Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/774f37-0e57-49e6-8865-a64ba4b8fa19/1/4ohChhqN58wgBzMn3QX3TgC7qfY.roa
File:                     4ohChhqN58wgBzMn3QX3TgC7qfY.roa (raw, json)
Hash identifier:          BgxljdCRtDEsfUGIUdEtRqESbpFgl8FSVGz1EGf7yn4=
Subject key identifier:   E2:88:42:86:1A:8D:E7:CC:20:07:33:27:DD:05:F7:4E:00:BB:A9:F6
Certificate issuer:       /CN=819b97b20ccb4f696518e47c437259a8913e72ae
Certificate serial:       0196CA197EC4E6196A197EA43D52214E16D1
Authority key identifier: 81:9B:97:B2:0C:CB:4F:69:65:18:E4:7C:43:72:59:A8:91:3E:72:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gZuXsgzLT2llGOR8Q3JZqJE-cq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/774f37-0e57-49e6-8865-a64ba4b8fa19/1/4ohChhqN58wgBzMn3QX3TgC7qfY.roa
Signing time:             Tue 13 May 2025 14:43:10 +0000
ROA not before:           Tue 13 May 2025 14:43:10 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     15894
IP address blocks:        194.41.0.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Tue 13 May 2025 15:32:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ca:19:7e:c4:e6:19:6a:19:7e:a4:3d:52:21:4e:16:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=819b97b20ccb4f696518e47c437259a8913e72ae
        Validity
            Not Before: May 13 14:43:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=e28842861a8de7cc20073327dd05f74e00bba9f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:c0:0a:1f:47:d4:18:59:f1:54:65:19:72:0a:
                    b9:09:9f:9b:ac:9b:e9:09:c7:e8:ed:ab:1d:ad:7d:
                    74:d0:e5:c6:46:af:00:c6:7e:b3:46:6d:f0:a3:26:
                    72:c3:46:81:07:18:b9:6c:4e:40:4b:04:47:2c:e4:
                    e5:91:6e:33:2f:21:50:23:db:bf:af:4b:b3:30:f9:
                    f2:9d:8a:58:55:bf:20:d7:16:de:48:ce:dd:c2:d0:
                    52:73:b9:58:de:fd:d2:b3:67:81:1a:a6:5d:4e:18:
                    d1:4d:47:d7:60:8e:76:09:9c:fb:76:83:a8:cc:5a:
                    91:cf:25:f9:16:b9:df:4d:88:2b:46:d3:af:88:b9:
                    88:42:92:37:49:91:ff:f0:47:6a:86:3e:e6:46:86:
                    77:e1:bd:c1:b5:79:5a:47:9d:88:cc:17:b3:f2:72:
                    2e:9d:00:33:b2:d2:4a:4d:0a:09:96:80:93:a4:7e:
                    ca:b8:7b:31:29:ee:91:60:e7:e8:d9:cd:8e:07:94:
                    45:f6:96:34:04:fc:51:e7:dc:0f:58:89:5a:84:35:
                    f7:53:e5:d0:1f:7f:fb:2d:be:cd:a2:80:63:b8:b2:
                    3d:8e:f5:c1:bb:56:80:f8:a4:b7:02:67:4f:19:cc:
                    8c:84:c6:e5:43:0b:72:bf:24:36:20:6a:9c:ce:60:
                    62:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:88:42:86:1A:8D:E7:CC:20:07:33:27:DD:05:F7:4E:00:BB:A9:F6
            X509v3 Authority Key Identifier:
                keyid:81:9B:97:B2:0C:CB:4F:69:65:18:E4:7C:43:72:59:A8:91:3E:72:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZuXsgzLT2llGOR8Q3JZqJE-cq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/774f37-0e57-49e6-8865-a64ba4b8fa19/1/4ohChhqN58wgBzMn3QX3TgC7qfY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/774f37-0e57-49e6-8865-a64ba4b8fa19/1/gZuXsgzLT2llGOR8Q3JZqJE-cq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.41.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:8a:14:25:36:db:c1:24:99:6a:a7:3e:0c:bd:52:92:ce:a3:
         c2:ef:9f:0f:5d:a8:cb:5e:a2:3c:61:fc:58:e1:c4:7f:91:13:
         07:1f:a5:09:9b:55:32:6e:70:73:f5:e7:6b:72:af:5d:98:40:
         7d:3a:bb:4d:8b:31:c0:c0:2d:8d:98:15:57:40:81:13:2a:b9:
         b6:28:f1:aa:1c:3d:d1:75:f2:d0:c3:b9:ed:ee:4b:76:e2:df:
         f9:82:9d:67:96:79:94:94:36:d7:da:33:81:02:f3:48:e8:21:
         45:36:a8:95:84:4b:b9:d9:4c:b1:8d:1a:e1:e1:e4:9c:27:e6:
         f6:1c:9e:0f:f6:48:b5:ab:7c:35:a7:b5:1a:36:29:11:10:48:
         f7:d4:e7:d8:62:ed:dc:69:84:c4:54:af:e0:d0:b5:67:d1:84:
         28:1c:29:ac:a0:6e:80:a1:87:3f:54:fd:29:51:95:0a:ed:69:
         6b:90:67:10:3c:1e:bd:e1:cc:de:9d:eb:f8:00:8b:67:6e:59:
         81:c4:40:b1:82:fc:be:13:a4:af:c6:ef:56:4f:94:44:5c:b8:
         c7:81:f1:56:99:89:1f:8a:09:31:d7:2e:70:fc:e6:68:36:8c:
         a4:39:ac:4e:9d:01:81:29:ed:72:45:16:32:24:3a:5a:62:d9:
         cc:a5:0a:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbKGX7E5hlqGX6kPVIhThbRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOWI5N2IyMGNjYjRmNjk2NTE4ZTQ3YzQzNzI1OWE4OTEz
ZTcyYWUwHhcNMjUwNTEzMTQ0MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjg4NDI4NjFhOGRlN2NjMjAwNzMzMjdkZDA1Zjc0ZTAwYmJhOWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMAKH0fUGFnxVGUZcgq5CZ+brJvp
Ccfo7asdrX100OXGRq8Axn6zRm3woyZyw0aBBxi5bE5ASwRHLOTlkW4zLyFQI9u/
r0uzMPnynYpYVb8g1xbeSM7dwtBSc7lY3v3Ss2eBGqZdThjRTUfXYI52CZz7doOo
zFqRzyX5FrnfTYgrRtOviLmIQpI3SZH/8Edqhj7mRoZ34b3BtXlaR52IzBez8nIu
nQAzstJKTQoJloCTpH7KuHsxKe6RYOfo2c2OB5RF9pY0BPxR59wPWIlahDX3U+XQ
H3/7Lb7NooBjuLI9jvXBu1aA+KS3AmdPGcyMhMblQwtyvyQ2IGqczmBikwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOKIQoYajefMIAczJ90F904Au6n2MB8GA1UdIwQY
MBaAFIGbl7IMy09pZRjkfENyWaiRPnKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1p1WHNnekxUMmxsR09SOFEzSlpxSkUtY3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83NzRmMzctMGU1Ny00OWU2LTg4NjUt
YTY0YmE0YjhmYTE5LzEvNG9oQ2hocU41OHdnQnpNbjNRWDNUZ0M3cWZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83NzRmMzctMGU1Ny00OWU2LTg4NjUtYTY0YmE0YjhmYTE5
LzEvZ1p1WHNnekxUMmxsR09SOFEzSlpxSkUtY3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwikAMA0G
CSqGSIb3DQEBCwUAA4IBAQAgihQlNtvBJJlqpz4MvVKSzqPC758PXajLXqI8YfxY
4cR/kRMHH6UJm1UybnBz9edrcq9dmEB9OrtNizHAwC2NmBVXQIETKrm2KPGqHD3R
dfLQw7nt7kt24t/5gp1nlnmUlDbX2jOBAvNI6CFFNqiVhEu52UyxjRrh4eScJ+b2
HJ4P9ki1q3w1p7UaNikREEj31OfYYu3caYTEVK/g0LVn0YQoHCmsoG6AoYc/VP0p
UZUK7WlrkGcQPB694czenev4AItnblmBxECxgvy+E6Svxu9WT5REXLjHgfFWmYkf
igkx1y5w/OZoNoykOaxOnQGBKe1yRRYyJDpaYtnMpQq0
-----END CERTIFICATE-----
Generated at Mon Jun 16 02:42:56 2025 by rpki-client