Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/nupXpBVF_mYgZdal_KaCRhN96HM.roa
File:                     nupXpBVF_mYgZdal_KaCRhN96HM.roa (raw, json)
Hash identifier:          8/CAoRDpK2O9plKbxrjg3CI787CwjivG8h6f2+gtT30=
Subject key identifier:   9E:EA:57:A4:15:45:FE:66:20:65:D6:A5:FC:A6:82:46:13:7D:E8:73
Certificate issuer:       /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial:       018ADBBF6102CEA7D2B704804BA6F2EA5FE6
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/nupXpBVF_mYgZdal_KaCRhN96HM.roa
Signing time:             Thu 28 Sep 2023 12:24:27 +0000
ROA not before:           Thu 28 Sep 2023 12:24:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44477
IP address blocks:        45.120.176.0/22 maxlen: 24
                          195.149.87.0/24 maxlen: 24
                          185.242.84.0/24 maxlen: 24
                          185.242.85.0/24 maxlen: 24
                          185.242.87.0/24 maxlen: 24
                          185.242.86.0/24 maxlen: 24
                          185.250.150.0/24 maxlen: 24
                          185.250.149.0/24 maxlen: 24
                          185.250.148.0/24 maxlen: 24
                          185.250.151.0/24 maxlen: 24
                          193.203.202.0/24 maxlen: 24
                          80.92.205.0/24 maxlen: 24
                          80.92.204.0/24 maxlen: 24
                          74.119.192.0/24 maxlen: 24
                          80.92.206.0/24 maxlen: 24
                          74.119.195.0/24 maxlen: 24
                          74.119.194.0/24 maxlen: 24
                          74.119.193.0/24 maxlen: 24
                          176.120.64.0/24 maxlen: 24
                          176.120.64.0/22 maxlen: 24
                          176.120.72.0/22 maxlen: 24
                          103.113.68.0/22 maxlen: 24
                          45.67.231.0/24 maxlen: 24
                          45.67.230.0/24 maxlen: 24
                          45.67.229.0/24 maxlen: 24
                          45.67.228.0/24 maxlen: 24
                          2a09:7c44::/32 maxlen: 32
                          2a09:7c45::/32 maxlen: 32
                          2a09:7c47::/32 maxlen: 32
                          2a09:7c41::/32 maxlen: 32
                          2a09:7c42::/32 maxlen: 32
                          2a09:7c43::/32 maxlen: 32
                          2a09:7c40::/32 maxlen: 32
                          2a09:7c46::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 03 Oct 2023 10:57:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:db:bf:61:02:ce:a7:d2:b7:04:80:4b:a6:f2:ea:5f:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
        Validity
            Not Before: Sep 28 12:24:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9eea57a41545fe662065d6a5fca68246137de873
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:60:9e:c0:f3:52:25:b1:c6:72:63:60:a7:b4:
                    2f:14:96:06:6d:a0:da:c0:c8:48:35:a7:4f:89:d7:
                    4a:44:d3:15:54:d8:f6:96:65:3d:2e:71:66:a6:75:
                    57:4e:6f:13:c4:fe:90:6b:c4:51:d7:84:24:c9:47:
                    27:3f:46:eb:ab:3b:0e:c1:bc:73:6f:dd:e2:44:32:
                    04:4d:6f:e0:11:c1:4a:3d:47:47:4f:c6:2d:c7:86:
                    df:f1:1e:03:21:08:64:fc:6f:7c:ae:0c:b8:4a:dd:
                    3e:10:7c:3f:bf:38:13:8f:20:39:ae:ef:f7:01:43:
                    9e:5e:20:85:78:28:eb:91:f6:4b:87:8e:b8:ed:9b:
                    69:04:14:da:17:1a:a4:a3:c1:71:68:52:5a:74:93:
                    36:21:0c:94:a7:2a:02:50:5e:56:6c:6e:08:1b:a1:
                    06:2e:fe:1e:c3:8a:b3:9f:1a:9d:de:5b:b8:63:87:
                    06:24:14:89:e9:54:22:99:b4:fb:99:1a:23:60:10:
                    5d:30:0a:6c:53:12:1e:aa:9b:d3:24:9d:37:2f:2d:
                    a8:4a:6e:2d:f5:68:c1:aa:14:7f:f5:33:f5:c2:61:
                    67:45:35:e8:3e:0d:c8:2c:e6:4c:f8:80:f6:73:91:
                    3e:53:9d:57:dd:7a:27:c5:ff:5d:70:b5:74:83:7c:
                    2b:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:EA:57:A4:15:45:FE:66:20:65:D6:A5:FC:A6:82:46:13:7D:E8:73
            X509v3 Authority Key Identifier:
                keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/nupXpBVF_mYgZdal_KaCRhN96HM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.228.0/22
                  45.120.176.0/22
                  74.119.192.0/22
                  80.92.204.0-80.92.206.255
                  103.113.68.0/22
                  176.120.64.0/22
                  176.120.72.0/22
                  185.242.84.0/22
                  185.250.148.0/22
                  193.203.202.0/24
                  195.149.87.0/24
                IPv6:
                  2a09:7c40::/29

    Signature Algorithm: sha256WithRSAEncryption
         89:45:55:2d:8d:e6:ed:72:a5:e1:ff:6d:10:d2:25:54:59:31:
         40:60:2a:73:a4:52:52:50:40:b6:e6:16:0b:db:32:b4:68:72:
         46:e7:52:b6:50:ff:59:59:c1:8e:00:7d:b5:35:b0:9e:23:99:
         a6:2f:af:f0:90:9d:3a:fa:20:59:1b:ba:12:29:42:04:68:7c:
         7e:70:6e:19:5a:51:1d:b3:02:5e:7c:c4:40:5e:c3:68:68:55:
         a3:1d:1f:e4:b3:c7:42:c3:d3:a2:85:db:45:ec:5f:07:c4:10:
         ad:d7:86:7e:8a:f7:03:a9:a0:48:ce:e5:44:62:42:bb:c1:6b:
         a5:b5:b0:e6:92:23:3f:20:f1:83:86:44:d4:b4:46:8b:e3:88:
         8c:ef:76:c8:08:92:90:bc:06:12:51:c4:47:bf:3e:77:78:1a:
         6c:a4:71:2f:75:d5:9c:b9:e8:ba:ff:6c:b0:1b:2a:99:e7:ab:
         7f:e9:fc:86:a1:c5:01:da:47:bb:62:81:f5:34:fb:7f:cd:fe:
         4e:ac:65:57:8f:4b:b6:c3:38:e1:ae:17:92:33:58:b5:4a:95:
         1c:a7:b3:d1:9d:2e:fa:66:36:4d:b8:e2:3f:f4:09:a3:b3:5b:
         be:ed:d1:57:8e:de:12:26:63:36:72:19:be:c3:cc:97:52:5c:
         64:9c:5c:69
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAYrbv2ECzqfStwSAS6by6l/mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjMwOTI4MTIyNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWVhNTdhNDE1NDVmZTY2MjA2NWQ2YTVmY2E2ODI0NjEzN2RlODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmCewPNSJbHGcmNgp7QvFJYGbaDa
wMhINadPiddKRNMVVNj2lmU9LnFmpnVXTm8TxP6Qa8RR14QkyUcnP0brqzsOwbxz
b93iRDIETW/gEcFKPUdHT8Ytx4bf8R4DIQhk/G98rgy4St0+EHw/vzgTjyA5ru/3
AUOeXiCFeCjrkfZLh4647ZtpBBTaFxqko8FxaFJadJM2IQyUpyoCUF5WbG4IG6EG
Lv4ew4qznxqd3lu4Y4cGJBSJ6VQimbT7mRojYBBdMApsUxIeqpvTJJ03Ly2oSm4t
9WjBqhR/9TP1wmFnRTXoPg3ILOZM+ID2c5E+U51X3Xonxf9dcLV0g3wrAQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFJ7qV6QVRf5mIGXWpfymgkYTfehzMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvbnVwWHBCVkZfbVlnWmRhbF9LYUNSaE45NkhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQCLUPkAwQC
LXiwAwQCSnfAMAwDBAJQXMwDBABQXM4DBAJncUQDBAKweEADBAKweEgDBAK58lQD
BAK5+pQDBADBy8oDBADDlVcwDQQCAAIwBwMFAyoJfEAwDQYJKoZIhvcNAQELBQAD
ggEBAIlFVS2N5u1ypeH/bRDSJVRZMUBgKnOkUlJQQLbmFgvbMrRockbnUrZQ/1lZ
wY4AfbU1sJ4jmaYvr/CQnTr6IFkbuhIpQgRofH5wbhlaUR2zAl58xEBew2hoVaMd
H+Szx0LD06KF20XsXwfEEK3Xhn6K9wOpoEjO5URiQrvBa6W1sOaSIz8g8YOGRNS0
RovjiIzvdsgIkpC8BhJRxEe/Pnd4GmykcS911Zy56Lr/bLAbKpnnq3/p/IahxQHa
R7tigfU0+3/N/k6sZVePS7bDOOGuF5IzWLVKlRyns9GdLvpmNk244j/0CaOzW77t
0VeO3hImYzZyGb7DzJdSXGScXGk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:28 2024 by rpki-client on console-ams.rpki-client.org