Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hfjm20EwuNWQ2Ef-r3ee8TftJO0.roa
File:                     hfjm20EwuNWQ2Ef-r3ee8TftJO0.roa (raw, json)
Hash identifier:          NQ+i0P1jrrnVnG5paWmeyoCxd5iWeVwuOIaBD9M57r0=
Subject key identifier:   85:F8:E6:DB:41:30:B8:D5:90:D8:47:FE:AF:77:9E:F1:37:ED:24:ED
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018B094E8A0B9CFECBA71FB2569D697787EE
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hfjm20EwuNWQ2Ef-r3ee8TftJO0.roa
Signing time:             Sat 07 Oct 2023 08:43:43 +0000
ROA not before:           Sat 07 Oct 2023 08:43:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212027
IP address blocks:        84.32.66.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 06 Nov 2023 06:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:09:4e:8a:0b:9c:fe:cb:a7:1f:b2:56:9d:69:77:87:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Oct  7 08:43:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=85f8e6db4130b8d590d847feaf779ef137ed24ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:bc:19:c2:a3:1b:c3:c9:71:fb:97:2e:ad:93:
                    31:48:47:0a:10:a8:f3:3c:d8:6e:93:dc:0f:d9:66:
                    30:83:70:c4:f8:2e:5d:cb:b7:e9:d4:29:86:40:43:
                    7c:7e:47:f0:7b:e3:e2:b6:d2:32:84:20:79:12:81:
                    75:d0:b5:a0:ed:e0:48:ad:21:7c:bf:79:c5:69:43:
                    fa:bd:64:3c:74:72:e8:14:f8:ad:04:e9:51:24:a2:
                    6a:f8:58:07:9c:ef:33:52:57:42:a7:39:63:65:3a:
                    a0:cc:e7:c5:2a:fe:fe:10:13:d9:e1:46:c1:7b:c8:
                    ea:33:85:08:8b:cf:3d:a1:bb:30:eb:65:07:03:53:
                    50:a7:ef:7c:69:78:b1:1d:ec:d1:ac:10:41:0e:ea:
                    05:82:1d:fd:89:39:a5:f0:26:db:35:08:ec:77:90:
                    9b:9e:60:19:63:bf:59:29:ac:a2:91:c2:b9:56:ff:
                    d9:57:52:69:29:61:f6:27:a4:67:eb:2b:34:32:c0:
                    36:6d:df:72:9d:4b:da:53:69:d7:b9:1e:79:a4:69:
                    24:92:09:ed:8e:5c:93:24:e8:e5:52:57:c1:33:13:
                    2a:b9:00:b4:69:0d:5f:08:6b:cb:7f:79:6d:d8:84:
                    36:25:3f:25:22:8f:ea:6a:9d:3f:15:d4:44:83:77:
                    62:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:F8:E6:DB:41:30:B8:D5:90:D8:47:FE:AF:77:9E:F1:37:ED:24:ED
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hfjm20EwuNWQ2Ef-r3ee8TftJO0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:f5:8a:2d:2d:e3:6b:e9:b5:7a:b9:4f:60:b8:2a:de:2a:8f:
         af:ac:b4:91:8a:e7:a3:8b:8c:49:ae:2b:1f:79:e9:e7:8a:1e:
         3f:c1:eb:04:f6:0e:09:6a:7f:b5:05:2f:11:e2:9d:31:20:82:
         f2:7e:b8:e0:d9:3e:7e:b7:c6:36:f5:aa:8a:3b:b6:7d:d9:d2:
         27:74:de:05:77:d8:40:cd:e3:a0:7f:ca:38:6f:dc:19:ef:6f:
         22:3d:79:3f:fe:be:8f:8b:b6:e9:cb:46:54:d3:c6:9f:81:df:
         41:dc:1b:1e:d2:b2:52:d0:aa:3e:bd:54:49:6f:e8:7b:01:16:
         ff:a8:7d:11:bc:3b:96:04:ad:f1:89:5d:dd:e2:b9:50:56:41:
         5e:16:9c:ed:5a:97:45:01:89:83:9a:68:ac:fc:13:13:da:00:
         ae:91:d7:9a:fa:61:c7:5d:73:7f:b0:3b:a2:65:97:19:f6:44:
         5d:9d:64:52:e1:94:03:60:7c:01:d0:74:5f:b1:44:c2:a1:15:
         a3:2c:60:75:ae:97:ad:17:07:a9:e2:b4:60:ec:a8:e8:ec:87:
         c2:85:e0:2b:09:27:a7:1b:c0:58:3a:a6:40:96:74:0e:75:f8:
         1e:90:3e:5a:7c:2a:11:21:67:62:50:0c:43:5d:45:09:62:5b:
         02:2a:fc:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsJTooLnP7Lpx+yVp1pd4fuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMDA3MDg0MzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWY4ZTZkYjQxMzBiOGQ1OTBkODQ3ZmVhZjc3OWVmMTM3ZWQyNGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLwZwqMbw8lx+5curZMxSEcKEKjz
PNhuk9wP2WYwg3DE+C5dy7fp1CmGQEN8fkfwe+PittIyhCB5EoF10LWg7eBIrSF8
v3nFaUP6vWQ8dHLoFPitBOlRJKJq+FgHnO8zUldCpzljZTqgzOfFKv7+EBPZ4UbB
e8jqM4UIi889obsw62UHA1NQp+98aXixHezRrBBBDuoFgh39iTml8CbbNQjsd5Cb
nmAZY79ZKayikcK5Vv/ZV1JpKWH2J6Rn6ys0MsA2bd9ynUvaU2nXuR55pGkkkgnt
jlyTJOjlUlfBMxMquQC0aQ1fCGvLf3lt2IQ2JT8lIo/qap0/FdREg3dibQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIX45ttBMLjVkNhH/q93nvE37STtMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvaGZqbTIwRXd1TldRMkVmLXIzZWU4VGZ0Sk8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCBCMA0G
CSqGSIb3DQEBCwUAA4IBAQCK9YotLeNr6bV6uU9guCreKo+vrLSRiueji4xJrisf
eennih4/wesE9g4Jan+1BS8R4p0xIILyfrjg2T5+t8Y29aqKO7Z92dIndN4Fd9hA
zeOgf8o4b9wZ728iPXk//r6Pi7bpy0ZU08afgd9B3Bse0rJS0Ko+vVRJb+h7ARb/
qH0RvDuWBK3xiV3d4rlQVkFeFpztWpdFAYmDmmis/BMT2gCukdea+mHHXXN/sDui
ZZcZ9kRdnWRS4ZQDYHwB0HRfsUTCoRWjLGB1rpetFwep4rRg7Kjo7IfCheArCSen
G8BYOqZAlnQOdfgekD5afCoRIWdiUAxDXUUJYlsCKvwP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:30 2024 by rpki-client on console-ams.rpki-client.org