Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/uFFgiuFIjsB_wp_YIn2LQxk_V8c.roa
File:                     uFFgiuFIjsB_wp_YIn2LQxk_V8c.roa (raw, json)
Hash identifier:          B7e26kpA7odEq8SMatjsm7zMOlk5ehsw/ryT+J8XAbo=
Subject key identifier:   B8:51:60:8A:E1:48:8E:C0:7F:C2:9F:D8:22:7D:8B:43:19:3F:57:C7
Certificate issuer:       /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial:       018CEE5C6136DE5C9C9377DEE4A164A4CE13
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/uFFgiuFIjsB_wp_YIn2LQxk_V8c.roa
Signing time:             Tue 09 Jan 2024 13:14:40 +0000
ROA not before:           Tue 09 Jan 2024 13:14:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44477
IP address blocks:        185.236.232.0/22 maxlen: 24
                          45.120.176.0/22 maxlen: 24
                          195.149.87.0/24 maxlen: 24
                          89.221.225.0/24 maxlen: 24
                          89.221.224.0/24 maxlen: 24
                          91.194.161.0/24 maxlen: 24
                          185.242.84.0/24 maxlen: 24
                          185.242.85.0/24 maxlen: 24
                          185.242.87.0/24 maxlen: 24
                          185.242.86.0/24 maxlen: 24
                          103.106.0.0/22 maxlen: 24
                          185.250.150.0/24 maxlen: 24
                          185.250.149.0/24 maxlen: 24
                          185.250.148.0/24 maxlen: 24
                          185.250.151.0/24 maxlen: 24
                          103.35.188.0/22 maxlen: 24
                          193.203.202.0/24 maxlen: 24
                          185.234.64.0/22 maxlen: 24
                          80.92.205.0/24 maxlen: 24
                          80.92.204.0/24 maxlen: 24
                          74.119.192.0/24 maxlen: 24
                          80.92.206.0/24 maxlen: 24
                          91.225.218.0/24 maxlen: 24
                          91.225.217.0/24 maxlen: 24
                          91.225.219.0/24 maxlen: 24
                          74.119.195.0/24 maxlen: 24
                          74.119.194.0/24 maxlen: 24
                          74.119.193.0/24 maxlen: 24
                          176.120.64.0/24 maxlen: 24
                          176.120.64.0/22 maxlen: 24
                          176.120.72.0/22 maxlen: 24
                          103.113.68.0/22 maxlen: 24
                          45.67.231.0/24 maxlen: 24
                          45.67.230.0/24 maxlen: 24
                          45.67.229.0/24 maxlen: 24
                          45.67.228.0/24 maxlen: 24
                          194.246.115.0/24 maxlen: 24
                          194.246.114.0/24 maxlen: 24
                          2a09:7c44::/32 maxlen: 32
                          2a09:7c45::/32 maxlen: 32
                          2a09:7c47::/32 maxlen: 32
                          2a09:7c41::/32 maxlen: 32
                          2a09:7c42::/32 maxlen: 32
                          2a09:7c43::/32 maxlen: 32
                          2a09:7c40::/32 maxlen: 32
                          2a09:7c46::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 23 Jan 2024 11:21:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ee:5c:61:36:de:5c:9c:93:77:de:e4:a1:64:a4:ce:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
        Validity
            Not Before: Jan  9 13:14:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b851608ae1488ec07fc29fd8227d8b43193f57c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:98:d6:70:ad:ec:ef:32:62:d6:17:37:e0:6d:
                    e5:d6:bd:1c:15:90:4f:35:19:5f:b2:84:e4:68:1e:
                    0f:e1:0d:24:40:fc:4a:28:45:c2:0a:68:b1:e1:8e:
                    c1:01:e9:fa:48:fd:aa:66:f3:59:af:0e:84:b6:2f:
                    eb:35:e2:f8:00:ec:fa:85:3f:09:e4:4a:ac:a6:98:
                    f3:c3:99:d2:55:48:fe:01:90:82:b0:7b:23:35:ec:
                    e2:42:f3:72:2d:c8:c4:c3:25:d5:fd:ce:ad:3b:c6:
                    09:17:1d:81:21:f1:11:8b:df:f0:5d:0b:c0:d9:08:
                    77:28:93:a6:6e:af:36:e0:fb:60:cc:6a:93:e8:f7:
                    3d:ab:8c:7c:d3:a3:c5:d8:d4:bd:dc:a8:73:10:a5:
                    a9:d8:d7:44:12:70:3d:c4:a0:71:cf:b5:7f:ae:98:
                    89:88:03:f4:d8:4d:c1:0a:a7:ec:53:96:82:f9:8b:
                    3e:cf:50:96:77:13:35:7b:ab:42:0d:92:8d:d4:b2:
                    22:07:ab:72:e5:6f:38:72:8c:1b:6f:16:e5:5b:a3:
                    f9:86:62:4b:f6:b7:2f:6d:fc:55:c3:34:2d:a0:3b:
                    2d:17:3c:49:33:ed:d1:18:fe:63:a8:7e:f1:5b:e7:
                    7e:26:6b:e1:37:bf:96:e2:0f:c4:3e:58:f9:59:6e:
                    f7:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:51:60:8A:E1:48:8E:C0:7F:C2:9F:D8:22:7D:8B:43:19:3F:57:C7
            X509v3 Authority Key Identifier:
                keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/uFFgiuFIjsB_wp_YIn2LQxk_V8c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.228.0/22
                  45.120.176.0/22
                  74.119.192.0/22
                  80.92.204.0-80.92.206.255
                  89.221.224.0/23
                  91.194.161.0/24
                  91.225.217.0-91.225.219.255
                  103.35.188.0/22
                  103.106.0.0/22
                  103.113.68.0/22
                  176.120.64.0/22
                  176.120.72.0/22
                  185.234.64.0/22
                  185.236.232.0/22
                  185.242.84.0/22
                  185.250.148.0/22
                  193.203.202.0/24
                  194.246.114.0/23
                  195.149.87.0/24
                IPv6:
                  2a09:7c40::/29

    Signature Algorithm: sha256WithRSAEncryption
         65:f7:f6:03:2e:6c:90:ca:0e:fc:89:1a:25:03:35:b1:4c:99:
         52:0e:8a:11:25:f9:c8:ec:2a:e1:c4:e7:49:2f:a5:d8:f1:d9:
         c9:03:c2:f8:0d:8f:8b:f8:76:4c:c8:d0:bf:c3:5a:e3:b2:ac:
         32:fa:bc:43:d9:11:f8:c1:a6:3f:73:00:9a:b6:6e:89:60:f3:
         22:3a:b7:f1:bf:e8:80:6c:7a:a3:71:7e:57:40:23:c7:c1:94:
         e7:5a:0e:a7:12:ef:c3:a5:22:2b:51:54:91:cd:c7:fc:b6:4a:
         b5:bf:4e:bc:6d:73:f5:9c:62:c3:92:9d:c3:01:6c:63:b0:c3:
         54:59:2f:bc:0a:cc:e7:11:84:cb:c4:5d:68:20:75:c1:e1:90:
         b6:4f:58:08:a2:f1:24:d6:ac:67:d5:79:fb:59:80:1f:a6:43:
         f1:8c:60:c3:ad:a4:33:e1:74:29:ee:c0:07:90:5f:21:21:c5:
         81:fe:24:48:79:60:a8:4e:83:63:0e:b0:51:28:3f:21:97:f4:
         7b:4c:81:2a:0c:48:b0:bb:bf:0f:d9:f7:a1:8a:7a:91:c0:60:
         81:65:d0:ee:f0:9d:c0:a6:f3:8c:94:20:dc:06:7b:38:c7:20:
         a9:5b:f4:e4:e2:16:85:95:9a:6d:f3:91:da:c6:68:72:d4:6d:
         4b:a2:2a:6c
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAYzuXGE23lyck3fe5KFkpM4TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjQwMTA5MTMxNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODUxNjA4YWUxNDg4ZWMwN2ZjMjlmZDgyMjdkOGI0MzE5M2Y1N2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpjWcK3s7zJi1hc34G3l1r0cFZBP
NRlfsoTkaB4P4Q0kQPxKKEXCCmix4Y7BAen6SP2qZvNZrw6Eti/rNeL4AOz6hT8J
5Eqsppjzw5nSVUj+AZCCsHsjNeziQvNyLcjEwyXV/c6tO8YJFx2BIfERi9/wXQvA
2Qh3KJOmbq824PtgzGqT6Pc9q4x806PF2NS93KhzEKWp2NdEEnA9xKBxz7V/rpiJ
iAP02E3BCqfsU5aC+Ys+z1CWdxM1e6tCDZKN1LIiB6ty5W84cowbbxblW6P5hmJL
9rcvbfxVwzQtoDstFzxJM+3RGP5jqH7xW+d+JmvhN7+W4g/EPlj5WW73+QIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFLhRYIrhSI7Af8Kf2CJ9i0MZP1fHMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvdUZGZ2l1Rklqc0Jfd3BfWUluMkxReGtfVjhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGuBggrBgEFBQcBBwEB/wSBnjCBmzCBiQQCAAEwgYIDBAIt
Q+QDBAIteLADBAJKd8AwDAMEAlBczAMEAFBczgMEAVnd4AMEAFvCoTAMAwQAW+HZ
AwQCW+HYAwQCZyO8AwQCZ2oAAwQCZ3FEAwQCsHhAAwQCsHhIAwQCuepAAwQCuezo
AwQCufJUAwQCufqUAwQAwcvKAwQBwvZyAwQAw5VXMA0EAgACMAcDBQMqCXxAMA0G
CSqGSIb3DQEBCwUAA4IBAQBl9/YDLmyQyg78iRolAzWxTJlSDooRJfnI7CrhxOdJ
L6XY8dnJA8L4DY+L+HZMyNC/w1rjsqwy+rxD2RH4waY/cwCatm6JYPMiOrfxv+iA
bHqjcX5XQCPHwZTnWg6nEu/DpSIrUVSRzcf8tkq1v068bXP1nGLDkp3DAWxjsMNU
WS+8CsznEYTLxF1oIHXB4ZC2T1gIovEk1qxn1Xn7WYAfpkPxjGDDraQz4XQp7sAH
kF8hIcWB/iRIeWCoToNjDrBRKD8hl/R7TIEqDEiwu78P2fehinqRwGCBZdDu8J3A
pvOMlCDcBns4xyCpW/Tk4haFlZpt85Haxmhy1G1Loips
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:06 2024 by rpki-client on console-fra.rpki-client.org