Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/SsuDAdtzHKIMPMDYfMNSjt3kYjc.roa
File:                     SsuDAdtzHKIMPMDYfMNSjt3kYjc.roa (raw, json)
Hash identifier:          d77pbEBBs4tlJEzsvZ7zeWXHQRwS05eoSLNt4P0s5r8=
Subject key identifier:   4A:CB:83:01:DB:73:1C:A2:0C:3C:C0:D8:7C:C3:52:8E:DD:E4:62:37
Certificate issuer:       /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial:       0189881299AD6B461A192C7283AADA83CADC
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/SsuDAdtzHKIMPMDYfMNSjt3kYjc.roa
Signing time:             Mon 24 Jul 2023 13:24:27 +0000
ROA not before:           Mon 24 Jul 2023 13:24:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44477
IP address blocks:        45.91.52.0/22 maxlen: 32
                          45.155.52.0/22 maxlen: 32
                          195.16.74.0/24 maxlen: 24
                          45.150.64.0/24 maxlen: 32
                          45.150.67.0/24 maxlen: 32
                          45.150.65.0/24 maxlen: 32
                          45.140.166.0/24 maxlen: 32
                          5.181.20.0/24 maxlen: 32
                          5.181.22.0/24 maxlen: 32
                          5.181.21.0/24 maxlen: 32
                          185.234.247.0/24 maxlen: 32
                          5.181.23.0/24 maxlen: 32
                          45.144.29.0/24 maxlen: 32
                          45.144.28.0/24 maxlen: 32
                          45.144.31.0/24 maxlen: 32
                          45.144.30.0/24 maxlen: 32
                          45.140.147.0/24 maxlen: 32
                          45.140.146.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Mon 18 Sep 2023 16:33:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:88:12:99:ad:6b:46:1a:19:2c:72:83:aa:da:83:ca:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
        Validity
            Not Before: Jul 24 13:24:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4acb8301db731ca20c3cc0d87cc3528edde46237
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:43:e6:4a:37:28:d6:b3:0a:2c:a7:f3:a7:97:
                    f5:2e:4b:27:70:4a:b5:a8:4e:6a:0a:e6:f9:34:ee:
                    47:67:0e:d1:14:b5:ab:91:b2:cc:79:a6:72:e4:52:
                    58:12:7c:14:cd:93:ca:c3:10:89:89:b5:f1:16:02:
                    c3:9b:70:9f:36:ee:91:ed:25:56:b8:93:d8:45:50:
                    c6:b8:e7:75:71:74:e1:47:2c:7d:14:3f:9b:76:d6:
                    23:f6:ec:0f:d3:e3:98:e4:4f:4a:5b:f2:82:67:a0:
                    69:05:af:0b:87:70:ae:31:64:f1:b0:c7:cc:11:c9:
                    58:9c:89:ce:91:5c:77:f1:4a:fd:49:6b:23:b7:3c:
                    46:1c:f7:8a:78:62:db:0f:60:a6:23:f2:eb:1d:b2:
                    f0:4d:89:f9:2f:20:b9:57:73:f7:73:bd:fb:13:3c:
                    f0:b1:f3:de:9d:22:00:bb:5e:d6:87:bb:d8:33:3a:
                    b8:a9:30:d4:38:b5:af:15:12:c3:83:d4:fd:57:49:
                    e8:6a:cc:f5:46:0b:9e:0a:30:59:8c:4e:bd:c0:92:
                    0e:68:f2:2a:ff:9e:f8:94:78:88:f6:22:62:f2:db:
                    49:61:21:47:6d:78:0e:11:9a:0e:28:90:02:f4:23:
                    97:44:ec:33:71:a7:2a:9c:c2:ff:c7:7f:97:f2:a0:
                    9b:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:CB:83:01:DB:73:1C:A2:0C:3C:C0:D8:7C:C3:52:8E:DD:E4:62:37
            X509v3 Authority Key Identifier:
                keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/SsuDAdtzHKIMPMDYfMNSjt3kYjc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.20.0/22
                  45.91.52.0/22
                  45.140.146.0/23
                  45.140.166.0/24
                  45.144.28.0/22
                  45.150.64.0/23
                  45.150.67.0/24
                  45.155.52.0/22
                  185.234.247.0/24
                  195.16.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:62:f3:9f:ba:d9:8d:00:84:2d:2f:c9:10:ed:c7:a2:b4:43:
         d2:6e:ef:ab:9a:34:f1:21:1b:4d:2b:f5:00:81:8f:f3:f5:3b:
         69:e6:c9:75:78:01:1e:da:43:84:03:af:e9:a4:30:38:8e:0c:
         6a:0b:d6:83:de:79:44:ce:11:6e:bf:02:54:37:97:b9:76:05:
         e5:2f:48:b8:c2:86:ad:fa:82:9d:e6:ce:d9:68:94:e6:e9:3c:
         d2:03:aa:03:a2:39:06:9e:3c:54:6e:c2:5e:38:7b:c1:6c:49:
         5b:06:1b:46:e3:35:24:5e:44:78:fb:4f:2b:f3:94:d5:b6:70:
         0d:30:e9:74:e2:52:d7:e7:9b:87:76:15:59:1f:ce:09:f8:b0:
         c6:6b:97:c3:ad:e2:8a:8c:3a:71:77:2e:f8:b2:b4:9a:f8:27:
         bc:19:50:03:7f:0e:3f:0e:9b:c7:a6:e9:d3:76:2b:a1:fc:8d:
         35:d0:9c:59:2a:47:22:28:6a:76:92:f4:24:3f:98:68:b3:05:
         cd:f2:7e:59:4c:62:81:c7:e2:35:1b:75:56:91:4a:9f:3f:aa:
         75:a3:9e:59:3b:74:71:c7:33:4a:ed:53:c2:a3:41:02:9e:85:
         17:50:34:7b:a5:17:32:b4:81:0f:84:00:3a:09:d5:1d:2a:69:
         27:c5:3b:88
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYmIEpmta0YaGSxyg6rag8rcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjMwNzI0MTMyNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWNiODMwMWRiNzMxY2EyMGMzY2MwZDg3Y2MzNTI4ZWRkZTQ2MjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kPmSjco1rMKLKfzp5f1LksncEq1
qE5qCub5NO5HZw7RFLWrkbLMeaZy5FJYEnwUzZPKwxCJibXxFgLDm3CfNu6R7SVW
uJPYRVDGuOd1cXThRyx9FD+bdtYj9uwP0+OY5E9KW/KCZ6BpBa8Lh3CuMWTxsMfM
EclYnInOkVx38Ur9SWsjtzxGHPeKeGLbD2CmI/LrHbLwTYn5LyC5V3P3c737Ezzw
sfPenSIAu17Wh7vYMzq4qTDUOLWvFRLDg9T9V0noasz1RgueCjBZjE69wJIOaPIq
/574lHiI9iJi8ttJYSFHbXgOEZoOKJAC9COXROwzcacqnML/x3+X8qCbiwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFErLgwHbcxyiDDzA2HzDUo7d5GI3MB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvU3N1REFkdHpIS0lNUE1EWWZNTlNqdDNrWWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCBbUUAwQC
LVs0AwQBLYySAwQALYymAwQCLZAcAwQBLZZAAwQALZZDAwQCLZs0AwQAuer3AwQA
wxBKMA0GCSqGSIb3DQEBCwUAA4IBAQA8YvOfutmNAIQtL8kQ7ceitEPSbu+rmjTx
IRtNK/UAgY/z9Ttp5sl1eAEe2kOEA6/ppDA4jgxqC9aD3nlEzhFuvwJUN5e5dgXl
L0i4woat+oKd5s7ZaJTm6TzSA6oDojkGnjxUbsJeOHvBbElbBhtG4zUkXkR4+08r
85TVtnANMOl04lLX55uHdhVZH84J+LDGa5fDreKKjDpxdy74srSa+Ce8GVADfw4/
DpvHpunTdiuh/I010JxZKkciKGp2kvQkP5hoswXN8n5ZTGKBx+I1G3VWkUqfP6p1
o55ZO3RxxzNK7VPCo0ECnoUXUDR7pRcytIEPhAA6CdUdKmknxTuI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:31 2024 by rpki-client on console-ams.rpki-client.org