Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/0islEelmID6mexFYTcuts1M8JC4.roa
File:                     0islEelmID6mexFYTcuts1M8JC4.roa (raw, json)
Hash identifier:          Mb30gOPPqew8TwOJ0PPPiSS8vc7RjWpo5TvcqrCdBIQ=
Subject key identifier:   D2:2B:25:11:E9:66:20:3E:A6:7B:11:58:4D:CB:AD:B3:53:3C:24:2E
Certificate issuer:       /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial:       018EC67AAE79AAA744ACDAE43775B02D3130
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/0islEelmID6mexFYTcuts1M8JC4.roa
Signing time:             Wed 10 Apr 2024 05:28:32 +0000
ROA not before:           Wed 10 Apr 2024 05:28:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44477
IP address blocks:        37.221.124.0/22 maxlen: 24
                          45.67.228.0/24 maxlen: 24
                          45.67.229.0/24 maxlen: 24
                          45.67.230.0/24 maxlen: 24
                          45.67.231.0/24 maxlen: 24
                          45.120.176.0/22 maxlen: 24
                          62.3.12.0/24 maxlen: 24
                          74.119.192.0/24 maxlen: 24
                          74.119.193.0/24 maxlen: 24
                          74.119.194.0/24 maxlen: 24
                          74.119.195.0/24 maxlen: 24
                          80.92.204.0/24 maxlen: 24
                          80.92.205.0/24 maxlen: 24
                          80.92.206.0/24 maxlen: 24
                          86.104.72.0/22 maxlen: 24
                          89.221.224.0/24 maxlen: 24
                          89.221.225.0/24 maxlen: 24
                          91.194.161.0/24 maxlen: 24
                          91.225.217.0/24 maxlen: 24
                          91.225.218.0/24 maxlen: 24
                          91.225.219.0/24 maxlen: 24
                          103.35.188.0/22 maxlen: 24
                          103.106.0.0/22 maxlen: 24
                          103.113.68.0/22 maxlen: 24
                          176.120.64.0/22 maxlen: 24
                          176.120.64.0/24 maxlen: 24
                          176.120.72.0/22 maxlen: 24
                          185.234.64.0/22 maxlen: 24
                          185.235.240.0/22 maxlen: 24
                          185.236.232.0/22 maxlen: 24
                          185.242.84.0/24 maxlen: 24
                          185.242.85.0/24 maxlen: 24
                          185.242.86.0/24 maxlen: 24
                          185.242.87.0/24 maxlen: 24
                          185.250.148.0/24 maxlen: 24
                          185.250.149.0/24 maxlen: 24
                          185.250.150.0/24 maxlen: 24
                          185.250.151.0/24 maxlen: 24
                          193.203.202.0/24 maxlen: 24
                          194.246.114.0/24 maxlen: 24
                          194.246.115.0/24 maxlen: 24
                          195.149.87.0/24 maxlen: 24
                          2a09:7c40::/32 maxlen: 32
                          2a09:7c41::/32 maxlen: 32
                          2a09:7c42::/32 maxlen: 32
                          2a09:7c43::/32 maxlen: 32
                          2a09:7c44::/32 maxlen: 32
                          2a09:7c45::/32 maxlen: 32
                          2a09:7c46::/32 maxlen: 32
                          2a09:7c47::/32 maxlen: 32
                          2a11:3805::/32 maxlen: 32
                          2a11:3c02::/32 maxlen: 32
                          2a11:3c03::/32 maxlen: 32
                          2a14:2d80::/32 maxlen: 32
                          2a14:2d81::/32 maxlen: 32
                          2a14:2d82::/32 maxlen: 32
                          2a14:2e80::/32 maxlen: 32
                          2a14:2f80::/32 maxlen: 32
                          2a14:3080::/32 maxlen: 32
                          2a14:3880::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 10 Apr 2024 12:47:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:c6:7a:ae:79:aa:a7:44:ac:da:e4:37:75:b0:2d:31:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
        Validity
            Not Before: Apr 10 05:28:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d22b2511e966203ea67b11584dcbadb3533c242e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:6e:3d:f4:eb:bc:63:7b:55:40:20:6f:9c:9b:
                    aa:40:96:42:ec:64:23:9a:41:04:fe:85:86:58:e9:
                    c9:3a:e2:8a:a1:33:61:b8:66:d6:01:b4:f8:2f:02:
                    ab:69:3b:5c:fb:40:cb:9e:4b:55:54:da:14:54:67:
                    3a:5e:92:ca:76:c2:b6:71:6d:34:a6:75:35:a4:1c:
                    d7:0e:d1:72:1d:18:6b:7e:0e:46:ce:22:0f:9e:8a:
                    24:e6:9c:1d:dd:c3:f0:55:73:12:6d:c3:45:4d:f5:
                    5e:7e:30:39:3b:6b:4b:12:c7:15:86:5e:8d:6c:ec:
                    50:f4:b2:83:5b:35:13:99:7c:57:e3:c0:3e:39:3a:
                    e4:1b:5f:bc:81:3b:49:c8:5a:d2:bf:a0:10:74:c3:
                    3f:32:6a:70:68:f2:f7:c5:60:32:3f:8a:f1:bd:2e:
                    17:72:1e:cd:8e:a1:84:bf:53:d1:a9:db:45:13:38:
                    b8:e1:a7:46:6c:9d:67:da:2e:64:1b:bc:4b:bf:ed:
                    b7:01:59:e2:06:8c:bb:29:1d:fe:a4:c1:9c:46:80:
                    20:17:78:6f:63:05:94:a6:4e:8f:97:52:60:c6:45:
                    83:ff:1b:6f:85:ad:c7:3e:0d:7e:f8:fb:41:46:ae:
                    7b:3f:1a:37:6d:8b:8a:5f:24:01:1d:33:e9:18:95:
                    ae:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:2B:25:11:E9:66:20:3E:A6:7B:11:58:4D:CB:AD:B3:53:3C:24:2E
            X509v3 Authority Key Identifier:
                keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/0islEelmID6mexFYTcuts1M8JC4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.221.124.0/22
                  45.67.228.0/22
                  45.120.176.0/22
                  62.3.12.0/24
                  74.119.192.0/22
                  80.92.204.0-80.92.206.255
                  86.104.72.0/22
                  89.221.224.0/23
                  91.194.161.0/24
                  91.225.217.0-91.225.219.255
                  103.35.188.0/22
                  103.106.0.0/22
                  103.113.68.0/22
                  176.120.64.0/22
                  176.120.72.0/22
                  185.234.64.0/22
                  185.235.240.0/22
                  185.236.232.0/22
                  185.242.84.0/22
                  185.250.148.0/22
                  193.203.202.0/24
                  194.246.114.0/23
                  195.149.87.0/24
                IPv6:
                  2a09:7c40::/29
                  2a11:3805::/32
                  2a11:3c02::/31
                  2a14:2d80::-2a14:2d82:ffff:ffff:ffff:ffff:ffff:ffff
                  2a14:2e80::/32
                  2a14:2f80::/32
                  2a14:3080::/32
                  2a14:3880::/32

    Signature Algorithm: sha256WithRSAEncryption
         88:9f:0b:18:ea:8e:2d:bb:16:9b:af:11:8c:3c:6f:c8:bb:54:
         1d:9b:11:3f:99:39:5f:c2:a7:fd:80:aa:a1:01:53:41:fb:d7:
         0e:cc:05:a7:47:12:6b:db:86:fe:cd:8c:8e:e5:6f:57:36:eb:
         4e:f6:65:39:24:f0:16:2a:bc:df:0d:0c:ec:72:e5:45:6a:a3:
         83:0c:c3:6c:bd:ee:a3:68:8c:b7:47:52:3f:49:ee:36:f1:b6:
         d6:58:f5:b4:12:4f:7f:1f:ec:c8:3d:04:12:bf:ae:ea:23:6e:
         e5:31:ac:e0:f1:1d:5b:0b:66:f8:eb:dd:92:1b:a8:50:ed:c0:
         c9:44:73:5b:60:33:d4:74:70:bf:84:a0:69:ee:30:11:dc:04:
         ce:a3:a3:da:09:78:df:d7:f8:f2:6e:b4:20:f4:6c:24:49:33:
         18:ae:42:1a:97:d0:4a:02:25:0c:2a:06:ce:c8:97:9a:3f:f5:
         d3:e1:20:00:f9:74:b7:76:a1:b5:7d:9d:f4:e6:28:cd:d7:f8:
         83:90:33:15:5a:ce:ec:ee:41:31:cf:5a:21:9c:67:f2:69:65:
         ac:a4:04:64:bf:81:31:55:8b:fe:7d:ff:fc:66:db:c2:fc:c5:
         f1:0e:98:56:4e:d2:30:f3:a0:49:08:7d:23:da:07:69:be:31:
         38:c3:3b:6e
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgISAY7Geq55qqdErNrkN3WwLTEwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjQwNDEwMDUyODMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjJiMjUxMWU5NjYyMDNlYTY3YjExNTg0ZGNiYWRiMzUzM2MyNDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2499Ou8Y3tVQCBvnJuqQJZC7GQj
mkEE/oWGWOnJOuKKoTNhuGbWAbT4LwKraTtc+0DLnktVVNoUVGc6XpLKdsK2cW00
pnU1pBzXDtFyHRhrfg5GziIPnook5pwd3cPwVXMSbcNFTfVefjA5O2tLEscVhl6N
bOxQ9LKDWzUTmXxX48A+OTrkG1+8gTtJyFrSv6AQdMM/MmpwaPL3xWAyP4rxvS4X
ch7NjqGEv1PRqdtFEzi44adGbJ1n2i5kG7xLv+23AVniBoy7KR3+pMGcRoAgF3hv
YwWUpk6Pl1JgxkWD/xtvha3HPg1++PtBRq57Pxo3bYuKXyQBHTPpGJWujwIDAQAB
o4IC7DCCAugwHQYDVR0OBBYEFNIrJRHpZiA+pnsRWE3LrbNTPCQuMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvMGlzbEVlbG1JRDZtZXhGWVRjdXRzMU04SkM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAAYIKwYBBQUHAQcBAf8EgfAwge0wgaEEAgABMIGaAwQC
Jd18AwQCLUPkAwQCLXiwAwQAPgMMAwQCSnfAMAwDBAJQXMwDBABQXM4DBAJWaEgD
BAFZ3eADBABbwqEwDAMEAFvh2QMEAlvh2AMEAmcjvAMEAmdqAAMEAmdxRAMEArB4
QAMEArB4SAMEArnqQAMEArnr8AMEArns6AMEArnyVAMEArn6lAMEAMHLygMEAcL2
cgMEAMOVVzBHBAIAAjBBAwUDKgl8QAMFACoROAUDBQEqETwCMA4DBQcqFC2AAwUA
KhQtggMFACoULoADBQAqFC+AAwUAKhQwgAMFACoUOIAwDQYJKoZIhvcNAQELBQAD
ggEBAIifCxjqji27FpuvEYw8b8i7VB2bET+ZOV/Cp/2AqqEBU0H71w7MBadHEmvb
hv7NjI7lb1c26072ZTkk8BYqvN8NDOxy5UVqo4MMw2y97qNojLdHUj9J7jbxttZY
9bQST38f7Mg9BBK/ruojbuUxrODxHVsLZvjr3ZIbqFDtwMlEc1tgM9R0cL+EoGnu
MBHcBM6jo9oJeN/X+PJutCD0bCRJMxiuQhqX0EoCJQwqBs7Il5o/9dPhIAD5dLd2
obV9nfTmKM3X+IOQMxVazuzuQTHPWiGcZ/JpZaykBGS/gTFVi/59//xm28L8xfEO
mFZO0jDzoEkIfSPaB2m+MTjDO24=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:28 2024 by rpki-client on console-ams.rpki-client.org