Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/P09dvqPoUXMMrVKC8V4PSeAfbPA.roa
File:                     P09dvqPoUXMMrVKC8V4PSeAfbPA.roa (raw, json)
Hash identifier:          2ek2yW+Jn3ufErk9XCMoW/noivNP4ob0G8eZFyjgFM4=
Subject key identifier:   3F:4F:5D:BE:A3:E8:51:73:0C:AD:52:82:F1:5E:0F:49:E0:1F:6C:F0
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018AF9B786253DA5EC501FEEBD382CC69992
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/P09dvqPoUXMMrVKC8V4PSeAfbPA.roa
Signing time:             Wed 04 Oct 2023 08:04:28 +0000
ROA not before:           Wed 04 Oct 2023 08:04:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        84.32.214.0/23 maxlen: 24
                          84.32.219.0/24 maxlen: 24
                          84.32.221.0/24 maxlen: 24
                          84.32.224.0/24 maxlen: 24
                          84.32.220.0/24 maxlen: 24
                          84.32.226.0/24 maxlen: 24
                          84.32.228.0/24 maxlen: 24
                          84.32.232.0/24 maxlen: 24
                          84.32.233.0/24 maxlen: 24
                          84.32.236.0/23 maxlen: 24
                          84.32.235.0/24 maxlen: 24
                          84.32.238.0/24 maxlen: 24
                          84.32.234.0/24 maxlen: 24
                          84.32.239.0/24 maxlen: 24
                          84.32.240.0/24 maxlen: 24
                          84.32.246.0/23 maxlen: 24
                          84.32.244.0/23 maxlen: 24
                          84.32.246.0/24 maxlen: 24
                          84.32.242.0/24 maxlen: 24
                          84.32.241.0/24 maxlen: 24
                          84.32.252.0/23 maxlen: 24
                          84.32.249.0/24 maxlen: 24
                          84.32.250.0/24 maxlen: 24
                          84.32.251.0/24 maxlen: 24
                          84.32.252.0/24 maxlen: 24
                          84.32.247.0/24 maxlen: 24
                          84.32.254.0/24 maxlen: 24
                          84.32.255.0/24 maxlen: 24
                          84.32.58.0/24 maxlen: 24
                          84.32.61.0/24 maxlen: 24
                          84.32.62.0/24 maxlen: 24
                          84.32.64.0/24 maxlen: 24
                          84.32.60.0/24 maxlen: 24
                          84.32.68.0/24 maxlen: 24
                          84.32.65.0/24 maxlen: 24
                          84.32.66.0/24 maxlen: 24
                          84.32.76.0/24 maxlen: 24
                          84.32.77.0/24 maxlen: 24
                          84.32.83.0/24 maxlen: 24
                          84.32.85.0/24 maxlen: 24
                          84.32.89.0/24 maxlen: 24
                          84.32.90.0/24 maxlen: 24
                          84.32.88.0/24 maxlen: 24
                          84.32.92.0/24 maxlen: 24
                          84.32.93.0/24 maxlen: 24
                          84.32.94.0/24 maxlen: 24
                          84.32.95.0/24 maxlen: 24
                          84.32.105.0/24 maxlen: 24
                          84.32.4.0/24 maxlen: 24
                          84.32.7.0/24 maxlen: 24
                          84.32.8.0/24 maxlen: 24
                          84.32.14.0/24 maxlen: 24
                          84.32.24.0/22 maxlen: 24
                          84.32.20.0/22 maxlen: 24
                          84.32.20.0/24 maxlen: 24
                          84.32.27.0/24 maxlen: 24
                          84.32.28.0/24 maxlen: 24
                          84.32.29.0/24 maxlen: 24
                          84.32.26.0/24 maxlen: 24
                          84.32.31.0/24 maxlen: 24
                          84.32.42.0/24 maxlen: 24
                          84.32.43.0/24 maxlen: 24
                          84.32.47.0/24 maxlen: 24
                          84.32.46.0/24 maxlen: 24
                          84.32.176.0/24 maxlen: 24
                          84.32.179.0/24 maxlen: 24
                          84.32.174.0/23 maxlen: 24
                          84.32.178.0/23 maxlen: 24
                          84.32.211.0/24 maxlen: 24
                          84.32.212.0/24 maxlen: 24
                          84.32.213.0/24 maxlen: 24
                          84.32.107.0/24 maxlen: 24
                          84.32.150.0/24 maxlen: 24
                          84.32.148.0/23 maxlen: 24
                          84.32.150.0/23 maxlen: 24
                          84.32.153.0/24 maxlen: 24
                          84.32.159.0/24 maxlen: 24
                          84.32.155.0/24 maxlen: 24
                          84.32.157.0/24 maxlen: 24
                          84.32.158.0/24 maxlen: 24
                          88.216.183.0/24 maxlen: 24
                          88.216.180.0/24 maxlen: 24
                          88.216.190.0/24 maxlen: 24
                          88.216.191.0/24 maxlen: 24
                          88.216.187.0/24 maxlen: 24
                          88.216.188.0/24 maxlen: 24
                          88.216.189.0/24 maxlen: 24
                          88.216.197.0/24 maxlen: 24
                          88.216.198.0/24 maxlen: 24
                          88.216.212.0/22 maxlen: 24
                          88.216.211.0/24 maxlen: 24
                          88.216.208.0/24 maxlen: 24
                          88.216.110.0/24 maxlen: 24
                          88.216.111.0/24 maxlen: 24
                          88.216.107.0/24 maxlen: 24
                          88.216.109.0/24 maxlen: 24
                          88.216.106.0/24 maxlen: 24
                          88.216.128.0/24 maxlen: 24
                          88.216.129.0/24 maxlen: 24
                          88.216.132.0/24 maxlen: 24
                          88.216.130.0/23 maxlen: 24
                          88.216.134.0/23 maxlen: 24
                          88.216.223.0/24 maxlen: 24
                          88.216.220.0/24 maxlen: 24
                          88.216.228.0/22 maxlen: 24
                          88.216.236.0/22 maxlen: 24
                          88.216.58.0/24 maxlen: 24
                          88.216.64.0/24 maxlen: 24
                          88.216.65.0/24 maxlen: 24
                          88.216.93.0/24 maxlen: 24
                          88.216.95.0/24 maxlen: 24
                          88.216.92.0/24 maxlen: 24
                          88.216.101.0/24 maxlen: 24
                          88.216.102.0/24 maxlen: 24
                          88.216.104.0/24 maxlen: 24
                          88.216.105.0/24 maxlen: 24
                          88.216.2.0/24 maxlen: 24
                          88.216.3.0/24 maxlen: 24
                          88.216.0.0/24 maxlen: 24
                          88.216.1.0/24 maxlen: 24
                          88.216.16.0/24 maxlen: 24
                          88.216.23.0/24 maxlen: 24
                          88.216.22.0/24 maxlen: 24
                          88.216.22.0/23 maxlen: 24
                          88.216.35.0/24 maxlen: 24
                          88.216.36.0/24 maxlen: 24
                          88.216.44.0/24 maxlen: 24
                          88.216.42.0/24 maxlen: 24
                          88.216.40.0/24 maxlen: 24
                          88.216.45.0/24 maxlen: 24
                          88.216.47.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 04 Oct 2023 13:20:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:f9:b7:86:25:3d:a5:ec:50:1f:ee:bd:38:2c:c6:99:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Oct  4 08:04:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3f4f5dbea3e851730cad5282f15e0f49e01f6cf0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:67:8e:43:60:e3:a4:68:ad:79:fe:c8:b2:7b:
                    0e:6b:25:52:1b:8e:c1:5b:d2:5d:ea:49:18:71:49:
                    d7:a3:bc:ae:0b:5c:8a:94:c7:50:62:b4:60:6d:ba:
                    58:1a:dc:04:42:c6:5f:11:e9:4c:da:8d:ea:ee:ab:
                    82:d8:be:bf:2f:d7:01:3a:15:6a:48:0e:e2:e0:c4:
                    b9:11:56:8e:e8:37:27:c0:26:b1:40:59:88:aa:b4:
                    6b:8e:ee:ba:e4:b6:1e:10:6f:54:68:aa:dd:5f:3e:
                    f7:e4:da:8d:da:e4:1c:92:4c:0d:80:63:3f:f5:b5:
                    de:bf:17:3c:33:5b:58:4d:be:b0:05:38:21:c6:6a:
                    23:5f:e8:1c:40:8d:72:91:60:a5:63:7f:ec:c7:11:
                    27:eb:4b:71:f1:b4:13:05:13:20:58:5b:54:ab:b6:
                    58:1e:a2:95:b9:1a:5d:00:cf:ff:d3:2b:c9:58:df:
                    e7:54:3a:61:08:53:45:ab:eb:ca:f8:7a:ec:c6:99:
                    ec:f3:9b:53:4b:23:b7:5f:8e:2c:36:7d:04:fa:da:
                    6a:b0:72:3b:d7:19:3f:da:86:e9:76:d8:6e:75:cc:
                    3a:15:10:19:92:48:b8:f0:fe:44:63:3c:20:d0:dc:
                    92:c0:36:b2:3d:54:22:d9:4b:11:6c:db:5e:b2:22:
                    12:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:4F:5D:BE:A3:E8:51:73:0C:AD:52:82:F1:5E:0F:49:E0:1F:6C:F0
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/P09dvqPoUXMMrVKC8V4PSeAfbPA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.4.0/24
                  84.32.7.0-84.32.8.255
                  84.32.14.0/24
                  84.32.20.0-84.32.29.255
                  84.32.31.0/24
                  84.32.42.0/23
                  84.32.46.0/23
                  84.32.58.0/24
                  84.32.60.0-84.32.62.255
                  84.32.64.0-84.32.66.255
                  84.32.68.0/24
                  84.32.76.0/23
                  84.32.83.0/24
                  84.32.85.0/24
                  84.32.88.0-84.32.90.255
                  84.32.92.0/22
                  84.32.105.0/24
                  84.32.107.0/24
                  84.32.148.0/22
                  84.32.153.0/24
                  84.32.155.0/24
                  84.32.157.0-84.32.159.255
                  84.32.174.0-84.32.176.255
                  84.32.178.0/23
                  84.32.211.0-84.32.215.255
                  84.32.219.0-84.32.221.255
                  84.32.224.0/24
                  84.32.226.0/24
                  84.32.228.0/24
                  84.32.232.0-84.32.242.255
                  84.32.244.0/22
                  84.32.249.0-84.32.255.255
                  88.216.0.0/22
                  88.216.16.0/24
                  88.216.22.0/23
                  88.216.35.0-88.216.36.255
                  88.216.40.0/24
                  88.216.42.0/24
                  88.216.44.0/23
                  88.216.47.0/24
                  88.216.58.0/24
                  88.216.64.0/23
                  88.216.92.0/23
                  88.216.95.0/24
                  88.216.101.0-88.216.102.255
                  88.216.104.0/22
                  88.216.109.0-88.216.111.255
                  88.216.128.0-88.216.132.255
                  88.216.134.0/23
                  88.216.180.0/24
                  88.216.183.0/24
                  88.216.187.0-88.216.191.255
                  88.216.197.0-88.216.198.255
                  88.216.208.0/24
                  88.216.211.0-88.216.215.255
                  88.216.220.0/24
                  88.216.223.0/24
                  88.216.228.0/22
                  88.216.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         23:a3:60:f1:89:77:76:f9:5a:f7:30:30:3c:b9:21:3b:b5:cd:
         29:a8:d3:6f:5a:fa:29:89:84:47:81:30:8e:78:ad:a7:64:bb:
         ec:09:d3:f6:ef:e2:cf:b7:0f:62:7c:fa:a8:12:48:d5:d7:16:
         32:68:ba:d5:e9:2b:51:c7:2f:ff:e4:ec:f3:d0:65:0d:a2:8a:
         54:4c:7c:1a:ad:25:c8:31:3c:ce:d3:9d:c3:c5:11:b8:bc:59:
         52:6d:a5:8b:57:93:9a:b2:6d:70:64:6d:46:13:e9:8d:50:97:
         63:48:88:20:b1:6a:da:8b:a5:b1:74:1b:41:b0:b9:a8:3f:6e:
         ca:e7:82:7a:e7:21:c2:6c:24:89:75:b0:9c:50:2b:3d:10:6f:
         2a:74:19:5c:94:43:ce:51:0d:5a:01:f2:44:08:a5:7c:23:2b:
         90:3a:50:5b:2d:d8:7f:88:b6:42:89:7d:20:d3:73:1d:36:bd:
         c4:d2:3f:ad:0c:56:93:85:28:2c:ce:3f:d2:db:04:c5:b0:a2:
         d3:19:db:ce:66:26:cf:51:42:5e:9e:26:41:cb:aa:b3:16:2c:
         18:e8:ee:ad:28:f8:6b:74:f5:3d:06:08:11:90:6d:1e:5a:e0:
         a7:49:38:2b:d4:ef:61:d3:35:9f:90:fb:7c:29:12:41:7a:5b:
         ff:59:db:7a
-----BEGIN CERTIFICATE-----
MIIG8jCCBdqgAwIBAgISAYr5t4YlPaXsUB/uvTgsxpmSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMDA0MDgwNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjRmNWRiZWEzZTg1MTczMGNhZDUyODJmMTVlMGY0OWUwMWY2Y2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGeOQ2DjpGitef7IsnsOayVSG47B
W9Jd6kkYcUnXo7yuC1yKlMdQYrRgbbpYGtwEQsZfEelM2o3q7quC2L6/L9cBOhVq
SA7i4MS5EVaO6DcnwCaxQFmIqrRrju665LYeEG9UaKrdXz735NqN2uQckkwNgGM/
9bXevxc8M1tYTb6wBTghxmojX+gcQI1ykWClY3/sxxEn60tx8bQTBRMgWFtUq7ZY
HqKVuRpdAM//0yvJWN/nVDphCFNFq+vK+Hrsxpns85tTSyO3X44sNn0E+tpqsHI7
1xk/2obpdthudcw6FRAZkki48P5EYzwg0NySwDayPVQi2UsRbNtesiIS8wIDAQAB
o4ID/jCCA/owHQYDVR0OBBYEFD9PXb6j6FFzDK1SgvFeD0ngH2zwMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUDA5ZHZxUG9VWE1NclZLQzhWNFBTZUFmYlBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICEgYIKwYBBQUHAQcBAf8EggIBMIIB/TCCAfkEAgABMIIB
8QMEAFQgBDAMAwQAVCAHAwQAVCAIAwQAVCAOMAwDBAJUIBQDBAFUIBwDBABUIB8D
BAFUICoDBAFUIC4DBABUIDowDAMEAlQgPAMEAFQgPjAMAwQGVCBAAwQAVCBCAwQA
VCBEAwQBVCBMAwQAVCBTAwQAVCBVMAwDBANUIFgDBABUIFoDBAJUIFwDBABUIGkD
BABUIGsDBAJUIJQDBABUIJkDBABUIJswDAMEAFQgnQMEBVQggDAMAwQBVCCuAwQA
VCCwAwQBVCCyMAwDBABUINMDBANUINAwDAMEAFQg2wMEAVQg3AMEAFQg4AMEAFQg
4gMEAFQg5DAMAwQDVCDoAwQAVCDyAwQCVCD0MAsDBABUIPkDAwBUIAMEAljYAAME
AFjYEAMEAVjYFjAMAwQAWNgjAwQAWNgkAwQAWNgoAwQAWNgqAwQBWNgsAwQAWNgv
AwQAWNg6AwQBWNhAAwQBWNhcAwQAWNhfMAwDBABY2GUDBABY2GYDBAJY2GgwDAME
AFjYbQMEBFjYYDAMAwQHWNiAAwQAWNiEAwQBWNiGAwQAWNi0AwQAWNi3MAwDBABY
2LsDBAZY2IAwDAMEAFjYxQMEAFjYxgMEAFjY0DAMAwQAWNjTAwQDWNjQAwQAWNjc
AwQAWNjfAwQCWNjkAwQCWNjsMA0GCSqGSIb3DQEBCwUAA4IBAQAjo2DxiXd2+Vr3
MDA8uSE7tc0pqNNvWvopiYRHgTCOeK2nZLvsCdP27+LPtw9ifPqoEkjV1xYyaLrV
6StRxy//5Ozz0GUNoopUTHwarSXIMTzO053DxRG4vFlSbaWLV5Oasm1wZG1GE+mN
UJdjSIggsWrai6WxdBtBsLmoP27K54J65yHCbCSJdbCcUCs9EG8qdBlclEPOUQ1a
AfJECKV8IyuQOlBbLdh/iLZCiX0g03MdNr3E0j+tDFaThSgszj/S2wTFsKLTGdvO
ZibPUUJeniZBy6qzFiwY6O6tKPhrdPU9BggRkG0eWuCnSTgr1O9h0zWfkPt8KRJB
elv/Wdt6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:27 2024 by rpki-client on console-ams.rpki-client.org