Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/c8YBwvNAqQoZPxa0uvMBycy0JUM.roa
File:                     c8YBwvNAqQoZPxa0uvMBycy0JUM.roa (raw, json)
Hash identifier:          +C749Bmkbe3pT5JQ+H9Aji3F8dHHe4BkX0r2m0hQWTU=
Subject key identifier:   73:C6:01:C2:F3:40:A9:0A:19:3F:16:B4:BA:F3:01:C9:CC:B4:25:43
Certificate issuer:       /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial:       019CAF39CFB6A6526E8C84F34A2172E5D302
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/c8YBwvNAqQoZPxa0uvMBycy0JUM.roa
Signing time:             Mon 02 Mar 2026 15:45:27 +0000
ROA not before:           Mon 02 Mar 2026 15:45:27 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     30058
IP address blocks:        45.145.59.0/24 maxlen: 24
                          45.146.89.0/24 maxlen: 24
                          45.146.90.0/24 maxlen: 24
                          45.152.202.0/24 maxlen: 24
                          193.39.143.0/24 maxlen: 24
                          2a0a:2d06:104::/48 maxlen: 48
                          2a0f:7d05::/32 maxlen: 32
                          2a0f:e7c2::/32 maxlen: 32
                          2a10:7500::/29 maxlen: 29
                          2a11:efc0::/29 maxlen: 29
                          2a12:ef00::/29 maxlen: 29
                          2a13:d46::/32 maxlen: 32
                          2a13:d47::/32 maxlen: 32
                          2a13:c905::/32 maxlen: 32
Validation:               Failed, certificate revoked on Fri 06 Mar 2026 11:27:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:af:39:cf:b6:a6:52:6e:8c:84:f3:4a:21:72:e5:d3:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
        Validity
            Not Before: Mar  2 15:45:27 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=73c601c2f340a90a193f16b4baf301c9ccb42543
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:7c:2d:a3:57:f0:6e:63:52:50:5b:aa:67:4f:
                    8f:cd:e7:3c:71:c3:bc:6e:bd:12:9f:6a:4e:00:72:
                    34:f4:b3:78:26:05:77:f9:5d:d8:de:e2:5a:6b:a1:
                    6b:79:8c:08:dc:e9:85:4c:02:79:19:fd:9f:21:13:
                    09:dd:c2:47:50:54:9b:96:bc:a5:b0:36:cb:86:e4:
                    6f:f8:66:66:40:7a:5e:bf:c9:fc:ec:b5:46:ea:57:
                    57:be:20:b5:98:e5:fb:b9:82:de:35:e1:70:72:c6:
                    00:e9:43:3a:1e:ba:a0:2d:a3:fe:5a:55:c8:1b:18:
                    61:4d:25:16:13:c8:3d:51:9d:47:5d:1a:03:08:49:
                    6e:4d:bb:b6:91:9b:5c:48:be:b0:d3:dd:05:85:71:
                    c3:76:17:24:bf:f1:41:27:95:eb:6e:24:62:f6:d4:
                    be:19:3e:fc:aa:59:a6:4f:bb:5b:93:70:e5:82:3f:
                    92:e1:53:d5:3e:d5:a2:a6:02:12:7f:0f:b1:ad:18:
                    c4:c1:e9:7c:92:bb:45:7e:f2:e2:49:6d:17:c4:fb:
                    af:53:db:88:4e:2c:b9:24:45:6d:b8:fb:a1:85:a5:
                    68:89:40:5e:44:10:8a:1d:2f:2b:ed:ef:8c:5f:ec:
                    94:71:ba:d7:8d:2d:55:91:ab:af:e7:2a:fa:fd:62:
                    7d:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:C6:01:C2:F3:40:A9:0A:19:3F:16:B4:BA:F3:01:C9:CC:B4:25:43
            X509v3 Authority Key Identifier:
                keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/c8YBwvNAqQoZPxa0uvMBycy0JUM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.145.59.0/24
                  45.146.89.0-45.146.90.255
                  45.152.202.0/24
                  193.39.143.0/24
                IPv6:
                  2a0a:2d06:104::/48
                  2a0f:7d05::/32
                  2a0f:e7c2::/32
                  2a10:7500::/29
                  2a11:efc0::/29
                  2a12:ef00::/29
                  2a13:d46::/31
                  2a13:c905::/32

    Signature Algorithm: sha256WithRSAEncryption
         11:74:18:76:73:cb:d1:0c:df:c3:e5:c4:4f:37:db:22:ff:94:
         ba:bb:a5:b1:38:d8:3f:e1:84:ba:66:6a:72:98:f6:86:ef:6f:
         34:4f:a9:5b:38:53:e4:1e:17:7c:71:f8:7e:77:37:8a:b2:3d:
         7b:66:05:36:8b:e8:bd:9e:a0:a3:e2:0f:01:7f:ee:5a:d2:07:
         3c:44:26:0f:35:9d:c0:02:8d:20:b5:5e:02:94:85:cb:2a:8a:
         1c:7d:2a:68:e6:a4:89:37:d4:61:d0:c6:70:9d:1c:cc:12:a2:
         2c:46:e6:90:91:c6:d9:70:34:c9:9f:c8:0f:83:21:b3:f5:2b:
         2d:51:88:3d:37:18:c9:51:8a:09:a6:50:c7:ec:55:e1:8c:b3:
         9f:00:1f:64:05:c3:d5:95:88:28:b6:4a:70:7d:1a:51:a1:c4:
         44:d5:aa:f3:ca:6a:b6:5d:74:d6:dc:d8:9c:f6:1c:43:30:af:
         f7:a9:08:36:3a:fe:79:e9:33:fd:a2:2b:c7:f9:5e:3b:fd:0f:
         d5:2f:bb:9e:28:21:9b:53:85:ec:2f:ae:76:4f:8f:97:37:03:
         43:5e:86:16:ea:5c:e0:61:fe:e3:bd:98:d1:54:a0:f2:61:65:
         08:c9:19:ac:52:9c:02:05:b2:ea:61:43:f0:83:e6:00:a2:93:
         53:69:5a:43
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZyvOc+2plJujITzSiFy5dMCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMzAyMTU0NTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2M2MDFjMmYzNDBhOTBhMTkzZjE2YjRiYWYzMDFjOWNjYjQyNTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHwto1fwbmNSUFuqZ0+Pzec8ccO8
br0Sn2pOAHI09LN4JgV3+V3Y3uJaa6FreYwI3OmFTAJ5Gf2fIRMJ3cJHUFSblryl
sDbLhuRv+GZmQHpev8n87LVG6ldXviC1mOX7uYLeNeFwcsYA6UM6HrqgLaP+WlXI
GxhhTSUWE8g9UZ1HXRoDCEluTbu2kZtcSL6w090FhXHDdhckv/FBJ5XrbiRi9tS+
GT78qlmmT7tbk3Dlgj+S4VPVPtWipgISfw+xrRjEwel8krtFfvLiSW0XxPuvU9uI
Tiy5JEVtuPuhhaVoiUBeRBCKHS8r7e+MX+yUcbrXjS1Vkauv5yr6/WJ9VQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFHPGAcLzQKkKGT8WtLrzAcnMtCVDMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvYzhZQnd2TkFxUW9aUHhhMHV2TUJ5Y3kwSlVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajAmBAIAATAgAwQALZE7MAwD
BAAtklkDBAAtkloDBAAtmMoDBADBJ48wQAQCAAIwOgMHACoKLQYBBAMFACoPfQUD
BQAqD+fCAwUDKhB1AAMFAyoR78ADBQMqEu8AAwUBKhMNRgMFACoTyQUwDQYJKoZI
hvcNAQELBQADggEBABF0GHZzy9EM38PlxE832yL/lLq7pbE42D/hhLpmanKY9obv
bzRPqVs4U+QeF3xx+H53N4qyPXtmBTaL6L2eoKPiDwF/7lrSBzxEJg81ncACjSC1
XgKUhcsqihx9KmjmpIk31GHQxnCdHMwSoixG5pCRxtlwNMmfyA+DIbP1Ky1RiD03
GMlRigmmUMfsVeGMs58AH2QFw9WViCi2SnB9GlGhxETVqvPKarZddNbc2Jz2HEMw
r/epCDY6/nnpM/2iK8f5Xjv9D9Uvu54oIZtThewvrnZPj5c3A0NehhbqXOBh/uO9
mNFUoPJhZQjJGaxSnAIFsuphQ/CD5gCik1NpWkM=
-----END CERTIFICATE-----