Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/IXv7gabUkQxTlxWsa5Jf4qsCOAo.roa
File:                     IXv7gabUkQxTlxWsa5Jf4qsCOAo.roa (raw, json)
Hash identifier:          oewqwhk70sbGCULPQde47sU83IRAN1GvBuB3t6saSWw=
Subject key identifier:   21:7B:FB:81:A6:D4:91:0C:53:97:15:AC:6B:92:5F:E2:AB:02:38:0A
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0187F008CF3E848393713A1F1B4F463AE25C
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/IXv7gabUkQxTlxWsa5Jf4qsCOAo.roa
Signing time:             Sat 06 May 2023 07:48:41 +0000
ROA not before:           Sat 06 May 2023 07:48:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        84.32.63.0/24 maxlen: 24
                          84.32.178.0/23 maxlen: 24
                          84.32.174.0/23 maxlen: 24
                          88.216.186.0/24 maxlen: 24
                          88.216.181.0/24 maxlen: 24
                          84.32.95.0/24 maxlen: 24
                          88.216.2.0/24 maxlen: 24
                          84.32.15.0/24 maxlen: 24
                          84.32.24.0/24 maxlen: 24
                          84.32.32.0/24 maxlen: 24
                          88.216.34.0/24 maxlen: 24
                          84.32.149.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 08 May 2023 05:53:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:f0:08:cf:3e:84:83:93:71:3a:1f:1b:4f:46:3a:e2:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: May  6 07:48:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=217bfb81a6d4910c539715ac6b925fe2ab02380a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:76:79:83:df:49:eb:7e:c8:a3:f4:95:f9:51:
                    f6:1f:d0:c5:2d:37:c0:32:05:ac:4b:b6:6d:06:cc:
                    8b:26:a8:bb:05:52:0c:4d:2a:63:c2:a8:ae:60:39:
                    22:93:0c:da:c2:f0:14:1c:85:63:c1:8e:d0:44:6b:
                    36:f2:88:92:37:2c:df:3f:96:cc:d3:b7:d7:bc:63:
                    53:42:c9:8a:f5:94:0f:ce:c4:29:2e:ef:ee:bd:1f:
                    b4:44:6e:de:8d:cb:a5:c4:87:44:0e:7f:e6:b4:10:
                    6e:41:ea:ff:34:6a:5d:a2:fb:e7:35:56:86:ac:eb:
                    46:d7:b8:58:95:38:8b:e1:79:82:46:47:b5:2d:38:
                    72:3b:f1:5f:dc:db:52:8f:71:4c:4c:3f:be:57:d5:
                    07:12:e8:18:0f:ee:fa:1e:18:10:ce:07:15:38:4c:
                    c6:a5:d4:90:05:b3:13:fd:30:83:35:f6:e3:ab:52:
                    83:9a:77:39:13:ae:d3:9e:0e:5a:cc:02:86:6f:62:
                    fd:39:b2:b9:c9:b7:82:e2:dd:13:3e:f3:c8:de:34:
                    45:26:15:b3:4a:38:b3:d0:5d:de:2d:39:cd:52:99:
                    18:83:5e:b9:25:37:d6:61:5c:1c:0c:f9:86:86:5d:
                    c0:2a:c5:fe:96:ce:71:68:bb:9d:24:dc:96:a5:af:
                    da:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:7B:FB:81:A6:D4:91:0C:53:97:15:AC:6B:92:5F:E2:AB:02:38:0A
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/IXv7gabUkQxTlxWsa5Jf4qsCOAo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.15.0/24
                  84.32.24.0/24
                  84.32.32.0/24
                  84.32.63.0/24
                  84.32.95.0/24
                  84.32.149.0/24
                  84.32.174.0/23
                  84.32.178.0/23
                  88.216.2.0/24
                  88.216.34.0/24
                  88.216.181.0/24
                  88.216.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:07:cf:99:21:2f:8c:b0:e4:17:5b:fa:5a:af:3e:3d:90:38:
         13:ff:3b:c6:59:5c:90:68:f7:69:44:de:74:d2:6a:ab:10:5e:
         a0:c1:66:98:ea:ad:e1:3f:f0:58:aa:bc:4a:82:f9:a3:be:66:
         c4:07:c8:e8:a8:a8:42:d1:07:7a:6b:51:79:ee:35:1c:1d:bd:
         b2:9c:6a:24:1c:12:5f:d8:e1:c0:4c:97:42:c0:a2:bd:64:e4:
         90:19:86:61:1a:2c:b3:41:e5:b5:f8:a8:69:b1:63:bc:69:dc:
         89:05:2b:4b:3b:de:f3:1b:46:5f:1b:03:da:4a:3b:bb:79:63:
         d9:7a:12:4c:77:b3:ed:ac:ce:fe:54:6f:0b:31:40:12:e4:4c:
         1e:3b:bf:15:6b:3f:05:5f:f7:bb:d8:11:f6:68:b6:6e:1f:3b:
         6c:bd:8a:e6:46:53:c8:b0:cd:36:6d:95:33:82:46:29:be:01:
         df:ba:a4:d7:d3:92:ec:05:72:4c:77:74:fb:30:77:68:26:6b:
         6d:2c:e4:fa:81:b9:6b:79:8f:9e:53:bf:14:97:59:00:8d:7f:
         c7:f2:c5:65:10:f6:3e:ea:e9:ea:43:70:df:e4:30:56:45:d7:
         43:6c:16:01:5d:df:68:f6:10:c9:85:46:3d:63:b3:bd:c2:bb:
         2f:65:a8:30
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYfwCM8+hIOTcTofG09GOuJcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNTA2MDc0ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTdiZmI4MWE2ZDQ5MTBjNTM5NzE1YWM2YjkyNWZlMmFiMDIzODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3Z5g99J637Io/SV+VH2H9DFLTfA
MgWsS7ZtBsyLJqi7BVIMTSpjwqiuYDkikwzawvAUHIVjwY7QRGs28oiSNyzfP5bM
07fXvGNTQsmK9ZQPzsQpLu/uvR+0RG7ejculxIdEDn/mtBBuQer/NGpdovvnNVaG
rOtG17hYlTiL4XmCRke1LThyO/Ff3NtSj3FMTD++V9UHEugYD+76HhgQzgcVOEzG
pdSQBbMT/TCDNfbjq1KDmnc5E67Tng5azAKGb2L9ObK5ybeC4t0TPvPI3jRFJhWz
Sjiz0F3eLTnNUpkYg165JTfWYVwcDPmGhl3AKsX+ls5xaLudJNyWpa/a2QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFCF7+4Gm1JEMU5cVrGuSX+KrAjgKMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSVh2N2dhYlVrUXhUbHhXc2E1SmY0cXNDT0FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAVCAPAwQA
VCAYAwQAVCAgAwQAVCA/AwQAVCBfAwQAVCCVAwQBVCCuAwQBVCCyAwQAWNgCAwQA
WNgiAwQAWNi1AwQAWNi6MA0GCSqGSIb3DQEBCwUAA4IBAQBdB8+ZIS+MsOQXW/pa
rz49kDgT/zvGWVyQaPdpRN500mqrEF6gwWaY6q3hP/BYqrxKgvmjvmbEB8joqKhC
0Qd6a1F57jUcHb2ynGokHBJf2OHATJdCwKK9ZOSQGYZhGiyzQeW1+KhpsWO8adyJ
BStLO97zG0ZfGwPaSju7eWPZehJMd7PtrM7+VG8LMUAS5EweO78Vaz8FX/e72BH2
aLZuHztsvYrmRlPIsM02bZUzgkYpvgHfuqTX05LsBXJMd3T7MHdoJmttLOT6gblr
eY+eU78Ul1kAjX/H8sVlEPY+6unqQ3Df5DBWRddDbBYBXd9o9hDJhUY9Y7O9wrsv
Zagw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org