Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/fKh8e8rjH3J6twsFgnqU2zuTKE8.roa
File:                     fKh8e8rjH3J6twsFgnqU2zuTKE8.roa (raw, json)
Hash identifier:          sKvNpXv3Lm9bgKiD2N2iKl7LfosJQ0UT4y+OgxFuryk=
Subject key identifier:   7C:A8:7C:7B:CA:E3:1F:72:7A:B7:0B:05:82:7A:94:DB:3B:93:28:4F
Certificate issuer:       /CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Certificate serial:       0190917BA7564768107AE88B6516AA27690A
Authority key identifier: F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/fKh8e8rjH3J6twsFgnqU2zuTKE8.roa
Signing time:             Mon 08 Jul 2024 08:35:18 +0000
ROA not before:           Mon 08 Jul 2024 08:35:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     12444
IP address blocks:        84.17.67.0/24 maxlen: 24
                          84.17.68.0/24 maxlen: 24
                          84.17.70.0/24 maxlen: 24
                          84.17.71.0/24 maxlen: 24
                          84.17.76.0/24 maxlen: 24
                          84.17.78.0/24 maxlen: 24
                          84.17.79.0/24 maxlen: 24
                          84.17.84.0/24 maxlen: 24
                          84.17.86.0/24 maxlen: 24
                          84.17.87.0/24 maxlen: 24
                          84.17.89.0/24 maxlen: 24
                          84.17.90.0/24 maxlen: 24
                          84.17.91.0/24 maxlen: 24
                          84.17.93.0/24 maxlen: 24
                          185.118.176.0/24 maxlen: 24
                          185.118.177.0/24 maxlen: 24
                          185.118.178.0/24 maxlen: 24
                          185.118.179.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 05 Aug 2024 08:36:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:91:7b:a7:56:47:68:10:7a:e8:8b:65:16:aa:27:69:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
        Validity
            Not Before: Jul  8 08:35:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7ca87c7bcae31f727ab70b05827a94db3b93284f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:b0:c9:01:f5:5e:36:6d:12:9a:16:f7:77:4d:
                    c5:6b:39:f1:bc:41:c6:60:a2:fb:e1:cf:20:f7:9c:
                    f2:0f:88:ba:d9:96:f0:21:30:05:0f:9f:35:a9:19:
                    51:6e:99:f3:a4:83:63:25:79:8a:98:2b:15:81:00:
                    73:e1:a5:d6:b1:ea:34:76:99:2c:51:ce:de:9c:a4:
                    ee:87:67:56:af:79:f2:21:16:93:94:88:07:93:ab:
                    c8:61:56:72:48:d0:90:a9:b4:48:f5:26:62:3c:c1:
                    75:c2:66:29:94:b0:b9:4d:7c:65:8c:ba:0f:6c:97:
                    97:c2:11:52:71:3e:12:9f:a8:7c:ec:03:96:8d:7e:
                    32:b3:55:19:dd:80:55:b4:c4:18:11:4d:09:80:ee:
                    dd:07:c9:3a:6e:66:3c:75:df:3b:40:f5:c8:e0:06:
                    76:b0:40:1e:88:0d:14:f3:d6:6d:e0:bd:51:1c:50:
                    16:09:23:14:22:f6:34:28:92:24:0c:62:b6:1e:5b:
                    c7:5c:9f:66:3b:8c:12:92:fb:00:f5:8e:16:9f:66:
                    7a:83:58:4d:4c:c5:5d:99:c9:15:f2:ad:ec:69:b6:
                    75:f3:02:98:9d:bd:89:cf:2d:fc:b8:b2:5d:c5:d3:
                    78:f4:ed:a7:43:78:84:54:13:f5:ae:35:09:96:34:
                    30:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:A8:7C:7B:CA:E3:1F:72:7A:B7:0B:05:82:7A:94:DB:3B:93:28:4F
            X509v3 Authority Key Identifier:
                keyid:F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/fKh8e8rjH3J6twsFgnqU2zuTKE8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.17.67.0-84.17.68.255
                  84.17.70.0/23
                  84.17.76.0/24
                  84.17.78.0/23
                  84.17.84.0/24
                  84.17.86.0/23
                  84.17.89.0-84.17.91.255
                  84.17.93.0/24
                  185.118.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6a:18:eb:98:4b:81:16:ab:1a:d4:0b:84:7f:ff:db:e5:1d:06:
         d9:06:d2:bc:9a:3d:35:04:be:21:aa:13:f5:87:46:c4:46:01:
         47:d5:5d:5c:f0:88:0b:e8:a4:a9:6e:3f:d3:34:f1:07:10:dc:
         96:b3:34:78:bf:98:23:b9:13:fa:00:3a:35:c8:36:f8:36:ee:
         58:6c:6d:b5:b3:fb:a0:05:99:6d:f4:df:3c:34:e3:3f:b5:f2:
         06:9f:6c:45:08:7b:00:10:d9:83:be:36:6a:8c:e7:da:a4:b7:
         9c:2a:42:ee:61:18:49:43:de:9b:3f:10:ee:7b:bc:7b:45:70:
         f0:eb:24:94:38:f3:0d:06:a8:34:48:01:b0:4e:f2:b8:58:c8:
         4d:bc:af:70:90:a1:15:bc:35:fc:ad:3b:56:2d:c2:88:f1:20:
         7c:e9:71:48:d0:19:e2:8f:7b:7b:2a:4e:57:70:98:2e:32:0f:
         3a:f7:76:09:ff:9c:54:33:98:2f:28:85:4a:fd:7e:e5:9e:84:
         14:33:06:04:c2:4b:d9:71:f2:43:79:ac:8f:32:31:03:40:89:
         f0:19:95:57:8b:d2:3f:fd:37:03:a4:3d:91:41:2d:9a:68:46:
         59:c2:65:68:0d:2d:bb:da:fd:48:8f:5e:1a:95:03:8b:a6:06:
         0a:6c:00:f2
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZCRe6dWR2gQeuiLZRaqJ2kKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2Mjk1MGViNzkxNjY2OGJiZmE4ZDFiODcwNTYwYjFj
YTc3MzkwHhcNMjQwNzA4MDgzNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2E4N2M3YmNhZTMxZjcyN2FiNzBiMDU4MjdhOTRkYjNiOTMyODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLDJAfVeNm0Smhb3d03FaznxvEHG
YKL74c8g95zyD4i62ZbwITAFD581qRlRbpnzpINjJXmKmCsVgQBz4aXWseo0dpks
Uc7enKTuh2dWr3nyIRaTlIgHk6vIYVZySNCQqbRI9SZiPMF1wmYplLC5TXxljLoP
bJeXwhFScT4Sn6h87AOWjX4ys1UZ3YBVtMQYEU0JgO7dB8k6bmY8dd87QPXI4AZ2
sEAeiA0U89Zt4L1RHFAWCSMUIvY0KJIkDGK2HlvHXJ9mO4wSkvsA9Y4Wn2Z6g1hN
TMVdmckV8q3sabZ18wKYnb2Jzy38uLJdxdN49O2nQ3iEVBP1rjUJljQwgQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFHyofHvK4x9yercLBYJ6lNs7kyhPMB8GA1UdIwQY
MBaAFPS3YpUOt5FmaLv6jRuHBWCxync5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAt
MmY4ZGYxODdmOThiLzEvZktoOGU4cmpIM0o2dHdzRmducVUyenVUS0U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAtMmY4ZGYxODdmOThi
LzEvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGMAwDBABUEUMD
BABUEUQDBAFUEUYDBABUEUwDBAFUEU4DBABUEVQDBAFUEVYwDAMEAFQRWQMEAlQR
WAMEAFQRXQMEArl2sDANBgkqhkiG9w0BAQsFAAOCAQEAahjrmEuBFqsa1AuEf//b
5R0G2QbSvJo9NQS+IaoT9YdGxEYBR9VdXPCIC+ikqW4/0zTxBxDclrM0eL+YI7kT
+gA6Ncg2+DbuWGxttbP7oAWZbfTfPDTjP7XyBp9sRQh7ABDZg742aozn2qS3nCpC
7mEYSUPemz8Q7nu8e0Vw8OsklDjzDQaoNEgBsE7yuFjITbyvcJChFbw1/K07Vi3C
iPEgfOlxSNAZ4o97eypOV3CYLjIPOvd2Cf+cVDOYLyiFSv1+5Z6EFDMGBMJL2XHy
Q3msjzIxA0CJ8BmVV4vSP/03A6Q9kUEtmmhGWcJlaA0tu9r9SI9eGpUDi6YGCmwA
8g==
-----END CERTIFICATE-----
Generated at Mon Aug 5 11:00:26 2024 by rpki-client on console-fra.rpki-client.org