Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5wW14yCCblYBHsbcxFmAEqtjsxA.roa
File:                     5wW14yCCblYBHsbcxFmAEqtjsxA.roa (raw, json)
Hash identifier:          J7lIMiED4rLNA9PWHVkS9Qf8YHUrMsiKSwI6cJ4f5OY=
Subject key identifier:   E7:05:B5:E3:20:82:6E:56:01:1E:C6:DC:C4:59:80:12:AB:63:B3:10
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018649AAB0EC59BF6CCF8988FF3F665D0280
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5wW14yCCblYBHsbcxFmAEqtjsxA.roa
Signing time:             Mon 13 Feb 2023 07:26:08 +0000
ROA not before:           Mon 13 Feb 2023 07:26:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        88.216.190.0/24 maxlen: 24
                          88.216.213.0/24 maxlen: 24
                          84.32.214.0/23 maxlen: 24
                          84.32.221.0/24 maxlen: 24
                          84.32.222.0/24 maxlen: 24
                          84.32.220.0/24 maxlen: 24
                          88.216.128.0/24 maxlen: 24
                          88.216.129.0/24 maxlen: 24
                          88.216.132.0/24 maxlen: 24
                          84.32.240.0/24 maxlen: 24
                          88.216.134.0/24 maxlen: 24
                          88.216.133.0/24 maxlen: 24
                          84.32.242.0/24 maxlen: 24
                          84.32.243.0/24 maxlen: 24
                          84.32.252.0/23 maxlen: 24
                          88.216.215.0/24 maxlen: 24
                          88.216.220.0/24 maxlen: 24
                          84.32.76.0/24 maxlen: 24
                          84.32.77.0/24 maxlen: 24
                          84.32.79.0/24 maxlen: 24
                          84.32.24.0/22 maxlen: 24
                          84.32.30.0/24 maxlen: 24
                          84.32.46.0/24 maxlen: 24
                          84.32.179.0/24 maxlen: 24
                          88.216.93.0/24 maxlen: 24
                          84.32.212.0/24 maxlen: 24
                          88.216.17.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 13 Feb 2023 14:36:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:49:aa:b0:ec:59:bf:6c:cf:89:88:ff:3f:66:5d:02:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Feb 13 07:26:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e705b5e320826e56011ec6dcc4598012ab63b310
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:5a:48:ce:6f:e2:bd:7e:ff:9f:e1:8f:12:bb:
                    31:08:48:66:05:63:50:e5:b3:e3:16:40:14:14:af:
                    2e:1c:26:7e:07:44:3c:6f:89:c8:5a:ec:b4:0e:e6:
                    e9:83:ad:51:03:92:08:b2:66:6d:bf:b1:1f:cf:d0:
                    50:07:51:fd:cf:16:93:52:47:dc:c5:c0:11:55:2c:
                    73:ca:e4:d4:00:db:ad:d6:f2:68:54:a9:97:e6:94:
                    68:ce:3f:7f:2f:54:44:7e:73:55:2a:a6:e4:7b:b2:
                    32:4b:8e:ed:14:0a:60:4b:c2:e7:57:ce:37:4f:67:
                    f8:84:5b:81:18:86:56:ae:ed:9a:e2:c6:1f:92:da:
                    a1:05:4c:4d:63:d9:42:81:6a:3a:13:55:3a:7e:29:
                    53:8a:a2:9d:18:8a:df:1f:2b:a2:e1:20:6c:d1:15:
                    66:09:94:14:35:61:92:5f:df:ed:f9:39:b1:b3:94:
                    57:fe:b1:0b:b0:6d:01:b3:cb:dd:df:de:72:33:c0:
                    f8:37:a8:e4:72:8b:7d:78:c4:69:e5:d3:52:51:63:
                    3c:98:4c:29:c8:f3:11:bb:cc:8f:04:f8:ce:4c:47:
                    9e:41:92:ec:25:8c:40:08:6d:9a:d7:97:a0:a3:99:
                    db:39:38:c7:87:ce:ca:9e:61:ef:cd:22:8a:36:6d:
                    d1:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:05:B5:E3:20:82:6E:56:01:1E:C6:DC:C4:59:80:12:AB:63:B3:10
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5wW14yCCblYBHsbcxFmAEqtjsxA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.24.0/22
                  84.32.30.0/24
                  84.32.46.0/24
                  84.32.76.0/23
                  84.32.79.0/24
                  84.32.179.0/24
                  84.32.212.0/24
                  84.32.214.0/23
                  84.32.220.0-84.32.222.255
                  84.32.240.0/24
                  84.32.242.0/23
                  84.32.252.0/23
                  88.216.17.0/24
                  88.216.93.0/24
                  88.216.128.0/23
                  88.216.132.0-88.216.134.255
                  88.216.190.0/24
                  88.216.213.0/24
                  88.216.215.0/24
                  88.216.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:20:5f:72:f9:06:3b:1e:29:e8:14:16:3d:bb:c0:62:5e:78:
         9b:6c:b8:53:cb:4b:5c:1b:90:b4:fc:89:a1:99:01:36:9a:1c:
         79:4d:42:0f:a2:8f:f6:3d:b9:8e:3d:b4:af:c1:f5:88:a3:fa:
         86:24:4d:7a:58:c6:96:35:2d:00:09:b6:22:51:99:c4:20:94:
         30:07:2b:d2:1e:a9:41:7c:4d:ca:f2:71:1c:47:d4:f9:ce:82:
         d0:88:49:97:a3:2d:79:2c:58:79:14:a4:3c:36:08:61:b9:6d:
         4f:bf:14:66:8e:b8:83:6e:29:3f:5d:fa:c9:c6:77:14:5e:24:
         e5:d3:13:7f:e1:de:0a:29:91:c3:30:8a:9c:38:05:f4:31:72:
         dd:99:52:31:7b:39:e2:ef:f2:84:d3:67:69:25:23:e0:dd:eb:
         67:9c:f5:f0:09:19:7c:d1:13:b6:b1:ef:ed:48:2e:d0:c8:bd:
         12:9e:bb:d7:3b:c6:f0:03:68:9a:40:e9:1d:8c:32:c6:27:5c:
         32:81:2f:6b:90:c5:5d:36:e1:57:b8:98:32:57:4a:e7:5a:6c:
         24:47:88:88:7e:98:e5:2d:eb:68:af:53:80:ad:e4:b9:ac:3b:
         32:6c:fd:d1:d7:11:10:75:58:cc:f1:f0:5d:6a:34:88:61:08:
         d4:6a:7c:c0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYZJqrDsWb9sz4mI/z9mXQKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjEzMDcyNjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzA1YjVlMzIwODI2ZTU2MDExZWM2ZGNjNDU5ODAxMmFiNjNiMzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFpIzm/ivX7/n+GPErsxCEhmBWNQ
5bPjFkAUFK8uHCZ+B0Q8b4nIWuy0Dubpg61RA5IIsmZtv7Efz9BQB1H9zxaTUkfc
xcARVSxzyuTUANut1vJoVKmX5pRozj9/L1REfnNVKqbke7IyS47tFApgS8LnV843
T2f4hFuBGIZWru2a4sYfktqhBUxNY9lCgWo6E1U6filTiqKdGIrfHyui4SBs0RVm
CZQUNWGSX9/t+Tmxs5RX/rELsG0Bs8vd395yM8D4N6jkcot9eMRp5dNSUWM8mEwp
yPMRu8yPBPjOTEeeQZLsJYxACG2a15ego5nbOTjHh87KnmHvzSKKNm3RWQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFOcFteMggm5WAR7G3MRZgBKrY7MQMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvNXdXMTR5Q0NibFlCSHNiY3hGbUFFcXRqc3hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAJU
IBgDBABUIB4DBABUIC4DBAFUIEwDBABUIE8DBABUILMDBABUINQDBAFUINYwDAME
AlQg3AMEAFQg3gMEAFQg8AMEAVQg8gMEAVQg/AMEAFjYEQMEAFjYXQMEAVjYgDAM
AwQCWNiEAwQAWNiGAwQAWNi+AwQAWNjVAwQAWNjXAwQAWNjcMA0GCSqGSIb3DQEB
CwUAA4IBAQCZIF9y+QY7HinoFBY9u8BiXnibbLhTy0tcG5C0/ImhmQE2mhx5TUIP
oo/2PbmOPbSvwfWIo/qGJE16WMaWNS0ACbYiUZnEIJQwByvSHqlBfE3K8nEcR9T5
zoLQiEmXoy15LFh5FKQ8NghhuW1PvxRmjriDbik/XfrJxncUXiTl0xN/4d4KKZHD
MIqcOAX0MXLdmVIxezni7/KE02dpJSPg3etnnPXwCRl80RO2se/tSC7QyL0SnrvX
O8bwA2iaQOkdjDLGJ1wygS9rkMVdNuFXuJgyV0rnWmwkR4iIfpjlLetor1OAreS5
rDsybP3R1xEQdVjM8fBdajSIYQjUanzA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:30 2024 by rpki-client on console-fra.rpki-client.org