Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/O2Lc6CWEbFSLbwTyr8VzxdwRbR0.roa
File:                     O2Lc6CWEbFSLbwTyr8VzxdwRbR0.roa (raw, json)
Hash identifier:          XcXVMIudbBlYS8U7WWhDTDT4CY1jU/+VUjLNUOVv8Ac=
Subject key identifier:   3B:62:DC:E8:25:84:6C:54:8B:6F:04:F2:AF:C5:73:C5:DC:11:6D:1D
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0188760A154BE3FD189DC35327694C65FB59
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/O2Lc6CWEbFSLbwTyr8VzxdwRbR0.roa
Signing time:             Thu 01 Jun 2023 08:19:12 +0000
ROA not before:           Thu 01 Jun 2023 08:19:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        84.32.63.0/24 maxlen: 24
                          88.216.186.0/24 maxlen: 24
                          84.32.95.0/24 maxlen: 24
                          88.216.208.0/24 maxlen: 24
                          84.32.217.0/24 maxlen: 24
                          84.32.218.0/24 maxlen: 24
                          84.32.15.0/24 maxlen: 24
                          84.32.24.0/24 maxlen: 24
                          84.32.32.0/24 maxlen: 24
                          84.32.50.0/24 maxlen: 24
                          84.32.178.0/23 maxlen: 24
                          84.32.174.0/23 maxlen: 24
                          88.216.1.0/24 maxlen: 24
                          88.216.34.0/24 maxlen: 24
                          84.32.151.0/24 maxlen: 24
                          84.32.152.0/24 maxlen: 24
                          84.32.149.0/24 maxlen: 24
                          88.216.41.0/24 maxlen: 24
                          84.32.154.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 06 Jun 2023 06:23:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:76:0a:15:4b:e3:fd:18:9d:c3:53:27:69:4c:65:fb:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Jun  1 08:19:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3b62dce825846c548b6f04f2afc573c5dc116d1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:a5:a4:f4:16:b1:b6:40:53:44:d7:47:0f:d1:
                    0d:11:6e:da:31:c5:6c:09:1c:dd:69:dd:f1:30:b9:
                    d8:20:0d:6e:cf:94:44:c4:a7:b2:db:5d:18:c0:b5:
                    51:24:ab:99:47:fd:7e:6a:6e:29:96:04:d4:7d:ba:
                    3f:11:d0:52:55:af:9a:1b:6b:95:27:80:92:13:46:
                    8f:9e:24:6f:5a:ce:a2:e6:71:ed:48:ae:52:52:72:
                    31:3f:68:f6:ea:5e:1f:f5:df:c3:db:60:e7:67:80:
                    a0:41:03:27:de:a5:c9:6c:be:d1:b3:5d:13:9a:24:
                    7e:10:09:76:05:f5:fe:fa:67:f0:a3:92:75:ff:9f:
                    a2:54:9e:1c:72:a0:a9:de:f2:45:5c:37:f9:5a:49:
                    52:be:a3:24:fb:5c:c3:8d:40:71:ef:c7:36:27:1d:
                    f3:e4:60:f8:dd:06:f0:bb:70:a4:f2:8f:d8:9a:e4:
                    39:31:3f:93:9e:f0:89:d3:11:8e:32:a9:0f:28:1d:
                    ef:7a:4c:1e:d5:d6:c1:4f:29:95:ff:7e:50:40:3d:
                    b6:33:48:67:31:28:ec:04:b9:d1:59:0b:a4:9c:98:
                    bc:5c:61:e7:9f:28:6f:83:ed:78:7c:70:c9:9d:60:
                    6d:50:22:04:e3:3f:2a:a5:5c:b0:dd:fd:95:8f:63:
                    df:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:62:DC:E8:25:84:6C:54:8B:6F:04:F2:AF:C5:73:C5:DC:11:6D:1D
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/O2Lc6CWEbFSLbwTyr8VzxdwRbR0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.15.0/24
                  84.32.24.0/24
                  84.32.32.0/24
                  84.32.50.0/24
                  84.32.63.0/24
                  84.32.95.0/24
                  84.32.149.0/24
                  84.32.151.0-84.32.152.255
                  84.32.154.0/24
                  84.32.174.0/23
                  84.32.178.0/23
                  84.32.217.0-84.32.218.255
                  88.216.1.0/24
                  88.216.34.0/24
                  88.216.41.0/24
                  88.216.186.0/24
                  88.216.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:62:b6:f1:da:fe:84:b8:d9:35:3f:35:f7:dc:2d:3e:b7:5b:
         37:d3:80:66:bc:19:aa:61:ad:d2:f9:10:df:df:3b:b6:b2:be:
         ce:8d:d5:9a:86:38:ec:b4:40:fc:8c:2c:f8:57:79:79:5d:f6:
         3b:0a:e7:55:88:bc:39:55:42:b5:bb:5e:bf:be:66:9e:8d:ee:
         b0:19:80:53:aa:8f:91:67:19:2d:85:97:f4:10:df:f9:3f:65:
         ac:f6:c6:59:01:55:dc:bd:a6:56:c2:53:5d:da:75:3a:da:4a:
         dc:09:c5:87:78:bd:88:36:59:e7:4d:78:eb:b1:1b:f8:f4:83:
         ae:4d:29:ea:6f:bb:f4:2f:22:b2:9a:bb:ae:52:78:cb:98:4a:
         7f:dc:72:36:89:68:5b:66:19:f5:6a:47:7f:a3:63:4b:39:22:
         7f:98:d4:7e:fa:2d:f7:7c:de:37:d3:53:67:2e:59:25:f9:2a:
         57:9d:f6:7c:c7:4c:05:d9:4a:8a:ed:4a:ef:a2:81:79:7b:1b:
         6e:8d:1f:b6:e1:b4:96:f5:76:f0:25:ee:13:82:fa:bf:1f:2a:
         11:3b:98:0a:39:0c:e0:ed:8c:9c:58:09:5d:eb:31:d6:e1:61:
         9c:0f:66:e3:f3:88:1b:39:63:05:1c:14:15:4f:04:2c:92:df:
         45:11:9d:e7
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYh2ChVL4/0YncNTJ2lMZftZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNjAxMDgxOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjYyZGNlODI1ODQ2YzU0OGI2ZjA0ZjJhZmM1NzNjNWRjMTE2ZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKWk9BaxtkBTRNdHD9ENEW7aMcVs
CRzdad3xMLnYIA1uz5RExKey210YwLVRJKuZR/1+am4plgTUfbo/EdBSVa+aG2uV
J4CSE0aPniRvWs6i5nHtSK5SUnIxP2j26l4f9d/D22DnZ4CgQQMn3qXJbL7Rs10T
miR+EAl2BfX++mfwo5J1/5+iVJ4ccqCp3vJFXDf5WklSvqMk+1zDjUBx78c2Jx3z
5GD43Qbwu3Ck8o/YmuQ5MT+TnvCJ0xGOMqkPKB3vekwe1dbBTymV/35QQD22M0hn
MSjsBLnRWQuknJi8XGHnnyhvg+14fHDJnWBtUCIE4z8qpVyw3f2Vj2PfMwIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFDti3OglhGxUi28E8q/Fc8XcEW0dMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTzJMYzZDV0ViRlNMYndUeXI4Vnp4ZHdSYlIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBABUIA8D
BABUIBgDBABUICADBABUIDIDBABUID8DBABUIF8DBABUIJUwDAMEAFQglwMEAFQg
mAMEAFQgmgMEAVQgrgMEAVQgsjAMAwQAVCDZAwQAVCDaAwQAWNgBAwQAWNgiAwQA
WNgpAwQAWNi6AwQAWNjQMA0GCSqGSIb3DQEBCwUAA4IBAQCSYrbx2v6EuNk1PzX3
3C0+t1s304BmvBmqYa3S+RDf3zu2sr7OjdWahjjstED8jCz4V3l5XfY7CudViLw5
VUK1u16/vmaeje6wGYBTqo+RZxkthZf0EN/5P2Ws9sZZAVXcvaZWwlNd2nU62krc
CcWHeL2INlnnTXjrsRv49IOuTSnqb7v0LyKymruuUnjLmEp/3HI2iWhbZhn1akd/
o2NLOSJ/mNR++i33fN4301NnLlkl+SpXnfZ8x0wF2UqK7UrvooF5extujR+24bSW
9XbwJe4Tgvq/HyoRO5gKOQzg7YycWAld6zHW4WGcD2bj84gbOWMFHBQVTwQskt9F
EZ3n
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org