Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/boF3P7uVnDUQYYt2shL8vj6OPgg.roa
File:                     boF3P7uVnDUQYYt2shL8vj6OPgg.roa (raw, json)
Hash identifier:          jGzptlFq2+nZn16Mco7ZlXoKclPEm9epTcG7gO0O+Ro=
Subject key identifier:   6E:81:77:3F:BB:95:9C:35:10:61:8B:76:B2:12:FC:BE:3E:8E:3E:08
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018729D52DF1712265B950E42901AEAA1482
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/boF3P7uVnDUQYYt2shL8vj6OPgg.roa
Signing time:             Tue 28 Mar 2023 20:07:29 +0000
ROA not before:           Tue 28 Mar 2023 20:07:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211440
IP address blocks:        88.216.209.0/24 maxlen: 24
                          88.216.46.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:29:d5:2d:f1:71:22:65:b9:50:e4:29:01:ae:aa:14:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Mar 28 20:07:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6e81773fbb959c3510618b76b212fcbe3e8e3e08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:40:81:f8:83:92:49:a0:27:5f:c4:f6:65:61:
                    04:d9:1b:1f:e7:b5:ba:62:92:59:98:8f:fe:a3:6c:
                    72:c2:f8:2b:ac:77:db:25:76:f2:f7:89:0d:78:1f:
                    62:28:23:cf:99:1b:7e:0a:cf:c2:aa:ef:6b:74:bc:
                    28:62:77:23:13:a6:24:85:2e:03:7c:2f:3a:bd:c4:
                    f3:4e:8b:fc:7e:9e:5b:9b:38:24:01:45:a7:2d:46:
                    af:0b:d7:55:1a:1f:08:88:45:ac:63:37:b1:d2:50:
                    8e:dd:45:fc:47:83:ff:7f:08:17:5f:01:81:fb:10:
                    ae:4c:b0:c0:08:d2:65:59:88:58:24:ce:d0:1f:e9:
                    2e:50:98:50:75:bc:61:f0:99:2d:9a:46:4e:aa:e8:
                    96:58:c8:a9:94:f9:07:77:5d:bf:bf:40:19:5b:8f:
                    9d:e2:92:47:a4:5a:a6:92:8a:1c:78:5a:6a:7a:10:
                    8b:f1:88:51:fe:1f:d4:1b:83:cf:c7:3f:5f:8c:bf:
                    85:81:a8:e9:aa:03:85:eb:b7:90:54:2f:ae:81:f6:
                    60:3c:9a:46:28:bc:84:be:c5:be:55:22:ec:8a:2d:
                    44:e0:f2:76:d4:ea:5b:dd:17:8e:8b:ac:67:07:3c:
                    4e:c6:bd:02:a0:d0:fb:38:ce:e4:34:35:04:4e:5c:
                    cb:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:81:77:3F:BB:95:9C:35:10:61:8B:76:B2:12:FC:BE:3E:8E:3E:08
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/boF3P7uVnDUQYYt2shL8vj6OPgg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.216.46.0/24
                  88.216.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:ab:c7:6c:d6:93:ea:6d:06:e0:a2:59:5d:69:63:ff:a4:d1:
         48:a0:d2:fa:34:dc:05:0c:40:a2:0d:40:84:70:96:ed:0d:46:
         0a:5d:d1:19:e1:76:15:bf:f2:d0:e0:5c:94:44:3b:00:4e:5e:
         bf:6f:56:67:13:8c:a5:92:28:37:da:1e:50:e4:75:12:9d:93:
         03:1a:64:5e:7c:59:8e:0c:32:2b:71:8b:29:f5:d5:64:39:38:
         7e:20:7f:4a:6f:6d:0f:bc:ce:da:b7:f7:59:83:c9:43:f8:5d:
         ee:3d:96:56:47:38:aa:4a:fd:ed:5b:c7:d5:0e:a3:dd:7e:36:
         42:e6:d0:e5:4b:27:ff:7c:d3:29:c2:c4:55:ea:03:dd:c3:b2:
         bd:ce:a5:fe:fa:30:40:e9:ac:f2:ed:ad:e4:97:a6:78:59:fa:
         7f:4f:ea:81:9e:3e:05:7d:14:8b:ba:c9:dc:20:cb:4d:92:a3:
         a8:09:00:b1:38:1b:ec:14:87:aa:17:97:4a:e4:c1:31:08:34:
         a6:d9:e4:92:30:9a:79:ee:b1:d2:0f:ac:5f:7b:19:c5:48:dc:
         cb:48:14:e2:fc:a5:a3:d5:64:c7:19:b7:d1:d1:8a:73:a3:48:
         65:86:bd:41:7e:04:61:eb:4b:d3:5d:70:a9:60:97:62:ff:9c:
         26:4e:f2:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcp1S3xcSJluVDkKQGuqhSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMzI4MjAwNzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTgxNzczZmJiOTU5YzM1MTA2MThiNzZiMjEyZmNiZTNlOGUzZTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykCB+IOSSaAnX8T2ZWEE2Rsf57W6
YpJZmI/+o2xywvgrrHfbJXby94kNeB9iKCPPmRt+Cs/Cqu9rdLwoYncjE6YkhS4D
fC86vcTzTov8fp5bmzgkAUWnLUavC9dVGh8IiEWsYzex0lCO3UX8R4P/fwgXXwGB
+xCuTLDACNJlWYhYJM7QH+kuUJhQdbxh8JktmkZOquiWWMiplPkHd12/v0AZW4+d
4pJHpFqmkooceFpqehCL8YhR/h/UG4PPxz9fjL+FgajpqgOF67eQVC+ugfZgPJpG
KLyEvsW+VSLsii1E4PJ21Opb3ReOi6xnBzxOxr0CoND7OM7kNDUETlzLIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG6Bdz+7lZw1EGGLdrIS/L4+jj4IMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvYm9GM1A3dVZuRFVRWVl0MnNoTDh2ajZPUGdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNguAwQA
WNjRMA0GCSqGSIb3DQEBCwUAA4IBAQBKq8ds1pPqbQbgolldaWP/pNFIoNL6NNwF
DECiDUCEcJbtDUYKXdEZ4XYVv/LQ4FyURDsATl6/b1ZnE4ylkig32h5Q5HUSnZMD
GmRefFmODDIrcYsp9dVkOTh+IH9Kb20PvM7at/dZg8lD+F3uPZZWRziqSv3tW8fV
DqPdfjZC5tDlSyf/fNMpwsRV6gPdw7K9zqX++jBA6azy7a3kl6Z4Wfp/T+qBnj4F
fRSLusncIMtNkqOoCQCxOBvsFIeqF5dK5MExCDSm2eSSMJp57rHSD6xfexnFSNzL
SBTi/KWj1WTHGbfR0Ypzo0hlhr1BfgRh60vTXXCpYJdi/5wmTvLC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:34 2024 by rpki-client on console-fra.rpki-client.org