Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-VUXC1gz2oXsv3acvRdw2jSfOqo.roa
File:                     1-VUXC1gz2oXsv3acvRdw2jSfOqo.roa (raw, json)
Hash identifier:          E2SILWeMLib9m/kUiOLsgHirfeuSAP0vI9vxsJ5dx1I=
Subject key identifier:   F9:55:17:0B:58:33:DA:85:EC:BF:76:9C:BD:17:70:DA:34:9F:3A:AA
Certificate issuer:       /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial:       0196757EDD3EB342F1560E56C2A98E468B0C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-VUXC1gz2oXsv3acvRdw2jSfOqo.roa
Signing time:             Sun 27 Apr 2025 04:26:10 +0000
ROA not before:           Sun 27 Apr 2025 04:26:10 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     212238
IP address blocks:        151.240.45.0/24 maxlen: 24
                          151.242.45.0/24 maxlen: 24
                          151.242.57.0/24 maxlen: 24
                          151.242.144.0/23 maxlen: 23
                          151.242.158.0/24 maxlen: 24
                          151.242.200.0/22 maxlen: 22
                          151.242.204.0/22 maxlen: 22
                          151.243.105.0/24 maxlen: 24
                          151.243.159.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Wed 30 Apr 2025 04:50:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:75:7e:dd:3e:b3:42:f1:56:0e:56:c2:a9:8e:46:8b:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
        Validity
            Not Before: Apr 27 04:26:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=f955170b5833da85ecbf769cbd1770da349f3aaa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:84:c2:c4:c6:c1:0f:9c:39:0e:24:15:2f:98:
                    f5:f4:3d:11:63:5f:60:28:b1:9b:9e:e4:b9:40:c3:
                    09:f1:5c:4c:37:6e:89:42:de:f3:da:9d:a7:a0:b2:
                    99:6a:f2:8c:67:30:ef:d4:50:07:b2:fd:05:b4:f3:
                    52:c9:fe:d0:99:18:fa:7e:d7:72:e7:2f:33:ad:ea:
                    02:b7:26:26:94:85:99:98:a8:a0:36:95:0d:c2:b3:
                    27:bb:88:2b:fa:ec:59:46:bf:09:f0:cc:01:a4:cc:
                    d9:b0:cf:c0:0e:43:69:25:be:3b:5a:54:d9:46:23:
                    fd:64:1b:39:96:af:0a:03:cc:e6:56:88:d2:c0:49:
                    56:04:31:b7:6e:d9:fa:ff:8e:4e:f5:0c:9b:97:9e:
                    f7:1e:eb:c5:d6:37:06:e8:ac:29:42:ac:aa:45:98:
                    98:c9:7a:8e:4a:b1:97:8a:2d:b8:4d:55:04:d3:b5:
                    09:94:b2:44:58:4c:e8:fb:9e:5f:6d:79:7a:e9:1a:
                    69:91:af:ab:af:a9:7b:ea:c9:69:49:87:6a:e4:9b:
                    b6:ca:94:53:05:d6:00:8f:04:74:4f:9b:8d:53:8e:
                    3a:fa:56:8c:52:99:09:37:2b:43:bf:7e:53:37:3e:
                    2f:31:f5:50:f4:47:ea:75:25:6f:fb:81:e7:74:99:
                    71:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:55:17:0B:58:33:DA:85:EC:BF:76:9C:BD:17:70:DA:34:9F:3A:AA
            X509v3 Authority Key Identifier:
                keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-VUXC1gz2oXsv3acvRdw2jSfOqo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  151.240.45.0/24
                  151.242.45.0/24
                  151.242.57.0/24
                  151.242.144.0/23
                  151.242.158.0/24
                  151.242.200.0/21
                  151.243.105.0/24
                  151.243.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:3d:2b:49:29:e5:60:22:ef:75:4a:21:8f:cb:b2:5d:e4:0c:
         3e:44:c9:2d:d4:f4:bc:ac:5c:9a:20:92:02:42:9d:da:53:de:
         95:73:05:f4:20:b3:9d:4c:a9:04:6f:8a:eb:0e:98:92:3f:d6:
         07:78:84:e5:67:e9:a7:ca:06:bc:48:d8:71:7d:fc:4c:86:63:
         24:4e:10:19:03:eb:61:9d:a5:51:75:1a:8c:86:dd:b3:f8:e7:
         cf:6e:df:06:38:90:36:62:3d:a3:df:02:61:44:ea:06:30:25:
         54:73:a9:87:0d:b1:00:23:79:36:04:f8:ee:5a:b6:c9:f2:01:
         57:58:5a:79:7f:70:21:11:19:7a:5f:ee:f6:f4:7d:6b:2f:63:
         82:d7:d0:a2:d2:eb:77:22:02:18:63:37:b1:25:d5:dd:b5:af:
         d9:4d:9c:78:c3:24:83:e6:91:26:e6:9c:ed:06:8f:5c:cd:4b:
         cd:37:d4:f7:8b:fa:3b:e5:25:8e:ff:57:78:fa:e2:b6:38:2a:
         47:1f:f4:55:df:03:45:fb:7a:91:ff:3d:30:d4:61:09:d7:8f:
         8a:cf:89:0b:b5:c7:31:65:21:52:b4:53:fb:79:8d:9c:36:3b:
         b0:00:cb:5e:cb:f2:fe:c2:e1:61:5c:16:b8:0d:97:12:20:e6:
         4b:75:48:1b
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZZ1ft0+s0LxVg5WwqmORosMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDI3MDQyNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTU1MTcwYjU4MzNkYTg1ZWNiZjc2OWNiZDE3NzBkYTM0OWYzYWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4TCxMbBD5w5DiQVL5j19D0RY19g
KLGbnuS5QMMJ8VxMN26JQt7z2p2noLKZavKMZzDv1FAHsv0FtPNSyf7QmRj6ftdy
5y8zreoCtyYmlIWZmKigNpUNwrMnu4gr+uxZRr8J8MwBpMzZsM/ADkNpJb47WlTZ
RiP9ZBs5lq8KA8zmVojSwElWBDG3btn6/45O9Qybl573HuvF1jcG6KwpQqyqRZiY
yXqOSrGXii24TVUE07UJlLJEWEzo+55fbXl66Rppka+rr6l76slpSYdq5Ju2ypRT
BdYAjwR0T5uNU446+laMUpkJNytDv35TNz4vMfVQ9EfqdSVv+4HndJlxnQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFPlVFwtYM9qF7L92nL0XcNo0nzqqMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMS1WVVhDMWd6Mm9Yc3YzYWN2UmR3MmpTZk9xby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGUvZjQzYjFkLTllNTAtNDU1MS1hZTZhLTE3YjlkZTE0MTI1
Mi8xL3htSm05R2I3SkppamxGbXpOUzJpVVZHbHBNQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBJBggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAJfwLQME
AJfyLQMEAJfyOQMEAZfykAMEAJfyngMEA5fyyAMEAJfzaQMEAJfznzANBgkqhkiG
9w0BAQsFAAOCAQEATD0rSSnlYCLvdUohj8uyXeQMPkTJLdT0vKxcmiCSAkKd2lPe
lXMF9CCznUypBG+K6w6Ykj/WB3iE5Wfpp8oGvEjYcX38TIZjJE4QGQPrYZ2lUXUa
jIbds/jnz27fBjiQNmI9o98CYUTqBjAlVHOphw2xACN5NgT47lq2yfIBV1haeX9w
IREZel/u9vR9ay9jgtfQotLrdyICGGM3sSXV3bWv2U2ceMMkg+aRJuac7QaPXM1L
zTfU94v6O+Uljv9XePritjgqRx/0Vd8DRft6kf89MNRhCdePis+JC7XHMWUhUrRT
+3mNnDY7sADLXsvy/sLhYVwWuA2XEiDmS3VIGw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 21:01:56 2025 by rpki-client