Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/ZyUmOCmTBPbqQKtyhYDAQtPYbdo.roa
File:                     ZyUmOCmTBPbqQKtyhYDAQtPYbdo.roa (raw, json)
Hash identifier:          Z96l/gwuEQ9N+uXtK45lLbF6EoOtB+H/oqL22be1Nss=
Subject key identifier:   67:25:26:38:29:93:04:F6:EA:40:AB:72:85:80:C0:42:D3:D8:6D:DA
Certificate issuer:       /CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Certificate serial:       0195A3835CE2077D79F94392C88773119A16
Authority key identifier: 88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/ZyUmOCmTBPbqQKtyhYDAQtPYbdo.roa
Signing time:             Mon 17 Mar 2025 09:50:49 +0000
ROA not before:           Mon 17 Mar 2025 09:50:49 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     50810
IP address blocks:        37.98.64.0/18 maxlen: 22
                          37.98.114.0/24 maxlen: 24
                          93.117.176.0/20 maxlen: 24
                          93.119.208.0/20 maxlen: 24
                          178.131.0.0/18 maxlen: 24
                          178.131.4.0/24 maxlen: 24
                          178.131.64.0/19 maxlen: 22
                          178.131.96.0/20 maxlen: 22
                          178.131.112.0/21 maxlen: 22
                          178.131.128.0/18 maxlen: 24
                          188.211.0.0/20 maxlen: 24
                          188.211.15.0/24 maxlen: 24
                          188.212.240.0/21 maxlen: 24
                          188.213.192.0/22 maxlen: 22
Validation:               Failed, certificate revoked on Tue 18 Mar 2025 08:02:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:a3:83:5c:e2:07:7d:79:f9:43:92:c8:87:73:11:9a:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
        Validity
            Not Before: Mar 17 09:50:49 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=67252638299304f6ea40ab728580c042d3d86dda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:81:a4:58:ff:dd:d0:16:8c:5b:c5:9f:89:b5:
                    91:61:d7:a3:08:cc:6d:3f:92:6b:fd:b8:ce:23:ca:
                    6c:18:a6:7a:cb:fb:19:e3:cb:56:64:c6:75:d2:ad:
                    73:aa:27:6b:56:83:31:0a:cc:39:ec:ef:72:2a:71:
                    a3:13:fe:8f:1b:42:1a:e9:a2:df:c1:7d:27:00:69:
                    ea:43:6d:47:c8:5b:f5:fb:83:d7:00:9a:1a:09:ca:
                    a2:f0:53:e9:d0:98:1f:fe:9b:21:1a:db:fc:98:ef:
                    2f:86:eb:83:9f:98:13:87:23:5f:64:56:9c:91:6e:
                    a7:b6:81:4c:fd:26:45:c2:b6:58:ce:e9:8d:fc:ea:
                    89:9c:f0:92:06:07:08:6d:fd:de:69:c7:0e:01:c0:
                    59:2d:49:1b:ce:86:16:af:fe:41:1a:67:ff:96:c4:
                    6c:07:e6:1c:5d:bf:7b:01:25:de:08:d2:d0:97:2a:
                    e4:c9:84:99:03:e7:95:3e:10:b1:d1:83:20:37:11:
                    75:5b:d7:c3:43:b3:76:93:6d:98:c0:77:22:27:a0:
                    f3:55:d9:c0:5c:b6:fe:af:7a:3d:9e:3e:57:d8:c0:
                    a5:7a:36:29:4c:62:a6:aa:f1:79:dd:bb:32:e5:ff:
                    67:81:05:11:92:1f:73:f2:a6:fe:a8:a2:dc:f7:e8:
                    87:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:25:26:38:29:93:04:F6:EA:40:AB:72:85:80:C0:42:D3:D8:6D:DA
            X509v3 Authority Key Identifier:
                keyid:88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/ZyUmOCmTBPbqQKtyhYDAQtPYbdo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/iEeqkbBtjGuHKE8_RaIdwoH3ulU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.98.64.0/18
                  93.117.176.0/20
                  93.119.208.0/20
                  178.131.0.0-178.131.119.255
                  178.131.128.0/18
                  188.211.0.0/20
                  188.212.240.0/21
                  188.213.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         18:0c:55:10:67:77:00:5c:80:39:a2:22:20:ce:04:61:70:9e:
         ce:07:38:36:1d:bc:a8:cb:58:0b:d1:0d:a6:07:88:c2:4c:ea:
         aa:fa:d0:e5:e2:12:7a:ea:39:9a:9b:d7:77:c9:5b:d3:4f:0d:
         38:7e:6b:c3:9e:a3:2f:5a:be:b4:6e:2e:46:83:19:6e:22:c7:
         7f:9c:43:e3:28:a3:34:3a:da:5b:03:cf:ae:3c:65:76:23:db:
         70:69:7b:0f:ad:f5:1c:cd:53:ce:a6:9d:e3:e0:2f:86:26:35:
         e0:c0:9f:59:31:0e:51:37:97:7e:50:e3:a4:1b:c5:54:27:14:
         18:d9:e1:59:02:af:e3:14:2c:07:93:40:06:a1:4c:3a:82:55:
         c4:ad:42:7c:88:fc:ca:a2:5e:23:34:7d:1c:f6:80:96:a1:98:
         34:88:d6:4d:11:33:2a:e5:d0:19:1d:9f:8e:2b:e1:6c:63:6b:
         8e:1e:c5:f8:ff:8a:fb:55:74:18:f6:37:df:07:02:04:d9:a8:
         f6:f8:ec:5d:9a:0c:02:f2:8c:86:d2:ec:75:e0:35:cb:3a:8b:
         2a:39:1d:97:a5:7d:82:ec:e4:fe:93:f9:3f:92:9b:08:d6:ee:
         30:87:3b:69:1a:ab:5f:02:8a:64:47:30:64:90:4c:f5:ae:6c:
         a3:c0:0c:4c
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZWjg1ziB315+UOSyIdzEZoWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NDdhYTkxYjA2ZDhjNmI4NzI4NGYzZjQ1YTIxZGMyODFm
N2JhNTUwHhcNMjUwMzE3MDk1MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzI1MjYzODI5OTMwNGY2ZWE0MGFiNzI4NTgwYzA0MmQzZDg2ZGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYGkWP/d0BaMW8WfibWRYdejCMxt
P5Jr/bjOI8psGKZ6y/sZ48tWZMZ10q1zqidrVoMxCsw57O9yKnGjE/6PG0Ia6aLf
wX0nAGnqQ21HyFv1+4PXAJoaCcqi8FPp0Jgf/pshGtv8mO8vhuuDn5gThyNfZFac
kW6ntoFM/SZFwrZYzumN/OqJnPCSBgcIbf3eaccOAcBZLUkbzoYWr/5BGmf/lsRs
B+YcXb97ASXeCNLQlyrkyYSZA+eVPhCx0YMgNxF1W9fDQ7N2k22YwHciJ6DzVdnA
XLb+r3o9nj5X2MClejYpTGKmqvF53bsy5f9ngQURkh9z8qb+qKLc9+iHZwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFGclJjgpkwT26kCrcoWAwELT2G3aMB8GA1UdIwQY
MBaAFIhHqpGwbYxrhyhPP0WiHcKB97pVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYt
Y2VhNzVkMGNkNjcxLzEvWnlVbU9DbVRCUGJxUUt0eWhZREFRdFBZYmRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYtY2VhNzVkMGNkNjcx
LzEvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzA9BAIAATA3AwQGJWJAAwQE
XXWwAwQEXXfQMAsDAwCygwMEA7KDcAMEBrKDgAMEBLzTAAMEA7zU8AMEArzVwDAN
BgkqhkiG9w0BAQsFAAOCAQEAGAxVEGd3AFyAOaIiIM4EYXCezgc4Nh28qMtYC9EN
pgeIwkzqqvrQ5eISeuo5mpvXd8lb008NOH5rw56jL1q+tG4uRoMZbiLHf5xD4yij
NDraWwPPrjxldiPbcGl7D631HM1Tzqad4+AvhiY14MCfWTEOUTeXflDjpBvFVCcU
GNnhWQKv4xQsB5NABqFMOoJVxK1CfIj8yqJeIzR9HPaAlqGYNIjWTREzKuXQGR2f
jivhbGNrjh7F+P+K+1V0GPY33wcCBNmo9vjsXZoMAvKMhtLsdeA1yzqLKjkdl6V9
guzk/pP5P5KbCNbuMIc7aRqrXwKKZEcwZJBM9a5so8AMTA==
-----END CERTIFICATE-----