Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/agRaW-RY8PJXma0VT42VDRWwI80.roa
File:                     agRaW-RY8PJXma0VT42VDRWwI80.roa (raw, json)
Hash identifier:          jIlyahuj4OGFLB+fJEP9kwUbV36kPQrBaB9XFf30W4I=
Subject key identifier:   6A:04:5A:5B:E4:58:F0:F2:57:99:AD:15:4F:8D:95:0D:15:B0:23:CD
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       01867CF37DE615EA113BAB17DDD78737FE56
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/agRaW-RY8PJXma0VT42VDRWwI80.roa
Signing time:             Thu 23 Feb 2023 06:26:17 +0000
ROA not before:           Thu 23 Feb 2023 06:26:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     393427
IP address blocks:        88.216.108.0/24 maxlen: 24
                          84.32.27.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 24 Apr 2023 05:45:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:7c:f3:7d:e6:15:ea:11:3b:ab:17:dd:d7:87:37:fe:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Feb 23 06:26:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6a045a5be458f0f25799ad154f8d950d15b023cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:94:97:c3:d5:d6:6f:3b:1b:9a:42:49:96:b8:
                    a5:cf:2a:db:d1:6d:8c:f3:95:cc:90:e3:cc:5c:e3:
                    ad:f1:47:f4:fe:b6:41:57:39:34:13:3e:39:4f:d6:
                    1a:67:41:70:ac:c7:d5:6c:8b:12:78:d7:09:3e:3d:
                    60:a5:06:80:7d:a1:f7:24:8c:a0:00:e7:2b:a6:f0:
                    fa:71:f9:07:1d:c5:ef:6d:c5:cf:ee:de:23:e9:24:
                    46:0b:28:69:d3:11:a1:12:f3:e3:d3:5c:c2:11:55:
                    b1:de:a6:f7:21:55:0b:fa:1e:a6:41:5a:64:aa:40:
                    0e:d0:57:50:42:40:45:62:a6:e5:3a:5e:34:2b:2d:
                    75:fa:a0:9b:b6:12:c1:ae:c1:1a:84:21:0d:40:ba:
                    a6:4e:d2:c4:24:74:33:84:8d:cf:49:b6:b3:19:65:
                    e4:2a:2a:9b:29:97:57:18:47:b8:cf:37:80:74:f1:
                    14:ef:71:3b:86:97:d4:d3:e7:fc:55:14:63:00:0c:
                    96:c6:4f:53:02:c0:33:8b:73:ff:53:b5:21:e9:39:
                    9c:06:86:aa:51:7e:e4:e5:0d:24:cd:1e:35:ee:3d:
                    15:56:c5:2a:4e:b6:d8:bc:86:a7:78:4f:52:62:66:
                    89:54:78:cc:02:1f:96:9f:94:92:8b:f2:fa:9e:82:
                    f1:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:04:5A:5B:E4:58:F0:F2:57:99:AD:15:4F:8D:95:0D:15:B0:23:CD
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/agRaW-RY8PJXma0VT42VDRWwI80.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.27.0/24
                  88.216.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:37:00:ea:ff:6d:a1:44:79:71:f4:49:d5:81:b7:29:f6:c1:
         e3:b4:8b:78:d7:f0:38:f6:1d:cc:37:89:a0:57:ca:3d:b8:6d:
         9a:b3:6e:67:f3:ad:a4:7c:11:34:26:9e:be:be:97:66:13:8e:
         38:65:ef:af:33:e4:a0:31:45:00:ce:dd:94:da:29:fc:53:eb:
         4c:6a:55:c4:23:00:93:4b:7f:75:02:15:f0:5a:d3:a6:d3:60:
         b1:ba:bd:7f:e8:ee:7d:64:3d:b2:e1:e0:b7:5c:32:3b:51:a9:
         0c:7e:60:40:df:ae:72:f7:18:2c:7b:5f:00:fd:90:7d:aa:a6:
         a4:de:6c:e6:cd:93:b0:f0:64:0d:25:b7:f3:ae:5f:6e:60:3b:
         4b:05:74:03:98:51:dd:d5:b8:e6:9e:46:6b:87:b8:f9:b9:f2:
         07:d0:b3:f9:b8:ed:77:6a:dd:2c:21:86:df:e9:97:4a:59:e5:
         f1:e7:9f:7a:fd:9d:12:04:cf:af:2e:5e:c1:ba:1a:02:b8:dd:
         78:c6:df:52:bb:4e:81:57:6b:07:80:d6:40:c5:2b:29:ca:52:
         3a:95:16:4c:f3:30:e6:bb:d3:d0:e0:e1:98:5f:11:cc:25:3e:
         77:65:ec:be:5f:ef:77:d0:b8:65:24:60:0e:ff:32:da:d1:00:
         bc:3b:07:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZ8833mFeoRO6sX3deHN/5WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjIzMDYyNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTA0NWE1YmU0NThmMGYyNTc5OWFkMTU0ZjhkOTUwZDE1YjAyM2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5SXw9XWbzsbmkJJlrilzyrb0W2M
85XMkOPMXOOt8Uf0/rZBVzk0Ez45T9YaZ0FwrMfVbIsSeNcJPj1gpQaAfaH3JIyg
AOcrpvD6cfkHHcXvbcXP7t4j6SRGCyhp0xGhEvPj01zCEVWx3qb3IVUL+h6mQVpk
qkAO0FdQQkBFYqblOl40Ky11+qCbthLBrsEahCENQLqmTtLEJHQzhI3PSbazGWXk
KiqbKZdXGEe4zzeAdPEU73E7hpfU0+f8VRRjAAyWxk9TAsAzi3P/U7Uh6TmcBoaq
UX7k5Q0kzR417j0VVsUqTrbYvIaneE9SYmaJVHjMAh+Wn5SSi/L6noLx6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGoEWlvkWPDyV5mtFU+NlQ0VsCPNMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvYWdSYVctUlk4UEpYbWEwVlQ0MlZEUld3STgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCAbAwQA
WNhsMA0GCSqGSIb3DQEBCwUAA4IBAQAiNwDq/22hRHlx9EnVgbcp9sHjtIt41/A4
9h3MN4mgV8o9uG2as25n862kfBE0Jp6+vpdmE444Ze+vM+SgMUUAzt2U2in8U+tM
alXEIwCTS391AhXwWtOm02Cxur1/6O59ZD2y4eC3XDI7UakMfmBA365y9xgse18A
/ZB9qqak3mzmzZOw8GQNJbfzrl9uYDtLBXQDmFHd1bjmnkZrh7j5ufIH0LP5uO13
at0sIYbf6ZdKWeXx5596/Z0SBM+vLl7BuhoCuN14xt9Su06BV2sHgNZAxSspylI6
lRZM8zDmu9PQ4OGYXxHMJT53Zey+X+930LhlJGAO/zLa0QC8Owdy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:29 2024 by rpki-client on console-ams.rpki-client.org