Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/_4JLl5uOuGb7RdIlWRvl_0DXiDQ.roa
File:                     _4JLl5uOuGb7RdIlWRvl_0DXiDQ.roa (raw, json)
Hash identifier:          wsYW3OU4IQ4zREQrDHtCPQY/aiIIIowEueqwkDiAxhk=
Subject key identifier:   FF:82:4B:97:9B:8E:B8:66:FB:45:D2:25:59:1B:E5:FF:40:D7:88:34
Certificate issuer:       /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial:       0196E7D9C56683338DC01C5236B792E00EBD
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/_4JLl5uOuGb7RdIlWRvl_0DXiDQ.roa
Signing time:             Mon 19 May 2025 09:22:10 +0000
ROA not before:           Mon 19 May 2025 09:22:10 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     5065
IP address blocks:        37.202.219.0/24 maxlen: 24
                          151.240.31.0/24 maxlen: 24
                          151.240.229.0/24 maxlen: 24
                          151.240.233.0/24 maxlen: 24
                          151.240.234.0/24 maxlen: 24
                          151.240.235.0/24 maxlen: 24
                          151.240.236.0/24 maxlen: 24
                          151.240.237.0/24 maxlen: 24
                          151.240.238.0/24 maxlen: 24
                          151.240.240.0/24 maxlen: 24
                          151.240.246.0/24 maxlen: 24
                          151.240.247.0/24 maxlen: 24
                          151.240.249.0/24 maxlen: 24
                          151.240.250.0/24 maxlen: 24
                          151.240.251.0/24 maxlen: 24
                          151.240.252.0/24 maxlen: 24
                          151.240.253.0/24 maxlen: 24
                          151.242.9.0/24 maxlen: 24
                          151.242.13.0/24 maxlen: 24
                          151.242.46.0/24 maxlen: 24
                          151.242.47.0/24 maxlen: 24
                          151.242.48.0/24 maxlen: 24
                          151.242.60.0/24 maxlen: 24
                          151.242.62.0/24 maxlen: 24
                          151.242.64.0/24 maxlen: 24
                          151.242.121.0/24 maxlen: 24
                          151.242.166.0/23 maxlen: 24
                          151.242.195.0/24 maxlen: 24
                          151.243.140.0/24 maxlen: 24
                          151.244.59.0/24 maxlen: 24
                          151.244.117.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Thu 22 May 2025 18:11:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:e7:d9:c5:66:83:33:8d:c0:1c:52:36:b7:92:e0:0e:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
        Validity
            Not Before: May 19 09:22:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=ff824b979b8eb866fb45d225591be5ff40d78834
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:dd:59:c5:88:18:af:82:8c:8d:ab:92:e8:02:
                    b9:33:d5:ad:06:bc:95:59:0b:eb:6c:df:57:dd:8f:
                    6a:57:88:61:5a:d4:e1:96:64:81:4a:94:a2:7e:ab:
                    90:a9:83:c0:68:f3:cc:84:0d:83:78:03:1c:ba:40:
                    be:37:20:ab:55:7a:1f:e2:a9:8b:62:7b:b4:53:fc:
                    1e:29:15:29:1d:a1:95:1f:e1:5a:b7:4b:13:b2:78:
                    95:56:55:b9:f6:82:d9:23:ba:3c:34:3e:10:1f:d9:
                    f0:76:4e:36:14:ef:69:c9:ad:6f:7a:e8:65:82:00:
                    7d:49:54:0b:2f:73:81:2b:3a:11:39:c7:c8:13:ff:
                    99:b7:f0:b1:41:4b:55:6c:08:33:d2:cc:99:40:e5:
                    e8:09:2e:35:dc:87:0f:45:36:70:00:6d:1f:a0:68:
                    fb:40:cd:84:e2:b6:3a:97:1e:90:98:19:67:c7:53:
                    e2:fc:5d:8b:49:23:a9:c9:aa:a0:e1:04:8a:b3:d2:
                    77:e7:d0:57:5a:db:3a:2e:ff:ce:8d:1e:b9:aa:50:
                    29:18:b8:72:f0:28:7d:17:3d:08:43:66:c0:3b:d0:
                    de:ad:d7:0d:92:3e:f1:f0:d5:82:23:2b:5f:f8:54:
                    02:2b:00:c3:39:10:6a:64:f1:56:1e:a7:fd:18:65:
                    11:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:82:4B:97:9B:8E:B8:66:FB:45:D2:25:59:1B:E5:FF:40:D7:88:34
            X509v3 Authority Key Identifier:
                keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/_4JLl5uOuGb7RdIlWRvl_0DXiDQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.202.219.0/24
                  151.240.31.0/24
                  151.240.229.0/24
                  151.240.233.0-151.240.238.255
                  151.240.240.0/24
                  151.240.246.0/23
                  151.240.249.0-151.240.253.255
                  151.242.9.0/24
                  151.242.13.0/24
                  151.242.46.0-151.242.48.255
                  151.242.60.0/24
                  151.242.62.0/24
                  151.242.64.0/24
                  151.242.121.0/24
                  151.242.166.0/23
                  151.242.195.0/24
                  151.243.140.0/24
                  151.244.59.0/24
                  151.244.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:02:b1:5d:0e:af:64:e7:15:ba:76:10:71:a4:29:5b:a8:ba:
         4c:be:40:bd:c4:8b:6d:fd:de:28:b0:dc:45:7c:da:99:5d:66:
         dc:57:42:96:a4:39:e2:a2:43:ac:82:3f:c7:ec:f7:e4:47:90:
         94:1b:5f:9c:82:12:8a:43:3d:18:6b:75:57:d4:28:cf:03:d5:
         9f:6c:51:92:ce:38:96:cb:81:77:df:88:02:f8:b6:bc:3d:44:
         0c:bb:ed:2f:ed:1f:a8:37:93:83:c4:38:5b:f6:af:a8:6c:20:
         b5:b2:f1:82:b3:69:ea:5b:dd:f9:f8:e3:31:35:65:e5:67:bf:
         f5:38:e6:fd:f0:df:93:70:a1:9a:d8:e7:cf:39:ee:47:83:2d:
         98:dd:be:04:d4:cb:14:df:14:a3:02:15:61:f7:ca:5f:6d:40:
         bc:60:63:b2:4d:c4:1c:ec:0a:b1:98:7d:bc:01:91:7a:f7:38:
         bd:3b:46:4a:da:10:40:e4:c1:e1:df:34:7c:c2:bf:d3:57:cd:
         be:0d:13:bc:b8:ad:cd:2e:36:ca:bd:0b:58:21:cb:55:c9:59:
         47:20:b8:c0:7a:fd:2a:46:50:4a:6d:71:a2:78:45:29:ca:25:
         9f:dc:24:38:a4:e4:29:bb:f1:9f:7d:c1:32:be:b7:71:a0:d3:
         c0:95:db:ab
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZbn2cVmgzONwBxSNreS4A69MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTE5MDkyMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjgyNGI5NzliOGViODY2ZmI0NWQyMjU1OTFiZTVmZjQwZDc4ODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv91ZxYgYr4KMjauS6AK5M9WtBryV
WQvrbN9X3Y9qV4hhWtThlmSBSpSifquQqYPAaPPMhA2DeAMcukC+NyCrVXof4qmL
Ynu0U/weKRUpHaGVH+Fat0sTsniVVlW59oLZI7o8ND4QH9nwdk42FO9pya1veuhl
ggB9SVQLL3OBKzoROcfIE/+Zt/CxQUtVbAgz0syZQOXoCS413IcPRTZwAG0foGj7
QM2E4rY6lx6QmBlnx1Pi/F2LSSOpyaqg4QSKs9J359BXWts6Lv/OjR65qlApGLhy
8Ch9Fz0IQ2bAO9DerdcNkj7x8NWCIytf+FQCKwDDORBqZPFWHqf9GGUR0wIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFP+CS5ebjrhm+0XSJVkb5f9A14g0MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvXzRKTGw1dU91R2I3UmRJbFdSdmxfMERYaURRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAAl
ytsDBACX8B8DBACX8OUwDAMEAJfw6QMEAJfw7gMEAJfw8AMEAZfw9jAMAwQAl/D5
AwQBl/D8AwQAl/IJAwQAl/INMAwDBAGX8i4DBACX8jADBACX8jwDBACX8j4DBACX
8kADBACX8nkDBAGX8qYDBACX8sMDBACX84wDBACX9DsDBACX9HUwDQYJKoZIhvcN
AQELBQADggEBADACsV0Or2TnFbp2EHGkKVuouky+QL3Ei2393iiw3EV82pldZtxX
QpakOeKiQ6yCP8fs9+RHkJQbX5yCEopDPRhrdVfUKM8D1Z9sUZLOOJbLgXffiAL4
trw9RAy77S/tH6g3k4PEOFv2r6hsILWy8YKzaepb3fn44zE1ZeVnv/U45v3w35Nw
oZrY58857keDLZjdvgTUyxTfFKMCFWH3yl9tQLxgY7JNxBzsCrGYfbwBkXr3OL07
RkraEEDkweHfNHzCv9NXzb4NE7y4rc0uNsq9C1ghy1XJWUcguMB6/SpGUEptcaJ4
RSnKJZ/cJDik5Cm78Z99wTK+t3Gg08CV26s=
-----END CERTIFICATE-----
Generated at Mon Jun 9 21:01:49 2025 by rpki-client