Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/aUugiTiwYc_neZkBNvtWXSnZQbA.roa
File:                     aUugiTiwYc_neZkBNvtWXSnZQbA.roa (raw, json)
Hash identifier:          /zg/aOfKvGntMkH6dCI2tlN+R5uP8lzhZgajU2IUApw=
Subject key identifier:   69:4B:A0:89:38:B0:61:CF:E7:79:99:01:36:FB:56:5D:29:D9:41:B0
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018CC5014F7AD51137F76CEB4E1FA49B33FB
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/aUugiTiwYc_neZkBNvtWXSnZQbA.roa
Signing time:             Mon 01 Jan 2024 12:30:46 +0000
ROA not before:           Mon 01 Jan 2024 12:30:46 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216444
IP address blocks:        84.32.22.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Thu 01 Feb 2024 11:23:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:01:4f:7a:d5:11:37:f7:6c:eb:4e:1f:a4:9b:33:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Jan  1 12:30:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=694ba08938b061cfe779990136fb565d29d941b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:ec:4b:f6:49:45:d8:b9:c7:38:74:f5:b5:e4:
                    db:d2:5f:3a:ae:f2:c2:8d:c6:4f:11:23:07:84:92:
                    61:d8:24:4f:2a:17:9f:d1:d4:40:ab:cc:54:17:10:
                    19:fa:01:da:28:70:06:b3:e3:17:ef:05:62:f3:f5:
                    3f:50:ea:f2:6b:1b:85:52:54:d1:67:4c:9a:98:67:
                    5b:d2:2c:d3:a1:16:89:49:ec:1a:10:6c:55:50:23:
                    1a:3e:83:36:41:d9:73:3d:dd:14:3c:80:9e:8c:3b:
                    16:1a:e7:0a:7f:4a:3b:76:3a:3b:aa:9b:a8:14:e0:
                    57:a1:31:c3:f1:4f:d7:dd:89:57:fa:03:f8:98:69:
                    5a:41:5e:ef:6b:20:af:57:87:40:27:fe:8a:42:43:
                    b0:b9:32:18:c4:87:1b:d2:7f:28:45:56:ea:de:46:
                    82:a3:af:e1:95:0e:21:75:6b:b0:2c:f2:cc:62:04:
                    8b:a7:f7:83:51:34:ca:4f:82:9f:48:1d:45:7d:fd:
                    93:38:84:ce:18:13:99:f9:7f:4c:ab:53:74:22:ef:
                    98:19:c6:d7:af:11:a6:04:45:d8:ea:b0:f5:85:cc:
                    8d:10:3b:50:69:35:cf:88:b4:f5:6a:be:af:a9:cd:
                    26:c9:95:7b:d7:b7:6d:9c:db:00:70:d7:77:73:74:
                    34:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:4B:A0:89:38:B0:61:CF:E7:79:99:01:36:FB:56:5D:29:D9:41:B0
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/aUugiTiwYc_neZkBNvtWXSnZQbA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         43:58:f4:5d:b3:03:92:2a:05:3a:2d:9c:60:e3:d1:14:18:6f:
         ec:46:88:98:c9:10:47:16:aa:28:a3:96:a0:e8:19:78:13:86:
         b4:98:f3:e2:9b:e6:20:27:e8:70:7f:e7:34:4f:b8:c3:12:bd:
         3e:ed:c0:cc:84:97:70:06:2c:2c:e6:6e:b4:a6:51:92:7c:e7:
         f4:cd:cd:9d:4a:37:b0:aa:f6:26:4f:b1:49:79:79:f2:97:6e:
         c7:0f:d4:3e:fa:a0:74:22:c5:f9:23:19:e7:88:72:3b:7d:fc:
         5b:5c:32:9f:08:f3:56:fc:b2:d4:4d:91:dd:b0:b5:9b:eb:e5:
         ce:16:73:4f:d1:60:8a:f7:86:3e:1b:9a:c2:98:17:2d:13:fc:
         eb:38:b1:0c:6b:3c:97:1f:18:f2:1a:42:47:e4:e4:d3:d3:78:
         a5:66:85:ca:87:e7:bf:39:c0:55:57:00:ca:f4:bd:f2:d4:13:
         05:5b:2d:85:53:12:f5:18:0a:dc:03:25:09:a9:f8:d0:71:3f:
         f3:4e:47:9f:6b:64:83:04:ac:3c:b7:3e:15:68:e2:19:e1:d9:
         3d:7d:fd:66:ee:ec:2f:a8:15:0d:33:31:a9:4d:73:9d:9c:d1:
         58:81:cc:cc:6d:57:58:c2:2c:6f:fd:33:32:4a:5c:52:ad:1d:
         22:e4:3f:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAU961RE392zrTh+kmzP7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAxMTIzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTRiYTA4OTM4YjA2MWNmZTc3OTk5MDEzNmZiNTY1ZDI5ZDk0MWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhexL9klF2LnHOHT1teTb0l86rvLC
jcZPESMHhJJh2CRPKhef0dRAq8xUFxAZ+gHaKHAGs+MX7wVi8/U/UOryaxuFUlTR
Z0yamGdb0izToRaJSewaEGxVUCMaPoM2QdlzPd0UPICejDsWGucKf0o7djo7qpuo
FOBXoTHD8U/X3YlX+gP4mGlaQV7vayCvV4dAJ/6KQkOwuTIYxIcb0n8oRVbq3kaC
o6/hlQ4hdWuwLPLMYgSLp/eDUTTKT4KfSB1Fff2TOITOGBOZ+X9Mq1N0Iu+YGcbX
rxGmBEXY6rD1hcyNEDtQaTXPiLT1ar6vqc0myZV717dtnNsAcNd3c3Q0TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGlLoIk4sGHP53mZATb7Vl0p2UGwMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvYVV1Z2lUaXdZY19uZVprQk52dFdYU25aUWJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVCAWMA0G
CSqGSIb3DQEBCwUAA4IBAQBDWPRdswOSKgU6LZxg49EUGG/sRoiYyRBHFqooo5ag
6Bl4E4a0mPPim+YgJ+hwf+c0T7jDEr0+7cDMhJdwBiws5m60plGSfOf0zc2dSjew
qvYmT7FJeXnyl27HD9Q++qB0IsX5IxnniHI7ffxbXDKfCPNW/LLUTZHdsLWb6+XO
FnNP0WCK94Y+G5rCmBctE/zrOLEMazyXHxjyGkJH5OTT03ilZoXKh+e/OcBVVwDK
9L3y1BMFWy2FUxL1GArcAyUJqfjQcT/zTkefa2SDBKw8tz4VaOIZ4dk9ff1m7uwv
qBUNMzGpTXOdnNFYgczMbVdYwixv/TMySlxSrR0i5D/I
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:29 2024 by rpki-client on console-ams.rpki-client.org