Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SxDIanL3LDKYWIPgTLNYDD8Mb6k.roa
File:                     SxDIanL3LDKYWIPgTLNYDD8Mb6k.roa (raw, json)
Hash identifier:          g1VVdb6/KSeT2ZjtnIemh9/Nunf+zJt+6ReweThtf+A=
Subject key identifier:   4B:10:C8:6A:72:F7:2C:32:98:58:83:E0:4C:B3:58:0C:3F:0C:6F:A9
Certificate issuer:       /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial:       019637D642DA2155D45C9A140D03F7B074EA
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SxDIanL3LDKYWIPgTLNYDD8Mb6k.roa
Signing time:             Tue 15 Apr 2025 05:05:10 +0000
ROA not before:           Tue 15 Apr 2025 05:05:10 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     207252
IP address blocks:        151.242.176.0/22 maxlen: 24
                          151.243.208.0/22 maxlen: 24
Validation:               Failed, certificate revoked on Fri 25 Apr 2025 06:19:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:37:d6:42:da:21:55:d4:5c:9a:14:0d:03:f7:b0:74:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
        Validity
            Not Before: Apr 15 05:05:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=4b10c86a72f72c32985883e04cb3580c3f0c6fa9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:e2:74:b3:f5:a4:df:0f:a2:3a:78:04:c0:2a:
                    bb:e7:fd:b0:a3:f3:05:48:b4:ec:63:2c:10:a4:f4:
                    fd:32:09:62:37:c2:4c:33:20:79:9f:f3:f1:76:1c:
                    7f:c8:a0:d4:66:50:aa:ef:13:51:53:8f:c4:0e:bc:
                    38:5b:47:39:2b:32:76:2a:11:a6:b3:a6:00:bf:53:
                    45:48:fe:9e:14:7c:bd:04:23:4e:cd:84:b8:d0:3d:
                    29:18:b8:ad:57:4d:03:41:d9:a0:ba:7d:d9:f6:7d:
                    03:c0:19:af:db:62:8c:6f:b9:9a:c3:eb:f9:62:8c:
                    3a:1e:ab:e3:19:3e:f2:ff:6a:26:ac:46:ec:7d:f8:
                    b5:cf:28:09:63:8a:8c:9f:a6:6e:eb:4f:43:a1:8e:
                    9c:85:f9:9f:c8:a1:7e:17:3e:2a:8e:e0:a6:b6:c4:
                    1b:59:70:97:6a:00:b3:48:e6:a8:ec:6b:51:70:15:
                    8b:f7:c8:ef:de:a9:47:94:61:98:bb:a7:e1:7b:63:
                    2b:dd:e1:4a:45:0a:d3:17:4b:45:b7:17:5f:fa:bc:
                    3d:cb:5d:95:d6:a3:73:bb:59:60:a4:e4:66:a4:35:
                    bf:df:31:23:7e:25:ae:b1:30:05:c9:e4:de:57:1c:
                    b8:87:9b:5b:09:ea:a2:a3:0e:61:4a:37:ab:79:af:
                    d4:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:10:C8:6A:72:F7:2C:32:98:58:83:E0:4C:B3:58:0C:3F:0C:6F:A9
            X509v3 Authority Key Identifier:
                keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SxDIanL3LDKYWIPgTLNYDD8Mb6k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  151.242.176.0/22
                  151.243.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         93:73:c2:7d:1b:e6:88:4c:3a:96:2f:a8:ce:ac:59:2c:84:d9:
         ca:15:4c:dd:7d:3e:be:1f:44:31:dc:a8:8c:92:62:51:4b:ee:
         73:1f:66:a2:68:14:55:d2:79:ca:15:80:f6:a6:c5:99:bc:43:
         4d:21:b9:7e:72:d1:4e:79:14:5a:1c:b4:d6:c4:d9:2d:5f:80:
         71:9d:13:7f:34:90:bb:9d:62:2b:13:ec:03:a6:79:e7:9d:48:
         de:8f:00:e3:dc:35:ab:a2:ab:5b:32:b5:85:51:c0:2a:78:b1:
         88:47:f4:d2:b1:0b:2d:ba:86:e0:de:fc:6c:97:86:4e:2e:ce:
         59:6f:16:d1:35:d4:8b:96:89:16:27:31:b3:35:00:ed:b2:72:
         02:1f:f3:40:e7:bc:14:3b:07:2a:cc:7f:ac:9e:7d:7d:93:46:
         bf:11:7e:9a:37:d3:7c:e2:00:e2:d3:f8:ef:f2:04:3b:18:ed:
         b4:68:0b:38:e7:a6:6b:bf:cc:9e:4c:e0:e9:89:22:e2:d3:35:
         41:2b:5d:c0:8e:0b:36:87:6c:fe:97:93:e6:44:26:15:c2:b5:
         8e:3d:d4:96:c3:0e:89:5e:32:1b:b7:a6:b5:7f:a2:78:4c:fb:
         b8:2c:ec:1a:c0:8e:0d:b6:fd:e7:fd:cc:59:da:95:69:f5:e1:
         95:76:3a:a6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZY31kLaIVXUXJoUDQP3sHTqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDE1MDUwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjEwYzg2YTcyZjcyYzMyOTg1ODgzZTA0Y2IzNTgwYzNmMGM2ZmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1eJ0s/Wk3w+iOngEwCq75/2wo/MF
SLTsYywQpPT9MgliN8JMMyB5n/Pxdhx/yKDUZlCq7xNRU4/EDrw4W0c5KzJ2KhGm
s6YAv1NFSP6eFHy9BCNOzYS40D0pGLitV00DQdmgun3Z9n0DwBmv22KMb7maw+v5
Yow6HqvjGT7y/2omrEbsffi1zygJY4qMn6Zu609DoY6chfmfyKF+Fz4qjuCmtsQb
WXCXagCzSOao7GtRcBWL98jv3qlHlGGYu6fhe2Mr3eFKRQrTF0tFtxdf+rw9y12V
1qNzu1lgpORmpDW/3zEjfiWusTAFyeTeVxy4h5tbCeqiow5hSjerea/U7QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEsQyGpy9ywymFiD4EyzWAw/DG+pMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvU3hESWFuTDNMREtZV0lQZ1RMTllERDhNYjZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCl/KwAwQC
l/PQMA0GCSqGSIb3DQEBCwUAA4IBAQCTc8J9G+aITDqWL6jOrFkshNnKFUzdfT6+
H0Qx3KiMkmJRS+5zH2aiaBRV0nnKFYD2psWZvENNIbl+ctFOeRRaHLTWxNktX4Bx
nRN/NJC7nWIrE+wDpnnnnUjejwDj3DWroqtbMrWFUcAqeLGIR/TSsQstuobg3vxs
l4ZOLs5ZbxbRNdSLlokWJzGzNQDtsnICH/NA57wUOwcqzH+snn19k0a/EX6aN9N8
4gDi0/jv8gQ7GO20aAs456Zrv8yeTODpiSLi0zVBK13Ajgs2h2z+l5PmRCYVwrWO
PdSWww6JXjIbt6a1f6J4TPu4LOwawI4Ntv3n/cxZ2pVp9eGVdjqm
-----END CERTIFICATE-----
Generated at Tue Jun 10 18:49:50 2025 by rpki-client