Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/71CooYl_5kdZlggCEf8tJS-UE5A.roa
File:                     71CooYl_5kdZlggCEf8tJS-UE5A.roa (raw, json)
Hash identifier:          NrChoZlAsml04qAEiYhYDZApYGwrI2dZgsWw6k5ebZ0=
Subject key identifier:   EF:50:A8:A1:89:7F:E6:47:59:96:08:02:11:FF:2D:25:2F:94:13:90
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018CC5013EE4064FC8E4C129C7B8DB544078
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/71CooYl_5kdZlggCEf8tJS-UE5A.roa
Signing time:             Mon 01 Jan 2024 12:30:42 +0000
ROA not before:           Mon 01 Jan 2024 12:30:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43289
IP address blocks:        84.32.66.0/24 maxlen: 24
                          88.216.180.0/24 maxlen: 24
                          84.32.83.0/24 maxlen: 24
                          88.216.211.0/24 maxlen: 24
                          84.32.210.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 07 Jan 2024 08:58:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:01:3e:e4:06:4f:c8:e4:c1:29:c7:b8:db:54:40:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Jan  1 12:30:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ef50a8a1897fe6475996080211ff2d252f941390
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:ab:d5:d5:8e:d8:97:ac:5b:ce:ab:0f:30:23:
                    4c:66:b4:22:c9:3c:6d:08:88:d8:f9:7e:fd:ac:69:
                    0f:5f:b9:79:fd:72:22:34:59:74:d0:30:79:1a:22:
                    bd:6a:df:23:be:0b:57:f4:26:0a:d1:7b:8b:78:78:
                    d1:81:1b:32:82:95:82:db:75:61:c7:f1:bb:96:ce:
                    57:63:f4:6c:64:82:61:f0:58:fc:58:bc:2c:18:bf:
                    30:3f:ed:1c:a3:93:5b:94:1a:69:2d:05:f6:f3:2e:
                    49:42:9c:39:af:2f:87:50:bf:d6:45:3c:ad:72:8d:
                    e5:ab:aa:ef:0c:68:07:bf:b2:89:a1:26:1c:dc:56:
                    03:07:d0:84:d8:d2:af:56:6d:e0:2f:ec:ce:8f:d9:
                    b4:f9:58:ae:83:b5:3f:b5:ea:ed:7d:64:3f:97:d8:
                    b7:5c:0d:5e:5c:a5:2a:84:a3:bd:69:c3:f1:d6:f0:
                    38:9a:98:21:39:e2:62:6f:35:6f:da:a0:2e:9b:0a:
                    1b:aa:7b:a8:99:d6:ac:7b:fa:51:5a:79:98:7f:3e:
                    80:ad:ef:b8:5e:0b:59:8d:c9:0b:d3:47:89:60:07:
                    10:d8:23:2e:cb:38:cf:af:48:54:93:d6:d9:93:67:
                    60:26:17:7c:50:7e:99:f9:84:74:33:c7:6c:86:a3:
                    54:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:50:A8:A1:89:7F:E6:47:59:96:08:02:11:FF:2D:25:2F:94:13:90
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/71CooYl_5kdZlggCEf8tJS-UE5A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.66.0/24
                  84.32.83.0/24
                  84.32.210.0/24
                  88.216.180.0/24
                  88.216.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:d3:6a:0b:ff:74:53:bd:1e:24:66:c2:10:b4:65:44:b0:2d:
         9e:4a:87:37:0c:d4:3e:8b:74:7b:29:c5:59:1e:b4:43:ff:0d:
         6b:98:d8:d4:c3:1b:a9:1d:ed:3f:78:12:e9:df:7e:e7:64:16:
         3c:d7:23:8d:b1:97:4f:fa:a0:74:f7:98:0e:e8:3c:7f:58:14:
         b0:84:80:50:4a:7a:dc:a1:9e:39:36:59:9b:de:bd:b9:5a:47:
         cc:4d:e6:80:ec:65:26:8f:d7:7e:ef:b5:00:32:70:6e:6d:04:
         1f:59:1b:e6:6d:57:07:22:a7:7e:04:fa:f0:12:ab:bf:a2:64:
         2e:1b:85:df:2f:29:4f:69:17:4e:9a:db:ed:c9:56:9b:a4:72:
         04:df:ab:af:b4:4c:7f:88:96:a8:1d:1a:86:ec:9a:d2:6c:26:
         25:67:67:19:72:f8:7a:95:d0:63:63:c2:4d:ae:88:a9:0c:04:
         07:e6:c3:b3:69:1a:46:82:94:5f:56:6f:28:cd:f1:c8:f5:99:
         c9:f8:6e:59:55:1e:53:5e:52:28:41:6c:09:b2:96:15:a2:d8:
         54:e8:b2:5b:3b:36:d4:8e:53:12:17:b4:39:9d:a9:3e:00:b0:
         7d:3a:52:b7:b4:58:ee:f7:19:3c:dc:9f:b9:08:06:87:6e:4a:
         16:06:f8:2b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzFAT7kBk/I5MEpx7jbVEB4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAxMTIzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjUwYThhMTg5N2ZlNjQ3NTk5NjA4MDIxMWZmMmQyNTJmOTQxMzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4avV1Y7Yl6xbzqsPMCNMZrQiyTxt
CIjY+X79rGkPX7l5/XIiNFl00DB5GiK9at8jvgtX9CYK0XuLeHjRgRsygpWC23Vh
x/G7ls5XY/RsZIJh8Fj8WLwsGL8wP+0co5NblBppLQX28y5JQpw5ry+HUL/WRTyt
co3lq6rvDGgHv7KJoSYc3FYDB9CE2NKvVm3gL+zOj9m0+Viug7U/tertfWQ/l9i3
XA1eXKUqhKO9acPx1vA4mpghOeJibzVv2qAumwobqnuomdase/pRWnmYfz6Are+4
XgtZjckL00eJYAcQ2CMuyzjPr0hUk9bZk2dgJhd8UH6Z+YR0M8dshqNUJQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFO9QqKGJf+ZHWZYIAhH/LSUvlBOQMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvNzFDb29ZbF81a2RabGdnQ0VmOHRKUy1VRTVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVCBCAwQA
VCBTAwQAVCDSAwQAWNi0AwQAWNjTMA0GCSqGSIb3DQEBCwUAA4IBAQCE02oL/3RT
vR4kZsIQtGVEsC2eSoc3DNQ+i3R7KcVZHrRD/w1rmNjUwxupHe0/eBLp337nZBY8
1yONsZdP+qB095gO6Dx/WBSwhIBQSnrcoZ45Nlmb3r25WkfMTeaA7GUmj9d+77UA
MnBubQQfWRvmbVcHIqd+BPrwEqu/omQuG4XfLylPaRdOmtvtyVabpHIE36uvtEx/
iJaoHRqG7JrSbCYlZ2cZcvh6ldBjY8JNroipDAQH5sOzaRpGgpRfVm8ozfHI9ZnJ
+G5ZVR5TXlIoQWwJspYVothU6LJbOzbUjlMSF7Q5nak+ALB9OlK3tFju9xk83J+5
CAaHbkoWBvgr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:24 2024 by rpki-client on console-ams.rpki-client.org