Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/0499YhdYXX9XH9Pm0kmEw9bMvPk.roa
File:                     0499YhdYXX9XH9Pm0kmEw9bMvPk.roa (raw, json)
Hash identifier:          rRZaNkchEVGggPfoPhiwbWSlXqzB2l2xIQoc+QcWSVo=
Subject key identifier:   D3:8F:7D:62:17:58:5D:7F:57:1F:D3:E6:D2:49:84:C3:D6:CC:BC:F9
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       018755AA43F7F7D3272F907B6E624E1F6F62
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/0499YhdYXX9XH9Pm0kmEw9bMvPk.roa
Signing time:             Thu 06 Apr 2023 08:23:54 +0000
ROA not before:           Thu 06 Apr 2023 08:23:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202973
IP address blocks:        193.233.20.0/24 maxlen: 24
                          193.233.134.0/24 maxlen: 24
                          193.233.254.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 11 May 2023 11:36:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:55:aa:43:f7:f7:d3:27:2f:90:7b:6e:62:4e:1f:6f:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Apr  6 08:23:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d38f7d6217585d7f571fd3e6d24984c3d6ccbcf9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:ca:06:b4:88:a2:e1:58:6d:ff:32:fe:69:e9:
                    0f:80:1b:ae:9d:c9:e7:0e:6c:3a:d8:94:b5:29:47:
                    af:e7:38:3e:e3:fd:d0:03:ba:e8:48:41:ab:34:ca:
                    3f:5b:71:96:2f:54:b6:d7:a8:94:5c:5f:dc:ca:fa:
                    89:39:e5:ff:7b:b3:2a:d4:d4:b0:a0:59:80:46:c7:
                    30:b0:a2:92:30:63:af:46:c0:64:9e:f0:26:61:7c:
                    70:82:4c:79:0a:00:bb:f7:a1:ce:e4:a2:30:33:5a:
                    7d:80:e4:45:11:fa:87:4a:f6:24:bd:92:f4:45:10:
                    ad:a3:8b:10:51:1f:45:92:7f:9c:b2:49:82:7b:db:
                    2d:9c:73:cf:f2:f1:2b:50:33:7d:d2:74:e4:8b:11:
                    e9:d6:8c:07:b2:55:aa:96:c8:53:97:b1:d0:49:ea:
                    31:ff:21:be:6d:24:b2:65:3b:ea:62:2e:24:40:f4:
                    67:e0:8a:48:f2:a8:c8:fd:af:f1:5d:7b:9d:db:fd:
                    78:a1:50:74:b5:52:8d:a7:12:f1:1e:8f:93:ea:e8:
                    d1:6c:cc:8b:64:76:6c:63:b1:72:d8:ca:b8:3e:a4:
                    f8:0a:1e:f5:74:e1:6e:9e:e3:eb:72:81:1e:32:7c:
                    ac:12:a9:96:41:c1:58:ce:a2:52:c4:58:85:cc:4a:
                    14:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:8F:7D:62:17:58:5D:7F:57:1F:D3:E6:D2:49:84:C3:D6:CC:BC:F9
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/0499YhdYXX9XH9Pm0kmEw9bMvPk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.20.0/24
                  193.233.134.0/24
                  193.233.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:d2:96:0f:9f:bd:63:c2:7d:f6:c0:3a:65:d4:14:b2:d6:49:
         f7:9c:d6:45:c4:1f:56:9b:bc:fd:84:2a:dd:bc:6a:e6:05:1f:
         f9:ac:ba:4f:37:70:c3:30:9a:78:84:de:25:bf:18:f4:7c:4f:
         21:ca:1d:93:a8:14:db:1d:de:a2:0a:fe:0c:93:bf:a1:87:cd:
         ee:86:18:b8:eb:a9:53:e1:65:9c:7c:4f:4a:bc:13:31:38:23:
         27:bd:67:98:41:f6:54:28:98:91:54:df:fe:4e:01:a0:22:34:
         f2:25:c0:ab:1a:84:07:f9:8a:b2:05:06:16:c9:81:51:a7:c6:
         84:21:1b:41:d8:d9:35:df:54:4e:62:4c:0a:5d:50:69:5a:7e:
         80:df:51:45:84:f4:47:f0:2f:7d:35:d6:b2:62:8f:6d:b7:b5:
         e2:f2:63:56:03:e8:b8:5e:af:c1:5d:c2:ec:14:5f:0c:1b:6c:
         da:38:bc:44:f3:90:0b:06:2e:0f:a0:24:db:f0:fa:dc:70:86:
         67:40:77:fa:6c:cc:94:be:81:61:9d:b8:59:a9:c9:79:63:33:
         23:a6:f0:42:23:25:1c:36:2b:6d:20:e9:25:b1:c1:48:8b:b2:
         9d:bf:4e:50:42:9a:08:68:01:aa:97:1e:23:70:91:c7:03:46:
         ea:cf:94:a9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdVqkP399MnL5B7bmJOH29iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwNDA2MDgyMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzhmN2Q2MjE3NTg1ZDdmNTcxZmQzZTZkMjQ5ODRjM2Q2Y2NiY2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8oGtIii4Vht/zL+aekPgBuuncnn
Dmw62JS1KUev5zg+4/3QA7roSEGrNMo/W3GWL1S216iUXF/cyvqJOeX/e7Mq1NSw
oFmARscwsKKSMGOvRsBknvAmYXxwgkx5CgC796HO5KIwM1p9gORFEfqHSvYkvZL0
RRCto4sQUR9Fkn+cskmCe9stnHPP8vErUDN90nTkixHp1owHslWqlshTl7HQSeox
/yG+bSSyZTvqYi4kQPRn4IpI8qjI/a/xXXud2/14oVB0tVKNpxLxHo+T6ujRbMyL
ZHZsY7Fy2Mq4PqT4Ch71dOFunuPrcoEeMnysEqmWQcFYzqJSxFiFzEoUiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNOPfWIXWF1/Vx/T5tJJhMPWzLz5MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvMDQ5OVloZFlYWDlYSDlQbTBrbUV3OWJNdlBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwekUAwQA
wemGAwQAwen+MA0GCSqGSIb3DQEBCwUAA4IBAQAY0pYPn71jwn32wDpl1BSy1kn3
nNZFxB9Wm7z9hCrdvGrmBR/5rLpPN3DDMJp4hN4lvxj0fE8hyh2TqBTbHd6iCv4M
k7+hh83uhhi466lT4WWcfE9KvBMxOCMnvWeYQfZUKJiRVN/+TgGgIjTyJcCrGoQH
+YqyBQYWyYFRp8aEIRtB2Nk131ROYkwKXVBpWn6A31FFhPRH8C99NdayYo9tt7Xi
8mNWA+i4Xq/BXcLsFF8MG2zaOLxE85ALBi4PoCTb8PrccIZnQHf6bMyUvoFhnbhZ
qcl5YzMjpvBCIyUcNittIOklscFIi7Kdv05QQpoIaAGqlx4jcJHHA0bqz5Sp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org