Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/K2w-qeEudsHekL96TkX7AGn1Zpw.roa
File:                     K2w-qeEudsHekL96TkX7AGn1Zpw.roa (raw, json)
Hash identifier:          wTAUcCIvd0nhvcoFzciXu4b/mkSb9/1blrKs2MVov7w=
Subject key identifier:   2B:6C:3E:A9:E1:2E:76:C1:DE:90:BF:7A:4E:45:FB:00:69:F5:66:9C
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018C682B705DBF3FAFF7AAE5A6CAC4500111
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/K2w-qeEudsHekL96TkX7AGn1Zpw.roa
Signing time:             Thu 14 Dec 2023 11:52:06 +0000
ROA not before:           Thu 14 Dec 2023 11:52:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        88.216.180.0/24 maxlen: 24
                          88.216.190.0/24 maxlen: 24
                          88.216.191.0/24 maxlen: 24
                          88.216.187.0/24 maxlen: 24
                          88.216.188.0/24 maxlen: 24
                          88.216.189.0/24 maxlen: 24
                          88.216.197.0/24 maxlen: 24
                          88.216.198.0/24 maxlen: 24
                          88.216.212.0/22 maxlen: 24
                          88.216.211.0/24 maxlen: 24
                          88.216.208.0/24 maxlen: 24
                          84.32.214.0/23 maxlen: 24
                          88.216.132.0/24 maxlen: 24
                          88.216.130.0/23 maxlen: 24
                          84.32.236.0/24 maxlen: 24
                          84.32.246.0/23 maxlen: 24
                          84.32.244.0/23 maxlen: 24
                          88.216.134.0/23 maxlen: 24
                          84.32.249.0/24 maxlen: 24
                          84.32.66.0/24 maxlen: 24
                          84.32.83.0/24 maxlen: 24
                          84.32.95.0/24 maxlen: 24
                          84.32.8.0/24 maxlen: 24
                          84.32.24.0/22 maxlen: 24
                          84.32.20.0/22 maxlen: 24
                          84.32.25.0/24 maxlen: 24
                          84.32.26.0/24 maxlen: 24
                          84.32.47.0/24 maxlen: 24
                          84.32.46.0/24 maxlen: 24
                          84.32.174.0/23 maxlen: 24
                          84.32.178.0/23 maxlen: 24
                          88.216.93.0/24 maxlen: 24
                          84.32.208.0/23 maxlen: 24
                          84.32.210.0/24 maxlen: 24
                          88.216.22.0/23 maxlen: 24
                          88.216.44.0/24 maxlen: 24
                          88.216.43.0/24 maxlen: 24
                          84.32.148.0/23 maxlen: 24
                          84.32.150.0/23 maxlen: 24
                          88.216.45.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Dec 2023 06:48:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:68:2b:70:5d:bf:3f:af:f7:aa:e5:a6:ca:c4:50:01:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Dec 14 11:52:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2b6c3ea9e12e76c1de90bf7a4e45fb0069f5669c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:00:f2:25:27:3f:82:f8:14:c3:63:0c:3a:e7:
                    ab:41:77:71:a6:5f:f8:2d:d2:72:75:a6:ac:55:38:
                    69:78:1b:94:15:f7:37:b3:c0:ec:41:51:61:f3:46:
                    22:f0:d4:29:db:26:95:fc:23:93:04:31:98:bf:0e:
                    2d:a3:3d:f2:d7:21:95:a4:94:05:36:e4:38:f4:76:
                    40:58:27:f4:79:23:88:75:f4:72:19:73:14:7b:c2:
                    79:7a:63:8e:b6:d6:92:f8:d0:42:8b:83:26:30:b8:
                    46:1c:0e:c1:e1:cc:8d:03:ff:32:07:71:85:43:7f:
                    16:0f:43:ee:47:c9:ed:82:31:17:11:3f:38:20:45:
                    9f:40:ec:b1:d4:92:6f:b6:47:b2:1f:aa:e9:15:6c:
                    8b:fc:8c:59:82:09:22:df:71:7b:13:93:9e:7c:c7:
                    bc:6b:bc:62:cf:a4:e1:6f:15:7a:44:e6:d7:59:5a:
                    4d:4c:ee:82:ef:03:66:f2:58:c1:fc:0a:77:ca:96:
                    96:c9:1d:f1:1e:d7:23:72:53:9c:92:e1:c6:42:0e:
                    7a:48:94:48:cc:29:1a:6d:bd:af:36:27:6c:4c:10:
                    bb:2c:b2:9e:4c:7f:12:10:a7:a0:93:51:70:04:07:
                    5b:94:b3:d4:4b:e0:19:20:22:2b:f1:64:ac:18:51:
                    b8:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:6C:3E:A9:E1:2E:76:C1:DE:90:BF:7A:4E:45:FB:00:69:F5:66:9C
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/K2w-qeEudsHekL96TkX7AGn1Zpw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.8.0/24
                  84.32.20.0-84.32.27.255
                  84.32.46.0/23
                  84.32.66.0/24
                  84.32.83.0/24
                  84.32.95.0/24
                  84.32.148.0/22
                  84.32.174.0/23
                  84.32.178.0/23
                  84.32.208.0-84.32.210.255
                  84.32.214.0/23
                  84.32.236.0/24
                  84.32.244.0/22
                  84.32.249.0/24
                  88.216.22.0/23
                  88.216.43.0-88.216.45.255
                  88.216.93.0/24
                  88.216.130.0-88.216.132.255
                  88.216.134.0/23
                  88.216.180.0/24
                  88.216.187.0-88.216.191.255
                  88.216.197.0-88.216.198.255
                  88.216.208.0/24
                  88.216.211.0-88.216.215.255

    Signature Algorithm: sha256WithRSAEncryption
         51:36:5d:9f:81:c8:81:07:29:5f:07:e2:a4:aa:19:a0:20:87:
         b3:80:ec:b9:97:bf:3f:c6:c8:82:9a:6d:0a:fc:e2:7d:9f:de:
         46:76:36:10:11:df:2e:fd:86:03:a3:23:74:86:bc:99:40:28:
         12:11:1e:fe:a5:3e:e2:e8:f2:d2:69:42:e8:a1:7d:eb:b1:08:
         7d:c9:80:10:41:8d:f0:1d:55:6e:ca:14:5a:95:67:a6:0a:37:
         b2:c9:87:af:a9:aa:13:37:04:06:8b:7a:74:d6:17:77:67:87:
         ab:cb:6e:be:39:e4:fe:06:49:26:0d:69:fa:35:a9:15:6c:a7:
         dc:de:9f:6a:47:65:70:b4:d7:14:f8:18:af:89:03:de:7d:fe:
         2b:4b:76:ea:fd:52:af:c4:c5:7a:42:49:c9:bd:ca:df:7a:d7:
         ee:15:41:34:47:4b:ee:15:a3:5e:dc:33:8d:df:6a:70:cf:d7:
         b7:c5:a4:e5:aa:c8:b5:e5:a1:0f:10:8e:56:d3:7f:46:af:e0:
         b6:d1:89:ec:cc:3c:68:57:f8:6b:9b:79:d9:1c:1b:52:4e:e3:
         76:b4:7c:c4:f8:13:47:a8:09:c9:57:b4:17:c3:0a:95:75:b6:
         ef:6c:00:15:28:30:35:6b:69:b9:1b:78:aa:b5:02:8d:5d:c2:
         ec:5e:8c:1c
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAYxoK3Bdvz+v96rlpsrEUAERMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMjE0MTE1MjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjZjM2VhOWUxMmU3NmMxZGU5MGJmN2E0ZTQ1ZmIwMDY5ZjU2NjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7gDyJSc/gvgUw2MMOuerQXdxpl/4
LdJydaasVThpeBuUFfc3s8DsQVFh80Yi8NQp2yaV/COTBDGYvw4toz3y1yGVpJQF
NuQ49HZAWCf0eSOIdfRyGXMUe8J5emOOttaS+NBCi4MmMLhGHA7B4cyNA/8yB3GF
Q38WD0PuR8ntgjEXET84IEWfQOyx1JJvtkeyH6rpFWyL/IxZggki33F7E5OefMe8
a7xiz6ThbxV6RObXWVpNTO6C7wNm8ljB/Ap3ypaWyR3xHtcjclOckuHGQg56SJRI
zCkabb2vNidsTBC7LLKeTH8SEKegk1FwBAdblLPUS+AZICIr8WSsGFG42QIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFCtsPqnhLnbB3pC/ek5F+wBp9WacMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSzJ3LXFlRXVkc0hla0w5NlRrWDdBR24xWnB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBABU
IAgwDAMEAlQgFAMEAlQgGAMEAVQgLgMEAFQgQgMEAFQgUwMEAFQgXwMEAlQglAME
AVQgrgMEAVQgsjAMAwQEVCDQAwQAVCDSAwQBVCDWAwQAVCDsAwQCVCD0AwQAVCD5
AwQBWNgWMAwDBABY2CsDBAFY2CwDBABY2F0wDAMEAVjYggMEAFjYhAMEAVjYhgME
AFjYtDAMAwQAWNi7AwQGWNiAMAwDBABY2MUDBABY2MYDBABY2NAwDAMEAFjY0wME
A1jY0DANBgkqhkiG9w0BAQsFAAOCAQEAUTZdn4HIgQcpXwfipKoZoCCHs4DsuZe/
P8bIgpptCvzifZ/eRnY2EBHfLv2GA6MjdIa8mUAoEhEe/qU+4ujy0mlC6KF967EI
fcmAEEGN8B1VbsoUWpVnpgo3ssmHr6mqEzcEBot6dNYXd2eHq8tuvjnk/gZJJg1p
+jWpFWyn3N6fakdlcLTXFPgYr4kD3n3+K0t26v1Sr8TFekJJyb3K33rX7hVBNEdL
7hWjXtwzjd9qcM/Xt8Wk5arIteWhDxCOVtN/Rq/gttGJ7Mw8aFf4a5t52RwbUk7j
drR8xPgTR6gJyVe0F8MKlXW272wAFSgwNWtpuRt4qrUCjV3C7F6MHA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:26 2024 by rpki-client on console-ams.rpki-client.org