Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/U6teMk2swAjkk-hrV9lzNSU1as4.roa
File:                     U6teMk2swAjkk-hrV9lzNSU1as4.roa (raw, json)
Hash identifier:          /nVySktx7PSoGqtH/zh1FmtPVragJRyOgS/UAPT2DCM=
Subject key identifier:   53:AB:5E:32:4D:AC:C0:08:E4:93:E8:6B:57:D9:73:35:25:35:6A:CE
Certificate issuer:       /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial:       0196B3DAEA2B937D5A38FD0259D5312C8BDF
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/U6teMk2swAjkk-hrV9lzNSU1as4.roa
Signing time:             Fri 09 May 2025 07:03:10 +0000
ROA not before:           Fri 09 May 2025 07:03:10 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     211415
IP address blocks:        151.241.4.0/24 maxlen: 24
                          151.244.1.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 12 May 2025 10:44:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b3:da:ea:2b:93:7d:5a:38:fd:02:59:d5:31:2c:8b:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
        Validity
            Not Before: May  9 07:03:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=53ab5e324dacc008e493e86b57d9733525356ace
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:6d:b0:84:3a:25:61:b4:bd:50:e8:55:35:06:
                    81:e7:8c:78:87:c4:01:f8:03:fd:d0:00:56:e1:31:
                    79:b1:71:3e:53:50:3a:5a:77:dd:2d:75:fb:be:c0:
                    d9:d5:4d:f0:f1:1c:e0:f3:74:dc:28:48:41:bb:c1:
                    4b:45:8d:72:38:66:a9:35:98:2d:82:93:d7:74:5a:
                    6b:3f:be:2b:8a:58:58:16:5f:f2:d3:52:d2:92:13:
                    b2:30:59:15:90:50:04:63:0d:bc:6b:6f:c8:8d:a2:
                    c2:34:7c:42:75:47:2f:28:bb:7a:cd:13:f9:b7:59:
                    fe:30:b6:99:b4:bd:9f:d2:c2:5f:d4:55:f5:0f:b0:
                    c6:29:73:06:fe:16:e4:ab:2a:5e:56:f4:64:ef:d2:
                    39:d5:53:0e:0d:6f:aa:b1:3d:85:1c:13:b5:fd:e5:
                    5b:f6:42:c5:30:f2:0e:74:ad:ff:c4:f0:5f:4e:80:
                    d4:2e:f6:a1:72:83:17:74:b5:7f:cb:a7:06:92:38:
                    e1:b5:21:a8:60:75:7c:78:6c:4e:a0:a5:de:7e:b0:
                    c1:69:9d:7b:e5:62:2b:4b:ab:82:b5:6b:5b:14:c4:
                    28:e1:c4:a0:f0:b1:a9:99:87:ba:8c:5e:34:65:67:
                    ad:57:56:68:9d:ff:d7:a8:3e:78:6c:c5:a5:a7:ec:
                    0f:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:AB:5E:32:4D:AC:C0:08:E4:93:E8:6B:57:D9:73:35:25:35:6A:CE
            X509v3 Authority Key Identifier:
                keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/U6teMk2swAjkk-hrV9lzNSU1as4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  151.241.4.0/24
                  151.244.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:4c:c1:25:18:2a:e0:01:7f:f1:d0:7e:1f:2b:55:98:b3:37:
         e8:75:03:68:86:a5:5c:1b:e2:2c:cd:7e:b7:25:0c:c7:d0:64:
         cd:54:24:8f:98:f6:cf:16:3a:9b:91:47:f3:1f:64:33:2c:ba:
         4c:8e:fa:b8:d2:21:3d:1d:33:32:a5:cd:00:13:0c:bc:5a:c9:
         14:43:b5:fd:21:dd:08:d2:9a:ba:0c:54:38:fa:a4:b5:20:02:
         8e:c2:22:ad:d8:e5:47:b6:39:0d:c6:a3:2f:db:8a:2e:a9:47:
         57:ee:b1:11:90:20:1f:b4:fd:db:87:dc:bb:2a:42:0f:69:0c:
         89:78:24:29:0d:d2:32:59:30:36:2e:cf:68:1d:ee:1a:49:60:
         ec:5d:eb:0e:80:45:f8:82:73:c7:df:d2:11:4f:05:e3:0f:2b:
         af:66:c2:eb:38:33:ce:53:56:f3:5f:22:f1:51:9a:16:14:4f:
         75:88:52:39:b2:65:e4:44:2e:96:75:ce:12:8d:ac:c8:41:f7:
         28:86:9d:48:f5:3b:a7:b0:6f:3a:67:f1:f5:c7:7d:aa:77:1f:
         d5:a5:0b:fa:f2:85:9c:f1:b4:ac:42:9b:38:00:85:10:97:14:
         cf:6a:ce:d9:a8:43:9e:94:06:4a:86:8d:bf:00:95:24:b2:22:
         8b:93:56:47
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZaz2uork31aOP0CWdUxLIvfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTA5MDcwMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2FiNWUzMjRkYWNjMDA4ZTQ5M2U4NmI1N2Q5NzMzNTI1MzU2YWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyG2whDolYbS9UOhVNQaB54x4h8QB
+AP90ABW4TF5sXE+U1A6WnfdLXX7vsDZ1U3w8Rzg83TcKEhBu8FLRY1yOGapNZgt
gpPXdFprP74rilhYFl/y01LSkhOyMFkVkFAEYw28a2/IjaLCNHxCdUcvKLt6zRP5
t1n+MLaZtL2f0sJf1FX1D7DGKXMG/hbkqypeVvRk79I51VMODW+qsT2FHBO1/eVb
9kLFMPIOdK3/xPBfToDULvahcoMXdLV/y6cGkjjhtSGoYHV8eGxOoKXefrDBaZ17
5WIrS6uCtWtbFMQo4cSg8LGpmYe6jF40ZWetV1Zonf/XqD54bMWlp+wPkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFOrXjJNrMAI5JPoa1fZczUlNWrOMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvVTZ0ZU1rMnN3QWpray1oclY5bHpOU1UxYXM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/EEAwQA
l/QBMA0GCSqGSIb3DQEBCwUAA4IBAQBFTMElGCrgAX/x0H4fK1WYszfodQNohqVc
G+IszX63JQzH0GTNVCSPmPbPFjqbkUfzH2QzLLpMjvq40iE9HTMypc0AEwy8WskU
Q7X9Id0I0pq6DFQ4+qS1IAKOwiKt2OVHtjkNxqMv24ouqUdX7rERkCAftP3bh9y7
KkIPaQyJeCQpDdIyWTA2Ls9oHe4aSWDsXesOgEX4gnPH39IRTwXjDyuvZsLrODPO
U1bzXyLxUZoWFE91iFI5smXkRC6Wdc4SjazIQfcohp1I9TunsG86Z/H1x32qdx/V
pQv68oWc8bSsQps4AIUQlxTPas7ZqEOelAZKho2/AJUksiKLk1ZH
-----END CERTIFICATE-----
Generated at Wed Jun 11 07:36:18 2025 by rpki-client