Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/LseVbZvSEkrzRzJvuVEGVXTH49w.roa
File:                     LseVbZvSEkrzRzJvuVEGVXTH49w.roa (raw, json)
Hash identifier:          b/jkmoWZt/bEFdNkMjw1DGhoVFZoEVG+beBH+X7/r/Q=
Subject key identifier:   2E:C7:95:6D:9B:D2:12:4A:F3:47:32:6F:B9:51:06:55:74:C7:E3:DC
Certificate issuer:       /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Certificate serial:       0194987DC42947C6696AF9C9BC98EA00F360
Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/LseVbZvSEkrzRzJvuVEGVXTH49w.roa
Signing time:             Fri 24 Jan 2025 13:26:06 +0000
ROA not before:           Fri 24 Jan 2025 13:26:06 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     42894
IP address blocks:        131.237.0.0/16 maxlen: 24
                          131.237.0.0/24 maxlen: 24
                          131.237.1.0/24 maxlen: 24
                          131.237.8.0/24 maxlen: 24
                          131.237.32.0/24 maxlen: 24
                          131.237.70.0/24 maxlen: 24
                          131.237.71.0/24 maxlen: 24
                          131.237.72.0/24 maxlen: 24
                          131.237.73.0/24 maxlen: 24
                          131.237.74.0/24 maxlen: 24
                          131.237.77.0/24 maxlen: 24
                          131.237.78.0/24 maxlen: 24
                          131.237.83.0/24 maxlen: 24
                          131.237.84.0/24 maxlen: 24
                          131.237.96.0/24 maxlen: 24
                          131.237.120.0/24 maxlen: 24
                          131.237.121.0/24 maxlen: 24
                          131.237.163.0/24 maxlen: 24
                          145.31.0.0/16 maxlen: 24
                          145.45.0.0/17 maxlen: 24
                          145.45.0.0/24 maxlen: 24
                          145.45.48.0/24 maxlen: 24
                          145.45.110.0/24 maxlen: 24
                          145.50.0.0/16 maxlen: 24
                          145.50.37.0/24 maxlen: 24
                          145.50.39.0/24 maxlen: 24
                          145.50.105.0/24 maxlen: 24
                          145.50.233.0/24 maxlen: 24
                          194.104.116.0/22 maxlen: 24
                          2a13:e080::/32 maxlen: 48
Validation:               Failed, certificate revoked on Wed 29 Jan 2025 09:54:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:98:7d:c4:29:47:c6:69:6a:f9:c9:bc:98:ea:00:f3:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
        Validity
            Not Before: Jan 24 13:26:06 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=2ec7956d9bd2124af347326fb951065574c7e3dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:de:5b:8d:a3:35:42:ba:a6:3d:46:10:34:6e:
                    03:3a:3a:54:9a:c5:69:2c:c5:09:6d:c0:d1:7f:45:
                    4f:35:62:d7:40:46:8d:20:60:c4:18:1a:82:f7:4a:
                    a3:d6:25:be:14:0b:56:a9:fd:74:f3:37:47:da:f8:
                    34:f4:4d:52:9e:c2:c8:a8:93:e9:a1:a6:a7:65:c8:
                    5e:9c:23:1d:39:1d:7a:05:d9:c0:c9:65:1d:63:73:
                    ee:b9:21:c2:17:c5:35:e6:da:fd:e9:68:a6:18:e1:
                    d0:49:2b:da:e2:44:e8:82:e7:fb:7c:24:bd:90:a9:
                    2c:cc:fb:d3:61:63:f7:0a:02:4a:8b:ee:93:53:38:
                    ca:6e:47:5a:7d:2f:51:cf:c8:00:cb:53:f7:81:7f:
                    ee:19:2d:f4:ab:57:47:bb:f0:56:0c:e8:fe:c4:62:
                    2e:d9:88:af:fd:ab:fc:59:d7:33:d9:c5:0a:83:ea:
                    35:20:e4:a7:55:be:41:85:be:00:b1:d8:f8:d5:57:
                    d2:a0:d2:9e:c5:3b:da:cf:bb:ce:74:49:2c:7e:5a:
                    c2:af:c2:22:ee:9c:32:46:80:01:f6:42:dd:0b:08:
                    26:a9:da:af:29:73:58:53:44:6d:ec:1d:7f:2f:cd:
                    22:ba:06:7d:c2:5c:d4:78:e3:8a:88:11:19:52:62:
                    96:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:C7:95:6D:9B:D2:12:4A:F3:47:32:6F:B9:51:06:55:74:C7:E3:DC
            X509v3 Authority Key Identifier:
                keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/LseVbZvSEkrzRzJvuVEGVXTH49w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.237.0.0/16
                  145.31.0.0/16
                  145.45.0.0/17
                  145.50.0.0/16
                  194.104.116.0/22
                IPv6:
                  2a13:e080::/32

    Signature Algorithm: sha256WithRSAEncryption
         6c:c4:a2:e0:c6:e9:64:2a:39:68:33:ed:2b:e0:6e:87:ce:82:
         2e:c1:fb:e7:2b:00:1f:6c:ee:3b:f3:4c:82:d2:d8:57:b6:2d:
         b7:96:b7:d6:40:0d:47:93:21:63:c2:8f:a0:7a:7a:23:7e:8a:
         2f:83:b2:4e:1a:46:bb:2b:6a:a8:96:57:94:ed:3e:49:30:89:
         9c:07:fc:04:d1:07:24:3e:3a:90:3b:1a:ab:5f:7d:67:2f:b7:
         c6:9a:c2:28:10:9a:2d:a5:8f:9f:28:dd:df:ea:e4:34:7d:23:
         c9:af:77:dc:21:92:4f:71:88:ae:5a:e6:30:7a:da:5c:63:59:
         4a:84:e6:d6:6d:e4:d4:d3:90:ca:2e:2b:ec:4d:85:d5:8b:9c:
         f8:44:3f:c4:d2:2d:4d:e0:5c:73:d3:27:b7:8b:c5:0d:43:89:
         c1:1d:ac:f6:c9:14:ca:57:12:61:86:f3:d5:56:91:0a:76:cc:
         c3:49:69:8a:08:2f:6c:cb:c5:84:00:b8:19:f5:84:f4:f9:a7:
         82:2f:0a:59:2f:80:ed:0e:0b:67:9f:12:db:0e:b6:b9:51:74:
         a3:af:dd:6c:f9:2c:8e:53:de:d4:4b:0e:e3:91:2e:22:30:e7:
         93:cb:b4:3c:83:5e:da:f9:0b:c9:e0:13:7e:c4:67:ad:44:94:
         96:c0:62:69
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZSYfcQpR8ZpavnJvJjqAPNgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDY5ZTE5ZTEyYzEwNDAwNGU4YjRiNzVmOGE3Nzg5Yjdl
MTEzOTYwHhcNMjUwMTI0MTMyNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWM3OTU2ZDliZDIxMjRhZjM0NzMyNmZiOTUxMDY1NTc0YzdlM2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtd5bjaM1QrqmPUYQNG4DOjpUmsVp
LMUJbcDRf0VPNWLXQEaNIGDEGBqC90qj1iW+FAtWqf108zdH2vg09E1SnsLIqJPp
oaanZchenCMdOR16BdnAyWUdY3PuuSHCF8U15tr96WimGOHQSSva4kToguf7fCS9
kKkszPvTYWP3CgJKi+6TUzjKbkdafS9Rz8gAy1P3gX/uGS30q1dHu/BWDOj+xGIu
2Yiv/av8Wdcz2cUKg+o1IOSnVb5Bhb4Asdj41VfSoNKexTvaz7vOdEksflrCr8Ii
7pwyRoAB9kLdCwgmqdqvKXNYU0Rt7B1/L80iugZ9wlzUeOOKiBEZUmKWdQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFC7HlW2b0hJK80cyb7lRBlV0x+PcMB8GA1UdIwQY
MBaAFG0GnhnhLBBABOi0t1+Kd4m34ROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmIt
N2JmZjI5NmM2YjAyLzEvTHNlVmJadlNFa3J6UnpKdnVWRUdWWFRINDl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmItN2JmZjI5NmM2YjAy
LzEvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAhBAIAATAbAwMAg+0DAwCR
HwMEB5EtAAMDAJEyAwQCwmh0MA0EAgACMAcDBQAqE+CAMA0GCSqGSIb3DQEBCwUA
A4IBAQBsxKLgxulkKjloM+0r4G6HzoIuwfvnKwAfbO4780yC0thXti23lrfWQA1H
kyFjwo+genojfoovg7JOGka7K2qolleU7T5JMImcB/wE0QckPjqQOxqrX31nL7fG
msIoEJotpY+fKN3f6uQ0fSPJr3fcIZJPcYiuWuYwetpcY1lKhObWbeTU05DKLivs
TYXVi5z4RD/E0i1N4Fxz0ye3i8UNQ4nBHaz2yRTKVxJhhvPVVpEKdszDSWmKCC9s
y8WEALgZ9YT0+aeCLwpZL4DtDgtnnxLbDra5UXSjr91s+SyOU97USw7jkS4iMOeT
y7Q8g17a+QvJ4BN+xGetRJSWwGJp
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:57:23 2025 by rpki-client