GirmK9ZIoWHivVpS7KnIvwIW1KEKwG1x3uDSIvWo
x/JaJFShXujp6O4WZcAoiJbTVawJqV0FPXRhd48rSJa0vD1n9ua/WeTNCIbyYACv
EV/Sy7VIuTQyhGaVKWMwNWCC+p0o/fp5d8jY
-----END CERTIFICATE-----
Generated at Tue Jun 10 03:31:21 2025 by rpki-client