Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/AAYQJ7w_0DF8uFj8KBn-iMdkEKw.roa
File:                     AAYQJ7w_0DF8uFj8KBn-iMdkEKw.roa (raw, json)
Hash identifier:          xh03JAbPixpPmTM5NUKHMW+rB/R5H+j+SGekt7f5AmM=
Subject key identifier:   00:06:10:27:BC:3F:D0:31:7C:B8:58:FC:28:19:FE:88:C7:64:10:AC
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       01867A7BC5E67563DF304429297F05BD87B1
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/AAYQJ7w_0DF8uFj8KBn-iMdkEKw.roa
Signing time:             Wed 22 Feb 2023 18:56:17 +0000
ROA not before:           Wed 22 Feb 2023 18:56:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59642
IP address blocks:        84.32.184.0/22 maxlen: 24
                          88.216.189.0/24 maxlen: 24
                          84.32.188.0/22 maxlen: 22
                          88.216.93.0/24 maxlen: 24
                          84.32.108.0/23 maxlen: 24
                          84.32.250.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 28 Feb 2023 14:22:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:7a:7b:c5:e6:75:63:df:30:44:29:29:7f:05:bd:87:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Feb 22 18:56:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=00061027bc3fd0317cb858fc2819fe88c76410ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:df:2e:d0:ad:20:c5:74:c0:31:57:f9:8f:27:
                    00:20:2d:36:d1:4a:a3:64:39:a7:88:60:f2:ee:fa:
                    46:80:e1:bb:6e:62:ef:73:ad:ec:a6:9b:c2:e1:60:
                    91:4d:f4:16:53:d0:2f:90:19:3b:cd:78:7b:cc:11:
                    cd:54:e0:d0:4e:65:4d:82:8c:66:11:ae:b9:62:75:
                    ba:73:b9:98:fc:d9:08:66:c8:2b:64:bb:09:c0:15:
                    b5:ca:a0:9f:e4:05:6c:c6:a5:72:bd:dd:c0:74:9a:
                    ea:15:99:dd:d3:ee:54:16:f3:c0:71:b3:49:70:5c:
                    14:cd:6e:d0:ac:4a:50:38:9d:ec:88:73:4f:ce:df:
                    0e:47:d0:d5:2a:97:b9:50:fd:c3:ba:53:8f:10:53:
                    ee:a0:a0:78:7f:62:e6:b8:56:b5:f4:16:7b:28:39:
                    bb:8f:ff:93:10:86:62:6a:85:f1:57:d2:4e:74:92:
                    4d:10:94:c1:f8:26:f7:2a:97:13:6f:be:8b:96:3b:
                    f9:d9:de:35:11:3c:a8:f1:ea:7f:5d:4e:cb:ee:55:
                    96:2d:a5:e4:2f:67:35:7f:98:16:0c:4e:88:78:01:
                    d7:cb:b9:7a:97:e7:23:d4:3a:ae:08:22:50:1a:b4:
                    03:f8:ca:92:5d:ca:2a:dd:65:21:77:3c:a1:e9:eb:
                    80:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:06:10:27:BC:3F:D0:31:7C:B8:58:FC:28:19:FE:88:C7:64:10:AC
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/AAYQJ7w_0DF8uFj8KBn-iMdkEKw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.108.0/23
                  84.32.184.0/21
                  84.32.250.0/24
                  88.216.93.0/24
                  88.216.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:60:3d:50:cd:6b:98:dc:c4:dd:41:39:5c:4b:3b:3b:ca:9f:
         28:0f:09:25:3d:3e:71:28:db:6b:a4:89:d3:c0:f7:c6:74:61:
         31:86:41:9f:3d:8a:2a:a8:6b:78:72:ba:cc:7e:2e:cb:ab:a8:
         0c:af:ab:07:bb:e6:22:8a:d0:0f:05:65:ed:de:c8:ea:72:e0:
         77:3c:7f:4c:22:35:37:31:f9:76:42:d8:e7:b6:13:e7:c3:b2:
         42:93:cf:9e:21:d7:2d:fa:11:ce:c3:52:3d:38:5f:63:f1:33:
         63:34:a4:35:05:2f:58:fe:de:ab:0a:ed:ac:d6:ee:c5:b6:21:
         69:9b:15:71:af:03:ab:a6:fc:27:eb:27:c0:96:0c:9f:a3:e5:
         7a:38:55:f6:1d:2d:6a:21:de:bc:e7:db:c7:d5:92:4b:8d:45:
         ca:88:b6:b1:48:8d:58:74:ad:d2:81:48:8c:4c:06:9e:93:76:
         42:a0:60:4a:68:24:28:f3:da:e9:53:cd:ed:f3:17:b3:15:ab:
         09:66:44:d5:ef:f2:32:b4:44:ef:33:a9:b5:d8:07:2f:5d:73:
         b9:3e:9d:da:3e:2a:99:9f:6b:1e:7d:a8:5f:86:da:a4:8b:a4:
         cd:11:6b:53:7b:62:09:86:d4:e3:e0:dc:e8:25:f8:ba:50:db:
         d9:4b:c5:0a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYZ6e8XmdWPfMEQpKX8FvYexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjIyMTg1NjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDA2MTAyN2JjM2ZkMDMxN2NiODU4ZmMyODE5ZmU4OGM3NjQxMGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsN8u0K0gxXTAMVf5jycAIC020Uqj
ZDmniGDy7vpGgOG7bmLvc63sppvC4WCRTfQWU9AvkBk7zXh7zBHNVODQTmVNgoxm
Ea65YnW6c7mY/NkIZsgrZLsJwBW1yqCf5AVsxqVyvd3AdJrqFZnd0+5UFvPAcbNJ
cFwUzW7QrEpQOJ3siHNPzt8OR9DVKpe5UP3DulOPEFPuoKB4f2LmuFa19BZ7KDm7
j/+TEIZiaoXxV9JOdJJNEJTB+Cb3KpcTb76Lljv52d41ETyo8ep/XU7L7lWWLaXk
L2c1f5gWDE6IeAHXy7l6l+cj1DquCCJQGrQD+MqSXcoq3WUhdzyh6euAPQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAAGECe8P9AxfLhY/CgZ/ojHZBCsMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQUFZUUo3d18wREY4dUZqOEtCbi1pTWRrRUt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBVCBsAwQD
VCC4AwQAVCD6AwQAWNhdAwQAWNi9MA0GCSqGSIb3DQEBCwUAA4IBAQBGYD1QzWuY
3MTdQTlcSzs7yp8oDwklPT5xKNtrpInTwPfGdGExhkGfPYoqqGt4crrMfi7Lq6gM
r6sHu+YiitAPBWXt3sjqcuB3PH9MIjU3Mfl2QtjnthPnw7JCk8+eIdct+hHOw1I9
OF9j8TNjNKQ1BS9Y/t6rCu2s1u7FtiFpmxVxrwOrpvwn6yfAlgyfo+V6OFX2HS1q
Id6859vH1ZJLjUXKiLaxSI1YdK3SgUiMTAaek3ZCoGBKaCQo89rpU83t8xezFasJ
ZkTV7/IytETvM6m12AcvXXO5Pp3aPiqZn2sefahfhtqki6TNEWtTe2IJhtTj4Nzo
Jfi6UNvZS8UK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:25 2024 by rpki-client on console-ams.rpki-client.org