Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/9vl05u3YLa3TuUlAG0jOxw0gHTQ.roa
File:                     9vl05u3YLa3TuUlAG0jOxw0gHTQ.roa (raw, json)
Hash identifier:          NDwKQHuI7CcDIuVLOsjOXnIf20/XTQmu267VREKLHcw=
Subject key identifier:   F6:F9:74:E6:ED:D8:2D:AD:D3:B9:49:40:1B:48:CE:C7:0D:20:1D:34
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       0189914AD13A91A10C4B334B22D9BCF3B2A1
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/9vl05u3YLa3TuUlAG0jOxw0gHTQ.roa
Signing time:             Wed 26 Jul 2023 08:22:26 +0000
ROA not before:           Wed 26 Jul 2023 08:22:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59584
IP address blocks:        193.233.106.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:91:4a:d1:3a:91:a1:0c:4b:33:4b:22:d9:bc:f3:b2:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Jul 26 08:22:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f6f974e6edd82dadd3b949401b48cec70d201d34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:77:90:5f:d9:7d:6e:3a:ee:44:ba:3d:5a:8a:
                    66:b6:f1:d2:64:28:33:5e:87:d6:43:d1:09:72:58:
                    9e:51:7f:db:63:59:16:b5:45:0f:bd:87:50:dd:85:
                    ec:db:0a:cf:af:b3:e8:d7:a0:51:f5:08:40:26:cd:
                    08:02:6b:af:fd:56:c2:f4:9f:7f:6b:d5:24:ce:b4:
                    be:76:17:95:68:8a:f2:f1:50:94:8f:9f:b8:a7:0b:
                    d7:7b:ff:8e:23:81:bd:d6:81:cf:0b:28:d8:6a:8b:
                    7c:27:8b:94:e9:88:3d:43:82:28:06:09:b4:fa:70:
                    c3:58:47:0f:80:13:fb:c6:b5:d5:03:67:10:c4:2d:
                    75:2b:f9:5c:86:ce:b0:09:40:a1:54:23:df:e6:fd:
                    11:75:bb:9d:52:89:85:96:a7:8e:24:d2:2a:c8:0e:
                    d3:b2:73:dd:e0:f1:19:dd:54:69:e7:40:99:a9:c7:
                    c6:e2:de:b2:d3:2b:86:b7:6a:06:b8:bd:1b:f3:f8:
                    d6:ae:90:5f:de:af:a7:d5:a8:7d:ed:8f:1f:d1:28:
                    08:1b:be:2e:e5:ac:08:a1:02:31:9d:45:5c:0d:a5:
                    50:ba:63:d8:95:84:f6:f1:67:15:3d:9b:d4:df:0b:
                    5e:2b:f2:ee:3b:2d:7d:9f:da:92:97:60:f4:61:9d:
                    5f:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:F9:74:E6:ED:D8:2D:AD:D3:B9:49:40:1B:48:CE:C7:0D:20:1D:34
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/9vl05u3YLa3TuUlAG0jOxw0gHTQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.106.0/23

    Signature Algorithm: sha256WithRSAEncryption
         74:55:d9:a0:ea:f1:57:85:eb:a4:d5:db:5c:25:f8:03:55:31:
         3f:b3:14:77:0d:fa:53:fb:ae:af:a1:1d:b8:7e:0c:23:63:22:
         8f:8f:4b:88:44:23:fc:3f:58:ff:7e:98:70:bc:55:47:82:3a:
         45:fd:2c:6c:90:84:5b:f5:f8:db:59:30:c8:9c:af:11:1d:e7:
         9b:25:8c:ae:13:3d:07:a9:15:f2:96:39:6a:ca:36:4d:20:4e:
         94:b2:e5:f4:8c:ac:a3:24:ac:71:63:75:28:e2:e1:e8:e9:f7:
         a4:7e:ac:4e:24:f4:80:cd:87:cd:e9:e5:69:18:1c:19:f5:8f:
         51:e7:e8:33:93:28:64:17:dc:24:6b:f6:e0:42:5f:70:ff:34:
         e1:8e:0d:c9:a6:b9:85:bc:4a:74:1f:42:1d:be:71:c0:a5:33:
         d0:90:62:7a:6c:4c:87:57:c7:e1:55:1e:fb:4b:e8:43:1f:71:
         6a:57:ac:7c:c3:79:fd:8a:2f:69:b5:a6:3c:78:b7:bd:e0:61:
         44:d2:17:fa:d7:b6:68:7c:27:c6:f2:c1:34:1f:47:71:3e:13:
         0e:0b:c5:8d:3e:54:2e:19:5b:8b:d8:63:b3:aa:03:52:dc:d4:
         f9:64:51:f4:f2:3a:38:b5:e2:25:27:91:4a:eb:15:70:c0:fe:
         43:ab:2d:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmRStE6kaEMSzNLItm887KhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwNzI2MDgyMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmY5NzRlNmVkZDgyZGFkZDNiOTQ5NDAxYjQ4Y2VjNzBkMjAxZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3eQX9l9bjruRLo9WopmtvHSZCgz
XofWQ9EJclieUX/bY1kWtUUPvYdQ3YXs2wrPr7Po16BR9QhAJs0IAmuv/VbC9J9/
a9UkzrS+dheVaIry8VCUj5+4pwvXe/+OI4G91oHPCyjYaot8J4uU6Yg9Q4IoBgm0
+nDDWEcPgBP7xrXVA2cQxC11K/lchs6wCUChVCPf5v0RdbudUomFlqeOJNIqyA7T
snPd4PEZ3VRp50CZqcfG4t6y0yuGt2oGuL0b8/jWrpBf3q+n1ah97Y8f0SgIG74u
5awIoQIxnUVcDaVQumPYlYT28WcVPZvU3wteK/LuOy19n9qSl2D0YZ1fZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPb5dObt2C2t07lJQBtIzscNIB00MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvOXZsMDV1M1lMYTNUdVVsQUcwak94dzBnSFRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwelqMA0G
CSqGSIb3DQEBCwUAA4IBAQB0Vdmg6vFXheuk1dtcJfgDVTE/sxR3DfpT+66voR24
fgwjYyKPj0uIRCP8P1j/fphwvFVHgjpF/SxskIRb9fjbWTDInK8RHeebJYyuEz0H
qRXyljlqyjZNIE6UsuX0jKyjJKxxY3Uo4uHo6fekfqxOJPSAzYfN6eVpGBwZ9Y9R
5+gzkyhkF9wka/bgQl9w/zThjg3JprmFvEp0H0IdvnHApTPQkGJ6bEyHV8fhVR77
S+hDH3FqV6x8w3n9ii9ptaY8eLe94GFE0hf617ZofCfG8sE0H0dxPhMOC8WNPlQu
GVuL2GOzqgNS3NT5ZFH08jo4teIlJ5FK6xVwwP5Dqy3U
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org