Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ML9pFzD-jt79CX0PNdiEPAK-hks.roa
File:                     ML9pFzD-jt79CX0PNdiEPAK-hks.roa (raw, json)
Hash identifier:          OHShFftqMQyYoEUjMO51Y5z5GNsWzJVdVK0y8h4iFP4=
Subject key identifier:   30:BF:69:17:30:FE:8E:DE:FD:09:7D:0F:35:D8:84:3C:02:BE:86:4B
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018677D475CD8AC6CA21788161C948ECCAC9
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ML9pFzD-jt79CX0PNdiEPAK-hks.roa
Signing time:             Wed 22 Feb 2023 06:34:17 +0000
ROA not before:           Wed 22 Feb 2023 06:34:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207279
IP address blocks:        88.216.185.0/24 maxlen: 24
                          88.216.111.0/24 maxlen: 24
                          88.216.132.0/24 maxlen: 24
                          88.216.215.0/24 maxlen: 24
                          88.216.58.0/24 maxlen: 24
                          88.216.57.0/24 maxlen: 24
                          88.216.56.0/24 maxlen: 24
                          88.216.64.0/24 maxlen: 24
                          84.32.172.0/24 maxlen: 24
                          88.216.63.0/24 maxlen: 24
                          88.216.62.0/24 maxlen: 24
                          88.216.61.0/24 maxlen: 24
                          88.216.60.0/24 maxlen: 24
                          88.216.59.0/24 maxlen: 24
                          88.216.65.0/24 maxlen: 24
                          84.32.175.0/24 maxlen: 24
                          84.32.152.0/24 maxlen: 24
                          84.32.149.0/24 maxlen: 24
                          84.32.148.0/24 maxlen: 24
                          88.216.44.0/24 maxlen: 24
                          84.32.157.0/24 maxlen: 24
                          84.32.156.0/24 maxlen: 24
                          84.32.154.0/24 maxlen: 24
                          84.32.153.0/24 maxlen: 24
                          84.32.159.0/24 maxlen: 24
                          84.32.158.0/24 maxlen: 24
                          88.216.45.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 26 Feb 2023 17:56:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:77:d4:75:cd:8a:c6:ca:21:78:81:61:c9:48:ec:ca:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Feb 22 06:34:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=30bf691730fe8edefd097d0f35d8843c02be864b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:64:1e:80:ba:c5:b1:2c:d7:f2:a9:26:a9:5b:
                    c6:fd:4c:d3:b8:a9:b6:2d:70:33:d3:4e:da:0d:85:
                    d9:55:dd:34:d2:f5:92:dc:1c:eb:85:77:97:01:27:
                    f5:e2:e2:0b:83:20:ba:85:2a:6e:51:61:be:07:62:
                    61:22:d3:bf:b6:7d:33:f3:11:73:2d:c3:ea:ea:aa:
                    53:09:cc:4c:fd:22:fb:41:cf:e7:1f:b2:b2:19:a7:
                    8b:94:78:ac:c7:69:9a:9c:4c:f2:18:8e:c2:57:82:
                    04:1b:86:c1:6d:92:6d:be:d9:60:3c:05:57:74:eb:
                    30:5a:d5:3c:2a:4c:82:68:af:a8:bd:6b:d8:21:d5:
                    af:c9:f4:76:5b:6c:3b:99:98:57:50:e1:a8:dd:c1:
                    6d:f8:52:5a:9a:6a:60:f4:6f:02:b1:02:66:55:ef:
                    cc:12:66:27:bf:2d:89:bb:eb:8d:34:a8:cb:92:30:
                    14:cd:4f:e9:f5:84:81:57:b7:47:2d:f3:4e:3f:d6:
                    4a:93:dc:c2:f6:7d:a1:29:b2:b6:a1:e7:b2:69:79:
                    28:66:ab:a3:a3:51:2a:7c:15:af:2a:ff:0f:ec:e0:
                    6b:57:d9:c2:ae:ba:41:5f:4b:a4:0a:a3:49:48:8d:
                    36:7c:ab:fd:e2:04:cb:fc:a0:29:dd:f5:81:f8:d7:
                    0d:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:BF:69:17:30:FE:8E:DE:FD:09:7D:0F:35:D8:84:3C:02:BE:86:4B
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ML9pFzD-jt79CX0PNdiEPAK-hks.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.148.0/23
                  84.32.152.0-84.32.154.255
                  84.32.156.0/22
                  84.32.172.0/24
                  84.32.175.0/24
                  88.216.44.0/23
                  88.216.56.0-88.216.65.255
                  88.216.111.0/24
                  88.216.132.0/24
                  88.216.185.0/24
                  88.216.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:4b:87:0c:10:3e:bc:5b:6f:1b:15:38:44:e3:05:29:cb:b0:
         65:16:28:9e:a0:a3:8f:49:c5:50:8d:f0:d5:1b:15:4f:19:2e:
         75:ea:ff:ff:83:20:b1:f5:5c:33:10:a2:c0:8b:02:1a:3d:68:
         dd:7f:69:ea:f3:90:fe:97:a4:5b:3f:7a:e6:ba:e3:89:d1:60:
         53:24:e4:0e:c8:12:27:01:76:d5:26:71:08:17:33:68:41:85:
         ab:a3:3a:55:cd:a8:b2:15:e4:dd:65:1c:4b:87:a6:d6:a1:f5:
         b3:03:a5:12:36:31:67:1f:23:d8:28:e6:09:5d:6c:0b:6c:10:
         18:d5:f9:e6:78:72:4a:55:6a:b6:21:9b:58:6d:8c:c1:59:b0:
         7f:d2:c6:50:7c:04:c0:67:5f:d5:60:cb:9e:84:11:5b:7e:12:
         80:aa:e9:a5:46:27:ab:59:71:25:b7:f6:fd:0e:73:67:78:e2:
         0b:5c:7e:de:0d:5c:a5:ca:27:76:0b:80:7d:15:cd:0a:27:ba:
         93:e4:ec:7b:28:0a:a5:1f:16:1a:64:f4:7c:4c:4c:37:89:f9:
         c3:cd:b7:97:3b:99:be:ef:e3:34:07:2d:04:2e:5f:9e:53:5c:
         95:0a:04:f9:7a:1a:db:8c:35:d3:c5:f1:af:87:a4:07:90:a4:
         3c:a9:ab:a4
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYZ31HXNisbKIXiBYclI7MrJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjIyMDYzNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGJmNjkxNzMwZmU4ZWRlZmQwOTdkMGYzNWQ4ODQzYzAyYmU4NjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGQegLrFsSzX8qkmqVvG/UzTuKm2
LXAz007aDYXZVd000vWS3BzrhXeXASf14uILgyC6hSpuUWG+B2JhItO/tn0z8xFz
LcPq6qpTCcxM/SL7Qc/nH7KyGaeLlHisx2manEzyGI7CV4IEG4bBbZJtvtlgPAVX
dOswWtU8KkyCaK+ovWvYIdWvyfR2W2w7mZhXUOGo3cFt+FJammpg9G8CsQJmVe/M
EmYnvy2Ju+uNNKjLkjAUzU/p9YSBV7dHLfNOP9ZKk9zC9n2hKbK2oeeyaXkoZquj
o1EqfBWvKv8P7OBrV9nCrrpBX0ukCqNJSI02fKv94gTL/KAp3fWB+NcNIwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFDC/aRcw/o7e/Ql9DzXYhDwCvoZLMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTUw5cEZ6RC1qdDc5Q1gwUE5kaUVQQUstaGtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQBVCCUMAwD
BANUIJgDBABUIJoDBAJUIJwDBABUIKwDBABUIK8DBAFY2CwwDAMEA1jYOAMEAVjY
QAMEAFjYbwMEAFjYhAMEAFjYuQMEAFjY1zANBgkqhkiG9w0BAQsFAAOCAQEABEuH
DBA+vFtvGxU4ROMFKcuwZRYonqCjj0nFUI3w1RsVTxkuder//4MgsfVcMxCiwIsC
Gj1o3X9p6vOQ/pekWz965rrjidFgUyTkDsgSJwF21SZxCBczaEGFq6M6Vc2oshXk
3WUcS4em1qH1swOlEjYxZx8j2CjmCV1sC2wQGNX55nhySlVqtiGbWG2MwVmwf9LG
UHwEwGdf1WDLnoQRW34SgKrppUYnq1lxJbf2/Q5zZ3jiC1x+3g1cpcondguAfRXN
Cie6k+TseygKpR8WGmT0fExMN4n5w823lzuZvu/jNActBC5fnlNclQoE+Xoa24w1
08Xxr4ekB5CkPKmrpA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:26 2024 by rpki-client on console-ams.rpki-client.org