Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Dbj_CyivS3q-hpW_-tXD9tSZ1yo.roa
File:                     Dbj_CyivS3q-hpW_-tXD9tSZ1yo.roa (raw, json)
Hash identifier:          fv9ff34weXk1j27ttLWr856xkiLF411QqefooEY7JF4=
Subject key identifier:   0D:B8:FF:0B:28:AF:4B:7A:BE:86:95:BF:FA:D5:C3:F6:D4:99:D7:2A
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018CC50138D3F7B9DC97FB44522D35D1AA52
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Dbj_CyivS3q-hpW_-tXD9tSZ1yo.roa
Signing time:             Mon 01 Jan 2024 12:30:40 +0000
ROA not before:           Mon 01 Jan 2024 12:30:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     7018
IP address blocks:        84.32.52.0/22 maxlen: 24
                          88.216.185.0/24 maxlen: 24
                          88.216.98.0/24 maxlen: 24
                          88.216.103.0/24 maxlen: 24
                          88.216.212.0/24 maxlen: 24
                          88.216.213.0/24 maxlen: 24
                          88.216.215.0/24 maxlen: 24
                          84.32.6.0/24 maxlen: 24
                          88.216.21.0/24 maxlen: 24
                          88.216.20.0/24 maxlen: 24
                          88.216.252.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Thu 24 Oct 2024 10:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:01:38:d3:f7:b9:dc:97:fb:44:52:2d:35:d1:aa:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Jan  1 12:30:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0db8ff0b28af4b7abe8695bffad5c3f6d499d72a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:b4:6c:5b:94:1c:d8:f0:dd:21:ed:7c:2e:9c:
                    a0:51:13:51:22:e7:bb:72:40:1e:02:3f:ff:f5:1a:
                    80:b1:47:05:3c:15:0d:a6:d8:c7:b3:26:36:0b:d4:
                    9b:b8:d2:ab:2b:f4:34:20:69:5b:7f:dd:54:40:2c:
                    fb:2c:0f:ef:3a:9c:83:fa:7b:36:ce:ef:1e:d2:96:
                    3a:09:a7:7a:11:a7:ff:4f:0b:47:6a:2b:33:3e:3c:
                    c2:8e:cb:66:32:ee:84:9b:a9:88:66:8b:88:01:46:
                    17:50:60:dd:d0:8e:7b:29:1d:08:61:d0:40:98:ea:
                    01:04:76:20:0b:cf:73:49:03:25:f9:5b:c7:ca:6c:
                    1c:e6:33:dd:d8:7d:49:bf:99:17:78:8e:bb:1a:4b:
                    de:9e:d5:24:46:25:e9:16:a1:88:cb:20:2d:11:6b:
                    7e:39:58:ed:00:7e:ad:f3:87:5e:16:69:79:76:d1:
                    fc:2b:ca:39:3e:74:14:3c:8f:1f:ab:2e:b6:e4:5e:
                    ac:e2:2e:a6:cd:59:7b:4d:b2:20:13:b9:88:4c:7e:
                    d9:f6:5a:25:98:1e:c6:80:cf:81:11:3b:1b:38:17:
                    c4:a4:d7:15:b5:ef:e4:b7:1e:76:80:82:1d:82:76:
                    05:1b:c0:e0:f9:0f:7e:03:22:21:65:1a:64:9d:d9:
                    30:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:B8:FF:0B:28:AF:4B:7A:BE:86:95:BF:FA:D5:C3:F6:D4:99:D7:2A
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Dbj_CyivS3q-hpW_-tXD9tSZ1yo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.6.0/24
                  84.32.52.0/22
                  88.216.20.0/23
                  88.216.98.0/24
                  88.216.103.0/24
                  88.216.185.0/24
                  88.216.212.0/23
                  88.216.215.0/24
                  88.216.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a1:61:e2:c4:1f:4f:65:89:b9:4c:58:ac:e3:ff:70:10:63:c6:
         39:1f:42:fc:ab:a3:7c:dd:65:8a:ec:31:d3:2b:de:6f:1d:52:
         68:6e:9e:43:30:b8:d1:34:88:5d:00:a5:d3:d8:d2:a5:3d:d7:
         d1:8d:c2:9f:7f:e1:b2:c0:d6:d9:6f:e2:96:72:9e:d5:df:49:
         0a:8a:39:f4:da:e2:80:53:7c:0f:9a:44:4d:2a:c0:3a:64:1c:
         e1:76:5b:65:e1:a4:6f:50:0b:5f:89:31:50:61:e7:dd:dc:6f:
         4c:f3:72:7d:19:65:d8:79:2e:d5:a0:08:81:53:f1:39:97:89:
         ce:71:79:d2:55:64:92:f2:6f:56:4f:92:98:9c:a8:ef:6b:32:
         34:a9:50:6a:17:a5:b7:15:95:70:c6:a7:b4:c2:c5:9d:aa:03:
         22:30:3b:c0:5b:d4:a1:f3:8a:a7:f4:83:36:8a:de:68:27:e7:
         6e:03:3d:28:83:30:dd:da:5c:44:e0:46:8d:89:1e:3f:91:0c:
         bc:00:04:20:96:63:eb:ed:e1:c3:cf:57:dd:27:e7:e8:a9:4c:
         13:9e:65:4d:36:0e:54:55:b2:40:40:05:75:01:ec:cb:bf:86:
         e6:7f:37:71:db:f4:3a:6e:ef:63:3c:43:0d:ec:82:b6:8d:97:
         89:9e:aa:2c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzFATjT97ncl/tEUi010apSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAxMTIzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGI4ZmYwYjI4YWY0YjdhYmU4Njk1YmZmYWQ1YzNmNmQ0OTlkNzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLRsW5Qc2PDdIe18LpygURNRIue7
ckAeAj//9RqAsUcFPBUNptjHsyY2C9SbuNKrK/Q0IGlbf91UQCz7LA/vOpyD+ns2
zu8e0pY6Cad6Eaf/TwtHaiszPjzCjstmMu6Em6mIZouIAUYXUGDd0I57KR0IYdBA
mOoBBHYgC89zSQMl+VvHymwc5jPd2H1Jv5kXeI67GkventUkRiXpFqGIyyAtEWt+
OVjtAH6t84deFml5dtH8K8o5PnQUPI8fqy625F6s4i6mzVl7TbIgE7mITH7Z9lol
mB7GgM+BETsbOBfEpNcVte/ktx52gIIdgnYFG8Dg+Q9+AyIhZRpkndkwswIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFA24/wsor0t6voaVv/rVw/bUmdcqMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvRGJqX0N5aXZTM3EtaHBXXy10WEQ5dFNaMXlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVCAGAwQC
VCA0AwQBWNgUAwQAWNhiAwQAWNhnAwQAWNi5AwQBWNjUAwQAWNjXAwQCWNj8MA0G
CSqGSIb3DQEBCwUAA4IBAQChYeLEH09liblMWKzj/3AQY8Y5H0L8q6N83WWK7DHT
K95vHVJobp5DMLjRNIhdAKXT2NKlPdfRjcKff+GywNbZb+KWcp7V30kKijn02uKA
U3wPmkRNKsA6ZBzhdltl4aRvUAtfiTFQYefd3G9M83J9GWXYeS7VoAiBU/E5l4nO
cXnSVWSS8m9WT5KYnKjvazI0qVBqF6W3FZVwxqe0wsWdqgMiMDvAW9Sh84qn9IM2
it5oJ+duAz0ogzDd2lxE4EaNiR4/kQy8AAQglmPr7eHDz1fdJ+foqUwTnmVNNg5U
VbJAQAV1AezLv4bmfzdx2/Q6bu9jPEMN7IK2jZeJnqos
-----END CERTIFICATE-----
Generated at Thu Oct 24 12:46:46 2024 by rpki-client on console-fra.rpki-client.org