Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/QE_vE61F7vV1qzwEPFcIKyUqi98.roa
File:                     QE_vE61F7vV1qzwEPFcIKyUqi98.roa (raw, json)
Hash identifier:          xg4mV+ecMdtqf2lhdGJ7aGVEWYnaVRfQbsJEcjkr5kM=
Subject key identifier:   40:4F:EF:13:AD:45:EE:F5:75:AB:3C:04:3C:57:08:2B:25:2A:8B:DF
Certificate issuer:       /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial:       0196D8E541FFB67F4AE275C0C1188969932B
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/QE_vE61F7vV1qzwEPFcIKyUqi98.roa
Signing time:             Fri 16 May 2025 11:40:25 +0000
ROA not before:           Fri 16 May 2025 11:40:25 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     203020
IP address blocks:        5.154.174.0/24 maxlen: 24
                          45.10.192.0/24 maxlen: 32
                          45.10.193.0/24 maxlen: 32
                          45.95.24.0/22 maxlen: 32
                          45.144.88.0/22 maxlen: 24
                          45.149.28.0/22 maxlen: 24
                          45.153.157.0/24 maxlen: 24
                          45.153.158.0/23 maxlen: 32
                          45.156.224.0/22 maxlen: 32
                          80.246.30.0/24 maxlen: 32
                          86.105.183.0/24 maxlen: 32
                          87.239.255.0/24 maxlen: 32
                          89.35.249.0/24 maxlen: 32
                          89.40.24.0/24 maxlen: 32
                          89.44.205.0/24 maxlen: 32
                          91.228.216.0/24 maxlen: 24
                          94.46.206.0/24 maxlen: 32
                          103.21.52.0/24 maxlen: 32
                          103.71.60.0/24 maxlen: 32
                          103.81.230.0/23 maxlen: 23
                          103.204.222.0/23 maxlen: 32
                          103.251.26.0/23 maxlen: 23
                          104.36.50.0/24 maxlen: 32
                          185.36.254.0/24 maxlen: 32
                          185.96.162.0/24 maxlen: 32
                          185.108.104.0/24 maxlen: 32
                          185.108.105.0/24 maxlen: 32
                          185.147.140.0/22 maxlen: 32
                          185.152.36.0/22 maxlen: 32
                          185.152.248.0/22 maxlen: 32
                          185.153.151.0/24 maxlen: 32
                          185.160.44.0/22 maxlen: 32
                          185.166.84.0/24 maxlen: 32
                          185.184.228.0/24 maxlen: 32
                          185.188.61.0/24 maxlen: 24
                          185.201.188.0/24 maxlen: 24
                          185.217.64.0/22 maxlen: 22
                          185.242.217.0/24 maxlen: 24
                          188.119.154.0/24 maxlen: 32
                          193.36.89.0/24 maxlen: 32
                          195.47.194.0/24 maxlen: 32
                          199.249.223.0/24 maxlen: 32
                          2a01:4740::/32 maxlen: 32
                          2a05:28c0::/29 maxlen: 32
                          2a05:f4c0::/29 maxlen: 29
                          2a06:3040::/29 maxlen: 48
                          2a06:46c0::/29 maxlen: 32
                          2a06:4a00::/29 maxlen: 32
                          2a06:5000::/29 maxlen: 32
                          2a06:5700::/29 maxlen: 32
                          2a06:df80::/29 maxlen: 29
                          2a06:e480::/29 maxlen: 29
                          2a07:4780::/29 maxlen: 29
                          2a07:9c80::/29 maxlen: 29
                          2a07:f2c0::/29 maxlen: 29
                          2a0a:3080::/29 maxlen: 29
                          2a0b:3f40::/29 maxlen: 29
                          2a0c:d8c0::/29 maxlen: 29
                          2a0c:ec40::/29 maxlen: 29
Validation:               Failed, certificate revoked on Wed 21 May 2025 17:33:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:d8:e5:41:ff:b6:7f:4a:e2:75:c0:c1:18:89:69:93:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
        Validity
            Not Before: May 16 11:40:25 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=404fef13ad45eef575ab3c043c57082b252a8bdf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:33:87:2b:c8:d0:57:74:98:d2:47:25:19:f3:
                    fc:23:87:8b:72:e5:03:41:1c:cc:18:09:48:96:46:
                    ae:f8:e9:a3:fa:2e:d7:f9:83:3c:25:77:4c:23:5a:
                    49:2b:29:ae:26:7c:dc:53:73:4e:b1:57:f7:8c:a8:
                    41:fb:8d:02:26:ee:ab:87:f5:be:14:ba:bf:00:57:
                    6f:86:c3:56:78:3d:f8:43:ed:3a:18:fa:41:0e:9b:
                    a2:2e:7a:ec:f6:1d:d6:48:14:89:b6:f6:d0:20:45:
                    c1:f9:37:26:f0:d4:62:f9:00:90:af:06:6b:76:63:
                    e7:e4:5b:a6:1c:e8:97:84:0a:c0:9e:19:1c:32:1d:
                    cc:75:e4:06:48:6c:bc:35:79:a9:d3:d4:f1:8b:6b:
                    82:da:80:df:e9:b1:26:d2:8b:e3:65:31:07:95:96:
                    35:f3:63:5e:4a:ef:b7:56:a5:ea:06:47:c1:99:ae:
                    34:85:29:68:85:06:78:63:59:43:55:d2:0c:d5:9f:
                    57:a7:36:2e:a5:18:ca:66:de:ec:a4:dc:68:39:f3:
                    62:53:5c:66:31:0f:69:df:0f:20:21:f2:25:3a:e5:
                    36:9f:c0:3d:ed:8d:5d:54:20:0f:b5:cb:aa:d5:f5:
                    65:36:d5:30:2c:40:b0:95:ba:a2:21:b1:b0:79:e5:
                    b5:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:4F:EF:13:AD:45:EE:F5:75:AB:3C:04:3C:57:08:2B:25:2A:8B:DF
            X509v3 Authority Key Identifier:
                keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/QE_vE61F7vV1qzwEPFcIKyUqi98.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.154.174.0/24
                  45.10.192.0/23
                  45.95.24.0/22
                  45.144.88.0/22
                  45.149.28.0/22
                  45.153.157.0-45.153.159.255
                  45.156.224.0/22
                  80.246.30.0/24
                  86.105.183.0/24
                  87.239.255.0/24
                  89.35.249.0/24
                  89.40.24.0/24
                  89.44.205.0/24
                  91.228.216.0/24
                  94.46.206.0/24
                  103.21.52.0/24
                  103.71.60.0/24
                  103.81.230.0/23
                  103.204.222.0/23
                  103.251.26.0/23
                  104.36.50.0/24
                  185.36.254.0/24
                  185.96.162.0/24
                  185.108.104.0/23
                  185.147.140.0/22
                  185.152.36.0/22
                  185.152.248.0/22
                  185.153.151.0/24
                  185.160.44.0/22
                  185.166.84.0/24
                  185.184.228.0/24
                  185.188.61.0/24
                  185.201.188.0/24
                  185.217.64.0/22
                  185.242.217.0/24
                  188.119.154.0/24
                  193.36.89.0/24
                  195.47.194.0/24
                  199.249.223.0/24
                IPv6:
                  2a01:4740::/32
                  2a05:28c0::/29
                  2a05:f4c0::/29
                  2a06:3040::/29
                  2a06:46c0::/29
                  2a06:4a00::/29
                  2a06:5000::/29
                  2a06:5700::/29
                  2a06:df80::/29
                  2a06:e480::/29
                  2a07:4780::/29
                  2a07:9c80::/29
                  2a07:f2c0::/29
                  2a0a:3080::/29
                  2a0b:3f40::/29
                  2a0c:d8c0::/29
                  2a0c:ec40::/29

    Signature Algorithm: sha256WithRSAEncryption
         6c:45:cd:13:e7:22:a4:33:f8:b6:5c:07:1a:8e:59:7e:56:1b:
         c5:3e:86:eb:75:ef:6f:2f:e1:ce:88:5c:0a:81:58:b1:7a:6a:
         ef:f9:82:46:8d:cc:b2:b3:a8:68:f1:ae:6e:e4:5a:39:c3:6e:
         71:0d:94:84:01:f4:31:ec:84:1f:91:66:6d:77:5e:38:61:8b:
         63:67:a9:f2:87:df:d4:a6:88:0f:b5:4c:b1:44:e1:58:c7:23:
         67:4b:cb:aa:13:bb:73:bf:07:b7:86:9d:e8:d9:7a:d8:56:45:
         6b:9d:57:32:20:75:75:03:6a:d5:79:a3:1d:43:04:c3:f7:f3:
         ef:9c:5b:2a:a5:19:9a:f6:52:1c:f9:6b:50:63:3d:02:c9:29:
         ce:bf:64:de:28:64:56:b2:21:de:26:f9:41:0d:94:39:b6:8c:
         1f:28:c4:29:17:56:b2:58:6a:06:33:c9:eb:7b:b2:8c:22:db:
         e0:77:23:a4:14:7c:ea:54:99:08:83:21:3f:89:79:71:78:0e:
         09:43:6f:76:8b:18:4d:3d:4f:96:c3:b7:d2:d2:ed:13:1d:be:
         93:ba:03:5b:05:e5:60:a3:bf:ab:d2:8c:5f:05:bb:de:91:c2:
         f7:fd:71:66:82:86:41:0c:b9:6e:8c:95:d1:1e:2e:31:9e:b3:
         35:1c:14:c5
-----BEGIN CERTIFICATE-----
MIIGcDCCBVigAwIBAgISAZbY5UH/tn9K4nXAwRiJaZMrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjUwNTE2MTE0MDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDRmZWYxM2FkNDVlZWY1NzVhYjNjMDQzYzU3MDgyYjI1MmE4YmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTOHK8jQV3SY0kclGfP8I4eLcuUD
QRzMGAlIlkau+Omj+i7X+YM8JXdMI1pJKymuJnzcU3NOsVf3jKhB+40CJu6rh/W+
FLq/AFdvhsNWeD34Q+06GPpBDpuiLnrs9h3WSBSJtvbQIEXB+Tcm8NRi+QCQrwZr
dmPn5FumHOiXhArAnhkcMh3MdeQGSGy8NXmp09Txi2uC2oDf6bEm0ovjZTEHlZY1
82NeSu+3VqXqBkfBma40hSlohQZ4Y1lDVdIM1Z9XpzYupRjKZt7spNxoOfNiU1xm
MQ9p3w8gIfIlOuU2n8A97Y1dVCAPtcuq1fVlNtUwLECwlbqiIbGweeW1NwIDAQAB
o4IDfDCCA3gwHQYDVR0OBBYEFEBP7xOtRe71das8BDxXCCslKovfMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvUUVfdkU2MUY3dlYxcXp3RVBGY0lLeVVxaTk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBkAYIKwYBBQUHAQcBAf8EggF/MIIBezCB+QQCAAEwgfID
BAAFmq4DBAEtCsADBAItXxgDBAItkFgDBAItlRwwDAMEAC2ZnQMEBS2ZgAMEAi2c
4AMEAFD2HgMEAFZptwMEAFfv/wMEAFkj+QMEAFkoGAMEAFkszQMEAFvk2AMEAF4u
zgMEAGcVNAMEAGdHPAMEAWdR5gMEAWfM3gMEAWf7GgMEAGgkMgMEALkk/gMEALlg
ogMEAblsaAMEArmTjAMEArmYJAMEArmY+AMEALmZlwMEArmgLAMEALmmVAMEALm4
5AMEALm8PQMEALnJvAMEArnZQAMEALny2QMEALx3mgMEAMEkWQMEAMMvwgMEAMf5
3zB9BAIAAjB3AwUAKgFHQAMFAyoFKMADBQMqBfTAAwUDKgYwQAMFAyoGRsADBQMq
BkoAAwUDKgZQAAMFAyoGVwADBQMqBt+AAwUDKgbkgAMFAyoHR4ADBQMqB5yAAwUD
KgfywAMFAyoKMIADBQMqCz9AAwUDKgzYwAMFAyoM7EAwDQYJKoZIhvcNAQELBQAD
ggEBAGxFzRPnIqQz+LZcBxqOWX5WG8U+hut1728v4c6IXAqBWLF6au/5gkaNzLKz
qGjxrm7kWjnDbnENlIQB9DHshB+RZm13Xjhhi2NnqfKH39SmiA+1TLFE4VjHI2dL
y6oTu3O/B7eGnejZethWRWudVzIgdXUDatV5ox1DBMP38++cWyqlGZr2Uhz5a1Bj
PQLJKc6/ZN4oZFayId4m+UENlDm2jB8oxCkXVrJYagYzyet7sowi2+B3I6QUfOpU
mQiDIT+JeXF4DglDb3aLGE09T5bDt9LS7RMdvpO6A1sF5WCjv6vSjF8Fu96Rwvf9
cWaChkEMuW6MldEeLjGeszUcFMU=
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:49:23 2025 by rpki-client