Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ibXFgKWmTUru4hCHN74OxTastto.roa
File:                     ibXFgKWmTUru4hCHN74OxTastto.roa (raw, json)
Hash identifier:          Nfsy0nCNPdOCfb0SLhwfmtk19+r75VbSMdHdHxCeESY=
Subject key identifier:   89:B5:C5:80:A5:A6:4D:4A:EE:E2:10:87:37:BE:0E:C5:36:AC:B6:DA
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018B36B7E01B7121913A6603AAED3398B0F9
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ibXFgKWmTUru4hCHN74OxTastto.roa
Signing time:             Mon 16 Oct 2023 04:21:41 +0000
ROA not before:           Mon 16 Oct 2023 04:21:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400175
IP address blocks:        88.216.2.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:36:b7:e0:1b:71:21:91:3a:66:03:aa:ed:33:98:b0:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Oct 16 04:21:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=89b5c580a5a64d4aeee2108737be0ec536acb6da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:da:4b:98:a0:28:45:71:d0:b2:9c:84:35:1d:
                    49:6f:26:c5:3a:82:b6:53:f8:9a:39:05:64:0c:b8:
                    db:26:5a:cc:13:f8:c6:be:aa:d6:b1:70:e6:6c:88:
                    04:22:17:cf:ee:ee:cb:5c:68:40:be:b8:f3:44:4c:
                    c9:e2:66:3c:53:13:e6:b7:9a:8a:6c:af:73:d0:0f:
                    c6:9f:aa:44:7b:71:80:cf:bc:01:52:4a:30:01:ab:
                    71:23:b7:ab:d8:a4:27:ee:53:fa:28:46:eb:83:66:
                    f8:82:3f:33:fb:6d:11:d1:c0:0d:9d:35:04:bb:7b:
                    d4:d0:96:66:fd:ae:6b:fc:bb:96:1e:67:df:a4:09:
                    f5:d9:23:29:ac:93:fe:a9:cf:5c:3f:9f:48:8f:dc:
                    2c:7f:bd:07:ef:ba:2f:f6:81:96:07:ad:da:c6:8f:
                    6a:c5:6f:b7:fa:19:68:ca:12:04:40:ad:5a:12:ae:
                    c3:1f:6c:fe:5a:c2:00:ca:13:ce:d6:3f:e8:23:33:
                    c6:51:e6:6f:de:1b:53:dd:58:29:a5:64:ae:2d:f6:
                    82:6b:af:35:a6:60:9a:78:7a:9c:79:b7:37:9f:72:
                    ea:41:25:0c:8d:e2:09:0c:c7:dd:a9:13:e2:a0:f7:
                    72:00:1b:d2:21:5e:2d:9c:5d:89:72:91:36:a5:b1:
                    cf:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:B5:C5:80:A5:A6:4D:4A:EE:E2:10:87:37:BE:0E:C5:36:AC:B6:DA
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ibXFgKWmTUru4hCHN74OxTastto.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.216.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:22:20:8c:a1:89:2e:88:e6:ca:e2:75:7c:da:33:d8:d0:c0:
         05:18:8f:b0:c2:1e:60:82:18:fd:78:03:9b:65:31:14:52:1a:
         f7:02:ee:21:96:f5:d3:88:15:12:a2:a9:b7:41:85:65:3d:88:
         09:89:d7:72:2b:5e:f0:3b:16:34:98:3d:72:0d:34:f2:93:5e:
         7b:6b:bb:e7:91:86:25:5b:66:3f:89:5d:4f:37:e7:4b:03:41:
         0e:ca:da:28:db:f2:9a:01:95:cd:56:45:8b:c5:3a:a5:2e:e9:
         65:b0:b1:f8:38:61:1f:77:5b:91:be:12:99:98:2b:42:a6:dc:
         7b:b6:b4:c2:f4:37:c2:b1:98:16:63:42:a9:30:fd:95:5f:d7:
         96:f4:2f:b6:a2:dc:51:ff:f6:4f:0d:9c:01:d4:8f:66:8f:38:
         c6:67:ac:6b:6d:19:9a:be:13:10:ef:7a:b1:fb:2e:71:cc:23:
         56:ae:a5:c7:ab:3b:d6:20:00:a9:79:9e:1a:94:55:4d:a7:bd:
         02:fe:32:f2:2d:76:f3:eb:1e:eb:09:e1:44:58:1b:ea:2c:26:
         b2:da:9b:27:03:a6:3d:05:7e:55:91:d5:8a:86:02:b1:f0:35:
         d0:12:32:33:1e:60:14:e4:89:07:3d:5c:9d:6a:d8:a3:50:27:
         e4:35:52:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs2t+AbcSGROmYDqu0zmLD5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMDE2MDQyMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWI1YzU4MGE1YTY0ZDRhZWVlMjEwODczN2JlMGVjNTM2YWNiNmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdpLmKAoRXHQspyENR1JbybFOoK2
U/iaOQVkDLjbJlrME/jGvqrWsXDmbIgEIhfP7u7LXGhAvrjzREzJ4mY8UxPmt5qK
bK9z0A/Gn6pEe3GAz7wBUkowAatxI7er2KQn7lP6KEbrg2b4gj8z+20R0cANnTUE
u3vU0JZm/a5r/LuWHmffpAn12SMprJP+qc9cP59Ij9wsf70H77ov9oGWB63axo9q
xW+3+hloyhIEQK1aEq7DH2z+WsIAyhPO1j/oIzPGUeZv3htT3VgppWSuLfaCa681
pmCaeHqcebc3n3LqQSUMjeIJDMfdqRPioPdyABvSIV4tnF2JcpE2pbHPmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIm1xYClpk1K7uIQhze+DsU2rLbaMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvaWJYRmdLV21UVXJ1NGhDSE43NE94VGFzdHRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNgCMA0G
CSqGSIb3DQEBCwUAA4IBAQArIiCMoYkuiObK4nV82jPY0MAFGI+wwh5gghj9eAOb
ZTEUUhr3Au4hlvXTiBUSoqm3QYVlPYgJiddyK17wOxY0mD1yDTTyk157a7vnkYYl
W2Y/iV1PN+dLA0EOytoo2/KaAZXNVkWLxTqlLullsLH4OGEfd1uRvhKZmCtCptx7
trTC9DfCsZgWY0KpMP2VX9eW9C+2otxR//ZPDZwB1I9mjzjGZ6xrbRmavhMQ73qx
+y5xzCNWrqXHqzvWIACpeZ4alFVNp70C/jLyLXbz6x7rCeFEWBvqLCay2psnA6Y9
BX5VkdWKhgKx8DXQEjIzHmAU5IkHPVydatijUCfkNVKi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:30 2024 by rpki-client on console-ams.rpki-client.org