Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lEeyU1hKYjb1_covz_sIe0jYnGE.roa
File:                     lEeyU1hKYjb1_covz_sIe0jYnGE.roa (raw, json)
Hash identifier:          s4RKJa4JZLljyGwnILbp5kj47Ga2SAMH+HBcLavWuX4=
Subject key identifier:   94:47:B2:53:58:4A:62:36:F5:FD:CA:2F:CF:FB:08:7B:48:D8:9C:61
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0189180E4EE6344B861CB538567321BF6445
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lEeyU1hKYjb1_covz_sIe0jYnGE.roa
Signing time:             Sun 02 Jul 2023 19:22:18 +0000
ROA not before:           Sun 02 Jul 2023 19:22:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62068
IP address blocks:        84.32.177.0/24 maxlen: 24
                          84.32.9.0/24 maxlen: 24
                          84.32.48.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 12 Jul 2023 18:12:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:18:0e:4e:e6:34:4b:86:1c:b5:38:56:73:21:bf:64:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Jul  2 19:22:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9447b253584a6236f5fdca2fcffb087b48d89c61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:12:95:55:d2:7d:60:9e:21:41:c5:99:a7:72:
                    84:27:fe:aa:bd:8f:8c:20:e3:a1:b1:a3:2b:ee:96:
                    eb:31:f3:20:6c:ad:a0:81:e6:0b:98:c2:5d:a8:e7:
                    96:51:f0:78:b2:b5:a2:b6:c6:cd:bd:4f:78:3b:3d:
                    2d:84:2e:62:09:cd:bf:db:ec:92:b4:30:64:03:b5:
                    f1:37:64:1e:dd:d1:25:b6:1d:c1:85:61:4d:07:fb:
                    81:25:fb:50:f5:4e:4f:15:b6:18:1d:d0:89:97:bc:
                    74:83:ea:16:1f:28:f2:69:50:0b:0b:66:23:94:40:
                    c4:df:84:46:ff:87:0b:5a:ba:a5:33:d7:fb:05:4d:
                    91:ed:46:3e:a7:43:e6:43:11:ed:65:f7:90:78:72:
                    7a:cf:c9:a5:14:d2:5a:61:58:31:9b:f8:a7:8d:e1:
                    b5:db:fd:bd:d3:82:66:f1:4d:89:82:15:67:ef:e2:
                    f8:7c:67:c6:16:2f:99:3b:02:0e:4a:19:dd:6f:73:
                    7a:fc:00:65:5f:70:d4:34:fc:35:b3:f4:af:f5:7c:
                    7e:9c:3d:07:01:3b:dc:c8:29:2d:b0:60:87:6b:c4:
                    07:8c:8e:2a:1b:b9:84:e1:c6:1f:e3:8f:df:01:81:
                    d5:69:2c:17:e1:0f:08:a5:bc:8b:0f:92:50:a9:a5:
                    72:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:47:B2:53:58:4A:62:36:F5:FD:CA:2F:CF:FB:08:7B:48:D8:9C:61
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lEeyU1hKYjb1_covz_sIe0jYnGE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.9.0/24
                  84.32.48.0/24
                  84.32.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:59:6c:8c:65:a9:d4:b4:26:9d:7e:3b:2a:31:48:ab:52:41:
         e2:af:01:10:54:38:e6:c0:00:63:f5:a8:35:a1:fc:c7:be:f9:
         27:e6:14:c9:63:c1:d7:b8:66:b3:22:fd:2f:a0:f7:fe:b4:6b:
         6b:a1:da:85:54:35:3d:29:c0:a4:4c:0f:79:f3:65:e5:a8:f7:
         cb:89:db:2c:3d:e3:42:4c:bc:c2:67:74:f9:70:4e:46:44:c8:
         a0:b3:26:6b:90:60:b0:4e:aa:70:23:94:21:47:97:2c:34:e2:
         d1:09:34:5c:d4:3f:41:9d:40:1e:e4:b5:33:e0:af:17:9c:e6:
         29:df:6e:c6:1c:fd:96:f6:14:1a:e2:f2:99:ea:9f:42:ad:f0:
         9d:7a:55:af:c7:e4:45:c8:6b:e0:c2:71:32:14:ab:ad:d0:57:
         a4:57:f4:eb:71:e2:2d:f2:9e:72:15:c6:cb:a6:73:e3:18:82:
         e1:39:6e:b9:eb:78:9d:91:5b:e2:74:bc:12:7b:e3:0d:42:85:
         d0:e3:29:b0:22:e6:a2:81:31:6b:cc:0b:b5:f9:04:d2:92:34:
         23:8b:60:da:f2:1c:c2:52:2e:41:82:be:d9:b5:c3:c8:2f:bb:
         5a:88:2c:ae:fb:4d:0e:bb:44:36:4f:5a:69:c8:96:d6:d9:f8:
         f7:55:b4:af
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYkYDk7mNEuGHLU4VnMhv2RFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNzAyMTkyMjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDQ3YjI1MzU4NGE2MjM2ZjVmZGNhMmZjZmZiMDg3YjQ4ZDg5YzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBKVVdJ9YJ4hQcWZp3KEJ/6qvY+M
IOOhsaMr7pbrMfMgbK2ggeYLmMJdqOeWUfB4srWitsbNvU94Oz0thC5iCc2/2+yS
tDBkA7XxN2Qe3dElth3BhWFNB/uBJftQ9U5PFbYYHdCJl7x0g+oWHyjyaVALC2Yj
lEDE34RG/4cLWrqlM9f7BU2R7UY+p0PmQxHtZfeQeHJ6z8mlFNJaYVgxm/injeG1
2/2904Jm8U2JghVn7+L4fGfGFi+ZOwIOShndb3N6/ABlX3DUNPw1s/Sv9Xx+nD0H
ATvcyCktsGCHa8QHjI4qG7mE4cYf44/fAYHVaSwX4Q8IpbyLD5JQqaVylQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJRHslNYSmI29f3KL8/7CHtI2JxhMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbEVleVUxaEtZamIxX2Nvdnpfc0llMGpZbkdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCAJAwQA
VCAwAwQAVCCxMA0GCSqGSIb3DQEBCwUAA4IBAQBUWWyMZanUtCadfjsqMUirUkHi
rwEQVDjmwABj9ag1ofzHvvkn5hTJY8HXuGazIv0voPf+tGtrodqFVDU9KcCkTA95
82XlqPfLidssPeNCTLzCZ3T5cE5GRMigsyZrkGCwTqpwI5QhR5csNOLRCTRc1D9B
nUAe5LUz4K8XnOYp327GHP2W9hQa4vKZ6p9CrfCdelWvx+RFyGvgwnEyFKut0Fek
V/TrceIt8p5yFcbLpnPjGILhOW6563idkVvidLwSe+MNQoXQ4ymwIuaigTFrzAu1
+QTSkjQji2Da8hzCUi5Bgr7ZtcPIL7taiCyu+00Ou0Q2T1ppyJbW2fj3VbSv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:31 2024 by rpki-client on console-ams.rpki-client.org