Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/j4g4Bw6eW-Z3lpRVOaorBk0bkhs.roa
File:                     j4g4Bw6eW-Z3lpRVOaorBk0bkhs.roa (raw, json)
Hash identifier:          kEm+1+PBidvhPktUQSwZLrnyEr/nATywSWqWbhUFuVc=
Subject key identifier:   8F:88:38:07:0E:9E:5B:E6:77:96:94:55:39:AA:2B:06:4D:1B:92:1B
Certificate issuer:       /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial:       0196683ED54C8B5BF11960A5D4D4D8D1B07A
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/j4g4Bw6eW-Z3lpRVOaorBk0bkhs.roa
Signing time:             Thu 24 Apr 2025 14:41:10 +0000
ROA not before:           Thu 24 Apr 2025 14:41:10 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     834
IP address blocks:        81.22.135.0/24 maxlen: 24
                          81.22.136.0/22 maxlen: 23
                          81.22.142.0/23 maxlen: 24
                          89.185.0.0/22 maxlen: 22
                          109.72.116.0/22 maxlen: 24
Validation:               Failed, certificate revoked on Fri 25 Apr 2025 09:05:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:68:3e:d5:4c:8b:5b:f1:19:60:a5:d4:d4:d8:d1:b0:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
        Validity
            Not Before: Apr 24 14:41:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=8f8838070e9e5be67796945539aa2b064d1b921b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:ff:41:f0:24:d2:d8:7e:89:20:f1:b3:03:16:
                    81:d0:c7:6f:37:ec:97:ac:38:29:7e:18:b8:76:e8:
                    32:f3:e6:6a:4e:d6:bd:fe:58:fd:d6:d3:e5:cc:61:
                    f9:21:6c:ff:ce:d9:1a:3d:21:cf:a3:75:b2:11:32:
                    71:b8:d9:d2:76:ee:08:67:aa:f4:db:74:f0:ef:a3:
                    29:8e:2c:95:c9:e1:cc:d3:6e:ef:f8:4c:23:d3:1f:
                    bf:70:15:c3:c3:20:91:b5:b8:6c:8b:70:c0:8a:1d:
                    1b:54:7e:82:84:cc:fe:c9:dd:70:16:e8:a4:a2:67:
                    32:ea:11:5b:4a:e3:29:9e:f4:8b:62:67:c8:6d:82:
                    73:13:83:3f:b8:09:4b:77:27:6d:a8:f4:ee:d7:49:
                    d2:81:1d:61:7d:c8:ec:b3:a3:23:e6:3f:9a:35:77:
                    d3:1b:f8:ad:96:c1:5f:60:c0:d8:9d:a7:b0:62:51:
                    1a:bc:1b:17:8a:03:2d:a2:7b:a1:c2:fe:3f:1c:9f:
                    6a:40:c0:d8:e5:e6:2b:66:8e:a8:e8:0e:8f:84:1e:
                    4f:4f:9f:b4:20:ef:b5:a0:33:01:3f:45:34:c7:d8:
                    e8:ce:ed:77:b6:80:56:c4:58:c9:06:cb:66:7c:ed:
                    db:3e:c8:bb:05:5d:4a:40:f9:c8:84:0c:c3:55:0b:
                    eb:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:88:38:07:0E:9E:5B:E6:77:96:94:55:39:AA:2B:06:4D:1B:92:1B
            X509v3 Authority Key Identifier:
                keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/j4g4Bw6eW-Z3lpRVOaorBk0bkhs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.22.135.0-81.22.139.255
                  81.22.142.0/23
                  89.185.0.0/22
                  109.72.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         72:11:cb:59:be:52:8d:6a:53:2f:b9:56:91:51:dd:fc:1a:aa:
         18:1b:8c:36:d1:a4:ad:86:8a:5e:07:54:35:da:25:4a:7a:e2:
         25:85:1a:7c:fe:6d:fc:49:58:98:f3:7b:25:20:2d:38:1e:77:
         e4:53:3c:36:0b:51:cd:e4:89:f6:2b:c5:0d:88:47:cd:c7:2f:
         11:ec:05:e7:92:ac:86:46:07:bb:a1:0d:36:81:69:d0:9e:99:
         63:ef:ee:a0:27:d7:b7:ac:43:c3:5d:4f:7c:e2:f3:18:d2:a9:
         1f:31:89:5d:c8:55:f1:02:57:e8:11:5e:d3:f6:7f:49:1b:ff:
         ad:72:8e:80:5b:10:c6:9e:8e:33:16:b1:6b:c0:a0:8d:34:e1:
         11:01:8a:c0:42:c2:7c:94:6b:0d:49:b0:4f:f1:bd:bc:e6:24:
         f9:54:ed:e9:74:46:18:a5:e3:9d:86:1f:32:1a:1e:3f:34:47:
         c8:d8:d7:d1:f4:41:18:5a:95:a3:e9:d5:90:ce:92:d9:4c:50:
         1a:4a:61:cc:89:99:ff:c4:5f:42:76:e3:eb:53:c0:12:36:31:
         43:f5:03:30:67:23:51:4b:32:db:7c:52:12:b2:c9:00:e6:36:
         04:89:05:ea:3b:c2:e9:12:b6:c7:88:a3:73:53:e7:a8:14:da:
         9f:d7:ba:a5
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZZoPtVMi1vxGWCl1NTY0bB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjUwNDI0MTQ0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjg4MzgwNzBlOWU1YmU2Nzc5Njk0NTUzOWFhMmIwNjRkMWI5MjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiv9B8CTS2H6JIPGzAxaB0MdvN+yX
rDgpfhi4dugy8+ZqTta9/lj91tPlzGH5IWz/ztkaPSHPo3WyETJxuNnSdu4IZ6r0
23Tw76MpjiyVyeHM027v+Ewj0x+/cBXDwyCRtbhsi3DAih0bVH6ChMz+yd1wFuik
omcy6hFbSuMpnvSLYmfIbYJzE4M/uAlLdydtqPTu10nSgR1hfcjss6Mj5j+aNXfT
G/itlsFfYMDYnaewYlEavBsXigMtonuhwv4/HJ9qQMDY5eYrZo6o6A6PhB5PT5+0
IO+1oDMBP0U0x9jozu13toBWxFjJBstmfO3bPsi7BV1KQPnIhAzDVQvrswIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFI+IOAcOnlvmd5aUVTmqKwZNG5IbMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvajRnNEJ3NmVXLVozbHBSVk9hb3JCazBia2hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABRFocD
BAJRFogDBAFRFo4DBAJZuQADBAJtSHQwDQYJKoZIhvcNAQELBQADggEBAHIRy1m+
Uo1qUy+5VpFR3fwaqhgbjDbRpK2Gil4HVDXaJUp64iWFGnz+bfxJWJjzeyUgLTge
d+RTPDYLUc3kifYrxQ2IR83HLxHsBeeSrIZGB7uhDTaBadCemWPv7qAn17esQ8Nd
T3zi8xjSqR8xiV3IVfECV+gRXtP2f0kb/61yjoBbEMaejjMWsWvAoI004REBisBC
wnyUaw1JsE/xvbzmJPlU7el0Rhil452GHzIaHj80R8jY19H0QRhalaPp1ZDOktlM
UBpKYcyJmf/EX0J24+tTwBI2MUP1AzBnI1FLMtt8UhKyyQDmNgSJBeo7wukStseI
o3NT56gU2p/XuqU=
-----END CERTIFICATE-----
Generated at Mon Jun 9 10:50:31 2025 by rpki-client