Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/drVbk6ZNAxmB1dTeGX3EnX1Uy3g.roa
File:                     drVbk6ZNAxmB1dTeGX3EnX1Uy3g.roa (raw, json)
Hash identifier:          OfrfTrsFxqMh4pQVDL0dnBOYmz61IgvhQlqqkCqc528=
Subject key identifier:   76:B5:5B:93:A6:4D:03:19:81:D5:D4:DE:19:7D:C4:9D:7D:54:CB:78
Certificate issuer:       /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial:       0196F3E8AC91542099733AACEB0192806491
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/drVbk6ZNAxmB1dTeGX3EnX1Uy3g.roa
Signing time:             Wed 21 May 2025 17:33:54 +0000
ROA not before:           Wed 21 May 2025 17:33:54 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     203020
IP address blocks:        5.154.174.0/24 maxlen: 24
                          45.10.192.0/24 maxlen: 32
                          45.10.193.0/24 maxlen: 32
                          45.95.24.0/22 maxlen: 32
                          45.144.88.0/22 maxlen: 24
                          45.149.28.0/22 maxlen: 24
                          45.153.157.0/24 maxlen: 24
                          45.153.158.0/23 maxlen: 32
                          45.156.224.0/22 maxlen: 32
                          80.246.30.0/24 maxlen: 32
                          86.105.183.0/24 maxlen: 32
                          87.239.255.0/24 maxlen: 32
                          89.35.249.0/24 maxlen: 32
                          89.40.24.0/24 maxlen: 32
                          89.44.205.0/24 maxlen: 32
                          91.228.216.0/24 maxlen: 24
                          94.46.206.0/24 maxlen: 32
                          103.21.52.0/24 maxlen: 32
                          103.71.60.0/24 maxlen: 32
                          103.76.255.0/24 maxlen: 32
                          103.81.230.0/23 maxlen: 23
                          103.204.222.0/23 maxlen: 32
                          103.251.26.0/23 maxlen: 23
                          104.36.50.0/24 maxlen: 32
                          185.36.254.0/24 maxlen: 32
                          185.96.162.0/24 maxlen: 32
                          185.108.104.0/24 maxlen: 32
                          185.108.105.0/24 maxlen: 32
                          185.147.140.0/22 maxlen: 32
                          185.152.36.0/22 maxlen: 32
                          185.152.248.0/22 maxlen: 32
                          185.153.151.0/24 maxlen: 32
                          185.160.44.0/22 maxlen: 32
                          185.166.84.0/24 maxlen: 32
                          185.184.228.0/24 maxlen: 32
                          185.188.61.0/24 maxlen: 24
                          185.201.188.0/24 maxlen: 24
                          185.217.64.0/22 maxlen: 22
                          185.242.217.0/24 maxlen: 24
                          188.119.154.0/24 maxlen: 32
                          193.36.89.0/24 maxlen: 32
                          195.47.194.0/24 maxlen: 32
                          199.249.223.0/24 maxlen: 32
                          2a01:4740::/32 maxlen: 32
                          2a05:28c0::/29 maxlen: 32
                          2a05:f4c0::/29 maxlen: 29
                          2a06:3040::/29 maxlen: 48
                          2a06:46c0::/29 maxlen: 32
                          2a06:4a00::/29 maxlen: 32
                          2a06:5000::/29 maxlen: 32
                          2a06:5700::/29 maxlen: 32
                          2a06:df80::/29 maxlen: 29
                          2a06:e480::/29 maxlen: 29
                          2a07:4780::/29 maxlen: 29
                          2a07:9c80::/29 maxlen: 29
                          2a07:f2c0::/29 maxlen: 29
                          2a0a:3080::/29 maxlen: 29
                          2a0b:3f40::/29 maxlen: 29
                          2a0c:d8c0::/29 maxlen: 29
                          2a0c:ec40::/29 maxlen: 29
Validation:               Failed, certificate revoked on Wed 04 Jun 2025 07:59:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:f3:e8:ac:91:54:20:99:73:3a:ac:eb:01:92:80:64:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
        Validity
            Not Before: May 21 17:33:54 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=76b55b93a64d031981d5d4de197dc49d7d54cb78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:fd:91:47:9d:f6:c1:67:13:d5:73:60:c5:a0:
                    d0:69:d7:ab:19:f8:e7:ff:da:e8:33:97:fe:5b:98:
                    cf:51:65:65:ff:dc:f4:33:64:ed:36:e7:4f:fe:a9:
                    da:1c:10:50:fa:64:4a:df:6c:d0:dd:85:d1:41:78:
                    75:22:ee:c9:91:00:62:82:57:6e:59:c1:48:df:23:
                    72:36:af:02:2e:a6:1e:5b:0a:9e:3e:68:7d:73:49:
                    b1:16:e0:00:56:d4:c7:8b:db:28:7a:af:95:3a:2d:
                    4d:31:d1:62:61:a4:9e:c9:ba:5a:59:71:d9:df:19:
                    3a:be:0e:c3:d9:24:6f:70:f6:0e:01:6b:31:77:de:
                    c3:44:fb:01:32:c0:94:f0:d7:d3:86:d1:4a:d0:66:
                    8f:ee:e6:22:0e:3c:80:5f:06:c1:6e:05:79:c6:81:
                    69:83:a0:cb:6a:6f:60:9b:ce:0e:23:e5:b3:0c:f4:
                    b0:52:e5:3a:94:a5:44:1b:c7:33:94:42:ea:32:17:
                    d7:2c:28:95:a6:e4:0c:d8:d2:87:69:d0:71:c0:47:
                    85:15:52:01:4d:a6:bd:f5:ee:1e:d4:51:d8:0f:5e:
                    53:67:9a:75:f7:f0:e3:20:ad:1e:58:af:ae:79:a8:
                    b7:e4:8e:05:db:4a:48:2e:16:36:95:60:49:ab:58:
                    54:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:B5:5B:93:A6:4D:03:19:81:D5:D4:DE:19:7D:C4:9D:7D:54:CB:78
            X509v3 Authority Key Identifier:
                keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/drVbk6ZNAxmB1dTeGX3EnX1Uy3g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.154.174.0/24
                  45.10.192.0/23
                  45.95.24.0/22
                  45.144.88.0/22
                  45.149.28.0/22
                  45.153.157.0-45.153.159.255
                  45.156.224.0/22
                  80.246.30.0/24
                  86.105.183.0/24
                  87.239.255.0/24
                  89.35.249.0/24
                  89.40.24.0/24
                  89.44.205.0/24
                  91.228.216.0/24
                  94.46.206.0/24
                  103.21.52.0/24
                  103.71.60.0/24
                  103.76.255.0/24
                  103.81.230.0/23
                  103.204.222.0/23
                  103.251.26.0/23
                  104.36.50.0/24
                  185.36.254.0/24
                  185.96.162.0/24
                  185.108.104.0/23
                  185.147.140.0/22
                  185.152.36.0/22
                  185.152.248.0/22
                  185.153.151.0/24
                  185.160.44.0/22
                  185.166.84.0/24
                  185.184.228.0/24
                  185.188.61.0/24
                  185.201.188.0/24
                  185.217.64.0/22
                  185.242.217.0/24
                  188.119.154.0/24
                  193.36.89.0/24
                  195.47.194.0/24
                  199.249.223.0/24
                IPv6:
                  2a01:4740::/32
                  2a05:28c0::/29
                  2a05:f4c0::/29
                  2a06:3040::/29
                  2a06:46c0::/29
                  2a06:4a00::/29
                  2a06:5000::/29
                  2a06:5700::/29
                  2a06:df80::/29
                  2a06:e480::/29
                  2a07:4780::/29
                  2a07:9c80::/29
                  2a07:f2c0::/29
                  2a0a:3080::/29
                  2a0b:3f40::/29
                  2a0c:d8c0::/29
                  2a0c:ec40::/29

    Signature Algorithm: sha256WithRSAEncryption
         b4:3b:45:24:eb:18:a6:36:e9:69:f5:88:da:c1:96:14:33:7c:
         8d:93:57:94:bd:e9:60:7b:4b:63:8d:44:23:96:9c:c1:a6:37:
         bb:ce:57:e2:22:cb:a7:26:25:4e:d3:5b:17:c2:bc:c1:7e:81:
         b7:8a:fb:53:92:11:d1:29:e5:20:17:a6:cb:85:92:99:6b:18:
         51:64:bc:03:29:85:0f:3f:7e:06:3c:97:5f:ec:58:3d:67:d3:
         38:4f:19:7a:da:99:95:1a:e3:f8:16:72:a3:48:e0:96:54:6f:
         ed:aa:1a:22:88:4b:df:61:44:c2:63:06:40:79:85:12:30:93:
         a6:8f:56:7f:a6:3d:98:0b:00:33:49:f0:21:0f:b6:b8:b7:91:
         cb:84:64:ec:24:ce:31:df:67:9e:8f:83:19:87:be:73:43:0c:
         77:32:b0:e1:2f:39:62:2b:19:96:90:a9:bd:24:3e:7f:7a:07:
         f0:f3:32:13:54:50:e3:22:f5:73:a3:99:95:c0:50:73:8a:c0:
         4a:d0:97:d7:d0:99:a4:da:0f:08:34:9a:33:2e:eb:40:62:b5:
         23:b2:03:e9:f3:44:21:d6:58:b2:8e:44:24:b4:0d:27:03:94:
         5b:e0:fe:7c:08:e0:ca:a5:55:73:8e:d1:61:19:61:67:3a:3d:
         7a:56:cc:43
-----BEGIN CERTIFICATE-----
MIIGdjCCBV6gAwIBAgISAZbz6KyRVCCZczqs6wGSgGSRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjUwNTIxMTczMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmI1NWI5M2E2NGQwMzE5ODFkNWQ0ZGUxOTdkYzQ5ZDdkNTRjYjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyv2RR532wWcT1XNgxaDQaderGfjn
/9roM5f+W5jPUWVl/9z0M2TtNudP/qnaHBBQ+mRK32zQ3YXRQXh1Iu7JkQBigldu
WcFI3yNyNq8CLqYeWwqePmh9c0mxFuAAVtTHi9soeq+VOi1NMdFiYaSeybpaWXHZ
3xk6vg7D2SRvcPYOAWsxd97DRPsBMsCU8NfThtFK0GaP7uYiDjyAXwbBbgV5xoFp
g6DLam9gm84OI+WzDPSwUuU6lKVEG8czlELqMhfXLCiVpuQM2NKHadBxwEeFFVIB
Taa99e4e1FHYD15TZ5p19/DjIK0eWK+ueai35I4F20pILhY2lWBJq1hUewIDAQAB
o4IDgjCCA34wHQYDVR0OBBYEFHa1W5OmTQMZgdXU3hl9xJ19VMt4MB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvZHJWYms2Wk5BeG1CMWRUZUdYM0VuWDFVeTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBlgYIKwYBBQUHAQcBAf8EggGFMIIBgTCB/wQCAAEwgfgD
BAAFmq4DBAEtCsADBAItXxgDBAItkFgDBAItlRwwDAMEAC2ZnQMEBS2ZgAMEAi2c
4AMEAFD2HgMEAFZptwMEAFfv/wMEAFkj+QMEAFkoGAMEAFkszQMEAFvk2AMEAF4u
zgMEAGcVNAMEAGdHPAMEAGdM/wMEAWdR5gMEAWfM3gMEAWf7GgMEAGgkMgMEALkk
/gMEALlgogMEAblsaAMEArmTjAMEArmYJAMEArmY+AMEALmZlwMEArmgLAMEALmm
VAMEALm45AMEALm8PQMEALnJvAMEArnZQAMEALny2QMEALx3mgMEAMEkWQMEAMMv
wgMEAMf53zB9BAIAAjB3AwUAKgFHQAMFAyoFKMADBQMqBfTAAwUDKgYwQAMFAyoG
RsADBQMqBkoAAwUDKgZQAAMFAyoGVwADBQMqBt+AAwUDKgbkgAMFAyoHR4ADBQMq
B5yAAwUDKgfywAMFAyoKMIADBQMqCz9AAwUDKgzYwAMFAyoM7EAwDQYJKoZIhvcN
AQELBQADggEBALQ7RSTrGKY26Wn1iNrBlhQzfI2TV5S96WB7S2ONRCOWnMGmN7vO
V+Iiy6cmJU7TWxfCvMF+gbeK+1OSEdEp5SAXpsuFkplrGFFkvAMphQ8/fgY8l1/s
WD1n0zhPGXramZUa4/gWcqNI4JZUb+2qGiKIS99hRMJjBkB5hRIwk6aPVn+mPZgL
ADNJ8CEPtri3kcuEZOwkzjHfZ56PgxmHvnNDDHcysOEvOWIrGZaQqb0kPn96B/Dz
MhNUUOMi9XOjmZXAUHOKwErQl9fQmaTaDwg0mjMu60BitSOyA+nzRCHWWLKORCS0
DScDlFvg/nwI4MqlVXOO0WEZYWc6PXpWzEM=
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:23:18 2025 by rpki-client