Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/C6ip3h6rCctfPNWhhpU8Xk14UOM.roa
File:                     C6ip3h6rCctfPNWhhpU8Xk14UOM.roa (raw, json)
Hash identifier:          v5B0S93c+bioJxoZpWOuWWsIySUdEPV/5SQ1NlwZeRU=
Subject key identifier:   0B:A8:A9:DE:1E:AB:09:CB:5F:3C:D5:A1:86:95:3C:5E:4D:78:50:E3
Certificate issuer:       /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial:       019005A5DF904A327C30C6FB36BD00FB95B6
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/C6ip3h6rCctfPNWhhpU8Xk14UOM.roa
Signing time:             Tue 11 Jun 2024 04:54:34 +0000
ROA not before:           Tue 11 Jun 2024 04:54:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     136787
IP address blocks:        82.140.135.0/24 maxlen: 24
                          82.140.136.0/24 maxlen: 24
                          82.140.137.0/24 maxlen: 24
                          82.140.142.0/24 maxlen: 24
                          82.140.144.0/24 maxlen: 24
                          82.140.145.0/24 maxlen: 24
                          82.140.147.0/24 maxlen: 24
                          82.140.149.0/24 maxlen: 24
                          82.140.151.0/24 maxlen: 24
                          82.140.154.0/24 maxlen: 24
                          82.140.155.0/24 maxlen: 24
                          82.140.157.0/24 maxlen: 24
                          82.140.162.0/24 maxlen: 24
                          82.140.163.0/24 maxlen: 24
                          82.140.164.0/24 maxlen: 24
                          82.140.166.0/24 maxlen: 24
                          82.140.167.0/24 maxlen: 24
                          82.140.168.0/24 maxlen: 24
                          82.140.172.0/24 maxlen: 24
                          82.140.173.0/24 maxlen: 24
                          82.140.174.0/24 maxlen: 24
                          82.140.175.0/24 maxlen: 24
                          82.140.181.0/24 maxlen: 24
                          82.140.186.0/24 maxlen: 24
                          82.140.190.0/24 maxlen: 24
                          84.46.128.0/24 maxlen: 24
                          84.46.129.0/24 maxlen: 24
                          84.46.130.0/24 maxlen: 24
                          84.46.132.0/24 maxlen: 24
                          84.46.133.0/24 maxlen: 24
                          84.46.135.0/24 maxlen: 24
                          84.46.137.0/24 maxlen: 24
                          84.46.138.0/24 maxlen: 24
                          84.46.140.0/24 maxlen: 24
                          84.46.141.0/24 maxlen: 24
                          84.46.142.0/24 maxlen: 24
                          84.46.143.0/24 maxlen: 24
                          84.46.144.0/24 maxlen: 24
                          84.46.150.0/24 maxlen: 24
                          84.46.151.0/24 maxlen: 24
                          84.46.152.0/24 maxlen: 24
                          84.46.154.0/24 maxlen: 24
                          84.46.155.0/24 maxlen: 24
                          84.46.158.0/24 maxlen: 24
                          84.46.165.0/24 maxlen: 24
                          84.46.166.0/24 maxlen: 24
                          84.46.174.0/24 maxlen: 24
                          86.38.2.0/24 maxlen: 24
                          86.38.44.0/24 maxlen: 24
                          86.38.46.0/24 maxlen: 24
                          86.38.91.0/24 maxlen: 24
                          86.38.157.0/24 maxlen: 24
                          86.38.206.0/24 maxlen: 24
                          86.38.207.0/24 maxlen: 24
                          86.38.224.0/24 maxlen: 24
                          86.38.231.0/24 maxlen: 24
                          89.116.0.0/24 maxlen: 24
                          89.116.18.0/24 maxlen: 24
                          89.116.40.0/24 maxlen: 24
                          89.116.55.0/24 maxlen: 24
                          89.116.57.0/24 maxlen: 24
                          89.116.79.0/24 maxlen: 24
                          89.116.94.0/24 maxlen: 24
                          89.116.95.0/24 maxlen: 24
                          89.116.98.0/24 maxlen: 24
                          89.116.142.0/24 maxlen: 24
                          89.116.145.0/24 maxlen: 24
                          89.116.194.0/24 maxlen: 24
                          89.116.195.0/24 maxlen: 24
                          89.116.196.0/24 maxlen: 24
                          89.116.197.0/24 maxlen: 24
                          89.116.199.0/24 maxlen: 24
                          89.116.201.0/24 maxlen: 24
                          89.116.204.0/24 maxlen: 24
                          89.116.205.0/24 maxlen: 24
                          89.116.206.0/24 maxlen: 24
                          89.116.207.0/24 maxlen: 24
                          89.116.216.0/24 maxlen: 24
                          89.116.217.0/24 maxlen: 24
                          89.116.219.0/24 maxlen: 24
                          89.116.222.0/24 maxlen: 24
                          89.116.251.0/24 maxlen: 24
                          89.116.254.0/24 maxlen: 24
                          89.117.4.0/24 maxlen: 24
                          89.117.34.0/24 maxlen: 24
                          89.117.131.0/24 maxlen: 24
                          89.117.189.0/24 maxlen: 24
                          89.117.191.0/24 maxlen: 24
                          89.117.230.0/24 maxlen: 24
                          89.117.231.0/24 maxlen: 24
                          89.117.244.0/24 maxlen: 24
                          217.9.251.0/24 maxlen: 24
                          217.9.252.0/24 maxlen: 24
                          217.9.253.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Tue 11 Jun 2024 06:13:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:05:a5:df:90:4a:32:7c:30:c6:fb:36:bd:00:fb:95:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
        Validity
            Not Before: Jun 11 04:54:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0ba8a9de1eab09cb5f3cd5a186953c5e4d7850e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:29:65:9c:a8:44:6e:7a:b5:6c:5c:90:8a:1c:
                    6b:4a:f8:f8:2d:d3:1e:5f:e1:be:23:76:32:96:8f:
                    5a:be:b9:ca:be:b3:1b:e9:86:90:95:24:71:5f:a4:
                    45:c4:41:63:f7:f6:38:24:3d:ff:c5:c2:ee:9d:8d:
                    f8:e1:5b:9b:2e:8e:98:1c:b4:dc:c1:9e:a4:34:ba:
                    db:77:73:f0:34:8d:25:dd:c9:2c:40:c7:93:bf:26:
                    b2:6d:e1:4e:de:ad:4b:2c:31:3c:a8:88:30:cf:6d:
                    44:14:74:53:64:f4:bb:ab:27:74:34:68:e6:8f:ce:
                    3c:0b:54:30:0a:bc:93:a7:01:bc:e9:1f:a2:a1:99:
                    ff:2e:1f:ac:01:8f:9f:11:63:ad:ea:61:f0:4e:2d:
                    7e:92:0b:d4:ad:a4:41:ec:3a:d8:3a:c6:ec:59:ba:
                    de:5c:04:3a:f3:9b:ed:c3:f8:9a:bd:73:e3:d8:5f:
                    e6:39:e1:2e:d8:9f:e2:ac:ad:ae:c5:ea:c9:a3:03:
                    cf:e2:d7:fe:b2:51:30:ff:d0:b2:ae:60:2b:89:6a:
                    83:04:d6:81:93:87:39:15:68:cc:70:af:4f:7c:3f:
                    ee:54:58:76:38:07:6b:78:be:20:70:fb:ab:cf:b4:
                    92:98:4b:58:07:15:7e:24:93:ef:7e:87:ad:1e:99:
                    78:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:A8:A9:DE:1E:AB:09:CB:5F:3C:D5:A1:86:95:3C:5E:4D:78:50:E3
            X509v3 Authority Key Identifier:
                keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/C6ip3h6rCctfPNWhhpU8Xk14UOM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.140.135.0-82.140.137.255
                  82.140.142.0/24
                  82.140.144.0/23
                  82.140.147.0/24
                  82.140.149.0/24
                  82.140.151.0/24
                  82.140.154.0/23
                  82.140.157.0/24
                  82.140.162.0-82.140.164.255
                  82.140.166.0-82.140.168.255
                  82.140.172.0/22
                  82.140.181.0/24
                  82.140.186.0/24
                  82.140.190.0/24
                  84.46.128.0-84.46.130.255
                  84.46.132.0/23
                  84.46.135.0/24
                  84.46.137.0-84.46.138.255
                  84.46.140.0-84.46.144.255
                  84.46.150.0-84.46.152.255
                  84.46.154.0/23
                  84.46.158.0/24
                  84.46.165.0-84.46.166.255
                  84.46.174.0/24
                  86.38.2.0/24
                  86.38.44.0/24
                  86.38.46.0/24
                  86.38.91.0/24
                  86.38.157.0/24
                  86.38.206.0/23
                  86.38.224.0/24
                  86.38.231.0/24
                  89.116.0.0/24
                  89.116.18.0/24
                  89.116.40.0/24
                  89.116.55.0/24
                  89.116.57.0/24
                  89.116.79.0/24
                  89.116.94.0/23
                  89.116.98.0/24
                  89.116.142.0/24
                  89.116.145.0/24
                  89.116.194.0-89.116.197.255
                  89.116.199.0/24
                  89.116.201.0/24
                  89.116.204.0/22
                  89.116.216.0/23
                  89.116.219.0/24
                  89.116.222.0/24
                  89.116.251.0/24
                  89.116.254.0/24
                  89.117.4.0/24
                  89.117.34.0/24
                  89.117.131.0/24
                  89.117.189.0/24
                  89.117.191.0/24
                  89.117.230.0/23
                  89.117.244.0/24
                  217.9.251.0-217.9.253.255

    Signature Algorithm: sha256WithRSAEncryption
         0b:41:ce:9c:4d:8f:36:92:13:6b:35:15:7c:fe:de:9c:41:a1:
         a3:9a:c7:c1:75:70:a9:7b:b7:6b:c8:45:92:d3:4d:24:d8:cf:
         96:57:05:ad:b6:23:fc:50:78:a1:e6:c7:01:f9:4b:9d:06:16:
         14:6b:90:f5:bc:46:0a:71:c8:0c:60:51:70:5d:09:28:c6:5a:
         70:c6:7d:e6:48:ba:33:32:e3:0b:61:4f:4a:6e:8d:d1:d1:b2:
         a5:b8:51:e7:68:95:d3:22:42:58:3f:96:cd:cb:0d:bf:63:79:
         9e:f5:d1:18:85:da:58:0a:ce:bd:04:cc:1a:f6:c7:4d:9a:15:
         20:0d:e7:ea:0c:81:e5:2d:f3:f0:29:e7:21:60:ae:25:e1:f7:
         dd:6c:43:11:3d:02:03:d1:e5:8e:e0:75:fc:e3:5f:79:30:86:
         74:ab:b5:a0:a4:37:09:75:eb:6a:c9:47:ce:04:b5:69:fc:89:
         94:27:b8:e7:de:61:1b:10:13:c2:da:56:f2:0c:39:81:8b:e3:
         ac:9d:c5:ec:9b:40:62:c8:62:c0:c9:16:79:c6:02:ac:b8:23:
         bc:b4:e3:3b:52:6a:ff:10:d7:23:3e:16:2b:e7:58:ea:9b:b3:
         af:e3:f3:0b:44:dd:f7:86:4d:da:b6:30:08:b9:ef:a8:77:1a:
         84:c4:52:52
-----BEGIN CERTIFICATE-----
MIIGszCCBZugAwIBAgISAZAFpd+QSjJ8MMb7Nr0A+5W2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjQwNjExMDQ1NDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmE4YTlkZTFlYWIwOWNiNWYzY2Q1YTE4Njk1M2M1ZTRkNzg1MGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyllnKhEbnq1bFyQihxrSvj4LdMe
X+G+I3Yylo9avrnKvrMb6YaQlSRxX6RFxEFj9/Y4JD3/xcLunY344VubLo6YHLTc
wZ6kNLrbd3PwNI0l3cksQMeTvyaybeFO3q1LLDE8qIgwz21EFHRTZPS7qyd0NGjm
j848C1QwCryTpwG86R+ioZn/Lh+sAY+fEWOt6mHwTi1+kgvUraRB7DrYOsbsWbre
XAQ685vtw/iavXPj2F/mOeEu2J/irK2uxerJowPP4tf+slEw/9CyrmAriWqDBNaB
k4c5FWjMcK9PfD/uVFh2OAdreL4gcPurz7SSmEtYBxV+JJPvfoetHpl4AwIDAQAB
o4IDvzCCA7swHQYDVR0OBBYEFAuoqd4eqwnLXzzVoYaVPF5NeFDjMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvQzZpcDNoNnJDY3RmUE5XaGhwVThYazE0VU9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB0wYIKwYBBQUHAQcBAf8EggHCMIIBvjCCAboEAgABMIIB
sjAMAwQAUoyHAwQBUoyIAwQAUoyOAwQBUoyQAwQAUoyTAwQAUoyVAwQAUoyXAwQB
UoyaAwQAUoydMAwDBAFSjKIDBABSjKQwDAMEAVKMpgMEAFKMqAMEAlKMrAMEAFKM
tQMEAFKMugMEAFKMvjAMAwQHVC6AAwQAVC6CAwQBVC6EAwQAVC6HMAwDBABULokD
BABULoowDAMEAlQujAMEAFQukDAMAwQBVC6WAwQAVC6YAwQBVC6aAwQAVC6eMAwD
BABULqUDBABULqYDBABULq4DBABWJgIDBABWJiwDBABWJi4DBABWJlsDBABWJp0D
BAFWJs4DBABWJuADBABWJucDBABZdAADBABZdBIDBABZdCgDBABZdDcDBABZdDkD
BABZdE8DBAFZdF4DBABZdGIDBABZdI4DBABZdJEwDAMEAVl0wgMEAVl0xAMEAFl0
xwMEAFl0yQMEAll0zAMEAVl02AMEAFl02wMEAFl03gMEAFl0+wMEAFl0/gMEAFl1
BAMEAFl1IgMEAFl1gwMEAFl1vQMEAFl1vwMEAVl15gMEAFl19DAMAwQA2Qn7AwQB
2Qn8MA0GCSqGSIb3DQEBCwUAA4IBAQALQc6cTY82khNrNRV8/t6cQaGjmsfBdXCp
e7dryEWS000k2M+WVwWttiP8UHih5scB+UudBhYUa5D1vEYKccgMYFFwXQkoxlpw
xn3mSLozMuMLYU9Kbo3R0bKluFHnaJXTIkJYP5bNyw2/Y3me9dEYhdpYCs69BMwa
9sdNmhUgDefqDIHlLfPwKechYK4l4ffdbEMRPQID0eWO4HX84195MIZ0q7WgpDcJ
detqyUfOBLVp/ImUJ7jn3mEbEBPC2lbyDDmBi+OsncXsm0BiyGLAyRZ5xgKsuCO8
tOM7Umr/ENcjPhYr51jqm7Ov4/MLRN33hk3atjAIue+odxqExFJS
-----END CERTIFICATE-----
Generated at Mon Apr 28 23:26:19 2025 by rpki-client