Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HHHVBNkQodBuLNFaxkKYYaAfn-E.roa
File:                     HHHVBNkQodBuLNFaxkKYYaAfn-E.roa (raw, json)
Hash identifier:          up8N0v0OIGO2+keT40tin7nLOxag9U8XAbfkFGGO4mU=
Subject key identifier:   1C:71:D5:04:D9:10:A1:D0:6E:2C:D1:5A:C6:42:98:61:A0:1F:9F:E1
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0185BE6BA01BFBB263D35B333C83BA659188
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HHHVBNkQodBuLNFaxkKYYaAfn-E.roa
Signing time:             Tue 17 Jan 2023 06:30:02 +0000
ROA not before:           Tue 17 Jan 2023 06:30:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211237
IP address blocks:        88.216.199.0/24 maxlen: 24
                          88.216.211.0/24 maxlen: 24
                          88.216.210.0/24 maxlen: 24
                          84.32.218.0/24 maxlen: 24
                          84.32.226.0/24 maxlen: 24
                          84.32.232.0/24 maxlen: 24
                          84.32.239.0/24 maxlen: 24
                          84.32.245.0/24 maxlen: 24
                          88.216.134.0/24 maxlen: 24
                          84.32.58.0/24 maxlen: 24
                          84.32.71.0/24 maxlen: 24
                          84.32.88.0/24 maxlen: 24
                          84.32.93.0/24 maxlen: 24
                          84.32.10.0/24 maxlen: 24
                          84.32.8.0/24 maxlen: 24
                          84.32.24.0/24 maxlen: 24
                          84.32.48.0/24 maxlen: 24
                          84.32.50.0/24 maxlen: 24
                          84.32.177.0/24 maxlen: 24
                          88.216.92.0/24 maxlen: 24
                          84.32.108.0/24 maxlen: 24
                          88.216.3.0/24 maxlen: 24
                          88.216.22.0/24 maxlen: 24
                          88.216.32.0/24 maxlen: 24
                          84.32.150.0/24 maxlen: 24
                          84.32.151.0/24 maxlen: 24
                          88.216.46.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 17 Jan 2023 15:27:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:be:6b:a0:1b:fb:b2:63:d3:5b:33:3c:83:ba:65:91:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Jan 17 06:30:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1c71d504d910a1d06e2cd15ac6429861a01f9fe1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:c5:c2:3c:7e:5a:b5:4b:31:3a:74:91:37:db:
                    d7:06:ce:9d:60:f3:56:24:05:ef:37:22:d2:62:66:
                    dc:48:d5:bb:84:21:4b:e6:30:59:65:52:29:80:44:
                    1c:76:5d:c8:53:16:b9:1e:64:6b:de:46:29:97:af:
                    17:62:bd:65:9f:03:de:42:b6:35:6b:b2:81:ed:38:
                    57:38:ed:ea:dd:75:19:e1:4d:d3:19:d2:c0:4b:1e:
                    69:2f:a1:de:c0:af:3c:f5:0d:74:8e:f0:9f:59:6f:
                    11:4c:5e:d9:ac:5d:66:ab:a4:97:57:bd:dd:6b:18:
                    0d:2f:f7:35:e0:38:df:58:b8:41:a9:f8:0b:4d:70:
                    72:b4:ca:78:5f:c3:09:b0:67:ca:67:1c:6f:f6:8d:
                    ab:26:24:42:45:77:6d:b4:ca:a8:e0:69:48:de:57:
                    c8:c6:68:45:15:e8:d8:09:2a:07:13:a6:a3:51:ef:
                    ac:7a:da:65:1a:c1:7e:96:09:9d:10:91:e7:06:08:
                    43:2f:aa:de:7f:41:0e:55:28:ca:65:8c:35:c5:82:
                    cf:de:6e:ff:b4:1e:4f:3c:f5:99:ef:cc:42:19:dc:
                    c5:fe:77:d2:2f:a3:13:d6:af:94:eb:08:6f:68:19:
                    6d:93:89:9e:1a:1b:b3:9b:9f:75:a9:02:6b:6d:67:
                    3e:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:71:D5:04:D9:10:A1:D0:6E:2C:D1:5A:C6:42:98:61:A0:1F:9F:E1
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HHHVBNkQodBuLNFaxkKYYaAfn-E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.8.0/24
                  84.32.10.0/24
                  84.32.24.0/24
                  84.32.48.0/24
                  84.32.50.0/24
                  84.32.58.0/24
                  84.32.71.0/24
                  84.32.88.0/24
                  84.32.93.0/24
                  84.32.108.0/24
                  84.32.150.0/23
                  84.32.177.0/24
                  84.32.218.0/24
                  84.32.226.0/24
                  84.32.232.0/24
                  84.32.239.0/24
                  84.32.245.0/24
                  88.216.3.0/24
                  88.216.22.0/24
                  88.216.32.0/24
                  88.216.46.0/24
                  88.216.92.0/24
                  88.216.134.0/24
                  88.216.199.0/24
                  88.216.210.0/23

    Signature Algorithm: sha256WithRSAEncryption
         76:3b:1b:86:91:8b:cf:e7:4c:1b:75:4a:4b:3a:f2:28:36:95:
         c4:a4:8c:e4:b5:b6:d0:9d:d2:d2:f3:d6:16:db:4c:68:10:ff:
         32:f3:ce:7d:5d:65:bb:52:fe:24:22:14:00:e2:10:6f:99:1f:
         85:d6:a6:7a:fe:39:bc:29:c5:2e:53:3a:25:78:78:34:7c:c6:
         bf:fa:e1:63:8c:b0:7a:f6:59:4c:1d:d5:65:71:17:79:9a:23:
         18:c0:90:0e:22:bb:fb:2a:70:7f:35:dc:7c:83:a3:96:44:fb:
         33:cb:ae:0a:7e:1a:a7:0e:d2:61:c4:4a:56:6c:3b:e1:58:c1:
         78:d1:fc:b1:33:60:55:7d:76:bb:37:e8:58:9e:fd:73:6f:5c:
         ac:4b:c7:89:ee:2e:a9:22:f5:89:67:fa:89:b9:20:69:21:c1:
         09:60:0a:18:51:1f:8c:90:87:e1:77:a1:96:59:b2:68:b3:d5:
         a8:ba:ce:91:e2:17:4a:a2:43:ef:7c:da:e3:ef:49:8e:80:26:
         dd:04:36:d3:b0:6a:3f:3c:70:d4:a1:03:96:28:24:d6:c3:4b:
         c1:50:53:5d:bc:ad:e9:77:69:26:91:4e:d8:6c:bb:96:02:fe:
         7c:57:e8:17:55:23:26:79:76:d1:e6:e0:b4:8d:11:22:42:76:
         f7:c3:2d:ca
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYW+a6Ab+7Jj01szPIO6ZZGIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTE3MDYzMDAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzcxZDUwNGQ5MTBhMWQwNmUyY2QxNWFjNjQyOTg2MWEwMWY5ZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsXCPH5atUsxOnSRN9vXBs6dYPNW
JAXvNyLSYmbcSNW7hCFL5jBZZVIpgEQcdl3IUxa5HmRr3kYpl68XYr1lnwPeQrY1
a7KB7ThXOO3q3XUZ4U3TGdLASx5pL6HewK889Q10jvCfWW8RTF7ZrF1mq6SXV73d
axgNL/c14DjfWLhBqfgLTXBytMp4X8MJsGfKZxxv9o2rJiRCRXdttMqo4GlI3lfI
xmhFFejYCSoHE6ajUe+setplGsF+lgmdEJHnBghDL6ref0EOVSjKZYw1xYLP3m7/
tB5PPPWZ78xCGdzF/nfSL6MT1q+U6whvaBltk4meGhuzm591qQJrbWc+BwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFBxx1QTZEKHQbizRWsZCmGGgH5/hMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSEhIVkJOa1FvZEJ1TE5GYXhrS1lZYUFmbi1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBABU
IAgDBABUIAoDBABUIBgDBABUIDADBABUIDIDBABUIDoDBABUIEcDBABUIFgDBABU
IF0DBABUIGwDBAFUIJYDBABUILEDBABUINoDBABUIOIDBABUIOgDBABUIO8DBABU
IPUDBABY2AMDBABY2BYDBABY2CADBABY2C4DBABY2FwDBABY2IYDBABY2McDBAFY
2NIwDQYJKoZIhvcNAQELBQADggEBAHY7G4aRi8/nTBt1Sks68ig2lcSkjOS1ttCd
0tLz1hbbTGgQ/zLzzn1dZbtS/iQiFADiEG+ZH4XWpnr+ObwpxS5TOiV4eDR8xr/6
4WOMsHr2WUwd1WVxF3maIxjAkA4iu/sqcH813HyDo5ZE+zPLrgp+GqcO0mHESlZs
O+FYwXjR/LEzYFV9drs36Fie/XNvXKxLx4nuLqki9Yln+om5IGkhwQlgChhRH4yQ
h+F3oZZZsmiz1ai6zpHiF0qiQ+982uPvSY6AJt0ENtOwaj88cNShA5YoJNbDS8FQ
U128rel3aSaRTthsu5YC/nxX6BdVIyZ5dtHm4LSNESJCdvfDLco=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:31 2024 by rpki-client on console-fra.rpki-client.org