Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/UfpXwOS0XQTfkXWCCdlBb8FFVzw.roa
File:                     UfpXwOS0XQTfkXWCCdlBb8FFVzw.roa (raw, json)
Hash identifier:          7FIuRpU1CFFCi/wsHbQFFxYGpGzwn4fd0KGvr+Whk5k=
Subject key identifier:   51:FA:57:C0:E4:B4:5D:04:DF:91:75:82:09:D9:41:6F:C1:45:57:3C
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018C449FC268F6F93642B62BF70E3C618E73
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/UfpXwOS0XQTfkXWCCdlBb8FFVzw.roa
Signing time:             Thu 07 Dec 2023 14:12:49 +0000
ROA not before:           Thu 07 Dec 2023 14:12:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        88.216.183.0/24 maxlen: 24
                          88.216.180.0/24 maxlen: 24
                          88.216.182.0/24 maxlen: 24
                          88.216.190.0/24 maxlen: 24
                          88.216.191.0/24 maxlen: 24
                          88.216.187.0/24 maxlen: 24
                          88.216.188.0/24 maxlen: 24
                          88.216.189.0/24 maxlen: 24
                          88.216.197.0/24 maxlen: 24
                          88.216.198.0/24 maxlen: 24
                          88.216.212.0/22 maxlen: 24
                          88.216.211.0/24 maxlen: 24
                          88.216.208.0/24 maxlen: 24
                          84.32.214.0/23 maxlen: 24
                          88.216.132.0/24 maxlen: 24
                          88.216.130.0/23 maxlen: 24
                          84.32.236.0/24 maxlen: 24
                          84.32.246.0/23 maxlen: 24
                          84.32.244.0/23 maxlen: 24
                          88.216.134.0/23 maxlen: 24
                          84.32.249.0/24 maxlen: 24
                          84.32.66.0/24 maxlen: 24
                          84.32.83.0/24 maxlen: 24
                          84.32.95.0/24 maxlen: 24
                          84.32.8.0/24 maxlen: 24
                          84.32.24.0/22 maxlen: 24
                          84.32.20.0/22 maxlen: 24
                          84.32.25.0/24 maxlen: 24
                          84.32.26.0/24 maxlen: 24
                          84.32.47.0/24 maxlen: 24
                          84.32.46.0/24 maxlen: 24
                          84.32.174.0/23 maxlen: 24
                          84.32.178.0/23 maxlen: 24
                          88.216.93.0/24 maxlen: 24
                          84.32.210.0/24 maxlen: 24
                          88.216.22.0/23 maxlen: 24
                          88.216.44.0/24 maxlen: 24
                          88.216.43.0/24 maxlen: 24
                          84.32.148.0/23 maxlen: 24
                          84.32.150.0/23 maxlen: 24
                          88.216.45.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 11 Dec 2023 06:26:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:44:9f:c2:68:f6:f9:36:42:b6:2b:f7:0e:3c:61:8e:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Dec  7 14:12:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=51fa57c0e4b45d04df91758209d9416fc145573c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:98:d3:b0:42:dc:c0:8d:3b:0a:ef:2b:3d:cc:
                    23:32:6d:4d:b5:ef:7b:3f:ad:43:f9:9e:47:e7:f4:
                    f1:c4:92:65:0f:8c:88:1b:d4:51:0d:42:92:5f:f1:
                    8a:bf:50:09:e0:af:92:50:d0:fc:81:d2:82:e7:72:
                    f6:db:9e:4b:92:bb:ee:ef:83:39:04:c7:16:4d:ec:
                    5c:98:94:15:09:28:70:68:db:ce:31:94:cb:e6:b4:
                    bd:25:03:6a:c7:4b:5e:88:c7:d5:c5:02:f8:20:5c:
                    5c:17:f5:4d:d4:90:81:9e:24:65:b8:75:c9:12:11:
                    0e:24:a9:b0:9d:c7:fe:f3:ad:bf:ec:4d:12:80:33:
                    0a:d6:ce:e0:ea:bf:11:a4:84:f4:c1:41:9c:48:0e:
                    91:f8:e2:21:ca:d2:c0:30:59:f6:b2:fb:ff:05:a1:
                    80:61:cb:c2:fe:f6:1b:00:93:47:79:a7:6d:6b:96:
                    62:d7:ef:eb:77:b1:7b:0f:77:b6:fb:83:2d:3e:eb:
                    64:e0:1f:b1:ee:00:d8:9b:63:a7:35:b3:cb:03:1d:
                    d3:25:a9:11:e5:cb:65:ae:03:d6:fa:9f:f9:ae:f6:
                    f7:df:66:81:5b:71:7c:64:7d:aa:e8:85:bf:36:c2:
                    97:ce:1f:2e:4e:73:d1:a3:95:4c:08:10:54:a0:7d:
                    59:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:FA:57:C0:E4:B4:5D:04:DF:91:75:82:09:D9:41:6F:C1:45:57:3C
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/UfpXwOS0XQTfkXWCCdlBb8FFVzw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.8.0/24
                  84.32.20.0-84.32.27.255
                  84.32.46.0/23
                  84.32.66.0/24
                  84.32.83.0/24
                  84.32.95.0/24
                  84.32.148.0/22
                  84.32.174.0/23
                  84.32.178.0/23
                  84.32.210.0/24
                  84.32.214.0/23
                  84.32.236.0/24
                  84.32.244.0/22
                  84.32.249.0/24
                  88.216.22.0/23
                  88.216.43.0-88.216.45.255
                  88.216.93.0/24
                  88.216.130.0-88.216.132.255
                  88.216.134.0/23
                  88.216.180.0/24
                  88.216.182.0/23
                  88.216.187.0-88.216.191.255
                  88.216.197.0-88.216.198.255
                  88.216.208.0/24
                  88.216.211.0-88.216.215.255

    Signature Algorithm: sha256WithRSAEncryption
         55:3c:c3:c2:3f:97:e6:0f:f0:1a:c1:5c:2b:12:8b:b6:6e:71:
         8f:1a:b7:ee:e1:cc:c1:65:58:e7:16:e0:5e:7e:27:7d:ea:78:
         59:07:aa:1e:8d:56:8c:c2:6d:10:8a:cf:e5:00:aa:0b:9d:aa:
         4c:c3:56:4f:05:cd:97:40:12:fd:a8:07:34:b4:08:94:e8:a8:
         9e:05:6f:33:e0:be:60:35:f0:73:ee:56:96:d4:a0:8a:cc:ec:
         45:f3:68:b3:29:1b:8a:22:1f:2a:17:7e:da:2d:2e:3d:23:64:
         1f:83:72:70:49:79:f9:9f:5d:f6:3c:20:d2:59:9d:26:d0:ee:
         f7:a8:11:48:39:15:a3:17:ff:b3:2e:ce:e8:4f:33:60:0b:4e:
         12:e6:66:2c:96:53:09:93:41:fa:6e:01:ed:0e:6b:2a:fa:16:
         5b:7a:33:b8:3e:03:47:9e:d6:be:ed:c3:57:f0:56:d5:b0:d1:
         df:5f:9b:15:c8:9a:54:03:dc:1e:6a:e9:b3:0b:29:f0:d5:f1:
         06:50:23:8c:8e:42:4d:45:44:df:45:d0:96:a2:ab:53:45:92:
         cb:68:b2:fa:67:86:da:cc:34:3a:ac:f4:e3:cc:98:ca:d5:b1:
         df:31:8d:d2:07:c4:10:5f:25:19:e6:84:f9:8c:d5:ff:84:99:
         49:1e:36:83
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAYxEn8Jo9vk2QrYr9w48YY5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMjA3MTQxMjQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWZhNTdjMGU0YjQ1ZDA0ZGY5MTc1ODIwOWQ5NDE2ZmMxNDU1NzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJjTsELcwI07Cu8rPcwjMm1Nte97
P61D+Z5H5/TxxJJlD4yIG9RRDUKSX/GKv1AJ4K+SUND8gdKC53L2255Lkrvu74M5
BMcWTexcmJQVCShwaNvOMZTL5rS9JQNqx0teiMfVxQL4IFxcF/VN1JCBniRluHXJ
EhEOJKmwncf+862/7E0SgDMK1s7g6r8RpIT0wUGcSA6R+OIhytLAMFn2svv/BaGA
YcvC/vYbAJNHeadta5Zi1+/rd7F7D3e2+4MtPutk4B+x7gDYm2OnNbPLAx3TJakR
5ctlrgPW+p/5rvb332aBW3F8ZH2q6IW/NsKXzh8uTnPRo5VMCBBUoH1Z3QIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFFH6V8DktF0E35F1ggnZQW/BRVc8MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVWZwWHdPUzBYUVRma1hXQ0NkbEJiOEZGVnp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DCBzQQCAAEwgcYDBABU
IAgwDAMEAlQgFAMEAlQgGAMEAVQgLgMEAFQgQgMEAFQgUwMEAFQgXwMEAlQglAME
AVQgrgMEAVQgsgMEAFQg0gMEAVQg1gMEAFQg7AMEAlQg9AMEAFQg+QMEAVjYFjAM
AwQAWNgrAwQBWNgsAwQAWNhdMAwDBAFY2IIDBABY2IQDBAFY2IYDBABY2LQDBAFY
2LYwDAMEAFjYuwMEBljYgDAMAwQAWNjFAwQAWNjGAwQAWNjQMAwDBABY2NMDBANY
2NAwDQYJKoZIhvcNAQELBQADggEBAFU8w8I/l+YP8BrBXCsSi7ZucY8at+7hzMFl
WOcW4F5+J33qeFkHqh6NVozCbRCKz+UAqgudqkzDVk8FzZdAEv2oBzS0CJToqJ4F
bzPgvmA18HPuVpbUoIrM7EXzaLMpG4oiHyoXftotLj0jZB+DcnBJefmfXfY8INJZ
nSbQ7veoEUg5FaMX/7MuzuhPM2ALThLmZiyWUwmTQfpuAe0Oayr6Flt6M7g+A0ee
1r7tw1fwVtWw0d9fmxXImlQD3B5q6bMLKfDV8QZQI4yOQk1FRN9F0Jaiq1NFksto
svpnhtrMNDqs9OPMmMrVsd8xjdIHxBBfJRnmhPmM1f+EmUkeNoM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:28 2024 by rpki-client on console-ams.rpki-client.org