Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/36715a-32fc-4e9f-a577-5ac74dba17b8/1/xr4d2KRqaSORd9gNT0SiLvGUuT0.roa
File:                     xr4d2KRqaSORd9gNT0SiLvGUuT0.roa (raw, json)
Hash identifier:          r9KO6O5TKVnZsbwhwZ1HSdbx7eSNuIHGj8mj18sqUYo=
Subject key identifier:   C6:BE:1D:D8:A4:6A:69:23:91:77:D8:0D:4F:44:A2:2E:F1:94:B9:3D
Certificate issuer:       /CN=456ecb3be1065e1e71589508bec6d74b5a7b1ed7
Certificate serial:       018CC6B92A2F945E7865B03E144BC86016DA
Authority key identifier: 45:6E:CB:3B:E1:06:5E:1E:71:58:95:08:BE:C6:D7:4B:5A:7B:1E:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RW7LO-EGXh5xWJUIvsbXS1p7Htc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/36715a-32fc-4e9f-a577-5ac74dba17b8/1/xr4d2KRqaSORd9gNT0SiLvGUuT0.roa
Signing time:             Mon 01 Jan 2024 20:31:12 +0000
ROA not before:           Mon 01 Jan 2024 20:31:12 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     196921
IP address blocks:        94.187.165.0/24 maxlen: 24
                          94.187.166.0/24 maxlen: 24
                          94.187.168.0/22 maxlen: 22
                          94.187.168.0/21 maxlen: 21
                          94.187.167.0/24 maxlen: 24
                          94.187.172.0/24 maxlen: 24
                          94.187.171.0/24 maxlen: 24
                          94.187.179.0/24 maxlen: 24
                          94.187.178.0/24 maxlen: 24
                          94.187.173.0/24 maxlen: 24
                          94.187.176.0/24 maxlen: 24
                          94.187.177.0/24 maxlen: 24
                          94.187.174.0/24 maxlen: 24
                          94.187.176.0/21 maxlen: 21
                          94.187.175.0/24 maxlen: 24
                          94.187.180.0/24 maxlen: 24
                          94.187.183.0/24 maxlen: 24
                          94.187.184.0/23 maxlen: 23
                          94.187.181.0/24 maxlen: 24
                          94.187.182.0/24 maxlen: 24
                          94.187.184.0/21 maxlen: 21
                          94.187.191.0/24 maxlen: 24
                          94.187.187.0/24 maxlen: 24
                          94.187.190.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Thu 02 Jan 2025 13:50:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b9:2a:2f:94:5e:78:65:b0:3e:14:4b:c8:60:16:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=456ecb3be1065e1e71589508bec6d74b5a7b1ed7
        Validity
            Not Before: Jan  1 20:31:12 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c6be1dd8a46a69239177d80d4f44a22ef194b93d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:11:f8:f3:91:cd:e1:4e:07:51:b7:db:a1:3d:
                    2b:73:e9:9d:67:c7:bb:f6:85:73:e9:33:3a:c0:cd:
                    18:fa:37:68:11:59:e4:f4:e0:e2:fc:be:0c:9b:57:
                    e0:3a:08:bc:3e:8d:7a:7c:51:13:54:ac:8a:c7:0f:
                    47:17:54:80:67:6f:4e:1e:b0:48:8d:46:fd:18:83:
                    f9:74:c0:ac:c5:47:cf:fa:e8:a4:6a:71:3a:44:50:
                    48:43:91:70:aa:03:10:41:39:26:3e:4a:49:02:bc:
                    a4:4c:8b:b7:ea:bf:7c:6c:e7:8a:fe:10:c5:2f:e0:
                    c9:33:31:58:33:95:4c:77:47:62:e2:4c:3b:e0:a9:
                    24:f9:4f:7e:dd:3a:ea:7a:e1:2e:34:14:fa:6d:87:
                    3b:55:a5:b1:95:c8:8e:a3:0b:35:55:bc:8a:e4:95:
                    da:7a:86:f5:67:08:7f:25:fb:15:09:95:c2:3d:79:
                    49:e8:77:f1:1c:3e:eb:c0:e9:3b:93:df:89:1e:a0:
                    87:22:09:49:64:bb:bd:3e:4d:5a:b1:d0:5f:fd:68:
                    09:9d:66:3d:4a:49:94:60:d6:59:73:d3:3d:03:e9:
                    d5:84:c1:ff:80:aa:7b:ad:ba:b3:ff:d5:3a:cd:ce:
                    0c:0b:b2:c9:b7:3a:4b:dc:d2:8a:88:c9:0f:6a:76:
                    bd:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:BE:1D:D8:A4:6A:69:23:91:77:D8:0D:4F:44:A2:2E:F1:94:B9:3D
            X509v3 Authority Key Identifier:
                keyid:45:6E:CB:3B:E1:06:5E:1E:71:58:95:08:BE:C6:D7:4B:5A:7B:1E:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RW7LO-EGXh5xWJUIvsbXS1p7Htc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/36715a-32fc-4e9f-a577-5ac74dba17b8/1/xr4d2KRqaSORd9gNT0SiLvGUuT0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/36715a-32fc-4e9f-a577-5ac74dba17b8/1/RW7LO-EGXh5xWJUIvsbXS1p7Htc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.187.165.0-94.187.191.255

    Signature Algorithm: sha256WithRSAEncryption
         af:56:a9:bd:04:91:39:e4:d8:e3:d5:a4:e1:3e:d5:4b:a1:fb:
         cd:59:f7:fb:03:e0:b6:0c:ae:dc:63:44:17:25:74:ae:f4:46:
         9d:bc:2d:03:37:f6:bb:be:0b:06:58:cb:db:7f:94:7d:74:57:
         7b:c0:90:d7:d1:ec:d1:4f:e5:7e:d5:01:51:e4:3f:cb:cf:34:
         7f:fc:ab:a8:7b:17:10:16:e0:3a:26:80:6b:d2:63:01:e5:ec:
         77:4f:17:94:fb:2a:2d:1b:e0:d4:e8:25:f6:bd:da:a7:e7:08:
         83:90:e5:86:56:e7:56:40:b8:fb:7e:d2:c6:44:82:ed:a9:bd:
         60:ee:ea:f2:8b:77:78:75:56:cb:65:7d:1f:72:13:1c:e1:33:
         62:00:18:d1:c9:02:04:01:c4:ff:e2:64:eb:a8:8b:f6:be:7c:
         d7:56:91:e7:5a:71:da:29:ef:b2:f3:08:64:4e:26:1d:b4:7e:
         21:43:cc:2f:28:24:4b:58:ed:7c:eb:8f:90:17:9e:f3:35:ec:
         1e:fe:42:25:6f:f9:13:3c:2b:46:b0:4b:97:d5:53:40:f0:89:
         56:c3:6d:87:0c:aa:58:c3:f0:dc:e7:7c:95:da:4b:2f:16:fe:
         8b:7a:6b:d7:25:70:5f:1c:90:af:e3:b5:de:5c:f7:7c:07:f9:
         3a:41:d5:28
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzGuSovlF54ZbA+FEvIYBbaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NmVjYjNiZTEwNjVlMWU3MTU4OTUwOGJlYzZkNzRiNWE3
YjFlZDcwHhcNMjQwMTAxMjAzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmJlMWRkOGE0NmE2OTIzOTE3N2Q4MGQ0ZjQ0YTIyZWYxOTRiOTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhH485HN4U4HUbfboT0rc+mdZ8e7
9oVz6TM6wM0Y+jdoEVnk9ODi/L4Mm1fgOgi8Po16fFETVKyKxw9HF1SAZ29OHrBI
jUb9GIP5dMCsxUfP+uikanE6RFBIQ5FwqgMQQTkmPkpJArykTIu36r98bOeK/hDF
L+DJMzFYM5VMd0di4kw74Kkk+U9+3TrqeuEuNBT6bYc7VaWxlciOows1VbyK5JXa
eob1Zwh/JfsVCZXCPXlJ6HfxHD7rwOk7k9+JHqCHIglJZLu9Pk1asdBf/WgJnWY9
SkmUYNZZc9M9A+nVhMH/gKp7rbqz/9U6zc4MC7LJtzpL3NKKiMkPana9dQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMa+HdikamkjkXfYDU9Eoi7xlLk9MB8GA1UdIwQY
MBaAFEVuyzvhBl4ecViVCL7G10taex7XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlc3TE8tRUdYaDV4V0pVSXZzYlhTMXA3SHRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zNjcxNWEtMzJmYy00ZTlmLWE1Nzct
NWFjNzRkYmExN2I4LzEveHI0ZDJLUnFhU09SZDlnTlQwU2lMdkdVdVQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zNjcxNWEtMzJmYy00ZTlmLWE1NzctNWFjNzRkYmExN2I4
LzEvUlc3TE8tRUdYaDV4V0pVSXZzYlhTMXA3SHRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABeu6UD
BAZeu4AwDQYJKoZIhvcNAQELBQADggEBAK9Wqb0EkTnk2OPVpOE+1Uuh+81Z9/sD
4LYMrtxjRBcldK70Rp28LQM39ru+CwZYy9t/lH10V3vAkNfR7NFP5X7VAVHkP8vP
NH/8q6h7FxAW4DomgGvSYwHl7HdPF5T7Ki0b4NToJfa92qfnCIOQ5YZW51ZAuPt+
0sZEgu2pvWDu6vKLd3h1VstlfR9yExzhM2IAGNHJAgQBxP/iZOuoi/a+fNdWkeda
cdop77LzCGROJh20fiFDzC8oJEtY7Xzrj5AXnvM17B7+QiVv+RM8K0awS5fVU0Dw
iVbDbYcMqljD8NznfJXaSy8W/ot6a9clcF8ckK/jtd5c93wH+TpB1Sg=
-----END CERTIFICATE-----
Generated at Mon Apr 28 09:20:59 2025 by rpki-client