Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0bT9s-8-V0RL2hive5x44JdlKZ0.roa
File:                     0bT9s-8-V0RL2hive5x44JdlKZ0.roa (raw, json)
Hash identifier:          SH5qZY3AdccJn5i1DR43aPjqqVf7yP+P9UCqvd/yAwQ=
Subject key identifier:   D1:B4:FD:B3:EF:3E:57:44:4B:DA:18:AF:7B:9C:78:E0:97:65:29:9D
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0187BA3449439085F5C126011553006FED9F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0bT9s-8-V0RL2hive5x44JdlKZ0.roa
Signing time:             Tue 25 Apr 2023 20:56:41 +0000
ROA not before:           Tue 25 Apr 2023 20:56:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        84.32.214.0/23 maxlen: 24
                          84.32.218.0/24 maxlen: 24
                          84.32.221.0/24 maxlen: 24
                          84.32.223.0/24 maxlen: 24
                          84.32.224.0/24 maxlen: 24
                          84.32.225.0/24 maxlen: 24
                          84.32.231.0/24 maxlen: 24
                          84.32.232.0/24 maxlen: 24
                          84.32.235.0/24 maxlen: 24
                          84.32.239.0/24 maxlen: 24
                          84.32.240.0/24 maxlen: 24
                          84.32.244.0/23 maxlen: 24
                          84.32.242.0/24 maxlen: 24
                          84.32.243.0/24 maxlen: 24
                          84.32.252.0/23 maxlen: 24
                          84.32.251.0/24 maxlen: 24
                          84.32.57.0/24 maxlen: 24
                          84.32.60.0/24 maxlen: 24
                          84.32.67.0/24 maxlen: 24
                          84.32.77.0/24 maxlen: 24
                          84.32.79.0/24 maxlen: 24
                          84.32.88.0/24 maxlen: 24
                          84.32.8.0/24 maxlen: 24
                          84.32.10.0/24 maxlen: 24
                          84.32.24.0/22 maxlen: 24
                          84.32.30.0/24 maxlen: 24
                          84.32.46.0/24 maxlen: 24
                          84.32.174.0/24 maxlen: 24
                          84.32.175.0/24 maxlen: 24
                          84.32.177.0/24 maxlen: 24
                          84.32.178.0/24 maxlen: 24
                          84.32.212.0/24 maxlen: 24
                          84.32.108.0/23 maxlen: 24
                          84.32.110.0/24 maxlen: 24
                          84.32.152.0/24 maxlen: 24
                          84.32.148.0/23 maxlen: 24
                          84.32.150.0/23 maxlen: 24
                          84.32.153.0/24 maxlen: 24
                          84.32.154.0/24 maxlen: 24
                          84.32.159.0/24 maxlen: 24
                          84.32.156.0/24 maxlen: 24
                          84.32.158.0/24 maxlen: 24
                          88.216.183.0/24 maxlen: 24
                          88.216.189.0/24 maxlen: 24
                          88.216.197.0/24 maxlen: 24
                          88.216.212.0/22 maxlen: 24
                          88.216.111.0/24 maxlen: 24
                          88.216.108.0/24 maxlen: 24
                          88.216.128.0/24 maxlen: 24
                          88.216.132.0/24 maxlen: 24
                          88.216.130.0/23 maxlen: 24
                          88.216.134.0/23 maxlen: 24
                          88.216.220.0/24 maxlen: 24
                          88.216.232.0/22 maxlen: 24
                          88.216.58.0/24 maxlen: 24
                          88.216.56.0/24 maxlen: 24
                          88.216.57.0/24 maxlen: 24
                          88.216.59.0/24 maxlen: 24
                          88.216.60.0/24 maxlen: 24
                          88.216.61.0/24 maxlen: 24
                          88.216.62.0/24 maxlen: 24
                          88.216.63.0/24 maxlen: 24
                          88.216.64.0/24 maxlen: 24
                          88.216.65.0/24 maxlen: 24
                          88.216.3.0/24 maxlen: 24
                          88.216.0.0/24 maxlen: 24
                          88.216.1.0/24 maxlen: 24
                          88.216.16.0/24 maxlen: 24
                          88.216.32.0/24 maxlen: 24
                          88.216.35.0/24 maxlen: 24
                          88.216.44.0/24 maxlen: 24
                          88.216.41.0/24 maxlen: 24
                          88.216.45.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 May 2023 12:27:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:ba:34:49:43:90:85:f5:c1:26:01:15:53:00:6f:ed:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Apr 25 20:56:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d1b4fdb3ef3e57444bda18af7b9c78e09765299d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:1c:51:d8:6a:65:6b:6a:3c:49:44:01:16:8e:
                    b5:22:71:a1:9b:39:6c:20:34:11:f1:e0:39:77:aa:
                    4e:6f:6c:b4:26:3a:c8:50:55:dd:a0:03:3c:d1:e8:
                    7b:eb:1d:71:b4:59:36:a7:63:b2:50:9a:55:5b:1a:
                    91:27:77:d1:b1:cd:4a:be:b7:71:50:65:5b:0b:e8:
                    f0:b3:33:ec:f0:0a:96:0e:47:25:42:da:37:51:8e:
                    be:94:a4:3b:7f:e7:4f:59:ed:20:56:be:56:40:02:
                    dd:79:3f:3e:cb:70:44:7f:37:ee:5e:0f:c5:9c:b8:
                    5c:de:bc:50:21:82:d3:28:69:d0:ef:51:62:1a:b2:
                    03:4a:d7:ee:1e:85:3f:0f:93:22:ea:ca:9a:40:7c:
                    7c:99:16:b1:dc:1c:f7:12:18:39:cb:aa:06:59:a0:
                    d9:0e:ab:a4:33:9f:53:3d:95:db:3f:f8:62:3f:e7:
                    51:e7:47:5d:39:aa:44:7f:79:fd:f0:45:0b:55:54:
                    8f:61:80:b6:ed:6b:ea:1c:27:95:e2:2b:51:6b:e1:
                    60:c6:ea:55:6f:c1:bd:92:b4:6a:f3:51:59:65:2e:
                    92:67:c3:c4:fd:18:c9:f0:4a:b8:42:67:99:d8:f5:
                    bc:ce:c8:b5:c4:0c:d6:04:cf:e3:fc:70:ca:49:66:
                    b9:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:B4:FD:B3:EF:3E:57:44:4B:DA:18:AF:7B:9C:78:E0:97:65:29:9D
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0bT9s-8-V0RL2hive5x44JdlKZ0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.8.0/24
                  84.32.10.0/24
                  84.32.24.0/22
                  84.32.30.0/24
                  84.32.46.0/24
                  84.32.57.0/24
                  84.32.60.0/24
                  84.32.67.0/24
                  84.32.77.0/24
                  84.32.79.0/24
                  84.32.88.0/24
                  84.32.108.0-84.32.110.255
                  84.32.148.0-84.32.154.255
                  84.32.156.0/24
                  84.32.158.0/23
                  84.32.174.0/23
                  84.32.177.0-84.32.178.255
                  84.32.212.0/24
                  84.32.214.0/23
                  84.32.218.0/24
                  84.32.221.0/24
                  84.32.223.0-84.32.225.255
                  84.32.231.0-84.32.232.255
                  84.32.235.0/24
                  84.32.239.0-84.32.240.255
                  84.32.242.0-84.32.245.255
                  84.32.251.0-84.32.253.255
                  88.216.0.0/23
                  88.216.3.0/24
                  88.216.16.0/24
                  88.216.32.0/24
                  88.216.35.0/24
                  88.216.41.0/24
                  88.216.44.0/23
                  88.216.56.0-88.216.65.255
                  88.216.108.0/24
                  88.216.111.0/24
                  88.216.128.0/24
                  88.216.130.0-88.216.132.255
                  88.216.134.0/23
                  88.216.183.0/24
                  88.216.189.0/24
                  88.216.197.0/24
                  88.216.212.0/22
                  88.216.220.0/24
                  88.216.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         62:bc:17:fa:b3:1e:d4:ef:8c:ef:de:00:3d:b3:64:7a:ab:23:
         99:36:7b:8e:76:6b:a6:0f:da:17:f1:8d:9e:d9:f3:ba:1e:ab:
         aa:d3:99:e3:7f:f2:71:49:06:38:bf:f3:0a:32:d9:bd:d6:55:
         db:ed:a8:5d:63:1b:b5:87:bc:5c:75:3a:4f:4f:f8:be:2c:a4:
         a9:c9:12:6a:85:c6:3c:b5:24:3d:f1:1b:66:21:b1:87:f7:fa:
         f5:65:17:14:a1:21:83:13:b3:98:a4:68:69:56:d1:79:71:60:
         73:9a:8e:89:22:43:32:f2:cd:da:4a:cf:ab:ec:1a:70:76:67:
         60:7d:66:16:4f:f2:81:04:f0:16:dd:2d:18:a7:f7:02:3f:55:
         63:4c:c8:bc:47:85:de:62:43:6a:00:21:36:b3:2a:70:ef:be:
         9f:a5:97:66:47:67:0c:3a:95:c4:89:8b:9a:7e:2c:6d:d4:cb:
         48:86:22:ad:56:38:0d:72:fd:1d:9c:07:20:56:9b:7b:59:77:
         1a:8c:aa:65:4b:03:6c:9c:d0:02:e6:6a:b0:85:a8:d4:d3:3d:
         f9:4e:6b:e6:e6:33:5b:a4:c1:50:61:14:ac:42:c5:bf:c9:6d:
         0b:82:66:90:bf:ca:ad:78:4d:17:a4:06:de:8b:76:d4:96:00:
         dd:84:99:9b
-----BEGIN CERTIFICATE-----
MIIGZTCCBU2gAwIBAgISAYe6NElDkIX1wSYBFVMAb+2fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDI1MjA1NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWI0ZmRiM2VmM2U1NzQ0NGJkYTE4YWY3YjljNzhlMDk3NjUyOTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixxR2Gpla2o8SUQBFo61InGhmzls
IDQR8eA5d6pOb2y0JjrIUFXdoAM80eh76x1xtFk2p2OyUJpVWxqRJ3fRsc1Kvrdx
UGVbC+jwszPs8AqWDkclQto3UY6+lKQ7f+dPWe0gVr5WQALdeT8+y3BEfzfuXg/F
nLhc3rxQIYLTKGnQ71FiGrIDStfuHoU/D5Mi6sqaQHx8mRax3Bz3Ehg5y6oGWaDZ
DqukM59TPZXbP/hiP+dR50ddOapEf3n98EULVVSPYYC27WvqHCeV4itRa+FgxupV
b8G9krRq81FZZS6SZ8PE/RjJ8Eq4QmeZ2PW8zsi1xAzWBM/j/HDKSWa5owIDAQAB
o4IDcTCCA20wHQYDVR0OBBYEFNG0/bPvPldES9oYr3uceOCXZSmdMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMGJUOXMtOC1WMFJMMmhpdmU1eDQ0SmRsS1owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhQYIKwYBBQUHAQcBAf8EggF0MIIBcDCCAWwEAgABMIIB
ZAMEAFQgCAMEAFQgCgMEAlQgGAMEAFQgHgMEAFQgLgMEAFQgOQMEAFQgPAMEAFQg
QwMEAFQgTQMEAFQgTwMEAFQgWDAMAwQCVCBsAwQAVCBuMAwDBAJUIJQDBABUIJoD
BABUIJwDBAFUIJ4DBAFUIK4wDAMEAFQgsQMEAFQgsgMEAFQg1AMEAVQg1gMEAFQg
2gMEAFQg3TAMAwQAVCDfAwQBVCDgMAwDBABUIOcDBABUIOgDBABUIOswDAMEAFQg
7wMEAFQg8DAMAwQBVCDyAwQBVCD0MAwDBABUIPsDBAFUIPwDBAFY2AADBABY2AMD
BABY2BADBABY2CADBABY2CMDBABY2CkDBAFY2CwwDAMEA1jYOAMEAVjYQAMEAFjY
bAMEAFjYbwMEAFjYgDAMAwQBWNiCAwQAWNiEAwQBWNiGAwQAWNi3AwQAWNi9AwQA
WNjFAwQCWNjUAwQAWNjcAwQCWNjoMA0GCSqGSIb3DQEBCwUAA4IBAQBivBf6sx7U
74zv3gA9s2R6qyOZNnuOdmumD9oX8Y2e2fO6Hquq05njf/JxSQY4v/MKMtm91lXb
7ahdYxu1h7xcdTpPT/i+LKSpyRJqhcY8tSQ98RtmIbGH9/r1ZRcUoSGDE7OYpGhp
VtF5cWBzmo6JIkMy8s3aSs+r7BpwdmdgfWYWT/KBBPAW3S0Yp/cCP1VjTMi8R4Xe
YkNqACE2sypw776fpZdmR2cMOpXEiYuafixt1MtIhiKtVjgNcv0dnAcgVpt7WXca
jKplSwNsnNAC5mqwhajU0z35Tmvm5jNbpMFQYRSsQsW/yW0LgmaQv8qteE0XpAbe
i3bUlgDdhJmb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:30 2024 by rpki-client on console-fra.rpki-client.org