Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/ULpchVxbzQeblJ0uFfoPBRcvECg.roa
File:                     ULpchVxbzQeblJ0uFfoPBRcvECg.roa (raw, json)
Hash identifier:          2Hqc/DhE6f6r9rkiYXIwQMGzrhR/PDxUqqmf5FBdgmM=
Subject key identifier:   50:BA:5C:85:5C:5B:CD:07:9B:94:9D:2E:15:FA:0F:05:17:2F:10:28
Certificate issuer:       /CN=28cb5f3fb957251aad4ba09d0bab7352b74bb07d
Certificate serial:       018E0F0CCE4CBC20187C4D06EDDE8941AA65
Authority key identifier: 28:CB:5F:3F:B9:57:25:1A:AD:4B:A0:9D:0B:AB:73:52:B7:4B:B0:7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KMtfP7lXJRqtS6CdC6tzUrdLsH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/ULpchVxbzQeblJ0uFfoPBRcvECg.roa
Signing time:             Tue 05 Mar 2024 14:38:01 +0000
ROA not before:           Tue 05 Mar 2024 14:38:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43911
IP address blocks:        91.195.220.0/23 maxlen: 23
                          91.195.220.0/24 maxlen: 24
                          91.195.221.0/24 maxlen: 24
                          2001:67c:220::/48 maxlen: 48
Validation:               Failed, certificate revoked on Wed 01 Jan 2025 09:48:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:0f:0c:ce:4c:bc:20:18:7c:4d:06:ed:de:89:41:aa:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28cb5f3fb957251aad4ba09d0bab7352b74bb07d
        Validity
            Not Before: Mar  5 14:38:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=50ba5c855c5bcd079b949d2e15fa0f05172f1028
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:c2:73:bc:9c:84:35:c7:07:9d:41:f0:06:b7:
                    46:1b:ec:50:b6:ac:31:9f:b3:45:12:c0:34:78:15:
                    dc:a4:c1:bf:6f:94:42:e3:b0:da:03:46:06:ac:7b:
                    6c:83:a9:97:c7:dc:0c:e0:81:5a:9e:94:8f:f5:9a:
                    b6:98:2a:45:43:c5:9a:97:9b:ad:3f:29:be:4e:2e:
                    ff:6d:ac:9d:ea:c4:bf:51:cf:58:2b:a0:65:85:53:
                    9a:85:93:b8:ed:00:36:c7:ff:95:5f:06:46:9c:82:
                    e7:02:e8:bb:e5:c3:b7:31:b2:e0:50:a7:1a:5d:0f:
                    18:5d:ee:63:c9:03:30:28:7f:f3:72:b6:8b:59:ae:
                    3e:ec:5f:9d:ad:f8:84:5a:45:48:50:46:ee:f7:d2:
                    d2:e6:1a:2a:0b:0e:8c:3b:c7:93:61:10:8f:c5:2e:
                    f1:40:43:50:21:c4:b3:08:94:5f:37:72:9f:aa:bd:
                    ee:d7:36:be:97:ea:97:1f:36:d6:a6:7a:54:47:2e:
                    fb:a8:24:c7:c1:58:c8:5a:ab:23:ab:c3:63:fb:21:
                    ab:be:bd:46:9d:0c:b7:12:8a:23:6d:14:21:08:17:
                    8b:fb:3a:43:1d:5f:ec:06:db:76:02:75:79:31:78:
                    b4:86:01:96:9a:c7:74:b3:b5:13:ca:23:54:d9:0e:
                    e9:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:BA:5C:85:5C:5B:CD:07:9B:94:9D:2E:15:FA:0F:05:17:2F:10:28
            X509v3 Authority Key Identifier:
                keyid:28:CB:5F:3F:B9:57:25:1A:AD:4B:A0:9D:0B:AB:73:52:B7:4B:B0:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMtfP7lXJRqtS6CdC6tzUrdLsH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/ULpchVxbzQeblJ0uFfoPBRcvECg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.195.220.0/23
                IPv6:
                  2001:67c:220::/48

    Signature Algorithm: sha256WithRSAEncryption
         a8:48:f1:72:93:9c:82:29:48:00:38:b0:18:18:d7:2f:5b:03:
         01:60:05:40:42:4d:bd:ed:53:4f:73:92:3c:17:8d:9d:08:55:
         e5:1e:24:8a:3f:ba:c4:bd:3a:55:de:9c:ea:55:7f:7f:95:96:
         08:93:10:37:b4:85:04:c8:84:9c:3e:39:6b:9c:72:70:e0:60:
         b4:fa:66:cb:08:11:03:82:72:99:2d:ba:06:8e:5e:88:87:b2:
         c0:8e:24:a1:e4:78:d6:7a:a5:93:b8:84:22:c1:f5:5a:e9:be:
         cc:66:c0:13:88:b1:1e:8f:56:fb:df:df:a1:d0:07:f6:3b:3a:
         2d:5f:49:ca:d3:ac:6c:8e:cb:e7:22:3c:45:d9:21:2d:4c:7b:
         92:47:5f:cc:da:97:c2:40:0e:c5:be:5b:a6:bd:4a:23:30:38:
         ee:c4:f7:68:11:e7:59:bb:ef:f2:ac:49:6d:21:f4:32:99:b5:
         d9:97:40:d0:49:f5:a9:b4:fa:5c:4d:1c:58:d0:c5:07:6d:b3:
         b7:d8:6f:50:7d:93:6e:0f:80:4d:70:d0:5e:cc:d5:b4:22:eb:
         bf:a1:dc:b5:cb:f3:30:fb:46:f0:30:7a:27:54:c5:5f:47:be:
         dc:d1:26:dd:57:22:a7:ee:d3:ee:61:2a:47:2a:c9:3c:be:aa:
         3f:5d:a4:ff
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4PDM5MvCAYfE0G7d6JQaplMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4Y2I1ZjNmYjk1NzI1MWFhZDRiYTA5ZDBiYWI3MzUyYjc0
YmIwN2QwHhcNMjQwMzA1MTQzODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGJhNWM4NTVjNWJjZDA3OWI5NDlkMmUxNWZhMGYwNTE3MmYxMDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2MJzvJyENccHnUHwBrdGG+xQtqwx
n7NFEsA0eBXcpMG/b5RC47DaA0YGrHtsg6mXx9wM4IFanpSP9Zq2mCpFQ8Wal5ut
Pym+Ti7/bayd6sS/Uc9YK6BlhVOahZO47QA2x/+VXwZGnILnAui75cO3MbLgUKca
XQ8YXe5jyQMwKH/zcraLWa4+7F+drfiEWkVIUEbu99LS5hoqCw6MO8eTYRCPxS7x
QENQIcSzCJRfN3Kfqr3u1za+l+qXHzbWpnpURy77qCTHwVjIWqsjq8Nj+yGrvr1G
nQy3EoojbRQhCBeL+zpDHV/sBtt2AnV5MXi0hgGWmsd0s7UTyiNU2Q7pKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFC6XIVcW80Hm5SdLhX6DwUXLxAoMB8GA1UdIwQY
MBaAFCjLXz+5VyUarUugnQurc1K3S7B9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS010ZlA3bFhKUnF0UzZDZEM2dHpVcmRMc0gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9lNjYzMmItMWZiZi00OTZmLWIzNTUt
MTUzNmZjNzgzODVkLzEvVUxwY2hWeGJ6UWVibEowdUZmb1BCUmN2RUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9lNjYzMmItMWZiZi00OTZmLWIzNTUtMTUzNmZjNzgzODVk
LzEvS010ZlA3bFhKUnF0UzZDZEM2dHpVcmRMc0gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW8PcMA8E
AgACMAkDBwAgAQZ8AiAwDQYJKoZIhvcNAQELBQADggEBAKhI8XKTnIIpSAA4sBgY
1y9bAwFgBUBCTb3tU09zkjwXjZ0IVeUeJIo/usS9OlXenOpVf3+VlgiTEDe0hQTI
hJw+OWuccnDgYLT6ZssIEQOCcpktugaOXoiHssCOJKHkeNZ6pZO4hCLB9Vrpvsxm
wBOIsR6PVvvf36HQB/Y7Oi1fScrTrGyOy+ciPEXZIS1Me5JHX8zal8JADsW+W6a9
SiMwOO7E92gR51m77/KsSW0h9DKZtdmXQNBJ9am0+lxNHFjQxQdts7fYb1B9k24P
gE1w0F7M1bQi67+h3LXL8zD7RvAweidUxV9HvtzRJt1XIqfu0+5hKkcqyTy+qj9d
pP8=
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:43:20 2025 by rpki-client