Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/N57saeLbqZSUNK4KLdAIx7weC0I.roa
File:                     N57saeLbqZSUNK4KLdAIx7weC0I.roa (raw, json)
Hash identifier:          nrKPBGmGTnVAyjmSB6cnPpJd+oDDjo5VMYrN9il6ErU=
Subject key identifier:   37:9E:EC:69:E2:DB:A9:94:94:34:AE:0A:2D:D0:08:C7:BC:1E:0B:42
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0187DD90BD3FDCAAE982CB0460A1386BEE38
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/N57saeLbqZSUNK4KLdAIx7weC0I.roa
Signing time:             Tue 02 May 2023 17:44:23 +0000
ROA not before:           Tue 02 May 2023 17:44:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        84.32.214.0/23 maxlen: 24
                          84.32.218.0/24 maxlen: 24
                          84.32.221.0/24 maxlen: 24
                          84.32.223.0/24 maxlen: 24
                          84.32.224.0/24 maxlen: 24
                          84.32.225.0/24 maxlen: 24
                          84.32.231.0/24 maxlen: 24
                          84.32.232.0/24 maxlen: 24
                          84.32.235.0/24 maxlen: 24
                          84.32.239.0/24 maxlen: 24
                          84.32.240.0/24 maxlen: 24
                          84.32.242.0/24 maxlen: 24
                          84.32.243.0/24 maxlen: 24
                          84.32.252.0/23 maxlen: 24
                          84.32.251.0/24 maxlen: 24
                          84.32.57.0/24 maxlen: 24
                          84.32.60.0/24 maxlen: 24
                          84.32.68.0/24 maxlen: 24
                          84.32.67.0/24 maxlen: 24
                          84.32.77.0/24 maxlen: 24
                          84.32.79.0/24 maxlen: 24
                          84.32.88.0/24 maxlen: 24
                          84.32.8.0/24 maxlen: 24
                          84.32.15.0/24 maxlen: 24
                          84.32.24.0/22 maxlen: 24
                          84.32.30.0/24 maxlen: 24
                          84.32.44.0/24 maxlen: 24
                          84.32.47.0/24 maxlen: 24
                          84.32.46.0/24 maxlen: 24
                          84.32.174.0/24 maxlen: 24
                          84.32.175.0/24 maxlen: 24
                          84.32.177.0/24 maxlen: 24
                          84.32.178.0/24 maxlen: 24
                          84.32.212.0/24 maxlen: 24
                          84.32.108.0/23 maxlen: 24
                          84.32.110.0/24 maxlen: 24
                          84.32.152.0/24 maxlen: 24
                          84.32.148.0/23 maxlen: 24
                          84.32.150.0/23 maxlen: 24
                          84.32.153.0/24 maxlen: 24
                          84.32.154.0/24 maxlen: 24
                          84.32.159.0/24 maxlen: 24
                          84.32.156.0/24 maxlen: 24
                          84.32.158.0/24 maxlen: 24
                          88.216.183.0/24 maxlen: 24
                          88.216.189.0/24 maxlen: 24
                          88.216.197.0/24 maxlen: 24
                          88.216.212.0/22 maxlen: 24
                          88.216.111.0/24 maxlen: 24
                          88.216.108.0/24 maxlen: 24
                          88.216.128.0/24 maxlen: 24
                          88.216.132.0/24 maxlen: 24
                          88.216.130.0/23 maxlen: 24
                          88.216.134.0/23 maxlen: 24
                          88.216.220.0/24 maxlen: 24
                          88.216.232.0/22 maxlen: 24
                          88.216.58.0/24 maxlen: 24
                          88.216.56.0/24 maxlen: 24
                          88.216.57.0/24 maxlen: 24
                          88.216.59.0/24 maxlen: 24
                          88.216.60.0/24 maxlen: 24
                          88.216.61.0/24 maxlen: 24
                          88.216.62.0/24 maxlen: 24
                          88.216.63.0/24 maxlen: 24
                          88.216.64.0/24 maxlen: 24
                          88.216.65.0/24 maxlen: 24
                          88.216.3.0/24 maxlen: 24
                          88.216.0.0/24 maxlen: 24
                          88.216.1.0/24 maxlen: 24
                          88.216.16.0/24 maxlen: 24
                          88.216.32.0/24 maxlen: 24
                          88.216.35.0/24 maxlen: 24
                          88.216.44.0/24 maxlen: 24
                          88.216.41.0/24 maxlen: 24
                          88.216.45.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 03 May 2023 07:03:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:dd:90:bd:3f:dc:aa:e9:82:cb:04:60:a1:38:6b:ee:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: May  2 17:44:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=379eec69e2dba9949434ae0a2dd008c7bc1e0b42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:80:e2:c0:ac:d8:1a:77:a6:cc:f5:d7:c0:c5:
                    ca:79:9b:24:01:fa:28:63:d7:6b:be:b4:06:f7:07:
                    db:07:03:46:58:34:88:55:5f:d5:9c:10:fd:2a:0d:
                    b7:5b:82:a4:73:b6:eb:cc:8c:2a:c2:27:03:a9:e1:
                    0e:77:c4:20:fa:82:44:7a:d0:f6:2a:84:4b:70:f5:
                    92:84:60:0e:aa:e7:cc:33:39:c3:51:57:65:31:73:
                    31:85:e3:ef:4b:b6:4a:a1:99:8a:43:3b:0d:2b:66:
                    0d:50:c3:1e:01:66:64:a1:d8:f6:c1:57:33:6b:a1:
                    fb:fb:6b:20:9c:17:c4:c9:ec:75:cc:74:7c:d1:11:
                    c8:18:3e:81:71:73:92:74:fd:80:07:4f:81:fd:b6:
                    ed:ab:c8:d4:c9:b9:b7:34:cd:b6:ca:98:48:6d:5d:
                    a0:20:0f:23:40:a2:c6:d7:dc:e0:a2:48:bb:55:b4:
                    3b:7a:2d:e8:dc:2c:3a:bb:01:5e:36:6d:43:50:0e:
                    0f:8f:65:b8:09:34:75:ca:81:34:7b:45:21:7f:70:
                    40:62:93:54:61:9b:7f:23:af:10:38:aa:eb:d8:61:
                    b7:60:61:62:8a:cd:e1:e0:aa:d4:75:11:56:14:f4:
                    73:6d:0e:f7:ba:5c:54:69:79:c1:cb:8b:9c:23:63:
                    6a:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:9E:EC:69:E2:DB:A9:94:94:34:AE:0A:2D:D0:08:C7:BC:1E:0B:42
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/N57saeLbqZSUNK4KLdAIx7weC0I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.8.0/24
                  84.32.15.0/24
                  84.32.24.0/22
                  84.32.30.0/24
                  84.32.44.0/24
                  84.32.46.0/23
                  84.32.57.0/24
                  84.32.60.0/24
                  84.32.67.0-84.32.68.255
                  84.32.77.0/24
                  84.32.79.0/24
                  84.32.88.0/24
                  84.32.108.0-84.32.110.255
                  84.32.148.0-84.32.154.255
                  84.32.156.0/24
                  84.32.158.0/23
                  84.32.174.0/23
                  84.32.177.0-84.32.178.255
                  84.32.212.0/24
                  84.32.214.0/23
                  84.32.218.0/24
                  84.32.221.0/24
                  84.32.223.0-84.32.225.255
                  84.32.231.0-84.32.232.255
                  84.32.235.0/24
                  84.32.239.0-84.32.240.255
                  84.32.242.0/23
                  84.32.251.0-84.32.253.255
                  88.216.0.0/23
                  88.216.3.0/24
                  88.216.16.0/24
                  88.216.32.0/24
                  88.216.35.0/24
                  88.216.41.0/24
                  88.216.44.0/23
                  88.216.56.0-88.216.65.255
                  88.216.108.0/24
                  88.216.111.0/24
                  88.216.128.0/24
                  88.216.130.0-88.216.132.255
                  88.216.134.0/23
                  88.216.183.0/24
                  88.216.189.0/24
                  88.216.197.0/24
                  88.216.212.0/22
                  88.216.220.0/24
                  88.216.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         37:cd:bb:ba:ab:54:d1:a4:bf:fa:47:fb:1c:b4:81:0b:8e:b0:
         59:31:ae:97:d7:2a:73:bb:90:ad:c0:c3:41:ae:8d:ef:61:b3:
         a9:12:cc:ca:e9:36:89:e2:3d:b0:d7:71:7a:29:09:3e:2d:03:
         ac:47:62:98:b9:a4:0b:a9:bd:66:f8:43:65:74:74:aa:4d:b3:
         f6:56:82:d4:08:46:9a:ed:72:ef:f6:4a:f9:75:c5:46:4f:79:
         56:c3:fe:69:3f:18:e9:bb:2b:8a:22:74:80:57:29:12:c6:c0:
         0e:b7:bd:79:d0:4f:b5:94:ca:6e:16:cb:7b:83:92:38:15:10:
         62:75:34:66:5a:c2:e9:46:20:d3:de:3e:12:c1:1e:6c:ef:54:
         6c:19:1f:e0:ca:ce:10:39:81:33:43:c3:52:53:ae:31:35:53:
         6e:a0:61:58:be:a9:79:54:a1:23:06:c3:a2:39:bc:4c:96:bb:
         63:a3:a4:bb:bd:8a:57:07:ae:12:71:32:c5:88:fb:de:52:81:
         9c:74:3d:8f:9a:5d:a4:8e:d0:a8:97:d0:eb:ef:1e:89:ff:74:
         3b:31:0c:a8:55:e1:3e:84:e4:14:08:05:b9:34:31:a3:10:14:
         9d:2d:f6:ee:85:f5:94:3e:2a:30:b2:ee:2b:e9:69:f0:8f:84:
         b5:b8:16:ef
-----BEGIN CERTIFICATE-----
MIIGazCCBVOgAwIBAgISAYfdkL0/3KrpgssEYKE4a+44MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNTAyMTc0NDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzllZWM2OWUyZGJhOTk0OTQzNGFlMGEyZGQwMDhjN2JjMWUwYjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoDiwKzYGnemzPXXwMXKeZskAfoo
Y9drvrQG9wfbBwNGWDSIVV/VnBD9Kg23W4Kkc7brzIwqwicDqeEOd8Qg+oJEetD2
KoRLcPWShGAOqufMMznDUVdlMXMxhePvS7ZKoZmKQzsNK2YNUMMeAWZkodj2wVcz
a6H7+2sgnBfEyex1zHR80RHIGD6BcXOSdP2AB0+B/bbtq8jUybm3NM22yphIbV2g
IA8jQKLG19zgoki7VbQ7ei3o3Cw6uwFeNm1DUA4Pj2W4CTR1yoE0e0Uhf3BAYpNU
YZt/I68QOKrr2GG3YGFiis3h4KrUdRFWFPRzbQ73ulxUaXnBy4ucI2NqyQIDAQAB
o4IDdzCCA3MwHQYDVR0OBBYEFDee7Gni26mUlDSuCi3QCMe8HgtCMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTjU3c2FlTGJxWlNVTks0S0xkQUl4N3dlQzBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBiwYIKwYBBQUHAQcBAf8EggF6MIIBdjCCAXIEAgABMIIB
agMEAFQgCAMEAFQgDwMEAlQgGAMEAFQgHgMEAFQgLAMEAVQgLgMEAFQgOQMEAFQg
PDAMAwQAVCBDAwQAVCBEAwQAVCBNAwQAVCBPAwQAVCBYMAwDBAJUIGwDBABUIG4w
DAMEAlQglAMEAFQgmgMEAFQgnAMEAVQgngMEAVQgrjAMAwQAVCCxAwQAVCCyAwQA
VCDUAwQBVCDWAwQAVCDaAwQAVCDdMAwDBABUIN8DBAFUIOAwDAMEAFQg5wMEAFQg
6AMEAFQg6zAMAwQAVCDvAwQAVCDwAwQBVCDyMAwDBABUIPsDBAFUIPwDBAFY2AAD
BABY2AMDBABY2BADBABY2CADBABY2CMDBABY2CkDBAFY2CwwDAMEA1jYOAMEAVjY
QAMEAFjYbAMEAFjYbwMEAFjYgDAMAwQBWNiCAwQAWNiEAwQBWNiGAwQAWNi3AwQA
WNi9AwQAWNjFAwQCWNjUAwQAWNjcAwQCWNjoMA0GCSqGSIb3DQEBCwUAA4IBAQA3
zbu6q1TRpL/6R/sctIELjrBZMa6X1ypzu5CtwMNBro3vYbOpEszK6TaJ4j2w13F6
KQk+LQOsR2KYuaQLqb1m+ENldHSqTbP2VoLUCEaa7XLv9kr5dcVGT3lWw/5pPxjp
uyuKInSAVykSxsAOt7150E+1lMpuFst7g5I4FRBidTRmWsLpRiDT3j4SwR5s71Rs
GR/gys4QOYEzQ8NSU64xNVNuoGFYvql5VKEjBsOiObxMlrtjo6S7vYpXB64ScTLF
iPveUoGcdD2Pml2kjtCol9Dr7x6J/3Q7MQyoVeE+hOQUCAW5NDGjEBSdLfbuhfWU
Piowsu4r6Wnwj4S1uBbv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org