Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/R4HTPMHZgpc5_jXjtV4xBFYpecw.roa
File:                     R4HTPMHZgpc5_jXjtV4xBFYpecw.roa (raw, json)
Hash identifier:          sf7VEYyIQCrUIrNKEe7kqzjDriFuu1Ou7MkYc6kfl60=
Subject key identifier:   47:81:D3:3C:C1:D9:82:97:39:FE:35:E3:B5:5E:31:04:56:29:79:CC
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       01856EAFB4FA205FFDAD8C58953A2DED5289
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/R4HTPMHZgpc5_jXjtV4xBFYpecw.roa
Signing time:             Sun 01 Jan 2023 18:54:46 +0000
ROA not before:           Sun 01 Jan 2023 18:54:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14445
IP address blocks:        88.216.0.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 25 Apr 2023 20:50:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:af:b4:fa:20:5f:fd:ad:8c:58:95:3a:2d:ed:52:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Jan  1 18:54:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4781d33cc1d9829739fe35e3b55e3104562979cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:9d:91:e4:2a:26:ff:ff:ff:de:e5:2f:ea:d5:
                    0b:39:cc:8f:e3:50:18:9d:42:6c:72:92:3a:0c:00:
                    d4:18:81:11:20:f1:e1:cc:ba:24:66:1a:d4:c0:41:
                    96:f3:1d:04:2f:b7:75:fb:8f:86:c9:c1:f5:48:7c:
                    1e:4a:b7:82:87:a7:93:ce:3f:ad:2d:54:00:e4:4d:
                    b8:09:79:30:c6:95:51:8b:ff:93:97:0b:55:83:24:
                    3a:fb:03:05:d0:99:6c:3a:2c:75:9b:2e:23:bf:68:
                    f6:be:5b:be:bb:c9:c3:f7:99:98:b7:b6:b7:52:e7:
                    af:86:53:59:88:8e:0e:8c:e0:0d:ca:b3:3c:21:d7:
                    e3:49:54:d8:72:b8:3d:e3:98:f5:1a:1f:c9:18:92:
                    1c:35:d8:0f:df:15:ea:0e:36:8b:5f:30:a6:32:e6:
                    4e:77:0a:98:76:73:56:41:63:dc:29:9c:f3:ac:d5:
                    5a:5d:63:53:f4:2b:f0:40:b9:63:f7:91:3f:6b:d2:
                    d7:5d:fd:8d:9a:70:7c:57:44:00:3a:8c:73:42:a4:
                    52:97:d5:0a:45:7c:0f:f2:8d:2a:8c:7f:b9:44:55:
                    e1:87:62:88:88:e7:6f:8f:92:db:98:33:e0:76:f1:
                    9c:f9:54:8f:d4:25:d7:1d:01:ce:16:fa:84:bd:d3:
                    e5:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:81:D3:3C:C1:D9:82:97:39:FE:35:E3:B5:5E:31:04:56:29:79:CC
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/R4HTPMHZgpc5_jXjtV4xBFYpecw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.216.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:7a:44:3e:00:9c:5d:b6:2a:8b:ed:31:4b:77:ab:54:13:8b:
         4e:65:ff:99:f7:eb:c7:03:49:88:56:ea:e9:ba:16:a3:fe:92:
         77:3c:99:33:3e:72:e8:d6:c8:4f:0d:ac:74:36:e1:cc:bf:e4:
         a3:8c:59:b9:15:2f:d5:e2:72:0b:e5:40:84:f5:c9:4c:82:37:
         87:48:0c:37:28:c7:a0:64:a4:b6:26:93:d1:c2:a2:43:3a:f3:
         45:99:6b:71:cc:4b:5a:92:2e:ec:99:ea:9f:c3:8a:1b:d8:71:
         dc:b5:a3:9f:bf:1e:c1:fd:c7:90:90:2c:df:62:99:3f:36:77:
         f9:ad:a1:ef:aa:06:76:1b:9b:3e:a4:72:58:12:bd:90:84:99:
         f3:84:00:71:a8:c3:cd:1a:9d:e2:60:12:82:2f:21:07:a3:ad:
         3e:c9:b8:12:a8:60:83:99:77:40:4e:24:e4:86:c5:fe:9c:b8:
         f6:a5:0b:a4:f6:eb:bd:d8:0f:12:ca:09:7c:c0:21:70:81:11:
         08:07:40:52:88:89:34:6a:bc:b9:2a:10:79:3d:4f:fa:42:e8:
         d0:6a:6f:7c:5d:82:28:41:4e:09:70:c3:cc:e2:0b:b4:54:4e:
         03:09:a0:04:fe:3b:0d:1d:96:e3:fc:9d:fa:53:d8:0a:a8:8c:
         43:40:17:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur7T6IF/9rYxYlTot7VKJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTAxMTg1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzgxZDMzY2MxZDk4Mjk3MzlmZTM1ZTNiNTVlMzEwNDU2Mjk3OWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJ2R5Com////3uUv6tULOcyP41AY
nUJscpI6DADUGIERIPHhzLokZhrUwEGW8x0EL7d1+4+GycH1SHweSreCh6eTzj+t
LVQA5E24CXkwxpVRi/+TlwtVgyQ6+wMF0JlsOix1my4jv2j2vlu+u8nD95mYt7a3
UuevhlNZiI4OjOANyrM8IdfjSVTYcrg945j1Gh/JGJIcNdgP3xXqDjaLXzCmMuZO
dwqYdnNWQWPcKZzzrNVaXWNT9CvwQLlj95E/a9LXXf2NmnB8V0QAOoxzQqRSl9UK
RXwP8o0qjH+5RFXhh2KIiOdvj5LbmDPgdvGc+VSP1CXXHQHOFvqEvdPl6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEeB0zzB2YKXOf4147VeMQRWKXnMMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUjRIVFBNSFpncGM1X2pYanRWNHhCRllwZWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNgAMA0G
CSqGSIb3DQEBCwUAA4IBAQCIekQ+AJxdtiqL7TFLd6tUE4tOZf+Z9+vHA0mIVurp
uhaj/pJ3PJkzPnLo1shPDax0NuHMv+SjjFm5FS/V4nIL5UCE9clMgjeHSAw3KMeg
ZKS2JpPRwqJDOvNFmWtxzEtaki7smeqfw4ob2HHctaOfvx7B/ceQkCzfYpk/Nnf5
raHvqgZ2G5s+pHJYEr2QhJnzhABxqMPNGp3iYBKCLyEHo60+ybgSqGCDmXdATiTk
hsX+nLj2pQuk9uu92A8Sygl8wCFwgREIB0BSiIk0ary5KhB5PU/6QujQam98XYIo
QU4JcMPM4gu0VE4DCaAE/jsNHZbj/J36U9gKqIxDQBfn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:33 2024 by rpki-client on console-fra.rpki-client.org