Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lnkkC_CwpLKkt7feGBpfwSOO8vM.roa
File:                     lnkkC_CwpLKkt7feGBpfwSOO8vM.roa (raw, json)
Hash identifier:          fdcwkgAmk8F3CmXmkXKuGR0jr/OggyVrkBhoviesqN8=
Subject key identifier:   96:79:24:0B:F0:B0:A4:B2:A4:B7:B7:DE:18:1A:5F:C1:23:8E:F2:F3
Certificate issuer:       /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial:       0196FE7A13707F2A2C86E260942556304EC4
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lnkkC_CwpLKkt7feGBpfwSOO8vM.roa
Signing time:             Fri 23 May 2025 18:48:55 +0000
ROA not before:           Fri 23 May 2025 18:48:55 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     36530
IP address blocks:        151.241.128.0/22 maxlen: 24
                          151.242.40.0/24 maxlen: 24
                          151.242.64.0/24 maxlen: 24
                          151.242.170.0/24 maxlen: 24
                          151.242.171.0/24 maxlen: 24
                          151.242.172.0/24 maxlen: 24
                          151.242.173.0/24 maxlen: 24
                          151.242.242.0/24 maxlen: 24
                          151.243.115.0/24 maxlen: 24
                          151.243.120.0/24 maxlen: 24
                          151.243.214.0/24 maxlen: 24
                          151.244.4.0/24 maxlen: 24
                          151.244.5.0/24 maxlen: 24
                          151.244.6.0/24 maxlen: 24
                          151.244.56.0/24 maxlen: 24
                          151.244.58.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Thu 05 Jun 2025 19:08:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:fe:7a:13:70:7f:2a:2c:86:e2:60:94:25:56:30:4e:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
        Validity
            Not Before: May 23 18:48:55 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=9679240bf0b0a4b2a4b7b7de181a5fc1238ef2f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:64:57:be:ac:a5:75:08:a3:f3:57:11:89:5a:
                    00:7c:53:53:7d:e6:8b:5c:d5:d3:45:4c:3a:cc:3f:
                    38:7d:a7:29:fc:38:7e:f7:8f:d0:98:a2:c6:04:ed:
                    a2:81:3d:55:cb:56:ae:42:36:bd:fc:26:61:35:26:
                    96:5f:02:55:7d:f7:ed:2f:b7:17:dc:f3:11:cc:46:
                    83:8d:88:4a:34:88:fb:54:77:8d:36:2b:af:ac:92:
                    02:06:80:6a:5a:d0:af:89:eb:69:39:22:94:8d:98:
                    73:a9:0b:7f:82:cf:b6:d3:95:d7:7f:35:9d:57:03:
                    9d:da:36:af:fd:20:e1:d8:3b:cf:39:ab:a6:e1:fe:
                    a4:d2:cd:82:17:2f:12:95:52:15:73:8d:74:43:9c:
                    3b:e0:9d:fb:93:7a:76:98:ac:68:eb:fa:56:8d:3a:
                    95:e2:0c:1c:99:71:95:0e:69:3a:3a:8f:cd:b6:7d:
                    31:be:07:4f:28:fb:f6:2e:2c:aa:3a:7f:12:52:6c:
                    f8:db:85:94:0d:1d:33:10:a3:6b:fb:cf:f5:52:b7:
                    c0:48:18:fe:50:82:2b:68:69:78:35:76:9f:c1:95:
                    c8:37:a6:7b:fc:bb:49:5e:3e:87:b4:b1:58:32:92:
                    c3:f2:57:b8:47:be:cb:8f:bb:0e:ba:38:47:e9:2d:
                    61:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:79:24:0B:F0:B0:A4:B2:A4:B7:B7:DE:18:1A:5F:C1:23:8E:F2:F3
            X509v3 Authority Key Identifier:
                keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lnkkC_CwpLKkt7feGBpfwSOO8vM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  151.241.128.0/22
                  151.242.40.0/24
                  151.242.64.0/24
                  151.242.170.0-151.242.173.255
                  151.242.242.0/24
                  151.243.115.0/24
                  151.243.120.0/24
                  151.243.214.0/24
                  151.244.4.0-151.244.6.255
                  151.244.56.0/24
                  151.244.58.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b1:8b:d5:89:fc:f3:40:3e:57:2d:39:07:82:72:ee:3e:c8:39:
         2d:c4:1c:52:af:20:c2:c7:e5:45:fb:23:5e:24:e2:64:64:f8:
         dc:bb:6f:a1:bc:a5:2b:b7:c2:e5:5c:de:72:15:ac:ae:4a:e6:
         41:31:7f:bd:d4:38:84:43:63:ec:ce:e0:76:af:a9:d9:53:79:
         27:7d:f1:b9:2c:a4:6d:7a:c5:eb:00:1f:d9:a5:e5:cb:b7:3a:
         85:39:2f:65:dc:16:7a:f9:fd:e5:48:45:86:0d:60:f4:af:80:
         28:78:31:45:b9:46:63:d9:e4:9c:d6:94:66:a5:3e:0c:08:62:
         bc:95:31:19:4b:2f:d9:cc:25:14:bb:3b:63:f9:4b:ac:72:22:
         e0:89:ab:04:13:d8:5d:5a:71:bd:57:4d:35:ee:af:e6:69:9d:
         c8:1d:02:9f:4e:79:d3:19:70:37:08:4e:05:64:f0:96:50:fe:
         87:29:da:75:5e:17:a1:7a:7f:03:31:70:2e:6d:84:22:2f:c3:
         c8:d3:48:a3:1a:10:18:46:67:b7:09:87:6d:03:cc:3b:f8:b5:
         88:d7:8f:58:14:a6:a6:66:6c:a7:74:66:b0:eb:9c:f8:24:f3:
         f3:88:84:a3:a9:86:a8:b0:c6:d5:73:1f:d1:b0:a9:2c:44:46:
         00:b9:fe:06
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZb+ehNwfyoshuJglCVWME7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTIzMTg0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Njc5MjQwYmYwYjBhNGIyYTRiN2I3ZGUxODFhNWZjMTIzOGVmMmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mRXvqyldQij81cRiVoAfFNTfeaL
XNXTRUw6zD84facp/Dh+94/QmKLGBO2igT1Vy1auQja9/CZhNSaWXwJVffftL7cX
3PMRzEaDjYhKNIj7VHeNNiuvrJICBoBqWtCvietpOSKUjZhzqQt/gs+205XXfzWd
VwOd2jav/SDh2DvPOaum4f6k0s2CFy8SlVIVc410Q5w74J37k3p2mKxo6/pWjTqV
4gwcmXGVDmk6Oo/Ntn0xvgdPKPv2LiyqOn8SUmz424WUDR0zEKNr+8/1UrfASBj+
UIIraGl4NXafwZXIN6Z7/LtJXj6HtLFYMpLD8le4R77Lj7sOujhH6S1hiwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFJZ5JAvwsKSypLe33hgaX8EjjvLzMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbG5ra0NfQ3dwTEtrdDdmZUdCcGZ3U09POHZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQCl/GAAwQA
l/IoAwQAl/JAMAwDBAGX8qoDBAGX8qwDBACX8vIDBACX83MDBACX83gDBACX89Yw
DAMEApf0BAMEAJf0BgMEAJf0OAMEAJf0OjANBgkqhkiG9w0BAQsFAAOCAQEAsYvV
ifzzQD5XLTkHgnLuPsg5LcQcUq8gwsflRfsjXiTiZGT43LtvobylK7fC5VzechWs
rkrmQTF/vdQ4hENj7M7gdq+p2VN5J33xuSykbXrF6wAf2aXly7c6hTkvZdwWevn9
5UhFhg1g9K+AKHgxRblGY9nknNaUZqU+DAhivJUxGUsv2cwlFLs7Y/lLrHIi4Imr
BBPYXVpxvVdNNe6v5mmdyB0Cn0550xlwNwhOBWTwllD+hynadV4XoXp/AzFwLm2E
Ii/DyNNIoxoQGEZntwmHbQPMO/i1iNePWBSmpmZsp3RmsOuc+CTz84iEo6mGqLDG
1XMf0bCpLERGALn+Bg==
-----END CERTIFICATE-----
Generated at Tue Jun 10 21:17:45 2025 by rpki-client