Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/mzZEFenY7jWH6EdAv4VAPU9F1KU.roa
File:                     mzZEFenY7jWH6EdAv4VAPU9F1KU.roa (raw, json)
Hash identifier:          Ka5rxmcx9AG0c5zrWikxLShNIrVAHKBOMbNdhegVcKM=
Subject key identifier:   9B:36:44:15:E9:D8:EE:35:87:E8:47:40:BF:85:40:3D:4F:45:D4:A5
Certificate issuer:       /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial:       018FDE605B605A70630845D907AB5AC848F4
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/mzZEFenY7jWH6EdAv4VAPU9F1KU.roa
Signing time:             Mon 03 Jun 2024 13:53:27 +0000
ROA not before:           Mon 03 Jun 2024 13:53:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     0
IP address blocks:        2.57.241.0/24 maxlen: 24
                          45.135.181.0/24 maxlen: 24
                          45.135.182.0/24 maxlen: 24
                          45.135.183.0/24 maxlen: 24
                          45.144.172.0/24 maxlen: 24
                          86.105.4.0/24 maxlen: 24
                          86.107.100.0/24 maxlen: 24
                          89.34.106.0/24 maxlen: 24
                          92.114.32.0/24 maxlen: 24
                          93.114.183.0/24 maxlen: 24
                          188.64.142.0/24 maxlen: 24
                          188.208.103.0/24 maxlen: 24
                          217.19.4.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Sat 08 Jun 2024 07:35:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:de:60:5b:60:5a:70:63:08:45:d9:07:ab:5a:c8:48:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
        Validity
            Not Before: Jun  3 13:53:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9b364415e9d8ee3587e84740bf85403d4f45d4a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:77:93:02:92:90:f1:da:dd:92:d5:e8:e1:b4:
                    36:80:c4:87:e6:17:af:60:4c:d5:be:45:ad:7f:54:
                    97:0b:4c:1b:7c:fb:99:63:53:3f:db:c7:8d:46:9d:
                    72:6a:57:4d:36:68:f6:8d:42:3b:00:e2:d7:ac:d0:
                    7b:b3:36:73:7b:88:49:0c:dc:97:77:77:0e:95:90:
                    8c:84:5b:51:aa:1d:55:7b:21:e4:3d:b8:af:e6:d1:
                    e3:e9:3a:09:ce:77:a5:c2:82:90:20:4d:63:c5:1b:
                    a0:a1:66:61:fc:40:63:15:dc:40:ba:a6:d5:3f:42:
                    c8:7c:48:e7:95:75:f5:d2:42:df:0f:de:2b:8e:97:
                    3f:9f:0c:c6:cb:c6:2e:fb:67:b0:8d:38:52:8c:d9:
                    c4:8a:e0:b3:1f:e1:1d:2c:c2:91:4f:4c:24:7b:6e:
                    03:a1:63:f5:ff:ac:03:10:82:b6:44:22:f3:ae:81:
                    48:89:e2:a2:7a:e1:5b:db:95:8b:5b:d8:9d:2b:69:
                    65:1e:ef:5b:40:cc:b1:99:a0:ba:bc:ac:db:9c:89:
                    3a:a2:a1:7d:9b:c4:1f:02:40:e9:00:eb:71:1c:d5:
                    6d:d1:00:d9:af:9a:df:cc:c4:0c:94:b2:aa:95:9c:
                    61:52:10:54:b4:07:97:7c:a3:ab:31:eb:ad:db:da:
                    2e:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:36:44:15:E9:D8:EE:35:87:E8:47:40:BF:85:40:3D:4F:45:D4:A5
            X509v3 Authority Key Identifier:
                keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/mzZEFenY7jWH6EdAv4VAPU9F1KU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.57.241.0/24
                  45.135.181.0-45.135.183.255
                  45.144.172.0/24
                  86.105.4.0/24
                  86.107.100.0/24
                  89.34.106.0/24
                  92.114.32.0/24
                  93.114.183.0/24
                  188.64.142.0/24
                  188.208.103.0/24
                  217.19.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:de:1c:0f:cf:5f:ad:e7:2f:6b:9e:cd:f7:de:ec:bd:a4:31:
         2e:dd:21:87:9b:e9:59:fd:cc:32:8b:ba:23:3a:fb:f9:10:23:
         a4:75:aa:4e:8b:3b:47:ad:e2:3d:6c:f6:f5:83:cf:83:d5:61:
         c9:88:bd:46:aa:c2:df:02:31:e8:d7:de:fa:cd:ff:c4:26:87:
         9b:37:13:cd:62:52:eb:a9:17:2f:c3:c6:cd:ef:6d:8f:85:ab:
         0e:98:e8:d2:ff:26:06:f3:5c:1a:23:98:6b:c9:65:ba:30:cc:
         67:f7:23:b3:9a:26:03:36:29:9c:b4:69:a6:0a:85:5c:93:b3:
         26:4e:34:35:38:32:9e:31:82:5b:2d:b4:63:8c:e3:57:f1:3b:
         48:b3:85:e8:ef:85:3f:35:31:cf:7c:bf:0f:cf:ab:0a:41:50:
         d1:1c:c5:9f:f2:67:e5:a2:ab:2c:b5:4b:db:5a:58:df:3e:3f:
         e1:59:72:42:26:d7:7f:6c:5e:4a:0f:cd:3c:3c:24:87:13:25:
         38:2a:15:f7:17:59:92:96:5c:82:bf:cb:70:ab:e7:91:53:57:
         ab:ab:90:fb:96:bd:65:fc:f7:cd:96:df:00:b9:f6:ac:3d:ab:
         9c:c8:89:c1:54:dc:ba:9a:52:ce:c0:34:f7:a6:90:1a:52:76:
         96:4e:99:d5
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAY/eYFtgWnBjCEXZB6tayEj0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwNjAzMTM1MzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjM2NDQxNWU5ZDhlZTM1ODdlODQ3NDBiZjg1NDAzZDRmNDVkNGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHeTApKQ8drdktXo4bQ2gMSH5hev
YEzVvkWtf1SXC0wbfPuZY1M/28eNRp1yaldNNmj2jUI7AOLXrNB7szZze4hJDNyX
d3cOlZCMhFtRqh1VeyHkPbiv5tHj6ToJznelwoKQIE1jxRugoWZh/EBjFdxAuqbV
P0LIfEjnlXX10kLfD94rjpc/nwzGy8Yu+2ewjThSjNnEiuCzH+EdLMKRT0wke24D
oWP1/6wDEIK2RCLzroFIieKieuFb25WLW9idK2llHu9bQMyxmaC6vKzbnIk6oqF9
m8QfAkDpAOtxHNVt0QDZr5rfzMQMlLKqlZxhUhBUtAeXfKOrMeut29ouUQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFJs2RBXp2O41h+hHQL+FQD1PRdSlMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvbXpaRUZlblk3aldINkVkQXY0VkFQVTlGMUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAAjnxMAwD
BAAth7UDBAMth7ADBAAtkKwDBABWaQQDBABWa2QDBABZImoDBABcciADBABdcrcD
BAC8QI4DBAC80GcDBADZEwQwDQYJKoZIhvcNAQELBQADggEBAC7eHA/PX63nL2ue
zffe7L2kMS7dIYeb6Vn9zDKLuiM6+/kQI6R1qk6LO0et4j1s9vWDz4PVYcmIvUaq
wt8CMejX3vrN/8Qmh5s3E81iUuupFy/Dxs3vbY+Fqw6Y6NL/JgbzXBojmGvJZbow
zGf3I7OaJgM2KZy0aaYKhVyTsyZONDU4Mp4xglsttGOM41fxO0izhejvhT81Mc98
vw/PqwpBUNEcxZ/yZ+Wiqyy1S9taWN8+P+FZckIm139sXkoPzTw8JIcTJTgqFfcX
WZKWXIK/y3Cr55FTV6urkPuWvWX8982W3wC59qw9q5zIicFU3LqaUs7ANPemkBpS
dpZOmdU=
-----END CERTIFICATE-----
Generated at Tue Mar 18 00:15:53 2025 by rpki-client