Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/sofdzni4FHQznUziGgZGE0_FFjo.roa
File:                     sofdzni4FHQznUziGgZGE0_FFjo.roa (raw, json)
Hash identifier:          +PelxB4jXgFI7auCb/pB3Q/FRnrsTiUlGs96hkDkSEo=
Subject key identifier:   B2:87:DD:CE:78:B8:14:74:33:9D:4C:E2:1A:06:46:13:4F:C5:16:3A
Certificate issuer:       /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial:       018E3E452ECBF2F95DA6F43E39D3CE4BF02D
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/sofdzni4FHQznUziGgZGE0_FFjo.roa
Signing time:             Thu 14 Mar 2024 18:41:44 +0000
ROA not before:           Thu 14 Mar 2024 18:41:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44477
IP address blocks:        45.67.228.0/24 maxlen: 24
                          45.67.229.0/24 maxlen: 24
                          45.67.230.0/24 maxlen: 24
                          45.67.231.0/24 maxlen: 24
                          45.120.176.0/22 maxlen: 24
                          62.3.12.0/24 maxlen: 24
                          74.119.192.0/24 maxlen: 24
                          74.119.193.0/24 maxlen: 24
                          74.119.194.0/24 maxlen: 24
                          74.119.195.0/24 maxlen: 24
                          80.92.204.0/24 maxlen: 24
                          80.92.205.0/24 maxlen: 24
                          80.92.206.0/24 maxlen: 24
                          89.221.224.0/24 maxlen: 24
                          89.221.225.0/24 maxlen: 24
                          91.194.161.0/24 maxlen: 24
                          91.225.217.0/24 maxlen: 24
                          91.225.218.0/24 maxlen: 24
                          91.225.219.0/24 maxlen: 24
                          103.35.188.0/22 maxlen: 24
                          103.106.0.0/22 maxlen: 24
                          103.113.68.0/22 maxlen: 24
                          176.120.64.0/22 maxlen: 24
                          176.120.64.0/24 maxlen: 24
                          176.120.72.0/22 maxlen: 24
                          185.234.64.0/22 maxlen: 24
                          185.235.240.0/22 maxlen: 24
                          185.236.232.0/22 maxlen: 24
                          185.242.84.0/24 maxlen: 24
                          185.242.85.0/24 maxlen: 24
                          185.242.86.0/24 maxlen: 24
                          185.242.87.0/24 maxlen: 24
                          185.250.148.0/24 maxlen: 24
                          185.250.149.0/24 maxlen: 24
                          185.250.150.0/24 maxlen: 24
                          185.250.151.0/24 maxlen: 24
                          193.203.202.0/24 maxlen: 24
                          194.246.114.0/24 maxlen: 24
                          194.246.115.0/24 maxlen: 24
                          195.149.87.0/24 maxlen: 24
                          2a09:7c40::/32 maxlen: 32
                          2a09:7c41::/32 maxlen: 32
                          2a09:7c42::/32 maxlen: 32
                          2a09:7c43::/32 maxlen: 32
                          2a09:7c44::/32 maxlen: 32
                          2a09:7c45::/32 maxlen: 32
                          2a09:7c46::/32 maxlen: 32
                          2a09:7c47::/32 maxlen: 32
                          2a11:3c02::/32 maxlen: 32
                          2a11:3c03::/32 maxlen: 32
                          2a14:2d80::/32 maxlen: 32
                          2a14:2d81::/32 maxlen: 32
                          2a14:2d82::/32 maxlen: 32
                          2a14:2e80::/32 maxlen: 32
                          2a14:2f80::/32 maxlen: 32
                          2a14:3080::/32 maxlen: 32
                          2a14:3880::/32 maxlen: 32

Validation:               Failed, certificate revoked on Fri 15 Mar 2024 12:28:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:3e:45:2e:cb:f2:f9:5d:a6:f4:3e:39:d3:ce:4b:f0:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
        Validity
            Not Before: Mar 14 18:41:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b287ddce78b81474339d4ce21a0646134fc5163a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:5e:6c:ba:b2:80:9a:c4:fc:ef:fd:ac:5e:12:
                    08:20:92:b7:82:aa:1b:c1:33:76:60:e5:c6:7d:26:
                    57:9f:b2:9d:89:cd:d0:d0:23:cd:e9:a3:b7:73:3b:
                    24:1d:ca:da:6f:64:d7:89:74:ec:aa:a0:4d:78:a7:
                    0e:5d:3d:ad:2b:97:fd:16:b6:03:55:25:ce:1f:d5:
                    28:b7:ac:3e:ce:da:8e:42:3c:ea:d5:7d:bb:69:a6:
                    19:d4:db:61:55:f2:ac:8c:23:5a:30:d5:52:80:3c:
                    26:01:bd:e7:ab:10:c1:65:42:b2:2b:eb:cf:09:8b:
                    db:a9:d9:6e:b9:fa:16:4c:0e:c3:00:9e:de:6f:21:
                    ed:a6:64:4d:0c:36:ff:b1:1b:4f:91:37:1f:f6:3a:
                    b2:51:0d:5e:ad:32:95:e0:9a:f9:53:91:d7:ee:6b:
                    c0:09:60:0c:4b:b2:50:f2:10:e8:1b:55:ca:e0:c3:
                    4e:20:7c:52:76:01:81:a6:54:96:ad:ac:84:6e:31:
                    6c:92:94:10:7a:ba:2d:d0:b3:0d:47:c0:05:a5:89:
                    11:05:8c:7d:c1:d4:27:13:51:ee:2a:38:08:c1:50:
                    8f:4a:bd:61:2c:68:93:2b:05:56:18:63:f8:34:17:
                    d8:a8:79:64:59:7a:c7:d7:75:0a:f8:cb:0c:fb:f0:
                    e7:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:87:DD:CE:78:B8:14:74:33:9D:4C:E2:1A:06:46:13:4F:C5:16:3A
            X509v3 Authority Key Identifier:
                keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/sofdzni4FHQznUziGgZGE0_FFjo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.228.0/22
                  45.120.176.0/22
                  62.3.12.0/24
                  74.119.192.0/22
                  80.92.204.0-80.92.206.255
                  89.221.224.0/23
                  91.194.161.0/24
                  91.225.217.0-91.225.219.255
                  103.35.188.0/22
                  103.106.0.0/22
                  103.113.68.0/22
                  176.120.64.0/22
                  176.120.72.0/22
                  185.234.64.0/22
                  185.235.240.0/22
                  185.236.232.0/22
                  185.242.84.0/22
                  185.250.148.0/22
                  193.203.202.0/24
                  194.246.114.0/23
                  195.149.87.0/24
                IPv6:
                  2a09:7c40::/29
                  2a11:3c02::/31
                  2a14:2d80::-2a14:2d82:ffff:ffff:ffff:ffff:ffff:ffff
                  2a14:2e80::/32
                  2a14:2f80::/32
                  2a14:3080::/32
                  2a14:3880::/32

    Signature Algorithm: sha256WithRSAEncryption
         68:ac:ed:ca:16:29:29:17:6f:92:39:51:3f:d2:80:09:2d:b0:
         56:58:7b:dc:f1:53:32:b3:e4:ad:bd:0a:b6:4a:3e:77:82:e1:
         e3:c4:ed:72:77:77:4f:5d:be:56:8b:81:49:72:84:27:f1:f1:
         48:da:fb:cb:f3:cd:29:e1:e5:47:b0:8c:6c:4e:d4:56:78:11:
         c1:bb:b4:5a:ca:1f:da:14:b6:58:e9:36:45:52:59:68:1e:40:
         50:3f:a8:cd:c1:5d:73:c1:25:82:6e:52:cb:00:39:24:33:2f:
         4a:8a:f0:c8:a1:98:b4:ba:4b:5f:71:c6:e6:ab:4c:91:32:bd:
         52:0b:62:82:07:0f:41:96:4b:f3:66:39:9d:7b:7e:6d:24:ac:
         30:fb:09:15:20:43:c9:64:51:ce:63:63:89:10:e0:f1:51:6d:
         96:1e:58:61:1f:b4:b2:08:3b:c2:3d:e9:b7:99:7b:8f:d2:be:
         d4:ff:16:fc:2f:fc:ec:75:8a:2a:34:eb:db:e5:82:23:66:61:
         36:10:d1:26:04:0a:8b:90:f1:62:46:8d:dd:9f:4e:6a:9f:95:
         5c:ee:bc:73:09:92:21:e3:60:de:a1:ce:d2:a2:4c:5a:c6:94:
         2a:f4:9c:7a:e8:31:d4:c4:64:db:c6:27:f8:bc:a1:7e:e2:4f:
         42:af:70:fe
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAY4+RS7L8vldpvQ+OdPOS/AtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjQwMzE0MTg0MTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjg3ZGRjZTc4YjgxNDc0MzM5ZDRjZTIxYTA2NDYxMzRmYzUxNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoF5surKAmsT87/2sXhIIIJK3gqob
wTN2YOXGfSZXn7Kdic3Q0CPN6aO3czskHcrab2TXiXTsqqBNeKcOXT2tK5f9FrYD
VSXOH9Uot6w+ztqOQjzq1X27aaYZ1NthVfKsjCNaMNVSgDwmAb3nqxDBZUKyK+vP
CYvbqdluufoWTA7DAJ7ebyHtpmRNDDb/sRtPkTcf9jqyUQ1erTKV4Jr5U5HX7mvA
CWAMS7JQ8hDoG1XK4MNOIHxSdgGBplSWrayEbjFskpQQerot0LMNR8AFpYkRBYx9
wdQnE1HuKjgIwVCPSr1hLGiTKwVWGGP4NBfYqHlkWXrH13UK+MsM+/DnsQIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFLKH3c54uBR0M51M4hoGRhNPxRY6MB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvc29mZHpuaTRGSFF6blV6aUdnWkdFMF9GRmpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCBlQQCAAEwgY4DBAIt
Q+QDBAIteLADBAA+AwwDBAJKd8AwDAMEAlBczAMEAFBczgMEAVnd4AMEAFvCoTAM
AwQAW+HZAwQCW+HYAwQCZyO8AwQCZ2oAAwQCZ3FEAwQCsHhAAwQCsHhIAwQCuepA
AwQCuevwAwQCuezoAwQCufJUAwQCufqUAwQAwcvKAwQBwvZyAwQAw5VXMEAEAgAC
MDoDBQMqCXxAAwUBKhE8AjAOAwUHKhQtgAMFACoULYIDBQAqFC6AAwUAKhQvgAMF
ACoUMIADBQAqFDiAMA0GCSqGSIb3DQEBCwUAA4IBAQBorO3KFikpF2+SOVE/0oAJ
LbBWWHvc8VMys+StvQq2Sj53guHjxO1yd3dPXb5Wi4FJcoQn8fFI2vvL880p4eVH
sIxsTtRWeBHBu7Rayh/aFLZY6TZFUlloHkBQP6jNwV1zwSWCblLLADkkMy9KivDI
oZi0uktfccbmq0yRMr1SC2KCBw9BlkvzZjmde35tJKww+wkVIEPJZFHOY2OJEODx
UW2WHlhhH7SyCDvCPem3mXuP0r7U/xb8L/zsdYoqNOvb5YIjZmE2ENEmBAqLkPFi
Ro3dn05qn5Vc7rxzCZIh42Deoc7SokxaxpQq9Jx66DHUxGTbxif4vKF+4k9Cr3D+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:28 2024 by rpki-client on console-ams.rpki-client.org