Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/Gp4d8q0RgkiQ_rwVZn8sftcYfKg.roa
File:                     Gp4d8q0RgkiQ_rwVZn8sftcYfKg.roa (raw, json)
Hash identifier:          mE2F/YEJMQuMG8iEavRQUsqdJdCl9n7ZBp3LSh8yPig=
Subject key identifier:   1A:9E:1D:F2:AD:11:82:48:90:FE:BC:15:66:7F:2C:7E:D7:18:7C:A8
Certificate issuer:       /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial:       018C7FBF81B48A7E225D79C161A60D6B1E51
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/Gp4d8q0RgkiQ_rwVZn8sftcYfKg.roa
Signing time:             Tue 19 Dec 2023 01:45:06 +0000
ROA not before:           Tue 19 Dec 2023 01:45:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44477
IP address blocks:        45.120.176.0/22 maxlen: 24
                          195.149.87.0/24 maxlen: 24
                          89.221.225.0/24 maxlen: 24
                          89.221.224.0/24 maxlen: 24
                          91.194.161.0/24 maxlen: 24
                          185.242.84.0/24 maxlen: 24
                          185.242.85.0/24 maxlen: 24
                          185.242.87.0/24 maxlen: 24
                          185.242.86.0/24 maxlen: 24
                          103.106.0.0/22 maxlen: 24
                          185.250.150.0/24 maxlen: 24
                          185.250.149.0/24 maxlen: 24
                          185.250.148.0/24 maxlen: 24
                          185.250.151.0/24 maxlen: 24
                          103.35.188.0/22 maxlen: 24
                          193.203.202.0/24 maxlen: 24
                          80.92.205.0/24 maxlen: 24
                          80.92.204.0/24 maxlen: 24
                          74.119.192.0/24 maxlen: 24
                          80.92.206.0/24 maxlen: 24
                          91.225.218.0/24 maxlen: 24
                          91.225.217.0/24 maxlen: 24
                          91.225.219.0/24 maxlen: 24
                          74.119.195.0/24 maxlen: 24
                          74.119.194.0/24 maxlen: 24
                          74.119.193.0/24 maxlen: 24
                          176.120.64.0/24 maxlen: 24
                          176.120.64.0/22 maxlen: 24
                          176.120.72.0/22 maxlen: 24
                          103.113.68.0/22 maxlen: 24
                          45.67.231.0/24 maxlen: 24
                          45.67.230.0/24 maxlen: 24
                          45.67.229.0/24 maxlen: 24
                          45.67.228.0/24 maxlen: 24
                          194.246.115.0/24 maxlen: 24
                          194.246.114.0/24 maxlen: 24
                          2a09:7c44::/32 maxlen: 32
                          2a09:7c45::/32 maxlen: 32
                          2a09:7c47::/32 maxlen: 32
                          2a09:7c41::/32 maxlen: 32
                          2a09:7c42::/32 maxlen: 32
                          2a09:7c43::/32 maxlen: 32
                          2a09:7c40::/32 maxlen: 32
                          2a09:7c46::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 19 Dec 2023 10:36:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:7f:bf:81:b4:8a:7e:22:5d:79:c1:61:a6:0d:6b:1e:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
        Validity
            Not Before: Dec 19 01:45:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1a9e1df2ad11824890febc15667f2c7ed7187ca8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:99:1d:cd:0d:5b:31:64:c3:b8:55:ee:8d:46:
                    db:c7:93:17:cd:36:88:1e:3a:ac:4b:a8:e5:9f:e8:
                    71:2c:4d:89:0d:e9:b8:cf:be:9d:fb:b0:84:8c:b1:
                    bb:76:a2:44:8e:fd:12:eb:11:59:7b:45:36:9a:31:
                    db:79:bd:11:ae:68:78:40:1d:df:c4:0e:9e:de:9f:
                    41:50:3b:43:a3:c2:51:16:e2:35:74:8e:7f:32:81:
                    d0:95:bb:57:d2:8b:12:d4:81:9e:56:f5:f4:d5:0e:
                    71:d3:e4:2b:1f:52:45:28:89:97:92:ec:fc:ef:90:
                    fc:54:9e:ed:7e:2a:fe:15:9f:6d:0a:d7:d9:b5:7e:
                    88:aa:80:92:9f:61:05:fe:7b:52:e8:4c:6b:a6:29:
                    ac:aa:09:3f:2e:46:5d:bb:78:5d:87:40:eb:4b:19:
                    48:39:f0:df:80:6c:0b:35:7c:31:5a:1a:4f:98:62:
                    71:fd:99:8a:d4:54:7e:b2:47:37:b7:99:db:df:9e:
                    01:8e:55:ee:79:71:61:08:d0:54:d3:b8:54:6c:f9:
                    17:2d:be:6f:fb:4a:0a:aa:84:58:98:bb:88:1e:60:
                    33:0d:fe:da:68:3d:3e:86:2e:18:f4:95:4c:02:dc:
                    31:da:d0:7d:7f:c9:67:75:2c:2c:0f:be:b4:81:87:
                    1a:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:9E:1D:F2:AD:11:82:48:90:FE:BC:15:66:7F:2C:7E:D7:18:7C:A8
            X509v3 Authority Key Identifier:
                keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/Gp4d8q0RgkiQ_rwVZn8sftcYfKg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.228.0/22
                  45.120.176.0/22
                  74.119.192.0/22
                  80.92.204.0-80.92.206.255
                  89.221.224.0/23
                  91.194.161.0/24
                  91.225.217.0-91.225.219.255
                  103.35.188.0/22
                  103.106.0.0/22
                  103.113.68.0/22
                  176.120.64.0/22
                  176.120.72.0/22
                  185.242.84.0/22
                  185.250.148.0/22
                  193.203.202.0/24
                  194.246.114.0/23
                  195.149.87.0/24
                IPv6:
                  2a09:7c40::/29

    Signature Algorithm: sha256WithRSAEncryption
         75:02:3d:0b:f9:e0:e6:f5:71:ff:68:e2:12:c7:05:bd:e3:54:
         ed:62:14:7d:1e:82:58:20:b3:03:27:ca:c8:8d:61:0a:b0:a5:
         ae:26:46:6a:13:fa:4a:98:47:e7:7c:6f:0e:d2:88:f2:c2:be:
         a6:ce:34:3f:b4:9a:20:a9:1d:bd:90:cb:9d:d4:82:44:bd:65:
         1c:fa:8b:5b:58:64:0e:d3:45:f6:c4:f3:b2:3d:41:38:7a:b4:
         7e:12:86:1e:29:94:55:08:5a:c0:65:94:bf:25:36:a0:5f:2e:
         e0:e3:52:ce:c8:87:68:c4:4b:24:d2:f3:de:19:00:9e:16:1b:
         c4:20:bc:43:05:dc:a9:ee:72:34:e0:0f:8c:7c:9d:11:42:0f:
         12:45:6f:95:64:b5:1f:9d:9a:c7:d5:44:43:c6:d9:46:4b:41:
         44:31:03:37:76:9b:17:dd:6f:70:ac:e5:09:66:b2:5e:53:20:
         8f:ef:66:e8:55:7f:aa:27:73:f5:aa:f1:47:d6:ab:b5:84:89:
         41:11:4e:74:79:ae:53:24:62:9a:1e:2b:fd:c2:a0:02:72:d1:
         69:0a:2f:d7:8d:44:58:a7:65:1b:c5:32:19:a0:04:2c:4a:99:
         29:51:52:76:78:a6:0f:6f:4c:2f:fb:36:bf:03:05:66:01:bf:
         15:24:71:07
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYx/v4G0in4iXXnBYaYNax5RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjMxMjE5MDE0NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTllMWRmMmFkMTE4MjQ4OTBmZWJjMTU2NjdmMmM3ZWQ3MTg3Y2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5kdzQ1bMWTDuFXujUbbx5MXzTaI
HjqsS6jln+hxLE2JDem4z76d+7CEjLG7dqJEjv0S6xFZe0U2mjHbeb0Rrmh4QB3f
xA6e3p9BUDtDo8JRFuI1dI5/MoHQlbtX0osS1IGeVvX01Q5x0+QrH1JFKImXkuz8
75D8VJ7tfir+FZ9tCtfZtX6IqoCSn2EF/ntS6Exrpimsqgk/LkZdu3hdh0DrSxlI
OfDfgGwLNXwxWhpPmGJx/ZmK1FR+skc3t5nb354BjlXueXFhCNBU07hUbPkXLb5v
+0oKqoRYmLuIHmAzDf7aaD0+hi4Y9JVMAtwx2tB9f8lndSwsD760gYcaBwIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFBqeHfKtEYJIkP68FWZ/LH7XGHyoMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvR3A0ZDhxMFJna2lRX3J3VlpuOHNmdGNZZktnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2AwQCLUPk
AwQCLXiwAwQCSnfAMAwDBAJQXMwDBABQXM4DBAFZ3eADBABbwqEwDAMEAFvh2QME
Alvh2AMEAmcjvAMEAmdqAAMEAmdxRAMEArB4QAMEArB4SAMEArnyVAMEArn6lAME
AMHLygMEAcL2cgMEAMOVVzANBAIAAjAHAwUDKgl8QDANBgkqhkiG9w0BAQsFAAOC
AQEAdQI9C/ng5vVx/2jiEscFveNU7WIUfR6CWCCzAyfKyI1hCrClriZGahP6SphH
53xvDtKI8sK+ps40P7SaIKkdvZDLndSCRL1lHPqLW1hkDtNF9sTzsj1BOHq0fhKG
HimUVQhawGWUvyU2oF8u4ONSzsiHaMRLJNLz3hkAnhYbxCC8QwXcqe5yNOAPjHyd
EUIPEkVvlWS1H52ax9VEQ8bZRktBRDEDN3abF91vcKzlCWayXlMgj+9m6FV/qidz
9arxR9artYSJQRFOdHmuUyRimh4r/cKgAnLRaQov141EWKdlG8UyGaAELEqZKVFS
dnimD29ML/s2vwMFZgG/FSRxBw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:28 2024 by rpki-client on console-ams.rpki-client.org