Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/m4Xmr8M3KcVQsprpt0yDsbbO6k4.roa
File:                     m4Xmr8M3KcVQsprpt0yDsbbO6k4.roa (raw, json)
Hash identifier:          VxgGDyEKVmifJvRRI2TRoPnW35lpL5qyUbiVy9/qqn0=
Subject key identifier:   9B:85:E6:AF:C3:37:29:C5:50:B2:9A:E9:B7:4C:83:B1:B6:CE:EA:4E
Certificate issuer:       /CN=b467367967dc763349fd0b50e31f75b823028590
Certificate serial:       0195A880855F5D71B971F0E91B83C4EF5E6A
Authority key identifier: B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/m4Xmr8M3KcVQsprpt0yDsbbO6k4.roa
Signing time:             Tue 18 Mar 2025 09:05:49 +0000
ROA not before:           Tue 18 Mar 2025 09:05:49 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     201178
IP address blocks:        37.75.8.0/21 maxlen: 24
                          185.28.0.0/22 maxlen: 24
                          185.81.236.0/22 maxlen: 24
                          185.81.236.0/24 maxlen: 24
                          185.81.237.0/24 maxlen: 24
                          185.81.238.0/24 maxlen: 24
                          185.81.239.0/24 maxlen: 24
                          185.153.248.0/22 maxlen: 24
                          185.155.148.0/22 maxlen: 24
                          185.155.148.0/24 maxlen: 24
                          185.155.149.0/24 maxlen: 24
                          185.155.150.0/24 maxlen: 24
                          185.155.151.0/24 maxlen: 24
                          195.142.0.0/22 maxlen: 24
                          195.142.104.0/21 maxlen: 24
                          195.142.132.0/22 maxlen: 24
                          2a05:8a00::/29 maxlen: 48
Validation:               Failed, certificate revoked on Tue 18 Mar 2025 09:07:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:a8:80:85:5f:5d:71:b9:71:f0:e9:1b:83:c4:ef:5e:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b467367967dc763349fd0b50e31f75b823028590
        Validity
            Not Before: Mar 18 09:05:49 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=9b85e6afc33729c550b29ae9b74c83b1b6ceea4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:06:42:97:98:8f:55:db:07:90:9e:55:71:44:
                    2d:f2:de:cb:1a:73:57:39:ce:0b:6f:db:93:80:bf:
                    e1:e9:65:9d:cc:f7:f2:12:30:8f:c9:c7:a8:b0:25:
                    e9:87:ac:50:65:fd:77:8f:7b:c6:ae:72:13:c8:2d:
                    8f:f8:b7:0e:a3:97:50:e1:64:c6:6e:d7:0a:b1:59:
                    90:33:46:b4:4f:72:80:74:06:3d:de:c4:05:27:92:
                    29:3b:57:da:8a:08:76:95:48:6e:98:17:b7:a9:12:
                    1c:e5:f7:0c:2a:bd:6f:ea:28:05:4a:e7:ba:c9:ca:
                    a4:5d:e8:d8:e8:cd:31:f0:b9:97:95:ee:75:99:4e:
                    c4:ca:09:c8:7d:c9:0a:b9:2d:d4:f4:80:70:b6:e8:
                    b7:59:ac:1b:e5:95:9c:3b:4a:33:31:b3:b2:fd:5a:
                    41:82:47:c7:df:7a:22:f5:79:e3:50:28:56:71:5d:
                    5f:52:c5:8e:64:d7:7f:65:39:dc:87:ac:04:14:ed:
                    ae:af:0a:43:2f:8a:d4:c0:52:18:15:93:36:50:8f:
                    9f:81:f5:2e:22:58:6c:63:24:4e:82:69:b3:44:46:
                    b3:8d:27:c2:31:8a:67:2e:79:a3:3e:f3:f6:dd:37:
                    2d:b8:5a:aa:a8:fa:0d:31:18:81:96:f6:28:b5:78:
                    9d:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:85:E6:AF:C3:37:29:C5:50:B2:9A:E9:B7:4C:83:B1:B6:CE:EA:4E
            X509v3 Authority Key Identifier:
                keyid:B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/m4Xmr8M3KcVQsprpt0yDsbbO6k4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.75.8.0/21
                  185.28.0.0/22
                  185.81.236.0/22
                  185.153.248.0/22
                  185.155.148.0/22
                  195.142.0.0/22
                  195.142.104.0/21
                  195.142.132.0/22
                IPv6:
                  2a05:8a00::/29

    Signature Algorithm: sha256WithRSAEncryption
         7b:ed:6c:d6:fa:db:ec:cc:d9:31:74:1f:8d:ac:cb:1d:eb:d4:
         2f:b3:69:85:13:56:a9:7d:d8:58:b4:ae:3d:e2:24:bc:b3:fc:
         34:65:59:3d:8e:22:7e:7c:d4:a1:b6:67:76:98:c5:15:47:48:
         bc:73:26:02:b0:29:0c:c5:33:f7:4a:f0:4a:1a:34:e0:79:7f:
         63:bc:9b:c0:7b:87:72:cb:4b:de:c6:97:d7:f3:54:c1:bb:84:
         f0:c2:7f:94:17:ed:7c:8b:6a:31:6c:73:ba:10:d1:e8:ec:99:
         b7:ea:e0:d3:dc:e7:16:b9:a4:d3:8e:57:bc:11:9d:51:f7:9d:
         2a:6d:f1:39:c7:21:5e:7f:ce:6b:c5:3c:8b:fc:6c:e2:5f:2a:
         4a:78:0f:0d:79:b7:42:bd:40:9f:2f:98:21:38:1f:e5:d0:44:
         c3:e1:ba:69:08:ca:3b:db:8b:bb:48:19:40:d6:96:dc:27:de:
         7b:9e:b6:28:74:7d:dd:c8:5f:66:eb:5a:33:f1:0b:ad:fb:d3:
         c9:db:53:1e:b4:e8:df:d1:e8:a4:fe:25:86:39:1a:e9:7a:b2:
         f7:9c:0f:20:f6:0b:26:83:f8:40:36:38:aa:73:9b:57:8b:e8:
         f2:fd:98:17:f2:14:b6:40:75:b0:4d:d1:a0:70:5a:68:98:dc:
         18:47:e2:6e
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZWogIVfXXG5cfDpG4PE715qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NjczNjc5NjdkYzc2MzM0OWZkMGI1MGUzMWY3NWI4MjMw
Mjg1OTAwHhcNMjUwMzE4MDkwNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjg1ZTZhZmMzMzcyOWM1NTBiMjlhZTliNzRjODNiMWI2Y2VlYTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgZCl5iPVdsHkJ5VcUQt8t7LGnNX
Oc4Lb9uTgL/h6WWdzPfyEjCPyceosCXph6xQZf13j3vGrnITyC2P+LcOo5dQ4WTG
btcKsVmQM0a0T3KAdAY93sQFJ5IpO1faigh2lUhumBe3qRIc5fcMKr1v6igFSue6
ycqkXejY6M0x8LmXle51mU7EygnIfckKuS3U9IBwtui3Wawb5ZWcO0ozMbOy/VpB
gkfH33oi9XnjUChWcV1fUsWOZNd/ZTnch6wEFO2urwpDL4rUwFIYFZM2UI+fgfUu
IlhsYyROgmmzREazjSfCMYpnLnmjPvP23TctuFqqqPoNMRiBlvYotXidMQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFJuF5q/DNynFULKa6bdMg7G2zupOMB8GA1UdIwQY
MBaAFLRnNnln3HYzSf0LUOMfdbgjAoWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMt
YjgxMzczYzQwZGM5LzEvbTRYbXI4TTNLY1ZRc3BycHQweURzYmJPNms0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMtYjgxMzczYzQwZGM5
LzEvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDJUsIAwQC
uRwAAwQCuVHsAwQCuZn4AwQCuZuUAwQCw44AAwQDw45oAwQCw46EMA0EAgACMAcD
BQMqBYoAMA0GCSqGSIb3DQEBCwUAA4IBAQB77WzW+tvszNkxdB+NrMsd69Qvs2mF
E1apfdhYtK494iS8s/w0ZVk9jiJ+fNShtmd2mMUVR0i8cyYCsCkMxTP3SvBKGjTg
eX9jvJvAe4dyy0vexpfX81TBu4Twwn+UF+18i2oxbHO6ENHo7Jm36uDT3OcWuaTT
jle8EZ1R950qbfE5xyFef85rxTyL/GziXypKeA8NebdCvUCfL5ghOB/l0ETD4bpp
CMo724u7SBlA1pbcJ957nrYodH3dyF9m61oz8Qut+9PJ21MetOjf0eik/iWGORrp
erL3nA8g9gsmg/hANjiqc5tXi+jy/ZgX8hS2QHWwTdGgcFpomNwYR+Ju
-----END CERTIFICATE-----