Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/69d8ea-b08b-4e7e-afce-4d20e34d0992/1/bVKjjr2G2akUFqn1644McJUdN0Q.roa
File:                     bVKjjr2G2akUFqn1644McJUdN0Q.roa (raw, json)
Hash identifier:          1PJTOOhLs0lH3VlnFEuBHdXnfcX2sVPZvXtQCm2o+Xg=
Subject key identifier:   6D:52:A3:8E:BD:86:D9:A9:14:16:A9:F5:EB:8E:0C:70:95:1D:37:44
Certificate issuer:       /CN=daee6df9728cd8af0f34a03ed6ea3151c3bc22c8
Certificate serial:       0196D40E51D12F9CEFDE0FF9C05E073220CD
Authority key identifier: DA:EE:6D:F9:72:8C:D8:AF:0F:34:A0:3E:D6:EA:31:51:C3:BC:22:C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2u5t-XKM2K8PNKA-1uoxUcO8Isg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/69d8ea-b08b-4e7e-afce-4d20e34d0992/1/bVKjjr2G2akUFqn1644McJUdN0Q.roa
Signing time:             Thu 15 May 2025 13:07:10 +0000
ROA not before:           Thu 15 May 2025 13:07:10 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     42151
IP address blocks:        195.242.142.0/23 maxlen: 24
Validation:               Failed, certificate revoked on Fri 16 May 2025 14:23:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:d4:0e:51:d1:2f:9c:ef:de:0f:f9:c0:5e:07:32:20:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daee6df9728cd8af0f34a03ed6ea3151c3bc22c8
        Validity
            Not Before: May 15 13:07:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=6d52a38ebd86d9a91416a9f5eb8e0c70951d3744
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:10:81:82:9a:34:1e:da:8f:6d:e2:a7:c9:15:
                    b0:79:e4:8e:92:c5:72:0b:a8:35:c3:c1:e0:e9:c7:
                    ea:1b:96:9e:ce:11:0e:cb:24:25:35:d1:ef:d8:b6:
                    12:7b:eb:87:c1:f9:82:8f:24:82:a6:e6:85:4e:12:
                    63:3d:c2:d0:24:ac:b6:49:e2:9b:a6:bb:6e:65:5c:
                    cf:77:30:dc:91:0b:03:27:19:63:8b:e7:0d:2f:c6:
                    d6:73:e4:c7:86:f7:55:cd:55:4a:9b:d9:ab:ab:ba:
                    41:b5:74:dd:e8:9d:3f:29:9e:59:77:e4:33:25:c1:
                    61:76:9c:cd:5d:7b:92:29:65:dc:3b:9d:cf:76:26:
                    ad:73:87:7c:db:19:35:6e:e9:9c:ad:d0:f3:79:e8:
                    fd:f7:48:07:3f:44:8f:39:9d:16:5d:54:2a:1b:39:
                    50:e3:7a:9b:7c:4d:22:36:bb:5a:39:91:0c:cd:49:
                    be:67:84:ab:ab:1d:bb:cb:73:16:c4:bf:9b:5c:f0:
                    8e:1f:83:6f:40:75:76:38:cc:67:d2:b8:54:0a:d0:
                    83:a3:d6:53:d3:bf:f3:0a:f3:61:9b:3f:b0:a6:8d:
                    72:c3:17:65:61:3f:77:c5:37:85:86:07:02:8b:0e:
                    05:29:cc:ec:e8:2b:42:d5:c7:86:bf:4d:d5:36:1f:
                    96:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:52:A3:8E:BD:86:D9:A9:14:16:A9:F5:EB:8E:0C:70:95:1D:37:44
            X509v3 Authority Key Identifier:
                keyid:DA:EE:6D:F9:72:8C:D8:AF:0F:34:A0:3E:D6:EA:31:51:C3:BC:22:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2u5t-XKM2K8PNKA-1uoxUcO8Isg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/69d8ea-b08b-4e7e-afce-4d20e34d0992/1/bVKjjr2G2akUFqn1644McJUdN0Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/69d8ea-b08b-4e7e-afce-4d20e34d0992/1/2u5t-XKM2K8PNKA-1uoxUcO8Isg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.242.142.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6e:47:f4:8b:7e:c0:ce:ba:fa:5a:dc:fb:26:b2:ce:2e:91:91:
         23:a3:28:db:6d:b8:ef:dd:c2:5f:a2:54:59:45:5c:d2:c4:c4:
         54:fa:99:ca:1e:87:8c:ef:a0:b7:21:57:4e:54:54:40:89:d0:
         ae:6d:af:59:60:b4:1d:da:46:9d:37:57:26:c9:01:90:5c:1b:
         ac:99:c7:9a:46:d5:80:ab:54:43:cf:2c:a8:69:0d:4f:48:ba:
         8e:1a:19:80:13:33:99:7a:ad:13:83:8b:34:02:39:1b:1a:a0:
         8c:f8:82:f8:36:81:d5:32:37:c3:91:b7:ee:a3:9c:3b:92:63:
         19:44:8b:b9:41:a7:ee:f8:c5:14:1f:c3:7f:3a:28:67:ad:ec:
         eb:c9:77:15:10:b2:7a:c1:9e:4f:48:26:e0:ca:86:8d:a8:01:
         5a:85:63:16:40:1a:d4:c1:54:31:61:04:f3:95:66:2a:c3:86:
         2f:c6:13:9d:4b:0b:e5:07:7d:8e:de:75:85:67:8d:f5:e3:b4:
         14:10:9d:0b:a8:f0:42:8e:ba:28:2b:ea:e9:f9:b1:e1:73:9c:
         d6:df:2f:5e:93:40:90:cd:95:1f:d3:86:cc:70:25:e1:cc:c8:
         f1:e3:cc:0c:b0:59:6f:a1:9e:91:40:45:92:6c:01:d9:7c:26:
         fb:05:3c:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbUDlHRL5zv3g/5wF4HMiDNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZWU2ZGY5NzI4Y2Q4YWYwZjM0YTAzZWQ2ZWEzMTUxYzNi
YzIyYzgwHhcNMjUwNTE1MTMwNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDUyYTM4ZWJkODZkOWE5MTQxNmE5ZjVlYjhlMGM3MDk1MWQzNzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBCBgpo0HtqPbeKnyRWweeSOksVy
C6g1w8Hg6cfqG5aezhEOyyQlNdHv2LYSe+uHwfmCjySCpuaFThJjPcLQJKy2SeKb
prtuZVzPdzDckQsDJxlji+cNL8bWc+THhvdVzVVKm9mrq7pBtXTd6J0/KZ5Zd+Qz
JcFhdpzNXXuSKWXcO53Pdiatc4d82xk1bumcrdDzeej990gHP0SPOZ0WXVQqGzlQ
43qbfE0iNrtaOZEMzUm+Z4Srqx27y3MWxL+bXPCOH4NvQHV2OMxn0rhUCtCDo9ZT
07/zCvNhmz+wpo1ywxdlYT93xTeFhgcCiw4FKczs6CtC1ceGv03VNh+W7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG1So469htmpFBap9euODHCVHTdEMB8GA1UdIwQY
MBaAFNrubflyjNivDzSgPtbqMVHDvCLIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnU1dC1YS00ySzhQTktBLTF1b3hVY084SXNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC82OWQ4ZWEtYjA4Yi00ZTdlLWFmY2Ut
NGQyMGUzNGQwOTkyLzEvYlZLampyMkcyYWtVRnFuMTY0NE1jSlVkTjBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC82OWQ4ZWEtYjA4Yi00ZTdlLWFmY2UtNGQyMGUzNGQwOTky
LzEvMnU1dC1YS00ySzhQTktBLTF1b3hVY084SXNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw/KOMA0G
CSqGSIb3DQEBCwUAA4IBAQBuR/SLfsDOuvpa3Psmss4ukZEjoyjbbbjv3cJfolRZ
RVzSxMRU+pnKHoeM76C3IVdOVFRAidCuba9ZYLQd2kadN1cmyQGQXBusmceaRtWA
q1RDzyyoaQ1PSLqOGhmAEzOZeq0Tg4s0AjkbGqCM+IL4NoHVMjfDkbfuo5w7kmMZ
RIu5Qafu+MUUH8N/OihnrezryXcVELJ6wZ5PSCbgyoaNqAFahWMWQBrUwVQxYQTz
lWYqw4YvxhOdSwvlB32O3nWFZ43147QUEJ0LqPBCjrooK+rp+bHhc5zW3y9ek0CQ
zZUf04bMcCXhzMjx48wMsFlvoZ6RQEWSbAHZfCb7BTwY
-----END CERTIFICATE-----
Generated at Tue Jun 10 21:09:23 2025 by rpki-client