Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/O6ibr3n2_dE6Fspfr8CaA27MPI0.roa
File:                     O6ibr3n2_dE6Fspfr8CaA27MPI0.roa (raw, json)
Hash identifier:          wQNPhP0MT8IRMW3CzLxHRALrj7vevoct+ULCfFXfT9o=
Subject key identifier:   3B:A8:9B:AF:79:F6:FD:D1:3A:16:CA:5F:AF:C0:9A:03:6E:CC:3C:8D
Certificate issuer:       /CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Certificate serial:       0187B7DAD18D5501BAEFF038FF76B4F36EC6
Authority key identifier: 4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/O6ibr3n2_dE6Fspfr8CaA27MPI0.roa
Signing time:             Tue 25 Apr 2023 09:59:43 +0000
ROA not before:           Tue 25 Apr 2023 09:59:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198335
IP address blocks:        213.198.104.0/24 maxlen: 24
                          213.198.104.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 Nov 2023 16:53:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:b7:da:d1:8d:55:01:ba:ef:f0:38:ff:76:b4:f3:6e:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
        Validity
            Not Before: Apr 25 09:59:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3ba89baf79f6fdd13a16ca5fafc09a036ecc3c8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:4e:07:03:4c:7a:00:e0:71:34:ee:ab:57:9e:
                    17:b3:d4:b0:09:bd:7a:28:16:81:4b:18:0d:7a:a2:
                    2c:f5:95:94:59:16:ff:bb:81:60:41:36:da:f6:4d:
                    b7:bc:6f:e5:a5:31:9b:0b:37:e0:fc:93:18:82:bd:
                    2d:6e:53:f6:37:22:64:40:a4:19:1b:ce:65:6a:45:
                    c3:fc:ee:ff:e6:43:f3:ad:5c:b7:58:ae:cf:1f:56:
                    df:a1:c5:3b:36:3c:94:50:af:69:57:a2:e5:d8:0c:
                    d1:46:df:37:20:cd:13:d3:eb:e5:db:2a:49:22:79:
                    59:38:c6:59:2c:f1:07:1b:2f:a5:79:06:31:29:a7:
                    98:e4:66:9b:42:70:a2:8b:d3:a8:fd:f2:96:b9:28:
                    69:02:e3:82:f5:f7:7c:82:3c:1a:fe:ff:c5:24:12:
                    24:39:1a:e5:13:82:7e:ed:fd:44:04:2a:30:03:19:
                    ac:82:a7:bc:5d:27:82:c7:4d:ce:7a:63:96:22:ea:
                    64:6c:ff:5d:ed:ce:55:30:85:b9:40:ad:ef:ff:f1:
                    84:d4:9f:d6:0f:4f:4d:dc:ea:57:2b:bb:85:1c:b2:
                    1e:ae:88:88:e5:03:61:5e:41:f1:0a:8c:45:ac:f2:
                    b9:c1:6f:f3:71:76:d6:73:cb:db:80:80:cb:af:ee:
                    8c:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:A8:9B:AF:79:F6:FD:D1:3A:16:CA:5F:AF:C0:9A:03:6E:CC:3C:8D
            X509v3 Authority Key Identifier:
                keyid:4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/O6ibr3n2_dE6Fspfr8CaA27MPI0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.198.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         40:24:8f:9e:4a:db:73:5b:3e:96:27:7a:49:93:37:63:86:e7:
         9e:16:42:bc:b3:56:91:1e:8c:a8:e1:24:0e:96:e0:15:a7:c6:
         aa:a0:01:f4:a7:e3:9f:6c:06:42:80:ab:12:f9:f4:4b:08:39:
         66:aa:1d:96:85:6f:db:a7:01:61:c2:16:4c:5c:63:90:32:90:
         13:cf:5a:91:29:23:c2:53:d6:38:7d:70:7a:9d:56:e6:15:9a:
         f8:2f:8e:4a:e9:81:50:17:86:d6:b2:a1:97:26:a2:93:4d:ad:
         a5:54:6d:a6:e2:b7:90:3f:0d:b6:86:e9:b2:c5:7a:01:c6:00:
         c6:f7:ad:0e:00:f6:51:f0:7c:02:7d:e7:ea:69:c4:26:59:bb:
         66:bb:ab:d7:75:7e:9d:3d:7c:f3:7a:fa:be:ea:d2:3c:25:dc:
         7b:b8:c8:47:4f:21:40:62:4d:6c:55:ed:02:ec:79:80:31:a7:
         82:4e:b0:cb:bd:00:95:42:6b:a8:c4:4b:55:c2:4e:eb:23:5c:
         b9:51:3f:44:c1:52:a0:16:3f:c7:ce:10:19:fc:cc:0a:5a:5c:
         84:e0:fd:44:45:42:18:02:19:75:6e:95:40:79:67:e8:18:0c:
         14:b6:24:fb:94:d7:95:35:21:84:d5:ed:17:43:bd:4b:2e:bc:
         78:93:53:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe32tGNVQG67/A4/3a0827GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWEyOTIxZmJlYjhhNDQ4ZTdhZTFlYzVhMTFiOGFiODk4
ZDIyZmQwHhcNMjMwNDI1MDk1OTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmE4OWJhZjc5ZjZmZGQxM2ExNmNhNWZhZmMwOWEwMzZlY2MzYzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoU4HA0x6AOBxNO6rV54Xs9SwCb16
KBaBSxgNeqIs9ZWUWRb/u4FgQTba9k23vG/lpTGbCzfg/JMYgr0tblP2NyJkQKQZ
G85lakXD/O7/5kPzrVy3WK7PH1bfocU7NjyUUK9pV6Ll2AzRRt83IM0T0+vl2ypJ
InlZOMZZLPEHGy+leQYxKaeY5GabQnCii9Oo/fKWuShpAuOC9fd8gjwa/v/FJBIk
ORrlE4J+7f1EBCowAxmsgqe8XSeCx03OemOWIupkbP9d7c5VMIW5QK3v//GE1J/W
D09N3OpXK7uFHLIeroiI5QNhXkHxCoxFrPK5wW/zcXbWc8vbgIDLr+6MDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDuom6959v3ROhbKX6/AmgNuzDyNMB8GA1UdIwQY
MBaAFE1aKSH764pEjnrh7FoRuKuJjSL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUt
NzgwYTI1Y2QwZGQ5LzEvTzZpYnIzbjJfZEU2RnNwZnI4Q2FBMjdNUEkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUtNzgwYTI1Y2QwZGQ5
LzEvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1cZoMA0G
CSqGSIb3DQEBCwUAA4IBAQBAJI+eSttzWz6WJ3pJkzdjhueeFkK8s1aRHoyo4SQO
luAVp8aqoAH0p+OfbAZCgKsS+fRLCDlmqh2WhW/bpwFhwhZMXGOQMpATz1qRKSPC
U9Y4fXB6nVbmFZr4L45K6YFQF4bWsqGXJqKTTa2lVG2m4reQPw22humyxXoBxgDG
960OAPZR8HwCfefqacQmWbtmu6vXdX6dPXzzevq+6tI8Jdx7uMhHTyFAYk1sVe0C
7HmAMaeCTrDLvQCVQmuoxEtVwk7rI1y5UT9EwVKgFj/HzhAZ/MwKWlyE4P1ERUIY
Ahl1bpVAeWfoGAwUtiT7lNeVNSGE1e0XQ71LLrx4k1MQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:40 2024 by rpki-client on console-fra.rpki-client.org