Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/75vONShaimBZ9P_j8MJTwmuZ5G0.roa
File:                     75vONShaimBZ9P_j8MJTwmuZ5G0.roa (raw, json)
Hash identifier:          xs5RT3k4VK8r7bg2+xodvieWtBYlF+Er8KgBdxDbfnE=
Subject key identifier:   EF:9B:CE:35:28:5A:8A:60:59:F4:FF:E3:F0:C2:53:C2:6B:99:E4:6D
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       0186A6CD2C7672C88A83319677076D4E746B
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/75vONShaimBZ9P_j8MJTwmuZ5G0.roa
Signing time:             Fri 03 Mar 2023 09:28:29 +0000
ROA not before:           Fri 03 Mar 2023 09:28:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56690
IP address blocks:        193.233.150.0/24 maxlen: 24
                          193.233.164.0/24 maxlen: 24
                          193.233.166.0/23 maxlen: 23
                          193.233.168.0/23 maxlen: 23
                          193.233.73.0/24 maxlen: 24
                          193.233.92.0/24 maxlen: 24
                          193.233.93.0/24 maxlen: 24
                          193.233.94.0/24 maxlen: 24
                          193.233.12.0/23 maxlen: 23
                          193.233.240.0/23 maxlen: 23
                          193.233.18.0/24 maxlen: 24
                          193.233.24.0/23 maxlen: 23
                          193.233.242.0/24 maxlen: 24
                          193.233.243.0/24 maxlen: 24
                          193.233.26.0/23 maxlen: 23
                          193.233.28.0/23 maxlen: 23
                          193.233.254.0/23 maxlen: 23
                          193.233.54.0/23 maxlen: 23
                          193.233.176.0/20 maxlen: 20
                          193.233.212.0/22 maxlen: 22
                          193.233.224.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 06 Mar 2023 19:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:a6:cd:2c:76:72:c8:8a:83:31:96:77:07:6d:4e:74:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Mar  3 09:28:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ef9bce35285a8a6059f4ffe3f0c253c26b99e46d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:97:83:0e:e2:50:36:0e:a2:2f:14:a6:19:8d:
                    2e:65:ba:c3:64:67:ae:1f:ec:87:cf:df:d3:1f:97:
                    dc:65:cd:e2:44:93:e9:f5:e3:36:b7:a7:58:76:b2:
                    d6:2a:ad:be:b0:db:46:f2:ce:5a:93:5e:d7:ef:f9:
                    6b:45:6d:9f:bc:ae:ce:8f:45:bc:14:5f:d1:88:37:
                    55:15:e1:a6:d4:55:be:5a:2f:b0:b3:1d:66:72:60:
                    f1:f4:22:f0:3d:27:78:d8:c4:f3:01:46:52:56:7f:
                    a9:7f:1d:44:10:f3:22:c1:cf:ff:59:b8:cb:dc:17:
                    9f:28:b8:2d:58:16:7c:68:8f:0e:03:3a:5e:40:d4:
                    62:ae:67:7a:e0:61:4c:4e:d6:c1:23:56:7f:9d:6a:
                    50:b6:41:de:4e:ad:f4:3d:33:8a:2a:73:57:ca:e3:
                    a7:7c:3d:c9:6f:18:17:fb:dd:1c:0b:ec:89:75:3d:
                    c7:80:89:09:63:07:c0:27:6d:a2:d3:8b:2e:3e:98:
                    31:e0:73:10:27:e9:b9:4d:45:7c:4c:9f:0d:09:41:
                    6d:63:cc:fd:d3:eb:e0:f0:9c:a4:eb:ad:1b:cb:2c:
                    f2:b2:fd:f3:ba:01:01:8c:6f:86:54:10:07:c6:62:
                    f2:a9:bf:15:ef:d9:e0:57:13:b8:ab:5c:de:2d:2d:
                    87:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:9B:CE:35:28:5A:8A:60:59:F4:FF:E3:F0:C2:53:C2:6B:99:E4:6D
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/75vONShaimBZ9P_j8MJTwmuZ5G0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.12.0/23
                  193.233.18.0/24
                  193.233.24.0-193.233.29.255
                  193.233.54.0/23
                  193.233.73.0/24
                  193.233.92.0-193.233.94.255
                  193.233.150.0/24
                  193.233.164.0/24
                  193.233.166.0-193.233.169.255
                  193.233.176.0/20
                  193.233.212.0/22
                  193.233.224.0/22
                  193.233.240.0/22
                  193.233.254.0/23

    Signature Algorithm: sha256WithRSAEncryption
         52:3e:c0:c0:a8:44:b3:42:52:0a:9b:05:a9:b6:f3:00:4e:44:
         c6:55:fd:35:7c:07:d4:a6:65:be:e2:ac:7c:c6:df:38:e4:e2:
         a1:dd:d8:9f:56:b2:a9:05:c6:1b:e6:b1:ad:53:22:b6:7a:a5:
         dc:f2:8b:86:04:fc:f0:ac:1d:99:5d:a5:dc:de:fa:f8:dd:8a:
         b4:f1:ad:e3:22:76:9a:d2:38:21:14:7c:41:3b:f4:93:97:d3:
         bb:03:21:9e:74:6d:17:bb:4d:c4:64:89:62:6f:7e:1b:f9:37:
         d9:93:1b:e7:4f:71:7a:ad:4d:7f:07:71:43:cf:cf:41:a5:06:
         fa:f8:cb:09:bb:7a:3f:60:21:aa:66:02:b6:b3:23:6a:81:d1:
         67:eb:59:f7:a4:41:fb:8c:4d:34:35:ac:12:0d:af:f8:f4:be:
         ec:fd:8b:26:2f:79:1f:3a:27:50:e3:bf:00:ed:0c:12:83:62:
         08:16:88:78:0e:32:10:dd:56:38:04:c6:27:c7:54:0c:61:2c:
         15:4b:4c:23:1f:13:ce:79:ed:1d:75:cc:11:e0:25:2f:10:66:
         70:64:6b:21:cb:b0:27:bf:d0:e7:35:d3:2e:2f:c8:78:f9:6c:
         8a:3d:c0:5f:65:bb:ac:44:f5:55:9d:ee:80:3c:ad:65:e2:95:
         44:71:46:32
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYamzSx2csiKgzGWdwdtTnRrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMzAzMDkyODI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjliY2UzNTI4NWE4YTYwNTlmNGZmZTNmMGMyNTNjMjZiOTllNDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZeDDuJQNg6iLxSmGY0uZbrDZGeu
H+yHz9/TH5fcZc3iRJPp9eM2t6dYdrLWKq2+sNtG8s5ak17X7/lrRW2fvK7Oj0W8
FF/RiDdVFeGm1FW+Wi+wsx1mcmDx9CLwPSd42MTzAUZSVn+pfx1EEPMiwc//WbjL
3BefKLgtWBZ8aI8OAzpeQNRirmd64GFMTtbBI1Z/nWpQtkHeTq30PTOKKnNXyuOn
fD3JbxgX+90cC+yJdT3HgIkJYwfAJ22i04suPpgx4HMQJ+m5TUV8TJ8NCUFtY8z9
0+vg8Jyk660byyzysv3zugEBjG+GVBAHxmLyqb8V79ngVxO4q1zeLS2HOwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFO+bzjUoWopgWfT/4/DCU8JrmeRtMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvNzV2T05TaGFpbUJaOVBfajhNSlR3bXVaNUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAcHpDAME
AMHpEjAMAwQDwekYAwQBwekcAwQBwek2AwQAwelJMAwDBALB6VwDBADB6V4DBADB
6ZYDBADB6aQwDAMEAcHppgMEAcHpqAMEBMHpsAMEAsHp1AMEAsHp4AMEAsHp8AME
AcHp/jANBgkqhkiG9w0BAQsFAAOCAQEAUj7AwKhEs0JSCpsFqbbzAE5ExlX9NXwH
1KZlvuKsfMbfOOTiod3Yn1ayqQXGG+axrVMitnql3PKLhgT88KwdmV2l3N76+N2K
tPGt4yJ2mtI4IRR8QTv0k5fTuwMhnnRtF7tNxGSJYm9+G/k32ZMb509xeq1Nfwdx
Q8/PQaUG+vjLCbt6P2AhqmYCtrMjaoHRZ+tZ96RB+4xNNDWsEg2v+PS+7P2LJi95
HzonUOO/AO0MEoNiCBaIeA4yEN1WOATGJ8dUDGEsFUtMIx8TznntHXXMEeAlLxBm
cGRrIcuwJ7/Q5zXTLi/IePlsij3AX2W7rET1VZ3ugDytZeKVRHFGMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org