Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Y4ACuZCLOlsnheV7pt8ZFSmIF4s.roa
File:                     Y4ACuZCLOlsnheV7pt8ZFSmIF4s.roa (raw, json)
Hash identifier:          QZIOndgJiUMM11EjJtyg6vxO6VNZECcvykSpmAsviu8=
Subject key identifier:   63:80:02:B9:90:8B:3A:5B:27:85:E5:7B:A6:DF:19:15:29:88:17:8B
Certificate issuer:       /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial:       0196737A82AACFE82C401F258C89ECF2A495
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Y4ACuZCLOlsnheV7pt8ZFSmIF4s.roa
Signing time:             Sat 26 Apr 2025 19:02:10 +0000
ROA not before:           Sat 26 Apr 2025 19:02:10 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     19318
IP address blocks:        5.231.106.0/24 maxlen: 24
                          5.231.107.0/24 maxlen: 24
                          5.231.108.0/24 maxlen: 24
                          5.231.109.0/24 maxlen: 24
                          5.231.110.0/24 maxlen: 24
                          5.231.116.0/24 maxlen: 24
                          5.231.117.0/24 maxlen: 24
                          5.231.118.0/24 maxlen: 24
                          5.231.119.0/24 maxlen: 24
                          5.231.120.0/24 maxlen: 24
                          5.231.121.0/24 maxlen: 24
                          5.231.122.0/24 maxlen: 24
                          5.231.123.0/24 maxlen: 24
                          89.144.34.0/24 maxlen: 24
                          94.103.166.0/24 maxlen: 24
                          94.103.172.0/24 maxlen: 24
                          94.103.173.0/24 maxlen: 24
                          94.103.174.0/24 maxlen: 24
                          94.249.197.0/24 maxlen: 24
                          94.249.198.0/24 maxlen: 24
                          94.249.199.0/24 maxlen: 24
                          94.249.200.0/24 maxlen: 24
                          94.249.201.0/24 maxlen: 24
                          94.249.202.0/24 maxlen: 24
                          94.249.203.0/24 maxlen: 24
                          94.249.204.0/24 maxlen: 24
                          94.249.205.0/24 maxlen: 24
                          94.249.206.0/24 maxlen: 24
                          94.249.225.0/24 maxlen: 24
                          94.249.226.0/24 maxlen: 24
                          94.249.227.0/24 maxlen: 24
                          94.249.228.0/24 maxlen: 24
                          94.249.229.0/24 maxlen: 24
                          94.249.230.0/24 maxlen: 24
                          178.18.147.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Wed 30 Apr 2025 22:17:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:73:7a:82:aa:cf:e8:2c:40:1f:25:8c:89:ec:f2:a4:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
        Validity
            Not Before: Apr 26 19:02:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=638002b9908b3a5b2785e57ba6df19152988178b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:5c:bf:00:7d:87:2a:e4:2d:69:a9:5c:d5:5a:
                    9b:d4:23:77:a1:c6:ba:66:f7:18:cc:76:4c:6d:ba:
                    30:d0:5f:b4:e0:70:72:f1:d7:ab:12:df:46:f3:ad:
                    60:e1:8a:ee:44:b9:8a:41:bc:f8:1d:7d:5d:19:ee:
                    c4:7b:5d:00:e2:0e:27:70:a0:93:80:da:e3:1b:98:
                    97:2b:98:78:df:6a:af:81:02:db:5c:11:c5:61:4f:
                    4c:8d:c3:51:77:c3:66:1f:4e:53:17:99:27:9c:40:
                    ae:90:e2:5b:b1:7b:9c:bb:e7:49:d4:69:43:37:8a:
                    55:e9:dd:18:f8:26:89:e7:75:b1:11:82:15:d3:ef:
                    c1:e7:c3:01:8e:09:2f:40:da:35:48:fc:a5:ae:a4:
                    59:10:c1:41:18:be:ac:8b:37:50:20:a4:9a:31:20:
                    ba:dd:ea:4d:68:d5:b6:6d:ce:17:d9:9e:65:b7:0c:
                    a7:6f:22:10:71:38:3f:ac:ad:10:ee:c5:44:c1:98:
                    65:ef:97:83:54:a3:66:42:90:56:b2:cb:8f:de:08:
                    b9:bf:8b:c0:fc:ad:e3:e9:d5:3d:e4:de:09:d1:c3:
                    49:46:ea:a7:7f:4e:89:2f:47:4e:f5:79:74:0f:cb:
                    eb:84:ee:50:42:48:58:a0:80:c2:dc:ea:d2:09:88:
                    10:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:80:02:B9:90:8B:3A:5B:27:85:E5:7B:A6:DF:19:15:29:88:17:8B
            X509v3 Authority Key Identifier:
                keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Y4ACuZCLOlsnheV7pt8ZFSmIF4s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.231.106.0-5.231.110.255
                  5.231.116.0-5.231.123.255
                  89.144.34.0/24
                  94.103.166.0/24
                  94.103.172.0-94.103.174.255
                  94.249.197.0-94.249.206.255
                  94.249.225.0-94.249.230.255
                  178.18.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:01:98:8e:d3:e3:5e:e3:4f:d3:72:8b:2f:b0:85:87:41:b7:
         d3:8e:61:9d:e5:08:7d:f4:84:06:34:3c:e0:02:a6:fb:e4:86:
         f6:2b:18:ee:ea:95:31:d7:39:39:dc:cc:e1:ed:34:6c:68:46:
         67:b9:16:a8:86:aa:27:f1:d6:0b:75:c3:ee:d3:4b:19:0d:ea:
         08:09:b2:ef:ad:e4:62:10:59:0b:d1:4f:c0:60:21:5f:c4:ec:
         47:66:1f:3e:cf:7f:38:89:00:cc:2a:e4:ad:d2:f6:f7:85:35:
         26:0d:d4:c6:be:34:67:11:88:44:1d:55:7f:eb:5a:f1:12:60:
         7e:c4:a4:b0:f5:90:ea:c6:f1:5e:3a:82:34:c8:a3:7b:05:74:
         a0:5a:c6:82:7a:97:48:76:1e:9d:5e:23:cb:82:1f:fe:e1:56:
         3c:2a:1a:92:ef:de:4d:1f:ad:f4:ca:63:0d:f4:9d:fc:90:36:
         6e:69:2d:39:0d:5c:6f:50:a7:69:98:f1:bb:19:cb:73:a7:bd:
         c3:a3:54:75:c4:7a:37:1a:1f:e6:0d:54:d2:17:c6:f9:ec:2d:
         40:e5:39:50:14:fa:4f:52:d7:62:16:b4:65:10:fc:05:42:39:
         5d:d8:76:9a:df:ad:43:e7:3a:7c:6d:08:3f:74:39:d9:1c:fe:
         b8:dc:c3:e4
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZZzeoKqz+gsQB8ljIns8qSVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDI2MTkwMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzgwMDJiOTkwOGIzYTViMjc4NWU1N2JhNmRmMTkxNTI5ODgxNzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ly/AH2HKuQtaalc1Vqb1CN3oca6
ZvcYzHZMbbow0F+04HBy8derEt9G861g4YruRLmKQbz4HX1dGe7Ee10A4g4ncKCT
gNrjG5iXK5h432qvgQLbXBHFYU9MjcNRd8NmH05TF5knnECukOJbsXucu+dJ1GlD
N4pV6d0Y+CaJ53WxEYIV0+/B58MBjgkvQNo1SPylrqRZEMFBGL6sizdQIKSaMSC6
3epNaNW2bc4X2Z5ltwynbyIQcTg/rK0Q7sVEwZhl75eDVKNmQpBWssuP3gi5v4vA
/K3j6dU95N4J0cNJRuqnf06JL0dO9Xl0D8vrhO5QQkhYoIDC3OrSCYgQqwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFGOAArmQizpbJ4Xle6bfGRUpiBeLMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvWTRBQ3VaQ0xPbHNuaGVWN3B0OFpGU21JRjRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYMAwDBAEF52oD
BAAF524wDAMEAgXndAMEAgXneAMEAFmQIgMEAF5npjAMAwQCXmesAwQAXmeuMAwD
BABe+cUDBABe+c4wDAMEAF754QMEAF755gMEALISkzANBgkqhkiG9w0BAQsFAAOC
AQEAoQGYjtPjXuNP03KLL7CFh0G3045hneUIffSEBjQ84AKm++SG9isY7uqVMdc5
OdzM4e00bGhGZ7kWqIaqJ/HWC3XD7tNLGQ3qCAmy763kYhBZC9FPwGAhX8TsR2Yf
Ps9/OIkAzCrkrdL294U1Jg3Uxr40ZxGIRB1Vf+ta8RJgfsSksPWQ6sbxXjqCNMij
ewV0oFrGgnqXSHYenV4jy4If/uFWPCoaku/eTR+t9MpjDfSd/JA2bmktOQ1cb1Cn
aZjxuxnLc6e9w6NUdcR6Nxof5g1U0hfG+ewtQOU5UBT6T1LXYha0ZRD8BUI5Xdh2
mt+tQ+c6fG0IP3Q52Rz+uNzD5A==
-----END CERTIFICATE-----
Generated at Mon Jun 16 23:07:32 2025 by rpki-client