Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/XngTUUCqjy7cAw8y71haifMV3XA.roa
File:                     XngTUUCqjy7cAw8y71haifMV3XA.roa (raw, json)
Hash identifier:          1LqIUfJ+u14bPtDjoD1/nMzxncgrFl7OmcEcEOdikpA=
Subject key identifier:   5E:78:13:51:40:AA:8F:2E:DC:03:0F:32:EF:58:5A:89:F3:15:DD:70
Certificate issuer:       /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial:       0195661C366B2002895ADC879C01DE4F7701
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/XngTUUCqjy7cAw8y71haifMV3XA.roa
Signing time:             Wed 05 Mar 2025 11:41:19 +0000
ROA not before:           Wed 05 Mar 2025 11:41:19 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     329007
IP address blocks:        193.135.157.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Thu 13 Mar 2025 06:54:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:66:1c:36:6b:20:02:89:5a:dc:87:9c:01:de:4f:77:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
        Validity
            Not Before: Mar  5 11:41:19 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=5e78135140aa8f2edc030f32ef585a89f315dd70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:be:cd:1f:e3:bc:bd:ac:8f:b2:e4:23:86:91:
                    56:ec:b8:c5:69:40:0c:d8:3f:e1:6d:3e:7e:d3:5a:
                    51:c4:95:88:8c:a4:cd:bb:40:56:65:74:28:98:9b:
                    7a:25:14:41:37:de:e6:ec:36:81:3f:a9:76:4b:92:
                    da:42:c0:c8:30:2b:e7:ad:55:b1:e3:d2:fd:c4:0d:
                    3f:3d:25:7a:82:65:e4:11:cc:de:d0:94:46:96:64:
                    31:02:03:85:fa:e9:21:6c:55:2d:d0:2d:9b:2c:7a:
                    d1:49:37:c3:3e:1e:db:ca:55:21:a6:0f:bd:1d:a2:
                    b7:b2:fd:4e:8a:d6:fb:f0:ff:81:66:b9:71:fb:82:
                    13:31:0f:6a:58:1c:a0:c7:e8:96:a4:7f:a4:e7:ff:
                    3f:91:9a:2a:e6:e6:2c:09:3c:cd:98:c5:83:bb:d3:
                    f3:bb:aa:a1:c1:38:96:10:d7:b7:4a:3e:bc:46:d7:
                    7c:2c:25:0f:6b:6c:6f:02:d9:a1:63:d5:8a:e2:99:
                    fb:62:ad:29:5f:61:4a:a8:39:f4:fd:44:93:20:9b:
                    e7:ee:5f:02:35:5f:15:1f:96:71:73:7d:48:c4:08:
                    58:6e:71:e3:a9:d1:42:2f:e0:df:71:26:09:bb:56:
                    c8:ed:64:a3:17:dd:f1:d2:4e:4e:be:a2:d2:67:90:
                    85:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:78:13:51:40:AA:8F:2E:DC:03:0F:32:EF:58:5A:89:F3:15:DD:70
            X509v3 Authority Key Identifier:
                keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/XngTUUCqjy7cAw8y71haifMV3XA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.135.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:da:50:65:e9:75:58:1d:27:2f:cb:80:5d:c9:32:bd:65:f1:
         30:0c:fc:91:1b:76:56:dc:54:62:a8:67:57:9c:6c:22:89:44:
         b5:89:37:12:18:cf:02:22:95:b1:11:8b:e0:94:d8:99:5c:b0:
         ed:81:79:fd:11:c3:54:8a:67:50:bc:0b:30:ec:26:1a:8b:29:
         aa:5a:90:b1:1d:84:09:3b:8b:ef:60:fa:ba:ec:fa:27:c2:f5:
         83:2a:24:24:cb:12:4f:34:8b:d8:8a:97:45:7e:0a:34:80:2a:
         54:0e:ff:33:58:17:f5:94:21:bf:45:dd:2d:b5:16:fe:5d:58:
         52:b2:c7:98:ef:2b:3d:fe:f0:14:4d:42:e6:d3:a7:d0:c5:1a:
         7c:e5:c7:c8:82:13:2e:0d:8e:d1:7c:be:36:6c:c4:83:f8:d0:
         d7:62:e0:c9:a1:49:64:09:27:0d:5d:bd:02:80:ef:3c:e1:36:
         7e:8a:8d:1c:22:31:ac:cd:5f:83:5b:10:4c:6b:f8:07:98:bd:
         8e:ec:90:50:b5:1a:6b:93:f7:6a:43:81:f7:5d:ef:64:04:32:
         bc:01:0b:99:82:1f:52:1e:4f:cd:1a:46:5f:d1:55:c1:27:a0:
         8d:6c:93:7a:4b:f1:1a:f4:a3:5f:50:da:ef:91:f6:6f:eb:35:
         11:6e:cc:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVmHDZrIAKJWtyHnAHeT3cBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjUwMzA1MTE0MTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTc4MTM1MTQwYWE4ZjJlZGMwMzBmMzJlZjU4NWE4OWYzMTVkZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA577NH+O8vayPsuQjhpFW7LjFaUAM
2D/hbT5+01pRxJWIjKTNu0BWZXQomJt6JRRBN97m7DaBP6l2S5LaQsDIMCvnrVWx
49L9xA0/PSV6gmXkEcze0JRGlmQxAgOF+ukhbFUt0C2bLHrRSTfDPh7bylUhpg+9
HaK3sv1Oitb78P+BZrlx+4ITMQ9qWBygx+iWpH+k5/8/kZoq5uYsCTzNmMWDu9Pz
u6qhwTiWENe3Sj68Rtd8LCUPa2xvAtmhY9WK4pn7Yq0pX2FKqDn0/USTIJvn7l8C
NV8VH5Zxc31IxAhYbnHjqdFCL+DfcSYJu1bI7WSjF93x0k5OvqLSZ5CFPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF54E1FAqo8u3AMPMu9YWonzFd1wMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvWG5nVFVVQ3FqeTdjQXc4eTcxaGFpZk1WM1hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwYedMA0G
CSqGSIb3DQEBCwUAA4IBAQBB2lBl6XVYHScvy4BdyTK9ZfEwDPyRG3ZW3FRiqGdX
nGwiiUS1iTcSGM8CIpWxEYvglNiZXLDtgXn9EcNUimdQvAsw7CYaiymqWpCxHYQJ
O4vvYPq67PonwvWDKiQkyxJPNIvYipdFfgo0gCpUDv8zWBf1lCG/Rd0ttRb+XVhS
sseY7ys9/vAUTULm06fQxRp85cfIghMuDY7RfL42bMSD+NDXYuDJoUlkCScNXb0C
gO884TZ+io0cIjGszV+DWxBMa/gHmL2O7JBQtRprk/dqQ4H3Xe9kBDK8AQuZgh9S
Hk/NGkZf0VXBJ6CNbJN6S/Ea9KNfUNrvkfZv6zURbsym
-----END CERTIFICATE-----
Generated at Mon Jun 9 10:46:31 2025 by rpki-client