Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/NuyPjiPS7i23gjmVJh2OZa8hsrc.roa
File:                     NuyPjiPS7i23gjmVJh2OZa8hsrc.roa (raw, json)
Hash identifier:          T2gT8FLPNDXc4Uw+SPJdybCimpuA0cC9YDCtjL8OAik=
Subject key identifier:   36:EC:8F:8E:23:D2:EE:2D:B7:82:39:95:26:1D:8E:65:AF:21:B2:B7
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       01896499DCBC45DFF764DCBC4819A736A9BA
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/NuyPjiPS7i23gjmVJh2OZa8hsrc.roa
Signing time:             Mon 17 Jul 2023 16:05:52 +0000
ROA not before:           Mon 17 Jul 2023 16:05:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62240
IP address blocks:        45.149.80.0/24 maxlen: 24
                          45.149.82.0/24 maxlen: 24
                          45.149.81.0/24 maxlen: 24
                          45.150.63.0/24 maxlen: 24
                          45.150.62.0/24 maxlen: 24
                          195.245.111.0/24 maxlen: 24
                          185.179.198.0/24 maxlen: 24
                          45.145.2.0/24 maxlen: 24
                          213.139.192.0/24 maxlen: 24
                          45.145.161.0/24 maxlen: 24
                          45.133.219.0/24 maxlen: 24
                          213.139.195.0/24 maxlen: 24
                          213.139.193.0/24 maxlen: 24
                          77.83.4.0/24 maxlen: 24
                          77.83.7.0/24 maxlen: 24
                          77.83.6.0/24 maxlen: 24
                          77.83.5.0/24 maxlen: 24
                          45.145.90.0/24 maxlen: 24
                          194.156.95.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 17 Jul 2023 19:18:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:64:99:dc:bc:45:df:f7:64:dc:bc:48:19:a7:36:a9:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jul 17 16:05:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=36ec8f8e23d2ee2db7823995261d8e65af21b2b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:84:c6:85:9a:76:b3:e4:ea:d4:68:76:c6:18:
                    49:0b:f6:7c:ed:39:e3:61:7a:47:26:17:aa:c4:19:
                    30:27:8a:8d:ed:b9:cc:80:4a:3a:ab:db:c4:26:f3:
                    4f:03:00:f9:86:96:a7:67:88:34:e7:72:83:bb:37:
                    2a:1f:c8:e7:94:ea:fa:64:54:60:43:2b:86:d5:53:
                    9c:9b:96:ff:b1:55:85:38:54:59:d9:03:35:64:2d:
                    a8:c5:e4:c9:6c:38:e1:59:94:f4:82:10:6c:f4:3b:
                    08:e0:b7:9e:4d:7a:5b:47:72:48:f0:19:b0:66:8c:
                    1f:d7:87:e6:88:a1:86:86:f5:2e:31:2d:dd:ca:74:
                    36:67:03:36:87:43:e3:c9:f1:cd:fb:5a:e9:1b:55:
                    e4:8d:5c:6b:fb:74:a1:13:2c:4c:e2:cc:4b:64:50:
                    c5:5f:51:9e:20:91:8c:73:ad:ed:69:26:f7:a8:94:
                    91:74:3a:39:bd:6b:93:47:18:9b:4b:9d:bd:65:4c:
                    0b:63:fc:92:b4:f5:9e:36:52:13:1c:21:e4:d4:44:
                    26:56:eb:70:5d:ea:90:13:fa:0a:d3:96:06:5b:a0:
                    b1:72:1b:df:79:3d:eb:a0:b4:86:7c:c3:7c:62:67:
                    23:c5:8a:0e:94:2e:e6:75:2f:5f:fa:24:1b:19:5a:
                    33:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:EC:8F:8E:23:D2:EE:2D:B7:82:39:95:26:1D:8E:65:AF:21:B2:B7
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/NuyPjiPS7i23gjmVJh2OZa8hsrc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.133.219.0/24
                  45.145.2.0/24
                  45.145.90.0/24
                  45.145.161.0/24
                  45.149.80.0-45.149.82.255
                  45.150.62.0/23
                  77.83.4.0/22
                  185.179.198.0/24
                  194.156.95.0/24
                  195.245.111.0/24
                  213.139.192.0/23
                  213.139.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:df:9a:14:c2:61:9d:22:da:08:20:78:ef:23:ad:6f:9d:40:
         03:d9:23:c3:8d:15:55:7d:1e:27:fb:5e:91:8c:e5:e8:0f:03:
         df:8a:8a:04:43:f8:eb:61:7d:0d:a5:ab:17:4a:9a:bb:62:57:
         d6:52:0c:2f:ed:cf:67:ed:87:68:a0:a9:b1:43:02:b0:03:bf:
         bc:61:47:86:08:4b:3c:ff:34:c9:00:88:94:0f:e4:05:86:33:
         10:9e:49:f9:96:ac:d4:9b:8b:56:a6:f8:2a:b6:75:9e:bc:40:
         6c:0c:3f:f4:90:08:ae:cd:24:ec:22:d2:b6:fc:11:ef:e5:13:
         43:2f:1c:0a:30:ac:18:9f:f4:a6:1a:72:6b:6f:94:36:f5:ae:
         51:c3:e8:72:cb:49:9e:9c:7e:3d:0f:4e:53:9f:24:99:cf:94:
         0d:63:3a:91:da:e6:46:04:bb:f0:83:f2:3d:6b:8c:93:7d:04:
         92:e9:ed:23:2e:e4:61:bb:43:74:19:29:09:cf:19:4a:87:cf:
         c6:d9:cc:3c:7d:89:04:19:33:13:f4:a1:7a:eb:1a:6d:76:29:
         e5:f1:15:96:61:3e:8a:b9:41:2e:94:97:a8:82:fc:0c:c6:96:
         a3:a5:95:09:13:8c:eb:0c:5c:f4:04:a4:55:cf:41:ef:e2:7f:
         b3:dd:34:93
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYlkmdy8Rd/3ZNy8SBmnNqm6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwNzE3MTYwNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmVjOGY4ZTIzZDJlZTJkYjc4MjM5OTUyNjFkOGU2NWFmMjFiMmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4TGhZp2s+Tq1Gh2xhhJC/Z87Tnj
YXpHJheqxBkwJ4qN7bnMgEo6q9vEJvNPAwD5hpanZ4g053KDuzcqH8jnlOr6ZFRg
QyuG1VOcm5b/sVWFOFRZ2QM1ZC2oxeTJbDjhWZT0ghBs9DsI4LeeTXpbR3JI8Bmw
Zowf14fmiKGGhvUuMS3dynQ2ZwM2h0PjyfHN+1rpG1XkjVxr+3ShEyxM4sxLZFDF
X1GeIJGMc63taSb3qJSRdDo5vWuTRxibS529ZUwLY/yStPWeNlITHCHk1EQmVutw
XeqQE/oK05YGW6CxchvfeT3roLSGfMN8YmcjxYoOlC7mdS9f+iQbGVozPQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFDbsj44j0u4tt4I5lSYdjmWvIbK3MB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvTnV5UGppUFM3aTIzZ2ptVkpoMk9aYThoc3JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQALYXbAwQA
LZECAwQALZFaAwQALZGhMAwDBAQtlVADBAAtlVIDBAEtlj4DBAJNUwQDBAC5s8YD
BADCnF8DBADD9W8DBAHVi8ADBADVi8MwDQYJKoZIhvcNAQELBQADggEBAK/fmhTC
YZ0i2gggeO8jrW+dQAPZI8ONFVV9Hif7XpGM5egPA9+KigRD+OthfQ2lqxdKmrti
V9ZSDC/tz2fth2igqbFDArADv7xhR4YISzz/NMkAiJQP5AWGMxCeSfmWrNSbi1am
+Cq2dZ68QGwMP/SQCK7NJOwi0rb8Ee/lE0MvHAowrBif9KYacmtvlDb1rlHD6HLL
SZ6cfj0PTlOfJJnPlA1jOpHa5kYEu/CD8j1rjJN9BJLp7SMu5GG7Q3QZKQnPGUqH
z8bZzDx9iQQZMxP0oXrrGm12KeXxFZZhPoq5QS6Ul6iC/AzGlqOllQkTjOsMXPQE
pFXPQe/if7PdNJM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org