Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/puaYovXjA382tVY0s6FcYuUI0ws.roa
File:                     puaYovXjA382tVY0s6FcYuUI0ws.roa (raw, json)
Hash identifier:          GwYRIeiV9J66L0SmNIxz4HNJ03XLNWHiJrpv3ZZI5to=
Subject key identifier:   A6:E6:98:A2:F5:E3:03:7F:36:B5:56:34:B3:A1:5C:62:E5:08:D3:0B
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0189AFA140EBBF390F6539099FB0808F0DD2
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/puaYovXjA382tVY0s6FcYuUI0ws.roa
Signing time:             Tue 01 Aug 2023 05:45:27 +0000
ROA not before:           Tue 01 Aug 2023 05:45:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209260
IP address blocks:        88.216.198.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 04 Sep 2023 18:06:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:af:a1:40:eb:bf:39:0f:65:39:09:9f:b0:80:8f:0d:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Aug  1 05:45:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a6e698a2f5e3037f36b55634b3a15c62e508d30b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:e9:ed:9f:72:6b:99:79:f0:57:b0:23:95:46:
                    00:e5:18:a9:ad:7b:00:9e:44:f7:c0:cb:92:dd:15:
                    58:1c:d9:06:27:ce:02:77:93:6a:b2:3a:24:1c:c0:
                    cc:24:10:56:ff:2e:8c:97:59:08:8a:64:22:6b:ae:
                    91:d8:d9:9e:e8:2d:e3:d5:ec:47:3c:5f:e6:78:e4:
                    00:65:e8:6d:cd:f5:be:79:c0:b7:a5:d3:13:76:9c:
                    4f:46:75:5d:f8:77:32:ce:82:4f:93:c8:e0:6a:b2:
                    ab:f3:dd:65:77:bb:ad:95:4d:14:d0:29:fc:36:5c:
                    e1:41:84:51:7c:e3:40:20:e6:2d:89:59:7c:b2:b9:
                    a4:db:26:8c:77:7b:e0:db:de:54:e3:ae:c3:f4:9f:
                    c8:a9:8a:69:d8:2e:a0:ed:09:b4:21:6c:ea:03:10:
                    87:11:ab:9a:7f:06:39:a6:13:70:e9:d1:d7:05:31:
                    d4:17:45:36:ba:a5:4d:03:97:4d:e7:26:d6:c0:27:
                    75:82:ae:10:1a:d8:03:c1:af:13:63:ea:23:0a:bb:
                    e2:0c:72:44:35:fa:51:3a:85:5b:87:27:f0:a4:47:
                    a8:20:09:c5:57:d2:39:b1:54:aa:9d:4c:63:e9:1b:
                    ad:4c:e2:98:a5:57:5a:f5:fa:e4:05:b7:e4:b8:1e:
                    b5:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:E6:98:A2:F5:E3:03:7F:36:B5:56:34:B3:A1:5C:62:E5:08:D3:0B
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/puaYovXjA382tVY0s6FcYuUI0ws.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.216.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:0a:43:f9:03:93:96:02:c7:b8:0b:e4:9f:a9:b9:10:5e:45:
         7e:d5:78:88:29:e0:6c:4a:1a:e6:eb:8e:40:1e:df:2f:bf:55:
         0d:33:46:14:1f:0a:68:9c:ce:9c:69:27:8f:01:3a:58:35:4e:
         ed:a6:70:45:2c:5b:66:9d:a5:55:a1:67:00:db:82:a6:17:62:
         b6:14:c0:bb:8f:74:5f:14:e6:b3:81:2e:a7:7d:0d:a5:7e:65:
         d4:06:da:d5:e3:05:7c:c4:f4:d0:b7:0b:6d:5f:c4:54:27:5e:
         fb:77:53:49:cb:65:86:11:cd:1d:01:48:58:58:e0:e6:b5:c1:
         65:96:53:a6:49:d8:f9:5a:f5:79:08:c5:c8:a3:33:f3:61:db:
         12:47:70:77:2e:6e:05:09:ce:8c:96:45:14:d1:72:bc:3c:e9:
         e2:95:5c:79:87:f5:dc:d8:18:f3:0d:64:9b:dc:7f:59:52:17:
         0c:9b:a3:96:0f:1c:2d:64:78:8d:8f:7a:bc:16:9b:a2:c0:52:
         af:10:f1:11:f7:c6:f8:8c:83:a0:e1:97:4f:cd:92:90:f3:16:
         b5:90:52:05:73:e9:f7:70:28:9e:8d:22:d6:e1:e4:65:75:c0:
         f2:57:fc:a5:c1:af:e0:d7:af:51:9a:8c:aa:fb:c4:73:6f:35:
         96:e5:f4:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmvoUDrvzkPZTkJn7CAjw3SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwODAxMDU0NTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmU2OThhMmY1ZTMwMzdmMzZiNTU2MzRiM2ExNWM2MmU1MDhkMzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAventn3JrmXnwV7AjlUYA5RiprXsA
nkT3wMuS3RVYHNkGJ84Cd5NqsjokHMDMJBBW/y6Ml1kIimQia66R2Nme6C3j1exH
PF/meOQAZehtzfW+ecC3pdMTdpxPRnVd+HcyzoJPk8jgarKr891ld7utlU0U0Cn8
NlzhQYRRfONAIOYtiVl8srmk2yaMd3vg295U467D9J/IqYpp2C6g7Qm0IWzqAxCH
EauafwY5phNw6dHXBTHUF0U2uqVNA5dN5ybWwCd1gq4QGtgDwa8TY+ojCrviDHJE
NfpROoVbhyfwpEeoIAnFV9I5sVSqnUxj6RutTOKYpVda9frkBbfkuB61hwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKbmmKL14wN/NrVWNLOhXGLlCNMLMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvcHVhWW92WGpBMzgydFZZMHM2RmNZdVVJMHdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNjGMA0G
CSqGSIb3DQEBCwUAA4IBAQBXCkP5A5OWAse4C+SfqbkQXkV+1XiIKeBsShrm645A
Ht8vv1UNM0YUHwponM6caSePATpYNU7tpnBFLFtmnaVVoWcA24KmF2K2FMC7j3Rf
FOazgS6nfQ2lfmXUBtrV4wV8xPTQtwttX8RUJ177d1NJy2WGEc0dAUhYWODmtcFl
llOmSdj5WvV5CMXIozPzYdsSR3B3Lm4FCc6MlkUU0XK8POnilVx5h/Xc2BjzDWSb
3H9ZUhcMm6OWDxwtZHiNj3q8FpuiwFKvEPER98b4jIOg4ZdPzZKQ8xa1kFIFc+n3
cCiejSLW4eRldcDyV/ylwa/g169Rmoyq+8RzbzWW5fTG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:31 2024 by rpki-client on console-ams.rpki-client.org