Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/xZI41DsYPicE9EpLXQjslSnIItg.roa
File:                     xZI41DsYPicE9EpLXQjslSnIItg.roa (raw, json)
Hash identifier:          nsv3lZBCGPTxqFNznLmOrcIohaNopBDO0DexAoDiICc=
Subject key identifier:   C5:92:38:D4:3B:18:3E:27:04:F4:4A:4B:5D:08:EC:95:29:C8:22:D8
Certificate issuer:       /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial:       018945AC62534E992CE4E838D9A0802BB870
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/xZI41DsYPicE9EpLXQjslSnIItg.roa
Signing time:             Tue 11 Jul 2023 15:57:52 +0000
ROA not before:           Tue 11 Jul 2023 15:57:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44477
IP address blocks:        45.120.176.0/22 maxlen: 24
                          195.149.87.0/24 maxlen: 24
                          185.242.84.0/24 maxlen: 24
                          185.242.85.0/24 maxlen: 24
                          185.242.87.0/24 maxlen: 24
                          185.242.86.0/24 maxlen: 24
                          185.250.150.0/24 maxlen: 24
                          185.250.149.0/24 maxlen: 24
                          185.250.148.0/24 maxlen: 24
                          185.250.151.0/24 maxlen: 24
                          193.203.202.0/24 maxlen: 24
                          80.92.205.0/24 maxlen: 24
                          80.92.204.0/24 maxlen: 24
                          74.119.192.0/24 maxlen: 24
                          80.92.206.0/24 maxlen: 24
                          74.119.195.0/24 maxlen: 24
                          74.119.194.0/24 maxlen: 24
                          74.119.193.0/24 maxlen: 24
                          103.113.68.0/24 maxlen: 24
                          45.67.231.0/24 maxlen: 24
                          45.67.230.0/24 maxlen: 24
                          45.67.229.0/24 maxlen: 24
                          45.67.228.0/24 maxlen: 24
                          2a09:7c44::/32 maxlen: 32
                          2a09:7c45::/32 maxlen: 32
                          2a09:7c47::/32 maxlen: 32
                          2a09:7c41::/32 maxlen: 32
                          2a09:7c42::/32 maxlen: 32
                          2a09:7c43::/32 maxlen: 32
                          2a09:7c40::/32 maxlen: 32
                          2a09:7c46::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 20 Jul 2023 07:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:45:ac:62:53:4e:99:2c:e4:e8:38:d9:a0:80:2b:b8:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
        Validity
            Not Before: Jul 11 15:57:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c59238d43b183e2704f44a4b5d08ec9529c822d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:cf:33:56:27:4c:08:e2:9e:33:5f:03:70:24:
                    61:1d:4e:48:c8:1e:86:1d:9f:a0:8d:88:47:17:a0:
                    de:22:8e:48:62:df:11:cb:ab:5d:ce:dc:ce:63:f9:
                    5f:af:a6:22:82:d4:00:34:04:78:79:dc:35:67:65:
                    fb:cd:6c:ac:84:84:2d:b7:89:f1:5f:87:8f:91:41:
                    3c:1a:58:c1:1d:bd:55:1d:bd:71:c2:e3:29:a3:7e:
                    6b:75:fc:cc:17:fa:91:2b:5a:cc:49:81:b7:41:0b:
                    32:65:fe:a5:38:58:aa:96:b0:ca:39:17:47:3c:15:
                    97:7c:7c:a6:a1:f7:fd:0d:97:7c:d5:b4:f6:04:5d:
                    c9:7d:2e:bf:19:71:b6:05:47:cf:89:1b:28:87:72:
                    4e:26:9c:e5:51:e7:bb:7f:a0:cf:70:b2:ba:5e:46:
                    fa:99:12:af:ac:ba:bd:bd:af:d4:28:de:ee:54:cc:
                    0b:4d:ed:42:7a:15:5d:f9:c3:56:7e:ec:0d:ee:78:
                    62:64:43:fb:d2:e2:75:eb:ca:03:8b:12:a8:ca:39:
                    aa:66:d3:fb:cb:83:46:6e:3b:50:fc:fb:76:25:a8:
                    1e:df:58:bd:25:49:00:4f:f7:14:b7:ec:17:9f:2f:
                    29:6c:c6:19:cb:4b:d9:5f:e4:04:1c:fc:81:0f:cf:
                    e4:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:92:38:D4:3B:18:3E:27:04:F4:4A:4B:5D:08:EC:95:29:C8:22:D8
            X509v3 Authority Key Identifier:
                keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/xZI41DsYPicE9EpLXQjslSnIItg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.228.0/22
                  45.120.176.0/22
                  74.119.192.0/22
                  80.92.204.0-80.92.206.255
                  103.113.68.0/24
                  185.242.84.0/22
                  185.250.148.0/22
                  193.203.202.0/24
                  195.149.87.0/24
                IPv6:
                  2a09:7c40::/29

    Signature Algorithm: sha256WithRSAEncryption
         03:97:44:64:e9:4c:d5:4f:94:64:ca:ed:15:18:16:ad:f8:5d:
         87:32:86:38:a0:83:1b:62:c4:4c:4f:49:9f:d2:f7:e6:5b:44:
         74:1b:f8:b1:4f:8d:fb:9f:43:e1:6b:b2:fe:8b:d6:a3:d9:86:
         84:26:cf:6e:ff:f3:77:52:48:8f:04:4f:25:a3:38:8c:9b:a9:
         3c:11:70:89:b9:98:6c:95:5f:5b:4f:c4:a6:53:98:ea:59:74:
         f9:6d:3f:e1:f8:a7:08:44:48:d9:c3:ff:63:5c:43:9a:83:1a:
         98:2e:54:db:91:8b:4f:1d:9a:27:b1:34:6c:06:5e:f8:4b:f7:
         6d:fa:a7:e4:6c:d2:ee:c1:d0:b5:1f:e4:09:0f:37:fd:d6:9d:
         85:a9:3a:6a:31:23:b5:e9:3c:f4:ca:49:d4:e2:e2:01:e6:0f:
         be:db:9d:07:48:79:84:af:4e:77:8a:80:76:dd:5e:ff:39:6f:
         e3:e8:3a:55:27:c3:61:51:8b:62:3a:2f:20:14:1a:d2:d1:05:
         2d:63:33:c9:21:52:e3:03:a2:be:76:9b:de:5a:97:0b:a4:3a:
         0d:e6:42:76:82:4f:0f:74:50:a1:1c:d4:fb:3d:43:6d:62:8a:
         01:46:14:98:de:00:34:3a:f5:69:c4:6d:0c:26:07:3d:9c:42:
         54:dc:df:c7
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYlFrGJTTpks5Og42aCAK7hwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjMwNzExMTU1NzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTkyMzhkNDNiMTgzZTI3MDRmNDRhNGI1ZDA4ZWM5NTI5YzgyMmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuM8zVidMCOKeM18DcCRhHU5IyB6G
HZ+gjYhHF6DeIo5IYt8Ry6tdztzOY/lfr6YigtQANAR4edw1Z2X7zWyshIQtt4nx
X4ePkUE8GljBHb1VHb1xwuMpo35rdfzMF/qRK1rMSYG3QQsyZf6lOFiqlrDKORdH
PBWXfHymoff9DZd81bT2BF3JfS6/GXG2BUfPiRsoh3JOJpzlUee7f6DPcLK6Xkb6
mRKvrLq9va/UKN7uVMwLTe1CehVd+cNWfuwN7nhiZEP70uJ168oDixKoyjmqZtP7
y4NGbjtQ/Pt2Jage31i9JUkAT/cUt+wXny8pbMYZy0vZX+QEHPyBD8/khwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFMWSONQ7GD4nBPRKS10I7JUpyCLYMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEveFpJNDFEc1lQaWNFOUVwTFhRanNsU25JSXRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQCLUPkAwQC
LXiwAwQCSnfAMAwDBAJQXMwDBABQXM4DBABncUQDBAK58lQDBAK5+pQDBADBy8oD
BADDlVcwDQQCAAIwBwMFAyoJfEAwDQYJKoZIhvcNAQELBQADggEBAAOXRGTpTNVP
lGTK7RUYFq34XYcyhjiggxtixExPSZ/S9+ZbRHQb+LFPjfufQ+Frsv6L1qPZhoQm
z27/83dSSI8ETyWjOIybqTwRcIm5mGyVX1tPxKZTmOpZdPltP+H4pwhESNnD/2Nc
Q5qDGpguVNuRi08dmiexNGwGXvhL9236p+Rs0u7B0LUf5AkPN/3WnYWpOmoxI7Xp
PPTKSdTi4gHmD77bnQdIeYSvTneKgHbdXv85b+PoOlUnw2FRi2I6LyAUGtLRBS1j
M8khUuMDor52m95alwukOg3mQnaCTw90UKEc1Ps9Q21iigFGFJjeADQ69WnEbQwm
Bz2cQlTc38c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:28 2024 by rpki-client on console-ams.rpki-client.org