Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CZx4_Mv9gOGs9CXpCkeCIkOClM0.roa
File:                     CZx4_Mv9gOGs9CXpCkeCIkOClM0.roa (raw, json)
Hash identifier:          +7f4x7Eo6SsgPH50D/WsXJh+0Qcws2/6+W6ou/dCGnc=
Subject key identifier:   09:9C:78:FC:CB:FD:80:E1:AC:F4:25:E9:0A:47:82:22:43:82:94:CD
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018ACAFB8B953D5093DFAAE9E4ED479EFEA5
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CZx4_Mv9gOGs9CXpCkeCIkOClM0.roa
Signing time:             Mon 25 Sep 2023 06:16:37 +0000
ROA not before:           Mon 25 Sep 2023 06:16:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7018
IP address blocks:        84.32.52.0/22 maxlen: 24
                          88.216.185.0/24 maxlen: 24
                          88.216.98.0/24 maxlen: 24
                          88.216.103.0/24 maxlen: 24
                          88.216.212.0/24 maxlen: 24
                          88.216.213.0/24 maxlen: 24
                          88.216.215.0/24 maxlen: 24
                          84.32.6.0/24 maxlen: 24
                          88.216.21.0/24 maxlen: 24
                          88.216.20.0/24 maxlen: 24
                          88.216.252.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:ca:fb:8b:95:3d:50:93:df:aa:e9:e4:ed:47:9e:fe:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Sep 25 06:16:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=099c78fccbfd80e1acf425e90a478222438294cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:28:6b:6f:9e:75:d8:39:13:48:07:5b:04:31:
                    38:02:f8:af:25:5a:02:86:7b:e7:95:f5:5f:eb:03:
                    69:7c:5c:2f:55:19:e2:9e:d8:b7:a1:85:cd:de:41:
                    ae:f5:ca:29:b1:d6:07:50:5e:32:df:4e:aa:55:84:
                    bb:49:f1:44:0d:06:40:cc:66:03:ab:0f:d9:c5:fd:
                    c0:ba:d9:8b:71:32:99:9b:41:19:5f:7c:9e:8a:45:
                    f7:bb:dc:4a:1c:3d:70:32:c7:a5:39:76:35:f4:7e:
                    bd:e2:70:11:eb:c6:8b:d9:02:3e:5b:f7:66:77:62:
                    42:7b:77:8d:f2:73:25:7b:7b:9d:40:fc:95:b0:67:
                    49:dd:e0:17:97:80:ef:2e:7b:31:bb:2b:ef:e0:ce:
                    b4:0f:ed:5e:e4:d1:09:d1:36:bb:24:5c:45:12:4c:
                    d9:3b:f1:f5:05:2a:4f:06:49:56:86:fe:20:4e:0e:
                    e6:02:57:f9:07:d3:e4:a6:2c:4e:a2:4f:15:a7:65:
                    6c:b2:be:8b:92:1a:33:b2:37:3b:0f:01:d4:60:c0:
                    00:58:46:1a:56:2c:ad:bb:9f:78:b0:67:7f:ad:16:
                    92:bc:2c:fe:9d:10:72:7b:fe:12:e7:b4:39:5c:e7:
                    c9:e4:9d:0e:bf:41:79:89:76:bd:bb:2e:8f:69:44:
                    d5:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:9C:78:FC:CB:FD:80:E1:AC:F4:25:E9:0A:47:82:22:43:82:94:CD
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CZx4_Mv9gOGs9CXpCkeCIkOClM0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.6.0/24
                  84.32.52.0/22
                  88.216.20.0/23
                  88.216.98.0/24
                  88.216.103.0/24
                  88.216.185.0/24
                  88.216.212.0/23
                  88.216.215.0/24
                  88.216.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         57:6f:ab:00:b5:05:36:e1:94:06:3a:c8:6b:1b:82:5f:cd:ab:
         f6:8f:9f:01:b0:49:50:ae:5d:19:fa:7d:a3:69:20:83:db:13:
         80:ce:d4:d2:b5:b1:ec:c5:3c:1d:eb:25:22:83:03:ff:21:26:
         d9:cc:a8:51:3d:32:49:4d:68:f0:2a:2f:3c:3e:3f:69:fa:a6:
         e5:ed:76:66:4c:92:36:1b:95:95:bf:b9:df:12:b0:e4:11:2b:
         24:1c:a7:12:95:17:f5:d7:6b:2c:38:8f:cb:42:77:c7:f8:ad:
         b8:be:3a:b5:fa:49:6b:3e:34:cf:c6:11:96:42:8e:90:3f:a1:
         86:c8:ff:3a:7c:2c:47:ac:19:a9:d0:a5:7e:17:30:40:df:ee:
         62:2c:51:0d:5c:07:16:fb:24:65:89:d7:00:51:a2:70:d1:4e:
         58:ac:05:04:e4:ef:c9:a3:18:67:6b:52:6d:b6:a4:27:24:75:
         a6:74:7f:34:18:93:2d:92:44:ac:57:a4:ff:82:38:a2:1c:f2:
         4b:ed:07:ec:e7:6a:83:e2:5a:77:e4:22:9b:4e:57:b9:46:1c:
         8f:2f:e5:74:6b:6b:1e:cc:be:69:40:dd:7e:b2:9f:16:7e:56:
         ec:ca:19:62:89:57:e5:f6:91:99:e5:d5:4d:bc:48:3c:3a:bf:
         68:b3:b1:ec
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYrK+4uVPVCT36rp5O1Hnv6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwOTI1MDYxNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTljNzhmY2NiZmQ4MGUxYWNmNDI1ZTkwYTQ3ODIyMjQzODI5NGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yhrb5512DkTSAdbBDE4AvivJVoC
hnvnlfVf6wNpfFwvVRninti3oYXN3kGu9copsdYHUF4y306qVYS7SfFEDQZAzGYD
qw/Zxf3AutmLcTKZm0EZX3yeikX3u9xKHD1wMselOXY19H694nAR68aL2QI+W/dm
d2JCe3eN8nMle3udQPyVsGdJ3eAXl4DvLnsxuyvv4M60D+1e5NEJ0Ta7JFxFEkzZ
O/H1BSpPBklWhv4gTg7mAlf5B9PkpixOok8Vp2Vssr6Lkhozsjc7DwHUYMAAWEYa
Viytu594sGd/rRaSvCz+nRBye/4S57Q5XOfJ5J0Ov0F5iXa9uy6PaUTVkQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAmcePzL/YDhrPQl6QpHgiJDgpTNMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQ1p4NF9NdjlnT0dzOUNYcENrZUNJa09DbE0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVCAGAwQC
VCA0AwQBWNgUAwQAWNhiAwQAWNhnAwQAWNi5AwQBWNjUAwQAWNjXAwQCWNj8MA0G
CSqGSIb3DQEBCwUAA4IBAQBXb6sAtQU24ZQGOshrG4Jfzav2j58BsElQrl0Z+n2j
aSCD2xOAztTStbHsxTwd6yUigwP/ISbZzKhRPTJJTWjwKi88Pj9p+qbl7XZmTJI2
G5WVv7nfErDkESskHKcSlRf112ssOI/LQnfH+K24vjq1+klrPjTPxhGWQo6QP6GG
yP86fCxHrBmp0KV+FzBA3+5iLFENXAcW+yRlidcAUaJw0U5YrAUE5O/Joxhna1Jt
tqQnJHWmdH80GJMtkkSsV6T/gjiiHPJL7Qfs52qD4lp35CKbTle5RhyPL+V0a2se
zL5pQN1+sp8WflbsyhliiVfl9pGZ5dVNvEg8Or9os7Hs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:31 2024 by rpki-client on console-fra.rpki-client.org