Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/nF19qEWHxRLkuHePSNMzWzRujv0.roa
File:                     nF19qEWHxRLkuHePSNMzWzRujv0.roa (raw, json)
Hash identifier:          XKVI1vk7a+7Kjq2QjRC/bhH1601PEN4ZnTJiNT4BAV0=
Subject key identifier:   9C:5D:7D:A8:45:87:C5:12:E4:B8:77:8F:48:D3:33:5B:34:6E:8E:FD
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0186703F8F60FF6C53EBFBA7F296D1DC8100
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/nF19qEWHxRLkuHePSNMzWzRujv0.roa
Signing time:             Mon 20 Feb 2023 19:14:18 +0000
ROA not before:           Mon 20 Feb 2023 19:14:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     64267
IP address blocks:        88.216.213.0/24 maxlen: 24
                          88.216.20.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 25 Apr 2023 20:51:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:70:3f:8f:60:ff:6c:53:eb:fb:a7:f2:96:d1:dc:81:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Feb 20 19:14:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9c5d7da84587c512e4b8778f48d3335b346e8efd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:2e:df:a7:8d:b6:57:c5:ff:71:4d:fc:16:57:
                    79:94:78:1a:ac:9e:7a:ce:48:74:46:27:a1:35:aa:
                    3d:8d:14:b1:2a:19:0e:c8:53:e4:4d:00:cb:e4:6d:
                    e0:00:5a:89:14:48:8f:13:76:cf:16:cf:f9:fe:25:
                    a5:e9:3b:d9:ef:1a:63:d9:6d:9f:68:a3:f1:98:b5:
                    2d:c8:ab:20:00:f0:0f:e9:e0:8b:0e:84:ed:d9:38:
                    90:91:21:9d:95:17:06:8a:61:15:af:5d:23:9a:2f:
                    f3:9d:ab:eb:d8:92:0f:8d:d2:35:23:8e:eb:54:e5:
                    36:71:ac:5d:ea:81:dc:cd:69:9f:a2:6e:b0:c4:c4:
                    81:a2:04:71:46:34:c1:1e:f9:13:6d:92:02:c0:63:
                    03:e0:79:2a:b0:31:1f:00:f0:dd:95:3a:fd:c9:aa:
                    1e:54:15:49:2d:5c:3c:89:3a:87:e6:23:66:49:fd:
                    6e:5d:75:cf:85:26:52:c4:41:11:ed:63:ad:36:20:
                    02:5d:b7:24:b2:d5:c2:63:52:5c:e9:95:08:f2:df:
                    98:5f:b5:bf:f0:f4:e7:73:aa:a6:d3:60:94:98:7f:
                    c2:7c:02:b8:99:52:8a:0b:76:a1:0d:b3:d1:85:7a:
                    9d:ea:40:72:44:93:c6:4b:f2:28:5d:e0:36:d9:66:
                    4c:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:5D:7D:A8:45:87:C5:12:E4:B8:77:8F:48:D3:33:5B:34:6E:8E:FD
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/nF19qEWHxRLkuHePSNMzWzRujv0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.216.20.0/24
                  88.216.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:ed:9d:a9:34:66:d2:84:f6:d9:23:11:97:db:06:ee:e9:f9:
         be:30:89:ad:5c:2d:c7:84:73:ff:e4:eb:2d:89:be:3d:fc:7f:
         bc:ac:3b:ee:b3:28:36:07:0a:c8:81:7d:11:2b:e8:ea:5f:08:
         4b:26:4c:fc:2c:df:84:f7:eb:64:40:5a:54:43:5f:3b:8e:cb:
         9e:c3:ba:e3:f7:36:4a:ba:3b:0e:94:71:c4:65:9e:47:ca:a0:
         c4:c9:81:b3:d7:17:64:bb:a4:7d:f5:64:04:da:79:07:d6:fb:
         d9:90:68:72:91:b3:18:12:92:98:79:d9:9e:00:ab:e0:76:20:
         94:e9:05:e7:41:da:2b:6b:2b:26:b6:07:73:26:b4:d9:5e:49:
         2d:25:99:cb:da:db:8f:3a:95:3b:71:83:e1:6e:60:5f:88:b2:
         4f:d5:22:a2:7d:fe:27:df:37:fa:e7:f0:e3:8a:83:38:31:b1:
         cd:31:fc:0f:47:20:d0:ed:22:54:88:cc:f6:c3:ba:71:36:4e:
         52:5f:2c:08:77:2b:e0:e3:b1:83:87:7d:82:82:27:c9:ed:87:
         7c:99:90:d0:da:71:83:e9:ee:c3:2a:09:8f:f5:75:72:2d:f6:
         24:c5:1f:fb:f4:7a:6f:50:f0:9b:e2:b5:f7:d5:96:b8:b0:54:
         6d:28:7d:34
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZwP49g/2xT6/un8pbR3IEAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjIwMTkxNDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzVkN2RhODQ1ODdjNTEyZTRiODc3OGY0OGQzMzM1YjM0NmU4ZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyi7fp422V8X/cU38Fld5lHgarJ56
zkh0RiehNao9jRSxKhkOyFPkTQDL5G3gAFqJFEiPE3bPFs/5/iWl6TvZ7xpj2W2f
aKPxmLUtyKsgAPAP6eCLDoTt2TiQkSGdlRcGimEVr10jmi/znavr2JIPjdI1I47r
VOU2caxd6oHczWmfom6wxMSBogRxRjTBHvkTbZICwGMD4HkqsDEfAPDdlTr9yaoe
VBVJLVw8iTqH5iNmSf1uXXXPhSZSxEER7WOtNiACXbckstXCY1Jc6ZUI8t+YX7W/
8PTnc6qm02CUmH/CfAK4mVKKC3ahDbPRhXqd6kByRJPGS/IoXeA22WZMowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJxdfahFh8US5Lh3j0jTM1s0bo79MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbkYxOXFFV0h4UkxrdUhlUFNOTXpXelJ1anYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNgUAwQA
WNjVMA0GCSqGSIb3DQEBCwUAA4IBAQBn7Z2pNGbShPbZIxGX2wbu6fm+MImtXC3H
hHP/5Ostib49/H+8rDvusyg2BwrIgX0RK+jqXwhLJkz8LN+E9+tkQFpUQ187jsue
w7rj9zZKujsOlHHEZZ5HyqDEyYGz1xdku6R99WQE2nkH1vvZkGhykbMYEpKYedme
AKvgdiCU6QXnQdoraysmtgdzJrTZXkktJZnL2tuPOpU7cYPhbmBfiLJP1SKiff4n
3zf65/DjioM4MbHNMfwPRyDQ7SJUiMz2w7pxNk5SXywIdyvg47GDh32CgifJ7Yd8
mZDQ2nGD6e7DKgmP9XVyLfYkxR/79HpvUPCb4rX31Za4sFRtKH00
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:35 2024 by rpki-client on console-fra.rpki-client.org