Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/cfEEqejUrf0vpG7LTNjGCrJd_gs.roa
File:                     cfEEqejUrf0vpG7LTNjGCrJd_gs.roa (raw, json)
Hash identifier:          Ws70hh6HDyGcxgyhkoFNsl2NdUAjnXqM6bmzXlk5img=
Subject key identifier:   71:F1:04:A9:E8:D4:AD:FD:2F:A4:6E:CB:4C:D8:C6:0A:B2:5D:FE:0B
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0185740CEB3CE6D1CF79D1100A569B369371
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/cfEEqejUrf0vpG7LTNjGCrJd_gs.roa
Signing time:             Mon 02 Jan 2023 19:54:41 +0000
ROA not before:           Mon 02 Jan 2023 19:54:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207279
IP address blocks:        88.216.185.0/24 maxlen: 24
                          88.216.213.0/24 maxlen: 24
                          88.216.131.0/24 maxlen: 24
                          84.32.250.0/24 maxlen: 24
                          88.216.215.0/24 maxlen: 24
                          84.32.64.0/24 maxlen: 24
                          84.32.31.0/24 maxlen: 24
                          88.216.58.0/24 maxlen: 24
                          88.216.57.0/24 maxlen: 24
                          88.216.56.0/24 maxlen: 24
                          88.216.64.0/24 maxlen: 24
                          84.32.172.0/24 maxlen: 24
                          88.216.63.0/24 maxlen: 24
                          88.216.62.0/24 maxlen: 24
                          88.216.61.0/24 maxlen: 24
                          88.216.60.0/24 maxlen: 24
                          88.216.59.0/24 maxlen: 24
                          88.216.65.0/24 maxlen: 24
                          84.32.176.0/24 maxlen: 24
                          84.32.175.0/24 maxlen: 24
                          88.216.23.0/24 maxlen: 24
                          88.216.20.0/24 maxlen: 24
                          84.32.152.0/24 maxlen: 24
                          84.32.149.0/24 maxlen: 24
                          84.32.148.0/24 maxlen: 24
                          88.216.44.0/24 maxlen: 24
                          84.32.157.0/24 maxlen: 24
                          84.32.156.0/24 maxlen: 24
                          84.32.154.0/24 maxlen: 24
                          84.32.153.0/24 maxlen: 24
                          84.32.159.0/24 maxlen: 24
                          84.32.158.0/24 maxlen: 24
                          88.216.45.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 09 Jan 2023 08:34:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:74:0c:eb:3c:e6:d1:cf:79:d1:10:0a:56:9b:36:93:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Jan  2 19:54:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=71f104a9e8d4adfd2fa46ecb4cd8c60ab25dfe0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:7e:09:e5:9a:fc:ce:4f:45:ca:53:54:0d:9c:
                    40:b8:c6:31:3d:4b:c5:3e:f0:ac:05:49:b3:dd:22:
                    4e:69:f6:e6:dd:5d:0d:f1:f9:7a:bf:e3:77:c1:04:
                    37:57:3b:64:f6:e1:64:60:4d:50:bb:6c:49:d3:ef:
                    d1:b5:9e:a2:42:9c:87:77:20:c5:3a:a3:e0:7e:4e:
                    1d:2e:32:ba:50:14:6e:74:c1:04:5d:6a:10:24:43:
                    df:4e:31:ef:79:24:75:ce:98:ed:74:d1:46:78:9a:
                    a1:14:56:ea:e0:30:a8:c1:d2:60:3d:71:a1:e9:57:
                    7a:dd:93:10:4a:e1:e4:a8:1b:98:4a:d9:de:8a:d7:
                    b1:13:ee:c4:14:74:be:68:f3:89:8c:58:65:fb:77:
                    47:bd:51:68:71:c9:73:7b:aa:85:4a:3a:3d:80:62:
                    40:2a:0b:60:52:5a:61:d5:1b:0e:7d:89:3a:f9:17:
                    ac:cf:1f:18:f7:4f:94:1f:b2:fd:40:ae:af:e8:98:
                    18:2b:3c:6b:9a:4b:5c:34:a4:75:31:33:e2:77:fe:
                    d1:f2:03:60:33:b9:81:03:e3:2e:0a:7e:cf:71:0f:
                    5a:7b:6f:9a:89:a6:31:f9:d3:55:ad:40:6d:dd:f0:
                    66:e3:e7:57:89:8f:23:6b:33:03:ec:f7:c2:79:98:
                    16:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:F1:04:A9:E8:D4:AD:FD:2F:A4:6E:CB:4C:D8:C6:0A:B2:5D:FE:0B
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/cfEEqejUrf0vpG7LTNjGCrJd_gs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.31.0/24
                  84.32.64.0/24
                  84.32.148.0/23
                  84.32.152.0-84.32.154.255
                  84.32.156.0/22
                  84.32.172.0/24
                  84.32.175.0-84.32.176.255
                  84.32.250.0/24
                  88.216.20.0/24
                  88.216.23.0/24
                  88.216.44.0/23
                  88.216.56.0-88.216.65.255
                  88.216.131.0/24
                  88.216.185.0/24
                  88.216.213.0/24
                  88.216.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:71:94:1e:80:2e:29:cc:c2:06:81:0a:32:c0:e9:ff:fc:49:
         74:aa:86:c1:86:45:8d:1c:7e:ca:4d:a8:75:a5:e2:2f:f9:71:
         3d:31:f0:7c:ae:38:01:42:c3:fc:8a:05:9a:29:9b:fb:64:3f:
         4f:e8:c0:f7:4b:38:20:35:18:38:e8:39:f1:d6:65:6d:e4:36:
         e4:42:87:af:80:ef:9b:b9:a1:33:ff:11:4a:50:ae:95:d6:64:
         79:74:9a:70:ab:95:3b:df:1b:ac:39:78:f3:1a:b9:80:91:96:
         ff:5a:af:e8:84:73:54:0c:f6:9e:ef:51:51:1a:70:b6:41:4e:
         1b:17:20:29:b4:97:2f:84:b7:74:c1:36:38:dd:4b:d5:60:d2:
         47:24:f4:4c:a3:31:6c:37:bc:7d:cd:5d:0d:ab:1f:d0:35:85:
         46:c7:c4:f6:69:1d:e5:04:17:61:87:36:62:b3:53:4c:6c:f3:
         49:4b:91:e4:3c:4c:1f:53:f2:f2:30:f2:24:bb:5e:df:12:68:
         1d:11:45:a9:19:19:45:3b:d1:2e:2d:4e:5b:98:2b:f8:ec:f5:
         21:cb:e2:4c:3a:22:89:2b:ae:64:75:29:15:e4:0a:73:90:35:
         3b:44:ba:21:6d:4b:a9:f8:ca:db:cb:e8:9d:9e:bd:8f:25:ba:
         01:f3:c4:95
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYV0DOs85tHPedEQClabNpNxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTAyMTk1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWYxMDRhOWU4ZDRhZGZkMmZhNDZlY2I0Y2Q4YzYwYWIyNWRmZTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApn4J5Zr8zk9FylNUDZxAuMYxPUvF
PvCsBUmz3SJOafbm3V0N8fl6v+N3wQQ3Vztk9uFkYE1Qu2xJ0+/RtZ6iQpyHdyDF
OqPgfk4dLjK6UBRudMEEXWoQJEPfTjHveSR1zpjtdNFGeJqhFFbq4DCowdJgPXGh
6Vd63ZMQSuHkqBuYStneitexE+7EFHS+aPOJjFhl+3dHvVFocclze6qFSjo9gGJA
KgtgUlph1RsOfYk6+Reszx8Y90+UH7L9QK6v6JgYKzxrmktcNKR1MTPid/7R8gNg
M7mBA+MuCn7PcQ9ae2+aiaYx+dNVrUBt3fBm4+dXiY8jazMD7PfCeZgWWQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFHHxBKno1K39L6Ruy0zYxgqyXf4LMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvY2ZFRXFlalVyZjB2cEc3TFROakdDckpkX2dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAVCAf
AwQAVCBAAwQBVCCUMAwDBANUIJgDBABUIJoDBAJUIJwDBABUIKwwDAMEAFQgrwME
AFQgsAMEAFQg+gMEAFjYFAMEAFjYFwMEAVjYLDAMAwQDWNg4AwQBWNhAAwQAWNiD
AwQAWNi5AwQAWNjVAwQAWNjXMA0GCSqGSIb3DQEBCwUAA4IBAQBWcZQegC4pzMIG
gQoywOn//El0qobBhkWNHH7KTah1peIv+XE9MfB8rjgBQsP8igWaKZv7ZD9P6MD3
SzggNRg46Dnx1mVt5DbkQoevgO+buaEz/xFKUK6V1mR5dJpwq5U73xusOXjzGrmA
kZb/Wq/ohHNUDPae71FRGnC2QU4bFyAptJcvhLd0wTY43UvVYNJHJPRMozFsN7x9
zV0Nqx/QNYVGx8T2aR3lBBdhhzZis1NMbPNJS5HkPEwfU/LyMPIku17fEmgdEUWp
GRlFO9EuLU5bmCv47PUhy+JMOiKJK65kdSkV5ApzkDU7RLohbUup+Mrby+idnr2P
JboB88SV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:29 2024 by rpki-client on console-ams.rpki-client.org