Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/4a0LoZ-p5dUvxTZBRfSZSSeg8bc.roa
File:                     4a0LoZ-p5dUvxTZBRfSZSSeg8bc.roa (raw, json)
Hash identifier:          gHDGp+KU+I0V5kfA5Hg2xIAjIzq8p6jZIL6jAGps7Lk=
Subject key identifier:   E1:AD:0B:A1:9F:A9:E5:D5:2F:C5:36:41:45:F4:99:49:27:A0:F1:B7
Certificate issuer:       /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial:       018E85460F9473169D4900D203FACD8686AC
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/4a0LoZ-p5dUvxTZBRfSZSSeg8bc.roa
Signing time:             Thu 28 Mar 2024 13:35:44 +0000
ROA not before:           Thu 28 Mar 2024 13:35:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44477
IP address blocks:        45.67.228.0/24 maxlen: 24
                          45.67.229.0/24 maxlen: 24
                          45.67.230.0/24 maxlen: 24
                          45.67.231.0/24 maxlen: 24
                          45.120.176.0/22 maxlen: 24
                          62.3.12.0/24 maxlen: 24
                          74.119.192.0/24 maxlen: 24
                          74.119.193.0/24 maxlen: 24
                          74.119.194.0/24 maxlen: 24
                          74.119.195.0/24 maxlen: 24
                          80.92.204.0/24 maxlen: 24
                          80.92.205.0/24 maxlen: 24
                          80.92.206.0/24 maxlen: 24
                          86.104.72.0/22 maxlen: 24
                          89.221.224.0/24 maxlen: 24
                          89.221.225.0/24 maxlen: 24
                          91.194.161.0/24 maxlen: 24
                          91.225.217.0/24 maxlen: 24
                          91.225.218.0/24 maxlen: 24
                          91.225.219.0/24 maxlen: 24
                          103.35.188.0/22 maxlen: 24
                          103.106.0.0/22 maxlen: 24
                          103.113.68.0/22 maxlen: 24
                          176.120.64.0/22 maxlen: 24
                          176.120.64.0/24 maxlen: 24
                          176.120.72.0/22 maxlen: 24
                          185.234.64.0/22 maxlen: 24
                          185.235.240.0/22 maxlen: 24
                          185.236.232.0/22 maxlen: 24
                          185.242.84.0/24 maxlen: 24
                          185.242.85.0/24 maxlen: 24
                          185.242.86.0/24 maxlen: 24
                          185.242.87.0/24 maxlen: 24
                          185.250.148.0/24 maxlen: 24
                          185.250.149.0/24 maxlen: 24
                          185.250.150.0/24 maxlen: 24
                          185.250.151.0/24 maxlen: 24
                          193.203.202.0/24 maxlen: 24
                          194.246.114.0/24 maxlen: 24
                          194.246.115.0/24 maxlen: 24
                          195.149.87.0/24 maxlen: 24
                          2a09:7c40::/32 maxlen: 32
                          2a09:7c41::/32 maxlen: 32
                          2a09:7c42::/32 maxlen: 32
                          2a09:7c43::/32 maxlen: 32
                          2a09:7c44::/32 maxlen: 32
                          2a09:7c45::/32 maxlen: 32
                          2a09:7c46::/32 maxlen: 32
                          2a09:7c47::/32 maxlen: 32
                          2a11:3805::/32 maxlen: 32
                          2a11:3c02::/32 maxlen: 32
                          2a11:3c03::/32 maxlen: 32
                          2a14:2d80::/32 maxlen: 32
                          2a14:2d81::/32 maxlen: 32
                          2a14:2d82::/32 maxlen: 32
                          2a14:2e80::/32 maxlen: 32
                          2a14:2f80::/32 maxlen: 32
                          2a14:3080::/32 maxlen: 32
                          2a14:3880::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 10 Apr 2024 05:28:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:85:46:0f:94:73:16:9d:49:00:d2:03:fa:cd:86:86:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
        Validity
            Not Before: Mar 28 13:35:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e1ad0ba19fa9e5d52fc5364145f4994927a0f1b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:3c:5b:b3:91:93:12:95:fa:86:ec:f1:ed:b1:
                    27:9e:3d:e5:78:41:cc:36:96:17:73:75:c7:46:1f:
                    79:c4:eb:18:80:b5:9e:96:b6:cb:8e:cd:a7:6f:e9:
                    2d:ba:3e:fe:6f:f6:e1:f5:82:7d:e9:e4:fa:2d:21:
                    a2:e6:3c:1a:9f:e3:8e:a0:f1:1a:96:6d:cc:53:67:
                    86:73:7a:2a:32:9e:7d:02:51:8e:5c:31:79:a0:aa:
                    16:94:a1:b3:e2:fd:76:f8:41:0b:20:cf:ed:d1:c1:
                    6d:58:77:6f:0c:70:4e:a8:a9:4b:a1:11:67:99:d0:
                    05:ce:a3:17:5d:1f:9a:b3:af:4e:e5:37:99:56:8a:
                    cb:60:c7:7a:f3:d9:99:bd:42:84:e0:57:aa:25:e9:
                    f0:6d:66:35:70:19:02:4f:20:7c:dc:06:e8:a3:53:
                    fd:ff:92:ba:1c:b9:90:0e:77:35:c1:23:b3:90:ec:
                    31:a6:a9:85:c4:ae:53:25:25:17:66:f9:17:f8:37:
                    df:74:e3:04:01:06:91:a9:76:81:15:71:92:f7:5f:
                    ce:90:38:02:60:49:71:b7:53:50:f5:b8:1a:35:74:
                    5f:d0:da:32:52:0a:87:55:cc:4c:db:bf:e4:0c:10:
                    15:21:18:2c:c1:7d:2d:6c:b7:18:2f:99:ef:be:b9:
                    9c:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:AD:0B:A1:9F:A9:E5:D5:2F:C5:36:41:45:F4:99:49:27:A0:F1:B7
            X509v3 Authority Key Identifier:
                keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/4a0LoZ-p5dUvxTZBRfSZSSeg8bc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.228.0/22
                  45.120.176.0/22
                  62.3.12.0/24
                  74.119.192.0/22
                  80.92.204.0-80.92.206.255
                  86.104.72.0/22
                  89.221.224.0/23
                  91.194.161.0/24
                  91.225.217.0-91.225.219.255
                  103.35.188.0/22
                  103.106.0.0/22
                  103.113.68.0/22
                  176.120.64.0/22
                  176.120.72.0/22
                  185.234.64.0/22
                  185.235.240.0/22
                  185.236.232.0/22
                  185.242.84.0/22
                  185.250.148.0/22
                  193.203.202.0/24
                  194.246.114.0/23
                  195.149.87.0/24
                IPv6:
                  2a09:7c40::/29
                  2a11:3805::/32
                  2a11:3c02::/31
                  2a14:2d80::-2a14:2d82:ffff:ffff:ffff:ffff:ffff:ffff
                  2a14:2e80::/32
                  2a14:2f80::/32
                  2a14:3080::/32
                  2a14:3880::/32

    Signature Algorithm: sha256WithRSAEncryption
         68:d8:21:e4:71:b0:21:80:65:55:1b:28:14:43:1c:1b:a9:db:
         cb:eb:1a:2c:8a:ba:a2:f3:5a:c4:53:e5:e0:1d:aa:4d:77:b1:
         84:d9:56:0b:d3:64:c4:0f:a3:02:67:42:e3:55:d4:c8:73:60:
         57:f1:eb:b4:6f:bd:06:9d:75:3f:2b:44:a6:76:04:58:a0:4f:
         f3:44:f6:0f:8c:ec:9d:4b:56:9a:07:b2:e8:ee:31:e2:ca:4f:
         96:37:54:5f:d7:91:4d:ad:89:a6:ff:1e:48:c2:21:4d:01:d5:
         46:4c:b9:56:40:3e:13:3c:cf:7f:3b:b6:0f:76:6d:45:37:e5:
         e3:27:5e:58:6a:04:85:7c:31:02:6f:b4:f8:13:aa:87:12:74:
         00:9e:28:99:55:4b:dc:92:9a:0a:fa:57:d5:11:48:92:32:bf:
         7e:5a:33:7a:1f:c5:5b:4a:cc:2f:22:26:4e:3b:8c:2e:3a:d6:
         0c:b6:5b:17:d3:64:16:b5:8b:9a:33:c2:db:38:d2:7b:c7:b6:
         59:ae:bf:4a:38:6e:c6:13:70:d0:b6:82:2b:cb:26:7c:88:5d:
         8b:3c:01:1d:1a:fe:93:25:06:ab:2a:25:4c:6a:1a:cb:e6:fb:
         22:7c:ab:5b:2a:25:05:e9:90:82:21:24:c6:a8:e3:3f:7b:fd:
         21:90:08:0b
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgISAY6FRg+UcxadSQDSA/rNhoasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjQwMzI4MTMzNTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWFkMGJhMTlmYTllNWQ1MmZjNTM2NDE0NWY0OTk0OTI3YTBmMWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTxbs5GTEpX6huzx7bEnnj3leEHM
NpYXc3XHRh95xOsYgLWelrbLjs2nb+ktuj7+b/bh9YJ96eT6LSGi5jwan+OOoPEa
lm3MU2eGc3oqMp59AlGOXDF5oKoWlKGz4v12+EELIM/t0cFtWHdvDHBOqKlLoRFn
mdAFzqMXXR+as69O5TeZVorLYMd689mZvUKE4FeqJenwbWY1cBkCTyB83Aboo1P9
/5K6HLmQDnc1wSOzkOwxpqmFxK5TJSUXZvkX+DffdOMEAQaRqXaBFXGS91/OkDgC
YElxt1NQ9bgaNXRf0NoyUgqHVcxM27/kDBAVIRgswX0tbLcYL5nvvrmcpQIDAQAB
o4IC5TCCAuEwHQYDVR0OBBYEFOGtC6GfqeXVL8U2QUX0mUknoPG3MB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvNGEwTG9aLXA1ZFV2eFRaQlJmU1pTU2VnOGJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH6BggrBgEFBQcBBwEB/wSB6jCB5zCBmwQCAAEwgZQDBAIt
Q+QDBAIteLADBAA+AwwDBAJKd8AwDAMEAlBczAMEAFBczgMEAlZoSAMEAVnd4AME
AFvCoTAMAwQAW+HZAwQCW+HYAwQCZyO8AwQCZ2oAAwQCZ3FEAwQCsHhAAwQCsHhI
AwQCuepAAwQCuevwAwQCuezoAwQCufJUAwQCufqUAwQAwcvKAwQBwvZyAwQAw5VX
MEcEAgACMEEDBQMqCXxAAwUAKhE4BQMFASoRPAIwDgMFByoULYADBQAqFC2CAwUA
KhQugAMFACoUL4ADBQAqFDCAAwUAKhQ4gDANBgkqhkiG9w0BAQsFAAOCAQEAaNgh
5HGwIYBlVRsoFEMcG6nby+saLIq6ovNaxFPl4B2qTXexhNlWC9NkxA+jAmdC41XU
yHNgV/HrtG+9Bp11PytEpnYEWKBP80T2D4zsnUtWmgey6O4x4spPljdUX9eRTa2J
pv8eSMIhTQHVRky5VkA+EzzPfzu2D3ZtRTfl4ydeWGoEhXwxAm+0+BOqhxJ0AJ4o
mVVL3JKaCvpX1RFIkjK/flozeh/FW0rMLyImTjuMLjrWDLZbF9NkFrWLmjPC2zjS
e8e2Wa6/SjhuxhNw0LaCK8smfIhdizwBHRr+kyUGqyolTGoay+b7InyrWyolBemQ
giEkxqjjP3v9IZAICw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:06 2024 by rpki-client on console-fra.rpki-client.org