Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/WLdlCemGLFYJhHbA7y0AXS09lIo.roa
File:                     WLdlCemGLFYJhHbA7y0AXS09lIo.roa (raw, json)
Hash identifier:          2wrepzEp9gBmjG8cudTa1PdTljEkvAA29XWY6ivWGpE=
Subject key identifier:   58:B7:65:09:E9:86:2C:56:09:84:76:C0:EF:2D:00:5D:2D:3D:94:8A
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       01864B34DD4D7DC38422D78BEFB9E43607B0
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/WLdlCemGLFYJhHbA7y0AXS09lIo.roa
Signing time:             Mon 13 Feb 2023 14:36:41 +0000
ROA not before:           Mon 13 Feb 2023 14:36:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211237
IP address blocks:        84.32.71.0/24 maxlen: 24
                          88.216.199.0/24 maxlen: 24
                          84.32.88.0/24 maxlen: 24
                          88.216.210.0/24 maxlen: 24
                          84.32.218.0/24 maxlen: 24
                          84.32.220.0/24 maxlen: 24
                          84.32.10.0/24 maxlen: 24
                          84.32.8.0/24 maxlen: 24
                          84.32.232.0/24 maxlen: 24
                          84.32.239.0/24 maxlen: 24
                          84.32.245.0/24 maxlen: 24
                          84.32.50.0/24 maxlen: 24
                          88.216.92.0/24 maxlen: 24
                          84.32.108.0/24 maxlen: 24
                          84.32.109.0/24 maxlen: 24
                          88.216.3.0/24 maxlen: 24
                          88.216.32.0/24 maxlen: 24
                          84.32.150.0/24 maxlen: 24
                          84.32.151.0/24 maxlen: 24
                          88.216.46.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 15 Feb 2023 11:32:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:4b:34:dd:4d:7d:c3:84:22:d7:8b:ef:b9:e4:36:07:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Feb 13 14:36:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=58b76509e9862c56098476c0ef2d005d2d3d948a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:bf:37:0c:d8:0a:eb:e2:fb:7a:fa:92:b0:ed:
                    97:d3:29:8c:d4:b8:3c:c2:9e:44:00:bc:7b:23:50:
                    60:f1:5f:84:19:e3:b3:a0:e8:64:8d:e5:a5:d9:dd:
                    6f:7b:1d:a0:18:e7:68:e2:a6:d0:61:c4:d3:ac:ff:
                    f7:b0:0b:08:9a:64:30:68:bc:65:ca:77:f3:14:c4:
                    fc:09:69:d4:9c:48:2f:2d:32:d0:bc:47:7c:e6:e1:
                    e3:e3:72:dd:97:ca:65:e6:3f:d5:01:1b:9f:01:28:
                    a1:76:7d:94:e6:a8:f3:e5:80:a2:66:2f:04:48:79:
                    d7:15:63:73:5e:ff:3b:8a:63:a3:87:68:d0:6f:03:
                    cd:1c:f6:85:00:4f:a3:5a:e0:a2:4d:41:1a:6d:2a:
                    d4:6d:55:53:3f:5f:97:53:e8:58:f9:8f:49:19:5e:
                    c6:3f:40:73:94:12:f3:28:03:aa:4f:48:9a:a7:e6:
                    e7:88:44:b4:c9:4a:f0:9f:0a:9a:f0:d9:a5:65:a9:
                    c2:0a:0e:c1:29:32:46:47:ee:5c:3f:d4:d0:70:ab:
                    73:ff:f7:0c:f2:dc:c6:5d:04:ac:21:54:cd:25:de:
                    b6:23:43:16:41:21:2b:fa:5f:f9:52:25:78:14:6c:
                    fd:1e:a8:de:25:af:da:75:29:be:22:be:cd:7d:91:
                    f9:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:B7:65:09:E9:86:2C:56:09:84:76:C0:EF:2D:00:5D:2D:3D:94:8A
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/WLdlCemGLFYJhHbA7y0AXS09lIo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.8.0/24
                  84.32.10.0/24
                  84.32.50.0/24
                  84.32.71.0/24
                  84.32.88.0/24
                  84.32.108.0/23
                  84.32.150.0/23
                  84.32.218.0/24
                  84.32.220.0/24
                  84.32.232.0/24
                  84.32.239.0/24
                  84.32.245.0/24
                  88.216.3.0/24
                  88.216.32.0/24
                  88.216.46.0/24
                  88.216.92.0/24
                  88.216.199.0/24
                  88.216.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:fa:c9:a8:81:a7:a1:0e:c2:4c:5c:a6:82:e4:3d:bc:80:a6:
         2e:41:69:a8:a1:37:f8:77:3e:37:81:a5:db:fa:82:15:11:62:
         bb:ab:de:54:cd:ae:fa:43:57:e8:28:0d:d9:08:da:37:6e:60:
         2e:2c:1c:74:0a:d8:27:e8:32:e9:6c:62:00:17:58:4c:75:02:
         9a:24:8a:36:fb:5c:c5:48:59:fe:57:07:5d:d4:15:13:bb:e0:
         e7:4d:e9:ed:02:d3:e7:f4:d9:52:38:55:36:15:e7:17:be:22:
         2d:45:7c:d6:b1:26:d4:ac:bc:ba:03:6c:56:ef:ed:51:19:14:
         19:f1:f9:95:14:f4:ec:16:9d:ac:96:98:ba:ff:43:bc:62:3d:
         20:d5:22:cd:e9:af:50:fb:39:e2:bc:bf:ce:7e:f4:fd:a1:40:
         fe:4c:9c:eb:da:31:49:3d:e0:db:ea:e9:8f:cb:89:f8:b5:2f:
         dc:3f:d9:75:48:82:eb:1f:d9:2f:3b:43:0f:93:26:e1:84:1c:
         d9:14:53:62:35:bb:cc:13:82:04:8d:98:17:fc:b3:75:4f:a2:
         69:a8:da:81:8a:95:c3:a2:32:92:a8:e7:ae:ee:54:00:6f:4d:
         13:0c:1f:49:e2:ae:45:76:c4:33:0e:00:08:97:47:92:31:f4:
         3a:07:10:e0
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYZLNN1NfcOEIteL77nkNgewMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjEzMTQzNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGI3NjUwOWU5ODYyYzU2MDk4NDc2YzBlZjJkMDA1ZDJkM2Q5NDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApr83DNgK6+L7evqSsO2X0ymM1Lg8
wp5EALx7I1Bg8V+EGeOzoOhkjeWl2d1vex2gGOdo4qbQYcTTrP/3sAsImmQwaLxl
ynfzFMT8CWnUnEgvLTLQvEd85uHj43Ldl8pl5j/VARufASihdn2U5qjz5YCiZi8E
SHnXFWNzXv87imOjh2jQbwPNHPaFAE+jWuCiTUEabSrUbVVTP1+XU+hY+Y9JGV7G
P0BzlBLzKAOqT0iap+bniES0yUrwnwqa8NmlZanCCg7BKTJGR+5cP9TQcKtz//cM
8tzGXQSsIVTNJd62I0MWQSEr+l/5UiV4FGz9HqjeJa/adSm+Ir7NfZH53wIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFFi3ZQnphixWCYR2wO8tAF0tPZSKMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvV0xkbENlbUdMRllKaEhiQTd5MEFYUzA5bElvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAFQgCAME
AFQgCgMEAFQgMgMEAFQgRwMEAFQgWAMEAVQgbAMEAVQglgMEAFQg2gMEAFQg3AME
AFQg6AMEAFQg7wMEAFQg9QMEAFjYAwMEAFjYIAMEAFjYLgMEAFjYXAMEAFjYxwME
AFjY0jANBgkqhkiG9w0BAQsFAAOCAQEAAvrJqIGnoQ7CTFymguQ9vICmLkFpqKE3
+Hc+N4Gl2/qCFRFiu6veVM2u+kNX6CgN2QjaN25gLiwcdArYJ+gy6WxiABdYTHUC
miSKNvtcxUhZ/lcHXdQVE7vg503p7QLT5/TZUjhVNhXnF74iLUV81rEm1Ky8ugNs
Vu/tURkUGfH5lRT07BadrJaYuv9DvGI9INUizemvUPs54ry/zn70/aFA/kyc69ox
ST3g2+rpj8uJ+LUv3D/ZdUiC6x/ZLztDD5Mm4YQc2RRTYjW7zBOCBI2YF/yzdU+i
aajagYqVw6Iykqjnru5UAG9NEwwfSeKuRXbEMw4ACJdHkjH0OgcQ4A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:33 2024 by rpki-client on console-fra.rpki-client.org