Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/7H5-g1Fg6BYiVAEzdaujor1ZiYk.roa
File:                     7H5-g1Fg6BYiVAEzdaujor1ZiYk.roa (raw, json)
Hash identifier:          9nFTcx/4ZcF6O4p0I4MNOKOpiygxAKXWkzQkYhbMX/A=
Subject key identifier:   EC:7E:7E:83:51:60:E8:16:22:54:01:33:75:AB:A3:A2:BD:59:89:89
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       018D6FEE7B34364CCD6141E056D358262CBE
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/7H5-g1Fg6BYiVAEzdaujor1ZiYk.roa
Signing time:             Sat 03 Feb 2024 17:05:16 +0000
ROA not before:           Sat 03 Feb 2024 17:05:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     207713
IP address blocks:        147.45.116.0/24 maxlen: 24
                          193.233.18.0/24 maxlen: 24
                          193.233.48.0/24 maxlen: 24
                          193.233.49.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 12 Feb 2024 06:38:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:6f:ee:7b:34:36:4c:cd:61:41:e0:56:d3:58:26:2c:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Feb  3 17:05:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ec7e7e835160e8162254013375aba3a2bd598989
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:4f:5f:15:fb:b5:4c:0c:b7:a9:f2:5d:26:72:
                    33:39:b6:06:3c:ce:cd:da:5b:d3:2b:58:a0:75:9a:
                    6a:cd:d4:bd:e9:20:b1:94:6a:b4:df:6f:51:08:20:
                    3e:6e:65:61:7f:4f:3e:51:bb:3c:98:7d:26:b2:4a:
                    4a:82:e2:b9:97:27:10:12:0b:ba:6e:ee:3d:5a:23:
                    21:4c:dc:19:4e:22:bc:e1:9c:df:59:cd:62:c2:89:
                    9e:ca:f2:7d:47:08:e2:81:27:81:bb:a9:a5:21:4a:
                    f5:f0:29:39:db:92:f1:1d:13:c0:3b:7b:a6:04:3a:
                    20:b0:20:4c:76:f9:ba:e7:87:05:45:38:41:0e:8e:
                    80:1b:37:27:94:33:57:76:01:77:af:ff:43:0a:51:
                    ac:86:5a:17:9d:af:da:f6:b3:4c:66:0a:3f:f4:6a:
                    a6:c7:af:59:25:00:ec:74:a3:2e:08:00:2c:c8:29:
                    15:aa:cb:e6:73:6f:c4:ac:a0:77:89:fe:04:51:0f:
                    72:e9:0d:e0:55:25:86:90:a0:53:19:dd:89:d4:93:
                    13:fe:bf:f7:46:ed:62:ed:39:53:30:55:9e:3a:6a:
                    70:29:aa:89:a7:44:63:be:be:4a:80:3b:4d:b9:42:
                    a2:88:1b:b7:19:5f:07:61:45:69:b2:c6:61:2f:23:
                    cd:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:7E:7E:83:51:60:E8:16:22:54:01:33:75:AB:A3:A2:BD:59:89:89
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/7H5-g1Fg6BYiVAEzdaujor1ZiYk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.45.116.0/24
                  193.233.18.0/24
                  193.233.48.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8a:44:57:b6:8d:43:9e:ae:59:53:c0:39:8e:c5:c7:33:33:70:
         92:f4:6e:f9:fc:ef:b1:2b:78:56:ef:87:b1:84:51:0b:ba:ba:
         ed:0a:c4:e9:b7:79:f4:ac:37:a7:2b:89:74:e6:52:89:c5:9d:
         28:b0:22:e0:75:0e:8f:b4:ee:2c:48:12:77:7b:4c:b1:4f:ab:
         50:bd:bf:57:b4:72:da:10:34:76:b1:a6:21:d9:41:8c:36:5b:
         2a:97:24:40:e6:18:05:ac:cd:80:a8:15:b4:e6:dd:a8:2e:58:
         6c:23:9c:98:d5:07:01:dd:a6:ae:e2:dc:58:c2:8c:3e:21:61:
         31:58:84:53:04:72:69:2c:20:ae:b4:41:55:76:79:72:37:86:
         e2:43:df:93:fe:6f:37:41:ce:6c:79:90:d3:d6:e6:1f:49:e8:
         a8:91:9c:d3:b4:d9:91:36:cf:6c:69:0b:44:2b:1e:36:6d:b3:
         57:a4:bb:cd:a1:76:4b:6f:a0:fd:0a:29:f4:b2:d2:a3:36:cd:
         d4:6c:f9:af:2f:94:5d:3c:52:32:7b:d0:6b:c5:28:43:6c:3d:
         42:94:04:f2:89:7e:aa:ab:10:69:62:b2:15:19:b5:31:f9:71:
         30:a7:69:aa:8d:23:28:ab:62:3d:9b:26:b7:ff:4e:a1:13:e2:
         ff:a7:6f:6f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1v7ns0NkzNYUHgVtNYJiy+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMjAzMTcwNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzdlN2U4MzUxNjBlODE2MjI1NDAxMzM3NWFiYTNhMmJkNTk4OTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmk9fFfu1TAy3qfJdJnIzObYGPM7N
2lvTK1igdZpqzdS96SCxlGq0329RCCA+bmVhf08+Ubs8mH0mskpKguK5lycQEgu6
bu49WiMhTNwZTiK84ZzfWc1iwomeyvJ9RwjigSeBu6mlIUr18Ck525LxHRPAO3um
BDogsCBMdvm654cFRThBDo6AGzcnlDNXdgF3r/9DClGshloXna/a9rNMZgo/9Gqm
x69ZJQDsdKMuCAAsyCkVqsvmc2/ErKB3if4EUQ9y6Q3gVSWGkKBTGd2J1JMT/r/3
Ru1i7TlTMFWeOmpwKaqJp0Rjvr5KgDtNuUKiiBu3GV8HYUVpssZhLyPN3wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOx+foNRYOgWIlQBM3Wro6K9WYmJMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvN0g1LWcxRmc2QllpVkFFemRhdWpvcjFaaVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAky10AwQA
wekSAwQBwekwMA0GCSqGSIb3DQEBCwUAA4IBAQCKRFe2jUOerllTwDmOxcczM3CS
9G75/O+xK3hW74exhFELurrtCsTpt3n0rDenK4l05lKJxZ0osCLgdQ6PtO4sSBJ3
e0yxT6tQvb9XtHLaEDR2saYh2UGMNlsqlyRA5hgFrM2AqBW05t2oLlhsI5yY1QcB
3aau4txYwow+IWExWIRTBHJpLCCutEFVdnlyN4biQ9+T/m83Qc5seZDT1uYfSeio
kZzTtNmRNs9saQtEKx42bbNXpLvNoXZLb6D9Cin0stKjNs3UbPmvL5RdPFIye9Br
xShDbD1ClATyiX6qqxBpYrIVGbUx+XEwp2mqjSMoq2I9mya3/06hE+L/p29v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org