Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ic49XQM8eRcw_o6isUxyyDpuOME.roa
File:                     ic49XQM8eRcw_o6isUxyyDpuOME.roa (raw, json)
Hash identifier:          NFKIINRqTY1ic7XA30ej8g+MyVqdWMpaDEY+Rl9E/C8=
Subject key identifier:   89:CE:3D:5D:03:3C:79:17:30:FE:8E:A2:B1:4C:72:C8:3A:6E:38:C1
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0186A2A956370874AC2A5E3ACA053D585331
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ic49XQM8eRcw_o6isUxyyDpuOME.roa
Signing time:             Thu 02 Mar 2023 14:10:51 +0000
ROA not before:           Thu 02 Mar 2023 14:10:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     139660
IP address blocks:        88.216.1.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 Mar 2023 05:18:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:a2:a9:56:37:08:74:ac:2a:5e:3a:ca:05:3d:58:53:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Mar  2 14:10:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=89ce3d5d033c791730fe8ea2b14c72c83a6e38c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:d0:b8:c0:b0:99:80:0e:17:60:b3:87:42:84:
                    e1:aa:92:f4:d0:a2:e1:18:c9:d8:d5:ae:b1:e3:40:
                    50:51:52:26:14:6a:ca:49:4e:7b:5e:cf:81:8f:2c:
                    69:52:d4:80:8a:7e:d0:bf:56:8e:90:32:e4:a4:3f:
                    26:fa:1e:72:ec:1e:1f:09:d0:98:9e:38:14:e1:d8:
                    84:f6:da:37:c8:2b:c3:10:a4:af:97:73:dd:01:5d:
                    f6:31:81:bd:17:5b:bf:f2:8a:f1:bd:54:40:db:2b:
                    94:af:ac:30:da:f3:95:aa:08:aa:11:4e:9d:ba:03:
                    91:26:13:a9:64:d9:08:20:be:75:2e:de:03:c6:90:
                    f5:c0:c3:a6:60:1f:2d:c0:3e:45:76:d4:8b:d4:e1:
                    2c:12:96:5f:c2:d9:7f:34:12:0d:d0:86:24:db:c7:
                    51:00:12:89:5a:6c:98:ea:04:0a:a9:8b:53:d2:78:
                    99:5c:5c:34:94:24:6c:fc:75:4c:e3:2e:bf:27:e5:
                    fa:91:f7:32:2a:4e:07:b7:80:ce:41:45:ac:c8:73:
                    98:35:88:f3:0d:80:16:a8:63:18:18:53:ec:a4:78:
                    08:78:50:4a:95:46:07:dc:e6:91:da:2f:ef:a7:63:
                    07:b9:e2:bf:f9:04:66:57:99:68:c9:91:b4:91:45:
                    5f:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:CE:3D:5D:03:3C:79:17:30:FE:8E:A2:B1:4C:72:C8:3A:6E:38:C1
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ic49XQM8eRcw_o6isUxyyDpuOME.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.216.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:db:f4:80:42:e5:f8:3d:11:9c:27:bd:0d:ff:7a:28:2d:3c:
         e2:23:6d:72:c7:d2:35:35:29:9e:54:07:38:ec:29:fe:4e:cd:
         8d:a4:77:50:4c:a1:fd:9e:9d:d7:3c:c9:f6:a7:e1:b0:42:e8:
         72:49:ed:c4:eb:47:11:97:cc:21:79:65:1f:e1:e0:a2:d3:b6:
         33:df:6d:cc:a4:00:16:34:b3:f9:3d:ef:43:2e:4d:9e:bf:c4:
         ec:3b:a3:b1:15:8d:ff:73:47:6e:9b:13:21:c2:ad:54:51:06:
         a4:a4:da:df:e8:7a:21:8b:65:53:15:a0:5d:17:44:1a:58:87:
         ce:46:dc:b7:ee:c7:d4:58:6a:49:02:0f:52:d3:a6:42:f3:ae:
         15:d6:6f:28:3a:63:d0:56:44:30:1f:39:64:22:6b:2a:a0:a7:
         6a:e5:e6:d6:0b:76:92:0a:a0:d1:78:9c:4f:7a:61:cc:f1:09:
         2e:da:0c:49:ec:55:41:cc:a0:ec:a1:38:d5:a0:f5:3a:33:80:
         06:08:5d:f3:ee:23:d8:2e:ff:fb:25:3f:20:24:d0:77:42:2c:
         ce:26:5c:13:35:4c:99:b2:59:65:63:fb:af:6d:b1:6d:71:7b:
         83:32:35:f4:c9:30:3d:2c:04:cb:63:04:59:85:3f:97:ed:e7:
         ca:98:98:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaiqVY3CHSsKl46ygU9WFMxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMzAyMTQxMDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWNlM2Q1ZDAzM2M3OTE3MzBmZThlYTJiMTRjNzJjODNhNmUzOGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtC4wLCZgA4XYLOHQoThqpL00KLh
GMnY1a6x40BQUVImFGrKSU57Xs+BjyxpUtSAin7Qv1aOkDLkpD8m+h5y7B4fCdCY
njgU4diE9to3yCvDEKSvl3PdAV32MYG9F1u/8orxvVRA2yuUr6ww2vOVqgiqEU6d
ugORJhOpZNkIIL51Lt4DxpD1wMOmYB8twD5FdtSL1OEsEpZfwtl/NBIN0IYk28dR
ABKJWmyY6gQKqYtT0niZXFw0lCRs/HVM4y6/J+X6kfcyKk4Ht4DOQUWsyHOYNYjz
DYAWqGMYGFPspHgIeFBKlUYH3OaR2i/vp2MHueK/+QRmV5loyZG0kUVffQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFInOPV0DPHkXMP6OorFMcsg6bjjBMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvaWM0OVhRTThlUmN3X282aXNVeHl5RHB1T01FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNgBMA0G
CSqGSIb3DQEBCwUAA4IBAQBD2/SAQuX4PRGcJ70N/3ooLTziI21yx9I1NSmeVAc4
7Cn+Ts2NpHdQTKH9np3XPMn2p+GwQuhySe3E60cRl8wheWUf4eCi07Yz323MpAAW
NLP5Pe9DLk2ev8TsO6OxFY3/c0dumxMhwq1UUQakpNrf6Hohi2VTFaBdF0QaWIfO
Rty37sfUWGpJAg9S06ZC864V1m8oOmPQVkQwHzlkImsqoKdq5ebWC3aSCqDReJxP
emHM8Qku2gxJ7FVBzKDsoTjVoPU6M4AGCF3z7iPYLv/7JT8gJNB3QizOJlwTNUyZ
slllY/uvbbFtcXuDMjX0yTA9LATLYwRZhT+X7efKmJit
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:34 2024 by rpki-client on console-fra.rpki-client.org