Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/_GUvwbiMt4aWQtds-r0f33hg-QQ.roa
File:                     _GUvwbiMt4aWQtds-r0f33hg-QQ.roa (raw, json)
Hash identifier:          bxkdfGNacSszWs+nY/3y6p2mASa0O/3rfNJ8bCBeG2g=
Subject key identifier:   FC:65:2F:C1:B8:8C:B7:86:96:42:D7:6C:FA:BD:1F:DF:78:60:F9:04
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       01964543252E0E206173B8DEB7D5BF29342E
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/_GUvwbiMt4aWQtds-r0f33hg-QQ.roa
Signing time:             Thu 17 Apr 2025 19:39:10 +0000
ROA not before:           Thu 17 Apr 2025 19:39:10 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     834
IP address blocks:        5.180.234.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Fri 18 Apr 2025 11:36:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:45:43:25:2e:0e:20:61:73:b8:de:b7:d5:bf:29:34:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Apr 17 19:39:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=fc652fc1b88cb7869642d76cfabd1fdf7860f904
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:a8:ad:32:16:55:dd:06:da:39:4f:1e:b9:71:
                    15:39:20:4d:ff:c3:91:2b:8b:e5:23:29:d0:94:7b:
                    c1:61:3d:10:a6:a2:6d:fa:3f:c3:44:3c:7b:93:a5:
                    55:00:69:18:4c:f4:2e:fb:7c:77:cf:7e:4a:5d:67:
                    bb:ea:27:80:fe:8d:98:34:15:93:21:91:91:4f:13:
                    23:5d:ae:cb:4f:76:6c:cb:56:95:18:57:6b:74:c4:
                    7f:02:a7:93:39:b6:a5:30:50:47:c7:90:2a:89:8e:
                    0a:f7:0c:8a:c4:cc:bc:d4:1e:e3:27:e9:1a:f2:b3:
                    61:32:62:4c:3e:e6:cf:90:d1:7b:af:93:fa:c6:71:
                    d5:1f:f1:12:ca:b4:a5:82:82:2a:6f:98:e4:c9:7a:
                    81:48:65:03:5e:19:f7:17:c0:10:cd:c5:4d:25:b3:
                    97:36:09:30:2c:a8:71:c0:59:6f:74:69:13:79:43:
                    68:32:60:fd:70:de:59:62:31:0a:a7:6f:21:4e:e1:
                    16:27:2e:71:c0:76:11:cc:90:20:0c:3d:7f:d0:d2:
                    c1:05:53:b7:ca:9b:a7:b2:10:13:e7:f3:2b:5f:7d:
                    08:b1:5f:c0:a5:63:16:13:3a:4e:64:d7:49:ca:c0:
                    3a:e6:f6:cd:97:49:32:b6:cd:d4:34:8c:4c:d6:a4:
                    b1:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:65:2F:C1:B8:8C:B7:86:96:42:D7:6C:FA:BD:1F:DF:78:60:F9:04
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/_GUvwbiMt4aWQtds-r0f33hg-QQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:9c:1b:36:fa:6a:28:18:90:82:e8:86:47:21:92:f0:27:37:
         48:ad:e5:31:b0:9f:19:d0:50:b1:72:c2:cd:f0:44:a6:fb:b2:
         f0:35:ea:30:31:7f:2a:e7:25:0d:cb:2b:a8:e9:06:b3:fd:3d:
         b4:fe:ea:7d:6c:96:ed:0c:06:d2:c1:01:8a:60:59:d7:a0:cf:
         bd:b5:92:ea:d0:69:95:f3:65:99:dd:b1:9d:31:8d:50:b9:e9:
         1c:17:bf:a1:f6:05:45:92:19:8a:02:70:29:a5:80:4d:c5:a9:
         7f:73:38:b7:e7:53:61:5d:30:2b:7c:13:c4:af:b0:d1:19:52:
         f2:a0:47:50:15:d9:c5:9f:17:6f:be:4c:43:2c:b7:c1:c9:da:
         b4:6a:a4:15:99:5d:fd:4f:cc:bd:20:b4:35:a7:0c:dd:21:01:
         27:4d:7b:34:92:29:ee:1e:69:d0:58:cc:2d:9a:3a:e2:a4:df:
         4a:0a:42:a4:e5:da:2c:e3:fd:1f:55:e0:ec:46:79:44:e2:1b:
         32:2d:b0:68:4b:43:bb:f3:09:01:58:f2:19:66:00:7a:ee:be:
         f1:74:3b:a5:3c:a9:d2:fc:44:cd:ea:71:d8:bb:bd:41:9d:03:
         e7:d5:36:2f:a2:cf:c5:b9:69:07:36:a8:6a:36:a0:bc:d2:93:
         21:46:36:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZFQyUuDiBhc7jet9W/KTQuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwNDE3MTkzOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzY1MmZjMWI4OGNiNzg2OTY0MmQ3NmNmYWJkMWZkZjc4NjBmOTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKitMhZV3QbaOU8euXEVOSBN/8OR
K4vlIynQlHvBYT0QpqJt+j/DRDx7k6VVAGkYTPQu+3x3z35KXWe76ieA/o2YNBWT
IZGRTxMjXa7LT3Zsy1aVGFdrdMR/AqeTObalMFBHx5AqiY4K9wyKxMy81B7jJ+ka
8rNhMmJMPubPkNF7r5P6xnHVH/ESyrSlgoIqb5jkyXqBSGUDXhn3F8AQzcVNJbOX
NgkwLKhxwFlvdGkTeUNoMmD9cN5ZYjEKp28hTuEWJy5xwHYRzJAgDD1/0NLBBVO3
ypunshAT5/MrX30IsV/ApWMWEzpOZNdJysA65vbNl0kyts3UNIxM1qSxBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPxlL8G4jLeGlkLXbPq9H994YPkEMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvX0dVdndiaU10NGFXUXRkcy1yMGYzM2hnLVFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbTqMA0G
CSqGSIb3DQEBCwUAA4IBAQB8nBs2+mooGJCC6IZHIZLwJzdIreUxsJ8Z0FCxcsLN
8ESm+7LwNeowMX8q5yUNyyuo6Qaz/T20/up9bJbtDAbSwQGKYFnXoM+9tZLq0GmV
82WZ3bGdMY1QuekcF7+h9gVFkhmKAnAppYBNxal/czi351NhXTArfBPEr7DRGVLy
oEdQFdnFnxdvvkxDLLfBydq0aqQVmV39T8y9ILQ1pwzdIQEnTXs0kinuHmnQWMwt
mjripN9KCkKk5dos4/0fVeDsRnlE4hsyLbBoS0O78wkBWPIZZgB67r7xdDulPKnS
/ETN6nHYu71BnQPn1TYvos/FuWkHNqhqNqC80pMhRjYg
-----END CERTIFICATE-----
Generated at Fri May 2 00:05:29 2025 by rpki-client