Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/2tWZXLpcp1ZwsYNBY3dcgNXE6Ek.roa
File:                     2tWZXLpcp1ZwsYNBY3dcgNXE6Ek.roa (raw, json)
Hash identifier:          hdyjxG4DH4944nHxqB6dJx0u7hBeVYKnmy1nHyNTaLw=
Subject key identifier:   DA:D5:99:5C:BA:5C:A7:56:70:B1:83:41:63:77:5C:80:D5:C4:E8:49
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       01880B807A6B5FFF9B77A83CB8226061F1F2
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/2tWZXLpcp1ZwsYNBY3dcgNXE6Ek.roa
Signing time:             Thu 11 May 2023 15:49:09 +0000
ROA not before:           Thu 11 May 2023 15:49:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49392
IP address blocks:        193.233.252.0/23 maxlen: 23
                          193.233.61.0/24 maxlen: 24
                          193.233.192.0/24 maxlen: 24
                          193.233.85.0/24 maxlen: 24
                          193.233.86.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 19 May 2023 20:07:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:0b:80:7a:6b:5f:ff:9b:77:a8:3c:b8:22:60:61:f1:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: May 11 15:49:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dad5995cba5ca75670b1834163775c80d5c4e849
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:7a:75:05:c2:3b:d5:df:60:b1:f3:45:54:06:
                    38:af:29:5a:00:11:eb:85:eb:07:a4:07:ba:cd:ef:
                    0c:09:cd:fc:69:94:a1:47:09:31:b8:1d:c3:dc:7c:
                    c5:68:8b:4d:6c:b0:d1:2b:4c:03:28:d8:a7:6a:58:
                    0d:49:12:15:8e:6c:82:a0:08:33:c8:c3:00:45:13:
                    ef:58:62:7f:1c:c0:e4:53:f9:6a:33:ac:ee:04:b8:
                    40:39:77:d5:08:52:cd:a6:33:92:e6:7e:e2:7e:ce:
                    e5:09:15:6d:ae:61:19:8a:58:ee:12:37:8a:7f:70:
                    54:f5:6d:b2:df:be:a6:4a:32:5e:63:be:f7:03:cc:
                    44:ca:0f:5c:09:11:66:b6:20:70:4e:01:26:ae:27:
                    d8:b8:de:96:68:dc:10:e0:1d:b7:f9:b0:99:e8:b7:
                    28:fd:47:d1:fc:87:fc:95:06:f0:fb:86:d1:1c:7d:
                    d7:2d:16:8a:37:d1:59:50:c1:60:2a:46:4d:8b:87:
                    6d:0d:b3:73:cd:af:f9:d7:4d:99:7c:97:a6:09:a0:
                    f2:27:05:20:14:5d:c9:8a:1d:1c:24:9d:66:f6:e7:
                    34:b9:fc:d3:a7:a7:cc:08:eb:b5:97:bc:01:8e:6c:
                    08:fe:78:87:58:b0:99:52:ea:a7:7d:e4:26:a7:4e:
                    60:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:D5:99:5C:BA:5C:A7:56:70:B1:83:41:63:77:5C:80:D5:C4:E8:49
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/2tWZXLpcp1ZwsYNBY3dcgNXE6Ek.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.61.0/24
                  193.233.85.0-193.233.86.255
                  193.233.192.0/24
                  193.233.252.0/23

    Signature Algorithm: sha256WithRSAEncryption
         35:8d:21:03:21:57:98:89:63:b7:f8:68:7a:a7:8d:a5:fe:45:
         9b:f4:95:b6:8e:fb:5c:98:62:c7:e1:d1:fe:62:1d:fc:09:94:
         eb:e7:11:a5:56:f8:73:c4:a8:ee:99:e3:22:8b:30:8d:a2:07:
         1c:c6:e5:dd:19:78:b4:ff:5e:59:b8:c3:cc:9f:1c:7c:41:81:
         11:d8:f8:58:67:26:85:0e:ed:12:04:e5:dc:fa:ff:f7:2c:e3:
         2e:fa:b3:6d:cc:46:48:6f:a8:be:b9:01:90:13:a7:76:c8:0c:
         21:08:36:32:b8:0b:56:b8:8e:b2:3d:02:c0:02:0d:c0:88:63:
         d9:92:a3:76:95:15:46:0a:cb:da:55:fe:43:17:5b:8c:03:19:
         c2:d6:92:5d:9e:a2:24:67:1c:56:d3:15:b6:21:30:15:02:72:
         b4:8f:52:97:2b:e6:31:c1:5a:b5:9f:2e:31:0e:cc:10:bd:6d:
         a9:bd:ea:81:98:3e:83:5b:d9:37:83:9e:58:4e:1b:75:ef:be:
         31:00:61:4f:10:87:e6:8f:d6:c8:79:40:a1:75:6e:30:c2:66:
         3c:59:bc:f4:51:8a:36:fc:d7:2b:9a:21:2b:ff:b9:db:ee:49:
         ab:11:1d:eb:7c:ba:d8:49:b3:ac:d4:2d:a6:70:0c:a3:39:b9:
         a2:31:02:1a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYgLgHprX/+bd6g8uCJgYfHyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwNTExMTU0OTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWQ1OTk1Y2JhNWNhNzU2NzBiMTgzNDE2Mzc3NWM4MGQ1YzRlODQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnp1BcI71d9gsfNFVAY4rylaABHr
hesHpAe6ze8MCc38aZShRwkxuB3D3HzFaItNbLDRK0wDKNinalgNSRIVjmyCoAgz
yMMARRPvWGJ/HMDkU/lqM6zuBLhAOXfVCFLNpjOS5n7ifs7lCRVtrmEZiljuEjeK
f3BU9W2y376mSjJeY773A8xEyg9cCRFmtiBwTgEmrifYuN6WaNwQ4B23+bCZ6Lco
/UfR/If8lQbw+4bRHH3XLRaKN9FZUMFgKkZNi4dtDbNzza/5102ZfJemCaDyJwUg
FF3Jih0cJJ1m9uc0ufzTp6fMCOu1l7wBjmwI/niHWLCZUuqnfeQmp05g2QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNrVmVy6XKdWcLGDQWN3XIDVxOhJMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvMnRXWlhMcGNwMVp3c1lOQlkzZGNnTlhFNkVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAwek9MAwD
BADB6VUDBADB6VYDBADB6cADBAHB6fwwDQYJKoZIhvcNAQELBQADggEBADWNIQMh
V5iJY7f4aHqnjaX+RZv0lbaO+1yYYsfh0f5iHfwJlOvnEaVW+HPEqO6Z4yKLMI2i
BxzG5d0ZeLT/Xlm4w8yfHHxBgRHY+FhnJoUO7RIE5dz6//cs4y76s23MRkhvqL65
AZATp3bIDCEINjK4C1a4jrI9AsACDcCIY9mSo3aVFUYKy9pV/kMXW4wDGcLWkl2e
oiRnHFbTFbYhMBUCcrSPUpcr5jHBWrWfLjEOzBC9bam96oGYPoNb2TeDnlhOG3Xv
vjEAYU8Qh+aP1sh5QKF1bjDCZjxZvPRRijb81yuaISv/udvuSasRHet8uthJs6zU
LaZwDKM5uaIxAho=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org