Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/e77D5Ej64tE3Ymma0J_5KZF86wQ.roa
File:                     e77D5Ej64tE3Ymma0J_5KZF86wQ.roa (raw, json)
Hash identifier:          5ez8W0EeOXye3rGVOwxOX4KwdBhpr4lmS6r4VvbHqZs=
Subject key identifier:   7B:BE:C3:E4:48:FA:E2:D1:37:62:69:9A:D0:9F:F9:29:91:7C:EB:04
Certificate issuer:       /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial:       0196E7D9C5ACDBBE95C75FB8D3EED92CA66E
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/e77D5Ej64tE3Ymma0J_5KZF86wQ.roa
Signing time:             Mon 19 May 2025 09:22:10 +0000
ROA not before:           Mon 19 May 2025 09:22:10 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     9318
IP address blocks:        151.240.241.0/24 maxlen: 24
                          151.240.242.0/24 maxlen: 24
                          151.240.243.0/24 maxlen: 24
                          151.240.244.0/24 maxlen: 24
                          151.240.245.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Tue 03 Jun 2025 13:25:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:e7:d9:c5:ac:db:be:95:c7:5f:b8:d3:ee:d9:2c:a6:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
        Validity
            Not Before: May 19 09:22:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=7bbec3e448fae2d13762699ad09ff929917ceb04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:70:57:15:19:a0:5b:5f:df:bc:78:e6:06:b5:
                    37:3c:a0:11:cb:bf:f5:2b:f3:44:14:ff:c0:cd:22:
                    ef:1c:62:89:41:35:98:d1:3b:31:18:a8:8b:26:07:
                    c7:d4:6c:e6:9d:e6:ac:57:9b:a4:e3:dc:0e:db:99:
                    09:67:1e:73:05:75:1a:b5:36:41:b7:b0:53:70:d4:
                    17:f7:b2:dd:e1:9c:b3:76:92:64:5a:bd:e8:ed:ee:
                    fb:84:dd:b0:e2:cc:a9:c5:3b:ee:1a:88:6f:1c:02:
                    f7:51:fb:0e:38:9f:8a:9a:77:60:50:88:73:54:70:
                    dc:37:69:e8:92:76:ed:dc:d4:75:5e:ce:d1:4b:a6:
                    70:6d:dc:07:24:da:a4:a5:9a:da:42:a0:f8:5f:49:
                    df:af:d7:48:62:d5:71:d4:1c:32:7a:73:2d:6b:15:
                    32:72:ce:fc:d2:24:13:d8:79:42:53:1c:a0:2a:c7:
                    20:7b:84:6d:76:35:19:0b:81:4f:a8:53:97:71:05:
                    76:9b:58:ba:d1:c0:22:29:3a:60:2f:05:7b:80:a7:
                    e0:c8:a4:fa:c1:f5:a0:87:66:c0:22:32:22:b4:d1:
                    9b:10:95:bd:33:6d:7c:af:dd:87:05:15:a0:3a:65:
                    ff:53:d7:1b:83:6b:cd:32:61:8b:80:d4:f7:76:58:
                    1d:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:BE:C3:E4:48:FA:E2:D1:37:62:69:9A:D0:9F:F9:29:91:7C:EB:04
            X509v3 Authority Key Identifier:
                keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/e77D5Ej64tE3Ymma0J_5KZF86wQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  151.240.241.0-151.240.245.255

    Signature Algorithm: sha256WithRSAEncryption
         84:53:78:7d:e0:c9:5c:61:c4:8b:74:db:49:d1:64:51:62:c3:
         20:08:1a:da:cf:73:df:0d:8c:a0:88:af:1e:8f:70:e5:80:9b:
         9d:74:9d:dc:f1:12:a7:0e:30:97:3b:81:f5:c3:72:aa:47:22:
         e8:85:46:95:aa:fd:74:60:bc:18:d2:b8:9b:ab:4a:1e:5e:77:
         3c:1d:82:be:26:cc:96:07:67:8d:67:ad:ec:10:ab:1c:66:1e:
         14:d2:6e:c9:fd:fe:af:99:0f:44:aa:65:67:a5:82:60:49:72:
         b5:01:6d:f2:3c:17:9c:8d:0a:64:fb:7f:b0:39:ce:c8:66:71:
         9e:6d:8e:6f:99:4e:f5:2b:49:10:fb:b7:c3:d4:59:c2:24:96:
         b1:c2:ee:a0:07:9a:09:aa:60:f9:95:45:0e:a8:fb:94:b9:3c:
         da:21:c9:7b:fc:12:dd:38:2d:27:cb:b2:2a:fc:82:69:49:17:
         a0:f5:12:32:d7:57:95:10:5e:d1:b4:59:4f:97:8c:de:2a:b7:
         ac:b3:a0:20:94:c1:36:99:87:c1:e1:1f:cb:64:c7:7a:e8:ec:
         c2:a3:68:65:58:cf:90:f8:f6:f7:4d:a1:79:49:81:fe:3e:37:
         4d:4b:11:db:64:fc:2f:d1:0c:ab:4a:22:3c:9a:98:97:b0:a3:
         43:50:4d:7e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZbn2cWs276Vx1+40+7ZLKZuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTE5MDkyMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmJlYzNlNDQ4ZmFlMmQxMzc2MjY5OWFkMDlmZjkyOTkxN2NlYjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3BXFRmgW1/fvHjmBrU3PKARy7/1
K/NEFP/AzSLvHGKJQTWY0TsxGKiLJgfH1GzmneasV5uk49wO25kJZx5zBXUatTZB
t7BTcNQX97Ld4ZyzdpJkWr3o7e77hN2w4sypxTvuGohvHAL3UfsOOJ+KmndgUIhz
VHDcN2noknbt3NR1Xs7RS6ZwbdwHJNqkpZraQqD4X0nfr9dIYtVx1BwyenMtaxUy
cs780iQT2HlCUxygKscge4RtdjUZC4FPqFOXcQV2m1i60cAiKTpgLwV7gKfgyKT6
wfWgh2bAIjIitNGbEJW9M218r92HBRWgOmX/U9cbg2vNMmGLgNT3dlgdFwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHu+w+RI+uLRN2JpmtCf+SmRfOsEMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvZTc3RDVFajY0dEUzWW1tYTBKXzVLWkY4NndRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACX8PED
BAGX8PQwDQYJKoZIhvcNAQELBQADggEBAIRTeH3gyVxhxIt020nRZFFiwyAIGtrP
c98NjKCIrx6PcOWAm510ndzxEqcOMJc7gfXDcqpHIuiFRpWq/XRgvBjSuJurSh5e
dzwdgr4mzJYHZ41nrewQqxxmHhTSbsn9/q+ZD0SqZWelgmBJcrUBbfI8F5yNCmT7
f7A5zshmcZ5tjm+ZTvUrSRD7t8PUWcIklrHC7qAHmgmqYPmVRQ6o+5S5PNohyXv8
Et04LSfLsir8gmlJF6D1EjLXV5UQXtG0WU+XjN4qt6yzoCCUwTaZh8HhH8tkx3ro
7MKjaGVYz5D49vdNoXlJgf4+N01LEdtk/C/RDKtKIjyamJewo0NQTX4=
-----END CERTIFICATE-----
Generated at Thu Jun 12 11:42:13 2025 by rpki-client