Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/af8f36-e358-4b76-8822-128b5c3d053a/1/0lvAHEOzmgnjkV5o8dqzo-lvDcM.roa
File:                     0lvAHEOzmgnjkV5o8dqzo-lvDcM.roa (raw, json)
Hash identifier:          /BPEV/pf8j5BY52rBll7RukSydB6ARS+ZNBT/4pnRHA=
Subject key identifier:   D2:5B:C0:1C:43:B3:9A:09:E3:91:5E:68:F1:DA:B3:A3:E9:6F:0D:C3
Certificate issuer:       /CN=1ce65c57686ce5e51b367fc996b49bcc59896b9c
Certificate serial:       0196FBBF854C7F015890C1735FDFA8CEFCD6
Authority key identifier: 1C:E6:5C:57:68:6C:E5:E5:1B:36:7F:C9:96:B4:9B:CC:59:89:6B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HOZcV2hs5eUbNn_JlrSbzFmJa5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/af8f36-e358-4b76-8822-128b5c3d053a/1/0lvAHEOzmgnjkV5o8dqzo-lvDcM.roa
Signing time:             Fri 23 May 2025 06:05:54 +0000
ROA not before:           Fri 23 May 2025 06:05:54 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     57137
IP address blocks:        45.129.148.0/24 maxlen: 24
                          45.129.150.0/24 maxlen: 24
                          45.129.151.0/24 maxlen: 24
                          2a0e:4c41::/32 maxlen: 32
                          2a0e:4c47:ffff::/48 maxlen: 48
Validation:               Failed, certificate revoked on Sun 01 Jun 2025 18:05:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:fb:bf:85:4c:7f:01:58:90:c1:73:5f:df:a8:ce:fc:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ce65c57686ce5e51b367fc996b49bcc59896b9c
        Validity
            Not Before: May 23 06:05:54 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=d25bc01c43b39a09e3915e68f1dab3a3e96f0dc3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:cf:5c:64:66:59:71:5a:b4:bc:fe:b4:53:ba:
                    f1:a5:f3:68:47:9d:5b:bb:0f:2c:09:7f:1b:9c:4f:
                    81:13:c5:a6:68:30:a0:e6:32:1f:a3:6e:cf:4d:43:
                    6f:5b:0f:78:82:ce:12:00:32:f0:a0:a1:2b:97:ed:
                    27:ca:2c:a7:ed:2b:55:ec:7d:d8:5a:87:37:47:f3:
                    25:26:e5:a6:4e:57:39:da:7c:c8:69:17:3a:bb:c6:
                    7a:5b:bc:42:b4:47:69:51:65:6a:cd:44:40:f0:ab:
                    25:cb:c4:4d:0a:b9:32:b4:86:0f:7e:1d:70:8d:3e:
                    4d:f2:fe:f9:a0:39:6e:23:b8:92:33:e5:06:c8:49:
                    5e:dd:ca:da:47:1e:26:ac:fb:66:ab:29:a2:e9:83:
                    fe:d9:20:33:b4:7b:64:44:9c:c7:75:49:ce:80:d2:
                    4c:bb:de:ed:b5:11:81:4f:7f:99:44:3b:46:46:92:
                    a2:b0:f1:09:b1:73:bc:56:52:12:2b:fc:d4:8b:44:
                    19:4f:a9:dd:c0:bc:e6:6d:f6:c0:32:2b:ca:a2:d5:
                    84:08:38:95:f5:01:95:d8:ff:07:a3:e8:c0:a8:6f:
                    e3:9f:fd:8f:dc:ff:20:c0:ee:55:7d:d7:d0:1e:97:
                    97:d5:5b:90:14:22:7b:f7:b2:d6:1e:16:8e:f9:4b:
                    02:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:5B:C0:1C:43:B3:9A:09:E3:91:5E:68:F1:DA:B3:A3:E9:6F:0D:C3
            X509v3 Authority Key Identifier:
                keyid:1C:E6:5C:57:68:6C:E5:E5:1B:36:7F:C9:96:B4:9B:CC:59:89:6B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HOZcV2hs5eUbNn_JlrSbzFmJa5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/af8f36-e358-4b76-8822-128b5c3d053a/1/0lvAHEOzmgnjkV5o8dqzo-lvDcM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/af8f36-e358-4b76-8822-128b5c3d053a/1/HOZcV2hs5eUbNn_JlrSbzFmJa5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.129.148.0/24
                  45.129.150.0/23
                IPv6:
                  2a0e:4c41::/32
                  2a0e:4c47:ffff::/48

    Signature Algorithm: sha256WithRSAEncryption
         53:b8:d3:d6:ed:fa:28:04:72:8a:53:97:c2:40:f2:6d:e1:e0:
         c9:b5:65:0f:d5:32:c0:f5:38:c7:c2:22:3f:ff:8d:69:18:8c:
         dc:13:3a:90:f4:a4:81:da:29:3d:3d:8c:ff:62:77:57:46:85:
         03:ef:f5:0d:76:6a:03:0c:92:85:f9:65:e9:8e:b1:ac:e4:89:
         51:23:ff:a9:c8:cd:82:1a:25:b4:86:60:87:15:0d:1a:b4:b3:
         34:7a:c3:8d:fa:c4:be:e4:57:bd:8a:ff:aa:10:35:46:0c:e0:
         9a:59:4f:16:c3:6f:bb:56:34:17:9a:ce:04:f9:13:fd:0e:97:
         94:db:c5:d7:83:6f:89:db:5e:b9:c8:8a:8c:ee:0c:b9:3e:36:
         43:37:17:56:76:04:e4:a7:b5:66:54:b5:77:1a:a4:7a:6e:bb:
         5f:1e:52:8e:3a:06:a9:3a:dc:ad:cb:a9:e8:be:33:21:ff:dd:
         bd:e4:ed:18:27:e6:40:03:b0:43:d1:74:31:f6:46:ee:2c:48:
         0b:de:8b:11:38:3e:75:10:0a:ed:61:9d:1c:4d:4b:cd:b9:a3:
         80:3f:b3:e9:40:d8:57:7e:0a:1d:b5:ed:9c:d5:23:70:b7:de:
         92:57:99:91:1f:3a:fe:6d:ec:69:42:74:59:68:91:c3:53:d9:
         82:e5:47:a4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZb7v4VMfwFYkMFzX9+ozvzWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZTY1YzU3Njg2Y2U1ZTUxYjM2N2ZjOTk2YjQ5YmNjNTk4
OTZiOWMwHhcNMjUwNTIzMDYwNTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjViYzAxYzQzYjM5YTA5ZTM5MTVlNjhmMWRhYjNhM2U5NmYwZGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl89cZGZZcVq0vP60U7rxpfNoR51b
uw8sCX8bnE+BE8WmaDCg5jIfo27PTUNvWw94gs4SADLwoKErl+0nyiyn7StV7H3Y
Woc3R/MlJuWmTlc52nzIaRc6u8Z6W7xCtEdpUWVqzURA8Ksly8RNCrkytIYPfh1w
jT5N8v75oDluI7iSM+UGyEle3craRx4mrPtmqymi6YP+2SAztHtkRJzHdUnOgNJM
u97ttRGBT3+ZRDtGRpKisPEJsXO8VlISK/zUi0QZT6ndwLzmbfbAMivKotWECDiV
9QGV2P8Ho+jAqG/jn/2P3P8gwO5VfdfQHpeX1VuQFCJ797LWHhaO+UsCKQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNJbwBxDs5oJ45FeaPHas6Ppbw3DMB8GA1UdIwQY
MBaAFBzmXFdobOXlGzZ/yZa0m8xZiWucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE9aY1YyaHM1ZVViTm5fSmxyU2J6Rm1KYTV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9hZjhmMzYtZTM1OC00Yjc2LTg4MjIt
MTI4YjVjM2QwNTNhLzEvMGx2QUhFT3ptZ25qa1Y1bzhkcXpvLWx2RGNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9hZjhmMzYtZTM1OC00Yjc2LTg4MjItMTI4YjVjM2QwNTNh
LzEvSE9aY1YyaHM1ZVViTm5fSmxyU2J6Rm1KYTV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQALYGUAwQB
LYGWMBYEAgACMBADBQAqDkxBAwcAKg5MR///MA0GCSqGSIb3DQEBCwUAA4IBAQBT
uNPW7fooBHKKU5fCQPJt4eDJtWUP1TLA9TjHwiI//41pGIzcEzqQ9KSB2ik9PYz/
YndXRoUD7/UNdmoDDJKF+WXpjrGs5IlRI/+pyM2CGiW0hmCHFQ0atLM0esON+sS+
5Fe9iv+qEDVGDOCaWU8Ww2+7VjQXms4E+RP9DpeU28XXg2+J2165yIqM7gy5PjZD
NxdWdgTkp7VmVLV3GqR6brtfHlKOOgapOtyty6novjMh/9295O0YJ+ZAA7BD0XQx
9kbuLEgL3osROD51EArtYZ0cTUvNuaOAP7PpQNhXfgodte2c1SNwt96SV5mRHzr+
bexpQnRZaJHDU9mC5Uek
-----END CERTIFICATE-----
Generated at Tue Jun 10 21:09:16 2025 by rpki-client