Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vHcbKDqXs8SKJJndY-T_K-oBrQo.roa
File:                     vHcbKDqXs8SKJJndY-T_K-oBrQo.roa (raw, json)
Hash identifier:          L9crDbb4ZSX34hJtiwhI8Xct3oXQbKivwxifs/P2Ges=
Subject key identifier:   BC:77:1B:28:3A:97:B3:C4:8A:24:99:DD:63:E4:FF:2B:EA:01:AD:0A
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       01867E530CECB51522C7385BACF4CEEA1B47
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vHcbKDqXs8SKJJndY-T_K-oBrQo.roa
Signing time:             Thu 23 Feb 2023 12:50:17 +0000
ROA not before:           Thu 23 Feb 2023 12:50:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        88.216.186.0/24 maxlen: 24
                          88.216.190.0/24 maxlen: 24
                          88.216.189.0/24 maxlen: 24
                          88.216.199.0/24 maxlen: 24
                          84.32.214.0/23 maxlen: 24
                          84.32.221.0/24 maxlen: 24
                          84.32.222.0/24 maxlen: 24
                          84.32.229.0/24 maxlen: 24
                          84.32.232.0/24 maxlen: 24
                          88.216.128.0/24 maxlen: 24
                          88.216.132.0/24 maxlen: 24
                          84.32.239.0/24 maxlen: 24
                          84.32.240.0/24 maxlen: 24
                          88.216.134.0/24 maxlen: 24
                          88.216.133.0/24 maxlen: 24
                          84.32.242.0/24 maxlen: 24
                          84.32.243.0/24 maxlen: 24
                          84.32.245.0/24 maxlen: 24
                          84.32.252.0/23 maxlen: 24
                          88.216.215.0/24 maxlen: 24
                          88.216.220.0/24 maxlen: 24
                          84.32.71.0/24 maxlen: 24
                          84.32.76.0/24 maxlen: 24
                          84.32.77.0/24 maxlen: 24
                          84.32.79.0/24 maxlen: 24
                          84.32.88.0/24 maxlen: 24
                          84.32.8.0/24 maxlen: 24
                          84.32.10.0/24 maxlen: 24
                          84.32.24.0/22 maxlen: 24
                          84.32.24.0/24 maxlen: 24
                          84.32.30.0/24 maxlen: 24
                          84.32.32.0/24 maxlen: 24
                          84.32.46.0/24 maxlen: 24
                          84.32.179.0/24 maxlen: 24
                          88.216.93.0/24 maxlen: 24
                          88.216.92.0/24 maxlen: 24
                          84.32.212.0/24 maxlen: 24
                          88.216.3.0/24 maxlen: 24
                          88.216.17.0/24 maxlen: 24
                          88.216.21.0/24 maxlen: 24
                          88.216.32.0/24 maxlen: 24
                          84.32.150.0/24 maxlen: 24
                          84.32.151.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 24 Feb 2023 06:43:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:7e:53:0c:ec:b5:15:22:c7:38:5b:ac:f4:ce:ea:1b:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Feb 23 12:50:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bc771b283a97b3c48a2499dd63e4ff2bea01ad0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:29:82:6d:f2:ab:9d:44:ea:91:8b:cb:71:ca:
                    cd:21:8d:ca:74:57:84:53:56:ac:14:a7:52:22:b1:
                    51:21:5d:f3:42:d8:a9:6f:9c:ca:01:3a:4c:6a:26:
                    0f:78:1f:c5:24:b7:85:2c:91:2f:ea:b4:5f:8f:69:
                    96:1a:41:50:d4:ae:8c:5f:d2:78:fa:89:01:50:73:
                    6c:33:54:db:15:59:8d:72:51:8e:87:26:0d:95:e6:
                    56:f6:a3:d6:27:d0:94:34:99:42:8e:51:27:ac:f0:
                    3c:a1:d2:4a:bb:e0:71:3c:8e:2b:c6:d3:4a:79:23:
                    d3:a0:ae:1a:c4:8f:e3:eb:78:10:a2:ce:a7:e3:ab:
                    5e:ba:77:06:fd:3c:70:98:f9:1a:4a:68:76:b7:d3:
                    ff:f4:af:4d:9e:1b:7b:1b:0f:8b:1e:bf:9d:d1:4a:
                    46:28:2f:fb:8d:d4:83:95:43:26:b5:f6:28:d3:ad:
                    bc:26:3a:a9:fc:48:bc:08:7c:73:fd:17:b7:2d:88:
                    f9:56:a2:3a:93:13:16:6e:07:14:44:34:db:fc:e0:
                    98:33:58:eb:87:99:f4:23:69:9d:62:6b:a4:07:54:
                    00:3f:d3:75:9f:2e:d4:1f:68:75:15:9a:11:68:bc:
                    41:7e:57:39:38:06:64:5b:85:9f:3d:30:80:34:c4:
                    a1:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:77:1B:28:3A:97:B3:C4:8A:24:99:DD:63:E4:FF:2B:EA:01:AD:0A
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vHcbKDqXs8SKJJndY-T_K-oBrQo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.8.0/24
                  84.32.10.0/24
                  84.32.24.0/22
                  84.32.30.0/24
                  84.32.32.0/24
                  84.32.46.0/24
                  84.32.71.0/24
                  84.32.76.0/23
                  84.32.79.0/24
                  84.32.88.0/24
                  84.32.150.0/23
                  84.32.179.0/24
                  84.32.212.0/24
                  84.32.214.0/23
                  84.32.221.0-84.32.222.255
                  84.32.229.0/24
                  84.32.232.0/24
                  84.32.239.0-84.32.240.255
                  84.32.242.0/23
                  84.32.245.0/24
                  84.32.252.0/23
                  88.216.3.0/24
                  88.216.17.0/24
                  88.216.21.0/24
                  88.216.32.0/24
                  88.216.92.0/23
                  88.216.128.0/24
                  88.216.132.0-88.216.134.255
                  88.216.186.0/24
                  88.216.189.0-88.216.190.255
                  88.216.199.0/24
                  88.216.215.0/24
                  88.216.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:43:bb:dc:cf:b0:1c:0b:83:bd:d8:69:30:76:db:6e:41:c7:
         7f:ff:6c:df:22:27:8d:7c:2b:f8:09:1a:dd:96:da:68:e5:64:
         81:85:7d:9b:a4:c1:96:1c:13:a1:5b:c9:f2:cd:e1:9b:0f:4a:
         d5:71:84:da:24:8a:f0:b9:5c:ae:1f:4c:c8:00:14:10:55:21:
         ba:52:58:bc:75:8e:41:6e:6d:07:48:26:8c:79:13:f2:1c:d6:
         53:ed:5f:c3:1f:79:08:89:60:e2:d9:19:f3:b7:01:ee:38:87:
         15:69:7f:c9:5f:74:68:e8:57:b8:10:fe:be:96:c9:73:8c:62:
         4b:bd:31:02:eb:43:7f:4d:60:fe:88:45:27:cc:ba:8a:0e:0b:
         81:75:e7:9a:bb:9e:3a:75:5a:48:a9:20:57:c1:b9:c7:ab:5b:
         5c:de:53:73:60:be:bc:91:b2:af:c6:3a:4a:8d:66:ff:90:d2:
         0d:ed:86:a3:db:f0:41:12:f7:93:69:3b:d8:1c:36:99:17:09:
         e6:38:3b:f2:a5:4a:6e:74:59:28:11:6d:dd:29:29:c3:b0:5a:
         0b:ef:50:b1:31:f1:c7:45:c1:5b:9c:33:21:00:c2:6d:fb:56:
         38:06:d7:2d:12:42:4a:cc:6e:4e:c3:5e:3f:d7:77:9f:81:df:
         06:c6:cc:b3
-----BEGIN CERTIFICATE-----
MIIF4zCCBMugAwIBAgISAYZ+UwzstRUixzhbrPTO6htHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjIzMTI1MDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzc3MWIyODNhOTdiM2M0OGEyNDk5ZGQ2M2U0ZmYyYmVhMDFhZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5CmCbfKrnUTqkYvLccrNIY3KdFeE
U1asFKdSIrFRIV3zQtipb5zKATpMaiYPeB/FJLeFLJEv6rRfj2mWGkFQ1K6MX9J4
+okBUHNsM1TbFVmNclGOhyYNleZW9qPWJ9CUNJlCjlEnrPA8odJKu+BxPI4rxtNK
eSPToK4axI/j63gQos6n46teuncG/TxwmPkaSmh2t9P/9K9Nnht7Gw+LHr+d0UpG
KC/7jdSDlUMmtfYo0628Jjqp/Ei8CHxz/Re3LYj5VqI6kxMWbgcURDTb/OCYM1jr
h5n0I2mdYmukB1QAP9N1ny7UH2h1FZoRaLxBflc5OAZkW4WfPTCANMShhQIDAQAB
o4IC7zCCAuswHQYDVR0OBBYEFLx3Gyg6l7PEiiSZ3WPk/yvqAa0KMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdkhjYktEcVhzOFNLSkpuZFktVF9LLW9CclFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAwYIKwYBBQUHAQcBAf8EgfMwgfAwge0EAgABMIHmAwQA
VCAIAwQAVCAKAwQCVCAYAwQAVCAeAwQAVCAgAwQAVCAuAwQAVCBHAwQBVCBMAwQA
VCBPAwQAVCBYAwQBVCCWAwQAVCCzAwQAVCDUAwQBVCDWMAwDBABUIN0DBABUIN4D
BABUIOUDBABUIOgwDAMEAFQg7wMEAFQg8AMEAVQg8gMEAFQg9QMEAVQg/AMEAFjY
AwMEAFjYEQMEAFjYFQMEAFjYIAMEAVjYXAMEAFjYgDAMAwQCWNiEAwQAWNiGAwQA
WNi6MAwDBABY2L0DBABY2L4DBABY2McDBABY2NcDBABY2NwwDQYJKoZIhvcNAQEL
BQADggEBAIpDu9zPsBwLg73YaTB2225Bx3//bN8iJ418K/gJGt2W2mjlZIGFfZuk
wZYcE6FbyfLN4ZsPStVxhNokivC5XK4fTMgAFBBVIbpSWLx1jkFubQdIJox5E/Ic
1lPtX8MfeQiJYOLZGfO3Ae44hxVpf8lfdGjoV7gQ/r6WyXOMYku9MQLrQ39NYP6I
RSfMuooOC4F155q7njp1WkipIFfBucerW1zeU3NgvryRsq/GOkqNZv+Q0g3thqPb
8EES95NpO9gcNpkXCeY4O/KlSm50WSgRbd0pKcOwWgvvULEx8cdFwVucMyEAwm37
VjgG1y0SQkrMbk7DXj/Xd5+B3wbGzLM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org