Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/UM54rG-BJN6_nyhCpBRgQvMfB6A.roa
File:                     UM54rG-BJN6_nyhCpBRgQvMfB6A.roa (raw, json)
Hash identifier:          YXAogpWvjjx7h1/DvEtfPzNUArEpRADQm0Gd+4hwvlE=
Subject key identifier:   50:CE:78:AC:6F:81:24:DE:BF:9F:28:42:A4:14:60:42:F3:1F:07:A0
Certificate issuer:       /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial:       01986935CCAD11C9F09966EFFA6F9608F012
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/UM54rG-BJN6_nyhCpBRgQvMfB6A.roa
Signing time:             Sat 02 Aug 2025 05:16:30 +0000
ROA not before:           Sat 02 Aug 2025 05:16:30 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     21840
IP address blocks:        151.241.94.0/24 maxlen: 24
                          151.242.148.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Wed 06 Aug 2025 04:37:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:69:35:cc:ad:11:c9:f0:99:66:ef:fa:6f:96:08:f0:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
        Validity
            Not Before: Aug  2 05:16:30 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=50ce78ac6f8124debf9f2842a4146042f31f07a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:2d:ce:f4:7e:29:fc:68:95:bb:ee:82:ce:b2:
                    a0:cc:63:28:c7:3d:58:81:e6:c3:05:26:3d:13:fa:
                    b2:3b:5c:49:1a:92:98:2d:e3:bd:75:d9:79:ee:4a:
                    5c:f5:f9:6b:1e:ed:4e:0d:b2:d3:a2:ad:c0:1a:c4:
                    38:ef:0b:b8:dc:03:55:6e:b8:27:25:e2:e7:50:0d:
                    67:d8:19:a1:9e:13:b4:1e:23:fe:ce:d9:50:09:d1:
                    bd:cf:61:31:b4:6c:fa:a1:b4:b5:65:d6:28:9f:a3:
                    5b:72:2e:8e:ba:55:69:5a:92:db:63:36:86:44:a5:
                    20:b8:4b:b4:bc:8f:0a:12:77:72:52:65:59:bf:5c:
                    7d:2f:b7:25:31:2d:b6:95:19:27:33:af:ab:81:ce:
                    d2:09:01:f4:3e:04:75:43:b6:7b:f5:e0:c1:7d:4e:
                    03:db:38:2e:66:5e:5c:31:b9:3c:85:1c:77:9d:15:
                    1e:f4:9d:d8:6c:67:1f:10:dd:5d:f1:e5:0e:3f:fc:
                    6b:c3:2d:44:93:5d:82:ca:43:2f:d0:e8:95:06:bb:
                    7e:90:d3:99:34:58:f4:2c:2f:65:a2:80:0e:12:5d:
                    36:83:28:28:ad:b0:f6:51:74:5a:70:e8:45:88:73:
                    c7:0f:aa:39:f0:17:c3:af:b1:0e:44:4e:bc:e9:db:
                    74:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:CE:78:AC:6F:81:24:DE:BF:9F:28:42:A4:14:60:42:F3:1F:07:A0
            X509v3 Authority Key Identifier:
                keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/UM54rG-BJN6_nyhCpBRgQvMfB6A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  151.241.94.0/24
                  151.242.148.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:ca:b8:0a:64:45:e2:c8:7a:a4:92:8a:1a:ff:4d:d4:8c:d2:
         ab:2d:28:ca:d1:69:03:3d:e9:38:f1:eb:8c:6a:33:0c:f3:3a:
         0d:48:70:e3:4d:1a:26:96:b9:76:74:a6:cc:41:fa:2f:8a:83:
         76:54:4d:a7:e8:3b:2d:a4:0d:cc:ba:16:95:6f:59:43:b4:6c:
         e6:7e:81:0c:65:6b:67:59:c9:bb:4b:f9:6f:56:17:34:fe:74:
         c2:b5:df:d7:79:13:d4:c8:1b:04:4a:e5:dc:13:62:42:89:bf:
         a0:50:0f:3d:03:84:53:89:4e:83:e4:b9:0e:16:d3:b8:a8:b5:
         37:89:95:ec:82:74:96:b9:ab:4b:d2:18:3a:70:f8:12:2d:e5:
         10:52:e3:b0:02:e8:f7:e7:1d:24:74:4a:84:bd:44:80:c0:13:
         c8:35:76:b7:0b:9f:12:c0:70:52:c4:0f:0f:25:63:20:7f:d2:
         20:68:a6:00:dc:72:56:60:25:5b:56:e2:d4:94:c8:2d:41:ff:
         47:72:79:c3:47:dd:b4:1f:a1:cf:8c:b6:55:f1:06:3d:8d:81:
         94:e0:91:67:a1:2b:88:77:28:c4:f4:90:e7:17:a1:74:60:42:
         d9:8b:92:7f:3b:eb:4f:d9:af:49:4c:7a:4a:42:ec:2f:7c:d8:
         bb:7e:67:68
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZhpNcytEcnwmWbv+m+WCPASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODAyMDUxNjMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGNlNzhhYzZmODEyNGRlYmY5ZjI4NDJhNDE0NjA0MmYzMWYwN2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqi3O9H4p/GiVu+6CzrKgzGMoxz1Y
gebDBSY9E/qyO1xJGpKYLeO9ddl57kpc9flrHu1ODbLToq3AGsQ47wu43ANVbrgn
JeLnUA1n2BmhnhO0HiP+ztlQCdG9z2ExtGz6obS1ZdYon6Nbci6OulVpWpLbYzaG
RKUguEu0vI8KEndyUmVZv1x9L7clMS22lRknM6+rgc7SCQH0PgR1Q7Z79eDBfU4D
2zguZl5cMbk8hRx3nRUe9J3YbGcfEN1d8eUOP/xrwy1Ek12CykMv0OiVBrt+kNOZ
NFj0LC9looAOEl02gygorbD2UXRacOhFiHPHD6o58BfDr7EORE686dt0ZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFDOeKxvgSTev58oQqQUYELzHwegMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvVU01NHJHLUJKTjZfbnloQ3BCUmdRdk1mQjZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/FeAwQA
l/KUMA0GCSqGSIb3DQEBCwUAA4IBAQAAyrgKZEXiyHqkkooa/03UjNKrLSjK0WkD
Pek48euMajMM8zoNSHDjTRomlrl2dKbMQfovioN2VE2n6DstpA3MuhaVb1lDtGzm
foEMZWtnWcm7S/lvVhc0/nTCtd/XeRPUyBsESuXcE2JCib+gUA89A4RTiU6D5LkO
FtO4qLU3iZXsgnSWuatL0hg6cPgSLeUQUuOwAuj35x0kdEqEvUSAwBPINXa3C58S
wHBSxA8PJWMgf9IgaKYA3HJWYCVbVuLUlMgtQf9HcnnDR920H6HPjLZV8QY9jYGU
4JFnoSuIdyjE9JDnF6F0YELZi5J/O+tP2a9JTHpKQuwvfNi7fmdo
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:55:47 2025 by rpki-client