Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T2NQ2fm5GHj4O0-m55i0pDQdmyE.roa
File:                     T2NQ2fm5GHj4O0-m55i0pDQdmyE.roa (raw, json)
Hash identifier:          Oy2olGiZ1XadNab+AlR7z8FjwtS8TU3jMNb50n36B48=
Subject key identifier:   4F:63:50:D9:F9:B9:18:78:F8:3B:4F:A6:E7:98:B4:A4:34:1D:9B:21
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0186267F69C80C8B690EA4E84C22CE2C5764
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T2NQ2fm5GHj4O0-m55i0pDQdmyE.roa
Signing time:             Mon 06 Feb 2023 11:32:09 +0000
ROA not before:           Mon 06 Feb 2023 11:32:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        88.216.190.0/24 maxlen: 24
                          84.32.221.0/24 maxlen: 24
                          84.32.222.0/24 maxlen: 24
                          84.32.220.0/24 maxlen: 24
                          88.216.128.0/24 maxlen: 24
                          88.216.129.0/24 maxlen: 24
                          88.216.132.0/24 maxlen: 24
                          84.32.240.0/24 maxlen: 24
                          88.216.134.0/24 maxlen: 24
                          88.216.133.0/24 maxlen: 24
                          84.32.243.0/24 maxlen: 24
                          84.32.252.0/23 maxlen: 24
                          88.216.215.0/24 maxlen: 24
                          88.216.220.0/24 maxlen: 24
                          88.216.232.0/22 maxlen: 24
                          88.216.228.0/22 maxlen: 24
                          88.216.236.0/22 maxlen: 24
                          84.32.76.0/24 maxlen: 24
                          84.32.77.0/24 maxlen: 24
                          84.32.78.0/24 maxlen: 24
                          84.32.79.0/24 maxlen: 24
                          84.32.24.0/22 maxlen: 24
                          84.32.28.0/24 maxlen: 24
                          84.32.30.0/24 maxlen: 24
                          84.32.46.0/24 maxlen: 24
                          84.32.179.0/24 maxlen: 24
                          88.216.93.0/24 maxlen: 24
                          84.32.212.0/24 maxlen: 24
                          88.216.17.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 08 Feb 2023 07:07:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:26:7f:69:c8:0c:8b:69:0e:a4:e8:4c:22:ce:2c:57:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Feb  6 11:32:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4f6350d9f9b91878f83b4fa6e798b4a4341d9b21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:60:b3:2d:85:6f:b9:9f:f9:f2:82:00:f4:b4:
                    5f:90:66:f1:8d:38:a4:82:19:1b:0b:28:47:6e:e3:
                    f4:09:13:08:d9:58:7d:d4:07:b3:07:97:20:08:95:
                    c7:43:9b:20:f6:72:37:27:bb:30:67:01:54:7e:34:
                    65:6d:c8:60:a1:14:1b:9a:9b:09:8a:b9:4e:dd:1b:
                    8c:b9:f5:1e:ad:0b:c6:12:90:3f:9e:6f:61:94:4f:
                    82:c2:fe:6d:5e:68:8d:da:35:e4:c9:69:d7:04:23:
                    e8:25:0f:98:8e:98:8c:11:2d:fc:3b:c1:ca:8a:51:
                    a0:63:be:0b:c7:73:38:01:d8:51:33:d1:90:5c:3c:
                    f2:9b:9d:a9:43:42:1a:68:99:c9:e7:a7:c9:87:be:
                    03:b7:44:36:9f:92:56:36:a6:81:a1:2d:79:8d:29:
                    f9:ee:05:85:3e:ca:a5:53:b5:3b:c2:22:27:b5:76:
                    08:63:85:4f:25:9a:72:7f:c0:82:b6:a5:7e:d5:90:
                    57:ef:29:57:df:4f:a4:63:8a:75:5b:7c:99:d0:8d:
                    12:cd:9a:18:ce:ae:2f:4d:f8:4f:a2:11:30:80:75:
                    6e:73:84:d4:87:b7:2a:a1:57:81:91:35:f4:d6:48:
                    de:a2:2b:64:de:a8:9b:a3:79:5e:51:df:bc:3c:d3:
                    61:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:63:50:D9:F9:B9:18:78:F8:3B:4F:A6:E7:98:B4:A4:34:1D:9B:21
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T2NQ2fm5GHj4O0-m55i0pDQdmyE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.24.0-84.32.28.255
                  84.32.30.0/24
                  84.32.46.0/24
                  84.32.76.0/22
                  84.32.179.0/24
                  84.32.212.0/24
                  84.32.220.0-84.32.222.255
                  84.32.240.0/24
                  84.32.243.0/24
                  84.32.252.0/23
                  88.216.17.0/24
                  88.216.93.0/24
                  88.216.128.0/23
                  88.216.132.0-88.216.134.255
                  88.216.190.0/24
                  88.216.215.0/24
                  88.216.220.0/24
                  88.216.228.0-88.216.239.255

    Signature Algorithm: sha256WithRSAEncryption
         7e:90:7c:97:df:c8:c5:dd:63:13:33:f8:23:3f:37:c3:eb:68:
         81:f1:a6:3e:00:52:19:21:75:98:3b:68:96:f5:c7:8b:e7:c8:
         ca:6e:30:e9:7d:16:24:c4:d0:8c:c1:66:24:54:7a:f5:fd:0f:
         f6:1c:b6:9e:b9:c8:ea:d7:e1:a8:36:42:d0:0e:db:3f:d8:a1:
         97:21:f2:4e:d0:94:e9:b2:91:78:ef:0a:a2:48:70:80:8b:6b:
         cf:2d:41:71:b3:ff:e4:62:cf:e6:5c:85:c5:83:69:f5:5c:ee:
         a2:2e:34:fd:a9:91:07:12:35:e9:81:22:b7:0f:09:fb:d9:a6:
         3b:80:3e:42:13:76:2d:af:34:63:4c:9b:57:04:f1:7a:e5:c8:
         c5:02:e1:83:69:4e:63:cc:94:91:3e:94:ba:06:57:8d:ab:fc:
         5e:a1:6c:a1:15:3f:8b:cb:be:d9:b1:7f:08:25:79:d7:62:6b:
         67:50:83:ba:85:13:4f:bc:38:f6:63:20:77:ff:27:ef:27:e7:
         44:d6:2b:97:bd:28:b0:54:0d:63:c5:3a:c4:78:82:39:ab:df:
         5a:ef:90:7c:fd:9e:d4:1d:82:4a:c8:3e:74:5b:18:52:90:3d:
         5b:99:b2:04:b3:83:44:37:f9:30:c2:94:62:bd:26:43:15:d8:
         ed:0f:05:23
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYYmf2nIDItpDqToTCLOLFdkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjA2MTEzMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjYzNTBkOWY5YjkxODc4ZjgzYjRmYTZlNzk4YjRhNDM0MWQ5YjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmCzLYVvuZ/58oIA9LRfkGbxjTik
ghkbCyhHbuP0CRMI2Vh91AezB5cgCJXHQ5sg9nI3J7swZwFUfjRlbchgoRQbmpsJ
irlO3RuMufUerQvGEpA/nm9hlE+Cwv5tXmiN2jXkyWnXBCPoJQ+YjpiMES38O8HK
ilGgY74Lx3M4AdhRM9GQXDzym52pQ0IaaJnJ56fJh74Dt0Q2n5JWNqaBoS15jSn5
7gWFPsqlU7U7wiIntXYIY4VPJZpyf8CCtqV+1ZBX7ylX30+kY4p1W3yZ0I0SzZoY
zq4vTfhPohEwgHVuc4TUh7cqoVeBkTX01kjeoitk3qibo3leUd+8PNNhTQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFE9jUNn5uRh4+DtPpueYtKQ0HZshMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVDJOUTJmbTVHSGo0TzAtbTU1aTBwRFFkbXlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwwDAME
A1QgGAMEAFQgHAMEAFQgHgMEAFQgLgMEAlQgTAMEAFQgswMEAFQg1DAMAwQCVCDc
AwQAVCDeAwQAVCDwAwQAVCDzAwQBVCD8AwQAWNgRAwQAWNhdAwQBWNiAMAwDBAJY
2IQDBABY2IYDBABY2L4DBABY2NcDBABY2NwwDAMEAljY5AMEBFjY4DANBgkqhkiG
9w0BAQsFAAOCAQEAfpB8l9/Ixd1jEzP4Iz83w+togfGmPgBSGSF1mDtolvXHi+fI
ym4w6X0WJMTQjMFmJFR69f0P9hy2nrnI6tfhqDZC0A7bP9ihlyHyTtCU6bKReO8K
okhwgItrzy1BcbP/5GLP5lyFxYNp9Vzuoi40/amRBxI16YEitw8J+9mmO4A+QhN2
La80Y0ybVwTxeuXIxQLhg2lOY8yUkT6UugZXjav8XqFsoRU/i8u+2bF/CCV512Jr
Z1CDuoUTT7w49mMgd/8n7yfnRNYrl70osFQNY8U6xHiCOavfWu+QfP2e1B2CSsg+
dFsYUpA9W5myBLODRDf5MMKUYr0mQxXY7Q8FIw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:33 2024 by rpki-client on console-fra.rpki-client.org