Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/fQL37ZDEox0UHpEZCAv-BAo17H0.roa
File:                     fQL37ZDEox0UHpEZCAv-BAo17H0.roa (raw, json)
Hash identifier:          /5WKxfFdYY9K2mJ/oMXsTRbARANePFAYTa5yZNtVLxA=
Subject key identifier:   7D:02:F7:ED:90:C4:A3:1D:14:1E:91:19:08:0B:FE:04:0A:35:EC:7D
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       01865E9FD151E1C43C347C9AB412F92593EF
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/fQL37ZDEox0UHpEZCAv-BAo17H0.roa
Signing time:             Fri 17 Feb 2023 09:06:17 +0000
ROA not before:           Fri 17 Feb 2023 09:06:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207279
IP address blocks:        88.216.185.0/24 maxlen: 24
                          88.216.111.0/24 maxlen: 24
                          88.216.132.0/24 maxlen: 24
                          88.216.215.0/24 maxlen: 24
                          84.32.64.0/24 maxlen: 24
                          88.216.58.0/24 maxlen: 24
                          88.216.57.0/24 maxlen: 24
                          88.216.56.0/24 maxlen: 24
                          88.216.64.0/24 maxlen: 24
                          84.32.172.0/24 maxlen: 24
                          88.216.63.0/24 maxlen: 24
                          88.216.62.0/24 maxlen: 24
                          88.216.61.0/24 maxlen: 24
                          88.216.60.0/24 maxlen: 24
                          88.216.59.0/24 maxlen: 24
                          88.216.65.0/24 maxlen: 24
                          84.32.175.0/24 maxlen: 24
                          84.32.152.0/24 maxlen: 24
                          84.32.149.0/24 maxlen: 24
                          84.32.148.0/24 maxlen: 24
                          88.216.44.0/24 maxlen: 24
                          84.32.157.0/24 maxlen: 24
                          84.32.156.0/24 maxlen: 24
                          84.32.154.0/24 maxlen: 24
                          84.32.153.0/24 maxlen: 24
                          84.32.159.0/24 maxlen: 24
                          84.32.158.0/24 maxlen: 24
                          88.216.45.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 22 Feb 2023 06:34:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:5e:9f:d1:51:e1:c4:3c:34:7c:9a:b4:12:f9:25:93:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Feb 17 09:06:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7d02f7ed90c4a31d141e9119080bfe040a35ec7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:5b:5f:a0:5e:8b:48:51:84:37:95:c2:18:15:
                    93:56:7e:df:67:a7:f9:9f:e4:67:6e:87:87:33:af:
                    fa:e6:4d:72:01:93:c5:ac:d7:31:d8:6f:da:db:0f:
                    c1:6b:e4:c6:91:bc:80:20:53:ef:59:44:0c:8d:59:
                    d9:ab:a8:2b:e1:05:4a:2c:3b:a8:37:68:9e:c6:46:
                    02:6b:35:4b:07:c5:b2:28:72:4e:c6:5c:3e:41:4c:
                    5b:c3:54:1b:4d:15:87:b4:6f:d8:9b:6d:53:d4:f5:
                    6c:c8:d7:4f:b1:02:be:34:14:55:60:32:5e:93:1f:
                    d8:9b:18:29:bd:f6:d2:f0:13:fa:16:63:08:fe:df:
                    d4:f3:46:ff:40:ae:2e:5b:97:fa:b8:e4:89:04:d3:
                    b6:b1:fc:ce:17:66:f3:92:9d:a7:c0:75:ce:bf:e1:
                    cd:39:b1:81:66:5d:b2:18:5f:8a:3c:e7:62:72:c8:
                    25:35:a4:e6:69:00:39:b2:48:ef:27:94:a7:b9:ad:
                    81:22:dc:66:a6:78:a7:9f:0e:7d:78:b7:c5:b6:00:
                    1c:4c:be:89:48:da:a0:3b:09:ef:f2:ac:62:f4:01:
                    fe:f8:b4:c0:bc:b5:07:54:9a:bf:6b:dc:c8:ee:34:
                    08:40:3c:96:6d:95:8e:99:e6:54:9e:0a:66:c0:eb:
                    c8:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:02:F7:ED:90:C4:A3:1D:14:1E:91:19:08:0B:FE:04:0A:35:EC:7D
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/fQL37ZDEox0UHpEZCAv-BAo17H0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.64.0/24
                  84.32.148.0/23
                  84.32.152.0-84.32.154.255
                  84.32.156.0/22
                  84.32.172.0/24
                  84.32.175.0/24
                  88.216.44.0/23
                  88.216.56.0-88.216.65.255
                  88.216.111.0/24
                  88.216.132.0/24
                  88.216.185.0/24
                  88.216.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:ae:26:c0:eb:56:77:b4:c9:72:53:89:b7:17:cb:a1:a9:df:
         14:2f:fc:90:3d:50:d6:32:4b:95:7d:44:03:b3:50:de:06:aa:
         41:31:e9:db:3d:54:4f:42:9a:21:54:94:b7:02:dc:46:80:fe:
         a7:5a:59:7c:67:36:ad:58:99:88:c0:24:83:5b:fa:52:b7:98:
         f8:7f:5e:41:78:a9:61:2f:ef:66:4f:52:3b:5c:08:51:01:4f:
         10:4c:5b:59:d1:ab:dc:3a:6f:73:41:a0:54:07:45:4a:6a:ab:
         ca:fc:c2:c8:97:1b:10:6d:e2:92:53:52:fa:2d:80:3d:5d:43:
         66:d6:68:bb:d3:59:2f:6a:ac:4f:a0:18:a1:87:79:1a:f8:e4:
         a2:1c:31:26:7a:d8:5f:72:df:94:f7:3a:bd:0d:46:fc:cf:ad:
         99:66:f3:26:22:33:13:c6:15:01:d5:df:bc:f1:48:5f:13:37:
         37:c1:fb:78:c8:96:5e:33:ad:9e:7a:ba:4f:34:aa:27:ac:41:
         94:97:d9:56:b3:4d:fb:a7:9d:b8:03:6a:32:14:aa:aa:a4:48:
         d1:c2:2f:4c:f6:6a:8e:b9:a1:74:28:99:50:38:04:c2:b9:8c:
         28:d9:12:d8:31:89:45:45:13:8e:c6:1c:bd:71:c3:21:24:39:
         53:aa:ad:c4
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYZen9FR4cQ8NHyatBL5JZPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjE3MDkwNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDAyZjdlZDkwYzRhMzFkMTQxZTkxMTkwODBiZmUwNDBhMzVlYzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjltfoF6LSFGEN5XCGBWTVn7fZ6f5
n+RnboeHM6/65k1yAZPFrNcx2G/a2w/Ba+TGkbyAIFPvWUQMjVnZq6gr4QVKLDuo
N2iexkYCazVLB8WyKHJOxlw+QUxbw1QbTRWHtG/Ym21T1PVsyNdPsQK+NBRVYDJe
kx/YmxgpvfbS8BP6FmMI/t/U80b/QK4uW5f6uOSJBNO2sfzOF2bzkp2nwHXOv+HN
ObGBZl2yGF+KPOdicsglNaTmaQA5skjvJ5Snua2BItxmpninnw59eLfFtgAcTL6J
SNqgOwnv8qxi9AH++LTAvLUHVJq/a9zI7jQIQDyWbZWOmeZUngpmwOvIBQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFH0C9+2QxKMdFB6RGQgL/gQKNex9MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZlFMMzdaREVveDBVSHBFWkNBdi1CQW8xN0gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAVCBAAwQB
VCCUMAwDBANUIJgDBABUIJoDBAJUIJwDBABUIKwDBABUIK8DBAFY2CwwDAMEA1jY
OAMEAVjYQAMEAFjYbwMEAFjYhAMEAFjYuQMEAFjY1zANBgkqhkiG9w0BAQsFAAOC
AQEABa4mwOtWd7TJclOJtxfLoanfFC/8kD1Q1jJLlX1EA7NQ3gaqQTHp2z1UT0Ka
IVSUtwLcRoD+p1pZfGc2rViZiMAkg1v6UreY+H9eQXipYS/vZk9SO1wIUQFPEExb
WdGr3Dpvc0GgVAdFSmqryvzCyJcbEG3iklNS+i2APV1DZtZou9NZL2qsT6AYoYd5
GvjkohwxJnrYX3LflPc6vQ1G/M+tmWbzJiIzE8YVAdXfvPFIXxM3N8H7eMiWXjOt
nnq6TzSqJ6xBlJfZVrNN+6eduANqMhSqqqRI0cIvTPZqjrmhdCiZUDgEwrmMKNkS
2DGJRUUTjsYcvXHDISQ5U6qtxA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:30 2024 by rpki-client on console-ams.rpki-client.org