Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/GA8KSF3J_6zS1VQirmeGiu8-h8Y.roa
File:                     GA8KSF3J_6zS1VQirmeGiu8-h8Y.roa (raw, json)
Hash identifier:          9mJrMb+TO3yYlThZ3EBSmvAGa3ip9VFXNTr7eht4oqU=
Subject key identifier:   18:0F:0A:48:5D:C9:FF:AC:D2:D5:54:22:AE:67:86:8A:EF:3E:87:C6
Certificate issuer:       /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial:       0196CB2B3C9EF15445D0DD5DBD3DBF9E92DC
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/GA8KSF3J_6zS1VQirmeGiu8-h8Y.roa
Signing time:             Tue 13 May 2025 19:42:10 +0000
ROA not before:           Tue 13 May 2025 19:42:10 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     28753
IP address blocks:        45.9.116.0/24 maxlen: 24
                          45.9.122.0/24 maxlen: 24
                          45.128.76.0/24 maxlen: 24
                          45.154.58.0/24 maxlen: 24
                          93.190.244.0/24 maxlen: 24
                          2a04:9f40::/29 maxlen: 29
                          2a06:1184:101::/48 maxlen: 48
                          2a06:3bc0::/29 maxlen: 29
                          2a07:8a40::/29 maxlen: 29
                          2a0a:2d06:102::/48 maxlen: 48
                          2a0a:2d06:103::/48 maxlen: 48
                          2a0c:7886:99::/48 maxlen: 48
                          2a0c:7886:100::/48 maxlen: 48
                          2a0e:15c7:99::/48 maxlen: 48
                          2a0f:140::/29 maxlen: 29
                          2a0f:2500::/29 maxlen: 29
                          2a0f:cc00::/29 maxlen: 29
                          2a0f:d200::/29 maxlen: 29
                          2a0f:da40::/29 maxlen: 29
                          2a0f:db40::/29 maxlen: 29
                          2a0f:dfc0::/29 maxlen: 29
                          2a0f:e040::/29 maxlen: 29
                          2a0f:e4c0::/29 maxlen: 29
                          2a0f:fc00::/29 maxlen: 29
                          2a12:ac46:77::/48 maxlen: 48
                          2a12:ecc0:168::/48 maxlen: 48
                          2a12:ecc0:178::/48 maxlen: 48
                          2a13:18c6:77::/48 maxlen: 48
                          2a13:18c6:88::/48 maxlen: 48
                          2a13:7d80::/29 maxlen: 29
                          2a13:8c86:10a::/48 maxlen: 48
                          2a13:8c86:130::/48 maxlen: 48
                          2a13:c900:88::/48 maxlen: 48
                          2a13:c900:99::/48 maxlen: 48
                          2a13:e107:99::/48 maxlen: 48
                          2a13:e107:9c::/48 maxlen: 48
Validation:               Failed, certificate revoked on Wed 14 May 2025 16:05:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cb:2b:3c:9e:f1:54:45:d0:dd:5d:bd:3d:bf:9e:92:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
        Validity
            Not Before: May 13 19:42:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=180f0a485dc9ffacd2d55422ae67868aef3e87c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:40:31:a8:be:a8:92:6c:a4:38:6d:2a:fa:16:
                    e8:ce:28:1e:48:d6:be:d1:12:f4:dc:8a:34:8d:97:
                    7b:ac:5e:e3:6d:9b:90:1d:2d:cc:94:64:9d:ff:92:
                    07:ef:94:81:5c:9a:c7:da:a2:b5:bd:e3:b7:42:34:
                    64:32:68:50:ab:26:0e:ae:23:d6:11:3c:8c:77:f6:
                    ad:3f:c2:e3:5b:06:76:d1:6d:d7:2b:65:38:32:40:
                    1e:1e:39:83:5b:99:c8:ef:cd:f0:a8:c2:e8:c6:f2:
                    99:5e:fc:af:f4:34:14:a3:2e:e0:36:65:f9:8c:16:
                    89:fb:79:48:55:de:69:36:28:c8:c4:ea:2e:be:a1:
                    00:bc:f9:1e:d4:e1:bc:17:9b:22:ba:ba:37:3c:59:
                    17:59:ab:8d:27:3f:9f:64:7b:0f:7c:77:78:d3:95:
                    d0:9c:a7:2e:60:fc:e3:3c:8e:55:9d:0f:d6:17:34:
                    ec:e3:4d:2a:16:e0:56:74:73:bc:93:3a:1d:fb:a3:
                    5f:26:fc:2c:85:9e:20:ca:ee:8a:e9:c8:ef:e0:15:
                    0f:ea:1b:7c:8b:88:44:56:51:6f:d0:09:6a:0f:72:
                    34:00:a0:ce:2b:ea:32:22:c3:b3:b1:4e:9e:2d:51:
                    f0:a1:43:4c:04:7d:38:0c:b9:34:25:c3:1e:fd:2c:
                    9b:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:0F:0A:48:5D:C9:FF:AC:D2:D5:54:22:AE:67:86:8A:EF:3E:87:C6
            X509v3 Authority Key Identifier:
                keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/GA8KSF3J_6zS1VQirmeGiu8-h8Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.9.116.0/24
                  45.9.122.0/24
                  45.128.76.0/24
                  45.154.58.0/24
                  93.190.244.0/24
                IPv6:
                  2a04:9f40::/29
                  2a06:1184:101::/48
                  2a06:3bc0::/29
                  2a07:8a40::/29
                  2a0a:2d06:102::/47
                  2a0c:7886:99::/48
                  2a0c:7886:100::/48
                  2a0e:15c7:99::/48
                  2a0f:140::/29
                  2a0f:2500::/29
                  2a0f:cc00::/29
                  2a0f:d200::/29
                  2a0f:da40::/29
                  2a0f:db40::/29
                  2a0f:dfc0::/29
                  2a0f:e040::/29
                  2a0f:e4c0::/29
                  2a0f:fc00::/29
                  2a12:ac46:77::/48
                  2a12:ecc0:168::/48
                  2a12:ecc0:178::/48
                  2a13:18c6:77::/48
                  2a13:18c6:88::/48
                  2a13:7d80::/29
                  2a13:8c86:10a::/48
                  2a13:8c86:130::/48
                  2a13:c900:88::/48
                  2a13:c900:99::/48
                  2a13:e107:99::/48
                  2a13:e107:9c::/48

    Signature Algorithm: sha256WithRSAEncryption
         a5:86:f0:a4:8b:1a:a6:9b:2d:0d:b9:ca:b4:bb:77:cb:3b:ad:
         c0:8e:5d:32:05:2e:81:c0:82:2b:6c:68:ae:44:60:54:5e:b6:
         b8:0a:76:d5:0d:27:97:c4:63:8c:da:d4:b8:7b:1b:10:1d:16:
         c5:3f:5e:6b:74:21:c3:8f:95:1f:3c:e4:e0:c7:36:d8:66:9e:
         15:ca:95:d4:37:8c:f9:34:3e:9e:54:65:9d:2b:27:ab:cc:39:
         35:e4:dc:61:9f:68:39:66:0d:02:49:03:a5:28:59:d3:50:86:
         b0:df:c4:0b:e3:6e:75:69:de:42:53:b3:e6:4e:a7:ff:40:43:
         39:0f:e0:86:1b:5e:74:15:0f:0c:83:9f:32:be:82:7f:41:38:
         2d:31:0f:23:12:cf:55:ed:f8:08:42:8c:86:2d:92:4b:4f:40:
         6e:07:0b:9b:cf:b7:9c:7c:1e:5b:7b:e0:df:9f:af:96:a5:d7:
         12:2b:90:e1:59:d2:88:36:b8:0e:d2:83:e3:0d:3c:a8:fd:1d:
         d5:76:a6:32:c8:67:61:ca:7b:2e:b0:e5:d9:84:b4:5d:94:df:
         6d:57:2e:6d:de:b5:ea:8e:4c:6c:06:f6:11:76:4a:e6:81:4a:
         3e:6e:1a:88:26:74:a6:5c:4d:65:0c:1a:b7:a2:4b:a6:ed:92:
         58:f8:99:e6
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgISAZbLKzye8VRF0N1dvT2/npLcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNTEzMTk0MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODBmMGE0ODVkYzlmZmFjZDJkNTU0MjJhZTY3ODY4YWVmM2U4N2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEAxqL6okmykOG0q+hbozigeSNa+
0RL03Io0jZd7rF7jbZuQHS3MlGSd/5IH75SBXJrH2qK1veO3QjRkMmhQqyYOriPW
ETyMd/atP8LjWwZ20W3XK2U4MkAeHjmDW5nI783wqMLoxvKZXvyv9DQUoy7gNmX5
jBaJ+3lIVd5pNijIxOouvqEAvPke1OG8F5siuro3PFkXWauNJz+fZHsPfHd405XQ
nKcuYPzjPI5VnQ/WFzTs400qFuBWdHO8kzod+6NfJvwshZ4gyu6K6cjv4BUP6ht8
i4hEVlFv0AlqD3I0AKDOK+oyIsOzsU6eLVHwoUNMBH04DLk0JcMe/SybUQIDAQAB
o4IDIzCCAx8wHQYDVR0OBBYEFBgPCkhdyf+s0tVUIq5nhorvPofGMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvR0E4S1NGM0pfNnpTMVZRaXJtZUdpdTgtaDhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNwYIKwYBBQUHAQcBAf8EggEmMIIBIjAkBAIAATAeAwQA
LQl0AwQALQl6AwQALYBMAwQALZo6AwQAXb70MIH5BAIAAjCB8gMFAyoEn0ADBwAq
BhGEAQEDBQMqBjvAAwUDKgeKQAMHASoKLQYBAgMHACoMeIYAmQMHACoMeIYBAAMH
ACoOFccAmQMFAyoPAUADBQMqDyUAAwUDKg/MAAMFAyoP0gADBQMqD9pAAwUDKg/b
QAMFAyoP38ADBQMqD+BAAwUDKg/kwAMFAyoP/AADBwAqEqxGAHcDBwAqEuzAAWgD
BwAqEuzAAXgDBwAqExjGAHcDBwAqExjGAIgDBQMqE32AAwcAKhOMhgEKAwcAKhOM
hgEwAwcAKhPJAACIAwcAKhPJAACZAwcAKhPhBwCZAwcAKhPhBwCcMA0GCSqGSIb3
DQEBCwUAA4IBAQClhvCkixqmmy0Nucq0u3fLO63Ajl0yBS6BwIIrbGiuRGBUXra4
CnbVDSeXxGOM2tS4exsQHRbFP15rdCHDj5UfPOTgxzbYZp4VypXUN4z5ND6eVGWd
KyerzDk15Nxhn2g5Zg0CSQOlKFnTUIaw38QL4251ad5CU7PmTqf/QEM5D+CGG150
FQ8Mg58yvoJ/QTgtMQ8jEs9V7fgIQoyGLZJLT0BuBwubz7ecfB5be+Dfn6+WpdcS
K5DhWdKINrgO0oPjDTyo/R3VdqYyyGdhynsusOXZhLRdlN9tVy5t3rXqjkxsBvYR
dkrmgUo+bhqIJnSmXE1lDBq3okum7ZJY+Jnm
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:09:33 2025 by rpki-client