Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/HtgUwwtA1x7w13xDSJalKxTUCpY.roa
File:                     HtgUwwtA1x7w13xDSJalKxTUCpY.roa (raw, json)
Hash identifier:          oBnptXtK/CFjzJ8wsQOEFPt1FnovZBxN1NzLIEWqQus=
Subject key identifier:   1E:D8:14:C3:0B:40:D7:1E:F0:D7:7C:43:48:96:A5:2B:14:D4:0A:96
Certificate issuer:       /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial:       019710FBED04ACA2A79A0C1842957A3E7DDC
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/HtgUwwtA1x7w13xDSJalKxTUCpY.roa
Signing time:             Tue 27 May 2025 09:03:54 +0000
ROA not before:           Tue 27 May 2025 09:03:54 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     39521
IP address blocks:        78.143.232.0/22 maxlen: 24
                          82.163.64.0/22 maxlen: 24
Validation:               Failed, certificate revoked on Tue 27 May 2025 19:35:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:10:fb:ed:04:ac:a2:a7:9a:0c:18:42:95:7a:3e:7d:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
        Validity
            Not Before: May 27 09:03:54 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=1ed814c30b40d71ef0d77c434896a52b14d40a96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:db:5b:6b:97:a3:83:b6:38:ac:b9:44:6a:a9:
                    ca:bf:fe:e8:f4:a1:c4:6b:51:ec:21:b1:79:9c:11:
                    d4:3f:4c:7c:09:0b:ec:a8:59:10:9a:09:9e:e8:3f:
                    f1:73:b3:9a:95:86:5a:ed:75:a9:7a:a9:16:74:28:
                    c0:ee:6f:f3:40:04:70:b8:67:bb:a8:ee:51:71:76:
                    81:45:68:c8:27:3a:60:61:53:8a:28:7a:3b:52:c4:
                    2e:1e:14:26:24:a5:95:56:09:06:4d:2b:d0:71:f0:
                    e4:3d:28:68:91:6c:22:94:60:8e:4d:af:88:c8:44:
                    30:9d:37:64:71:ef:64:b2:e5:44:a0:58:3f:6a:1a:
                    c8:49:5d:d4:ec:a6:d7:08:1e:ae:ab:fe:bc:08:a6:
                    7a:78:71:b8:e3:ce:5f:a3:dc:d1:df:7a:b1:e0:75:
                    68:63:7f:18:32:33:c9:c8:8a:3d:2e:71:83:01:ad:
                    4f:00:98:68:c6:87:08:f7:b1:1b:85:ea:fe:0f:ef:
                    09:06:1d:52:ec:f8:b2:45:87:a2:cf:a7:6e:c5:3f:
                    c5:fa:eb:26:e0:56:83:55:26:d3:84:e9:ee:5b:96:
                    f3:01:2e:a2:00:ce:3a:3b:b3:cc:32:db:76:6a:2e:
                    82:8e:e5:bd:ff:93:17:5d:9d:57:fe:a3:6d:7e:e9:
                    13:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:D8:14:C3:0B:40:D7:1E:F0:D7:7C:43:48:96:A5:2B:14:D4:0A:96
            X509v3 Authority Key Identifier:
                keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/HtgUwwtA1x7w13xDSJalKxTUCpY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.143.232.0/22
                  82.163.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         08:e2:72:c3:2a:3f:41:85:be:29:16:90:07:2b:e1:78:1a:35:
         59:6b:8e:43:18:09:f8:94:b5:92:18:39:bf:24:3d:44:fc:cb:
         6a:9a:d1:59:24:cb:07:55:0e:97:dc:31:7f:e8:a8:ac:27:1e:
         de:60:d4:73:e2:de:3b:31:e1:d9:03:5d:42:d1:0c:18:06:9e:
         76:4b:14:ce:e8:45:34:df:4f:c1:28:84:0d:bf:6b:38:4f:97:
         06:9b:a8:ae:02:91:0f:2e:3f:d4:b8:4c:da:59:42:b6:d1:63:
         59:77:af:4d:4d:04:78:f7:ab:ae:8c:62:4b:3b:13:3e:e1:82:
         ca:04:3d:27:4e:b1:c8:71:d0:1a:b3:5c:46:d7:cc:87:be:f2:
         b4:52:e7:45:d8:d2:fd:cd:2a:92:6e:b3:f2:a0:26:40:37:b4:
         e6:2b:40:0a:33:c2:75:5f:52:7c:ed:58:cc:8b:a0:f4:ad:a0:
         85:5c:30:cf:6c:37:5b:ce:e4:9e:6e:90:f1:61:e8:f8:2d:52:
         62:fe:2b:f7:bd:b2:4c:25:46:62:b2:d2:79:dc:64:f7:63:f4:
         7f:8d:3b:f1:0d:29:8c:90:a4:1e:88:45:3b:8b:d3:7f:47:b2:
         08:64:54:e2:77:37:bc:bf:d4:30:1b:ec:97:57:f3:3f:ea:14:
         5d:bf:66:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZcQ++0ErKKnmgwYQpV6Pn3cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjUwNTI3MDkwMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWQ4MTRjMzBiNDBkNzFlZjBkNzdjNDM0ODk2YTUyYjE0ZDQwYTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA59tba5ejg7Y4rLlEaqnKv/7o9KHE
a1HsIbF5nBHUP0x8CQvsqFkQmgme6D/xc7OalYZa7XWpeqkWdCjA7m/zQARwuGe7
qO5RcXaBRWjIJzpgYVOKKHo7UsQuHhQmJKWVVgkGTSvQcfDkPShokWwilGCOTa+I
yEQwnTdkce9ksuVEoFg/ahrISV3U7KbXCB6uq/68CKZ6eHG4485fo9zR33qx4HVo
Y38YMjPJyIo9LnGDAa1PAJhoxocI97Ebher+D+8JBh1S7PiyRYeiz6duxT/F+usm
4FaDVSbThOnuW5bzAS6iAM46O7PMMtt2ai6CjuW9/5MXXZ1X/qNtfukTowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB7YFMMLQNce8Nd8Q0iWpSsU1AqWMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvSHRnVXd3dEExeDd3MTN4RFNKYWxLeFRVQ3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCTo/oAwQC
UqNAMA0GCSqGSIb3DQEBCwUAA4IBAQAI4nLDKj9Bhb4pFpAHK+F4GjVZa45DGAn4
lLWSGDm/JD1E/MtqmtFZJMsHVQ6X3DF/6KisJx7eYNRz4t47MeHZA11C0QwYBp52
SxTO6EU030/BKIQNv2s4T5cGm6iuApEPLj/UuEzaWUK20WNZd69NTQR496uujGJL
OxM+4YLKBD0nTrHIcdAas1xG18yHvvK0UudF2NL9zSqSbrPyoCZAN7TmK0AKM8J1
X1J87VjMi6D0raCFXDDPbDdbzuSebpDxYej4LVJi/iv3vbJMJUZistJ53GT3Y/R/
jTvxDSmMkKQeiEU7i9N/R7IIZFTidze8v9QwG+yXV/M/6hRdv2ZD
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:31:38 2025 by rpki-client