Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/D_YKnOdz-8W7Y1cHfOkOr6GDgG0.roa
File:                     D_YKnOdz-8W7Y1cHfOkOr6GDgG0.roa (raw, json)
Hash identifier:          CKwFofFnY+gkOqm1C7bg/68sOJM029KACQgl0YCd1xE=
Subject key identifier:   0F:F6:0A:9C:E7:73:FB:C5:BB:63:57:07:7C:E9:0E:AF:A1:83:80:6D
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       01882545E44CC37C35B0DC421C61E49F13A4
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/D_YKnOdz-8W7Y1cHfOkOr6GDgG0.roa
Signing time:             Tue 16 May 2023 15:55:17 +0000
ROA not before:           Tue 16 May 2023 15:55:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56690
IP address blocks:        193.233.150.0/24 maxlen: 24
                          193.233.166.0/23 maxlen: 23
                          193.233.168.0/23 maxlen: 23
                          193.233.73.0/24 maxlen: 24
                          193.233.92.0/22 maxlen: 22
                          193.233.12.0/23 maxlen: 23
                          193.233.234.0/24 maxlen: 24
                          193.233.24.0/23 maxlen: 23
                          193.233.240.0/22 maxlen: 22
                          193.233.26.0/23 maxlen: 23
                          193.233.28.0/23 maxlen: 23
                          193.233.54.0/23 maxlen: 23
                          193.233.176.0/20 maxlen: 20
                          193.233.212.0/22 maxlen: 22
                          193.233.224.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Wed 17 May 2023 08:58:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:25:45:e4:4c:c3:7c:35:b0:dc:42:1c:61:e4:9f:13:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: May 16 15:55:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0ff60a9ce773fbc5bb6357077ce90eafa183806d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:f3:a9:b0:c8:02:a3:63:48:71:c0:e9:91:f3:
                    ac:e3:b3:8d:79:23:7d:ff:c6:33:f3:c3:cf:70:a1:
                    c3:2c:a5:95:04:f1:c9:b3:e9:d1:fb:98:92:18:21:
                    75:ba:e0:db:bf:d5:03:f0:56:c4:02:c0:38:fa:a8:
                    c5:d4:c1:be:3b:ff:28:1d:0b:f9:13:ca:61:42:c7:
                    9c:5c:30:bb:c9:e8:19:3f:c0:dd:46:95:94:f8:b9:
                    87:de:a3:0b:fa:5b:04:64:9e:e7:04:14:e5:8d:14:
                    51:10:4c:6e:9e:d0:eb:97:b5:0a:59:01:5b:19:fe:
                    64:ee:b2:36:ab:e3:e9:63:2f:c6:cd:c8:ae:76:65:
                    b9:5e:4f:02:60:29:a8:34:cd:54:5f:60:e3:fb:44:
                    3c:8a:ee:79:e7:70:9e:9f:f6:42:72:45:18:50:4e:
                    8f:6c:c9:40:b0:e6:e8:12:84:87:ab:6a:1b:d9:ac:
                    c4:6d:75:cb:17:83:38:5e:23:6e:6b:4a:9f:a4:10:
                    46:42:48:f7:53:62:db:af:f3:92:d2:b4:3f:a9:43:
                    0b:b0:2d:5a:15:c1:a8:0d:84:01:6d:5f:b3:b7:dc:
                    28:44:e6:a5:cd:88:a8:4d:ba:54:e3:5a:44:bd:80:
                    40:de:cf:d3:e5:c6:28:4e:6a:33:5a:7b:76:45:d4:
                    cb:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:F6:0A:9C:E7:73:FB:C5:BB:63:57:07:7C:E9:0E:AF:A1:83:80:6D
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/D_YKnOdz-8W7Y1cHfOkOr6GDgG0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.12.0/23
                  193.233.24.0-193.233.29.255
                  193.233.54.0/23
                  193.233.73.0/24
                  193.233.92.0/22
                  193.233.150.0/24
                  193.233.166.0-193.233.169.255
                  193.233.176.0/20
                  193.233.212.0/22
                  193.233.224.0/22
                  193.233.234.0/24
                  193.233.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4a:78:a8:c4:f6:c5:79:dc:bf:2f:64:82:9a:d3:cc:76:fc:0e:
         d4:48:67:81:73:2d:4f:49:f7:88:c4:2d:ad:3e:cb:3f:49:d2:
         54:5f:ef:72:0f:ef:34:98:c4:e2:1e:c4:df:38:d2:49:eb:ec:
         47:88:fd:8b:eb:84:f9:2c:aa:58:29:19:d6:15:fe:99:a6:b7:
         66:24:da:5e:8d:73:a9:6b:3f:79:dd:ab:d1:a4:89:bf:f4:0e:
         fa:1e:84:4b:61:09:26:ff:4a:2c:cf:26:10:af:0d:36:42:13:
         09:1f:5d:0b:fc:7a:d8:0d:a7:0a:eb:cd:9c:77:4a:7d:6b:b7:
         b7:87:c3:55:27:31:ff:b6:6f:a8:1d:fb:1d:8b:27:d5:c1:e4:
         01:52:40:17:43:73:cb:d1:8b:ed:76:dc:ea:85:19:ec:a6:84:
         df:f8:8d:4d:df:bd:ad:ee:73:f5:eb:0e:7f:ff:0a:12:cf:a3:
         e9:b3:a4:db:21:5e:b9:73:c3:cb:8c:c5:db:b3:da:7e:26:cd:
         70:3b:f0:4a:c8:cd:22:76:a3:2e:20:24:00:df:e5:e3:75:11:
         11:b8:b6:31:45:6b:e8:1e:3f:26:90:50:1f:34:f3:e3:16:d1:
         ee:e0:62:ef:a8:e2:a9:42:16:1b:bf:cb:76:a7:69:c2:ce:36:
         36:36:69:a0
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYglReRMw3w1sNxCHGHknxOkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwNTE2MTU1NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmY2MGE5Y2U3NzNmYmM1YmI2MzU3MDc3Y2U5MGVhZmExODM4MDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/OpsMgCo2NIccDpkfOs47ONeSN9
/8Yz88PPcKHDLKWVBPHJs+nR+5iSGCF1uuDbv9UD8FbEAsA4+qjF1MG+O/8oHQv5
E8phQsecXDC7yegZP8DdRpWU+LmH3qML+lsEZJ7nBBTljRRREExuntDrl7UKWQFb
Gf5k7rI2q+PpYy/GzciudmW5Xk8CYCmoNM1UX2Dj+0Q8iu5553Cen/ZCckUYUE6P
bMlAsOboEoSHq2ob2azEbXXLF4M4XiNua0qfpBBGQkj3U2Lbr/OS0rQ/qUMLsC1a
FcGoDYQBbV+zt9woROalzYioTbpU41pEvYBA3s/T5cYoTmozWnt2RdTLhwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFA/2Cpznc/vFu2NXB3zpDq+hg4BtMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvRF9ZS25PZHotOFc3WTFjSGZPa09yNkdEZ0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQBwekMMAwD
BAPB6RgDBAHB6RwDBAHB6TYDBADB6UkDBALB6VwDBADB6ZYwDAMEAcHppgMEAcHp
qAMEBMHpsAMEAsHp1AMEAsHp4AMEAMHp6gMEAsHp8DANBgkqhkiG9w0BAQsFAAOC
AQEASnioxPbFedy/L2SCmtPMdvwO1EhngXMtT0n3iMQtrT7LP0nSVF/vcg/vNJjE
4h7E3zjSSevsR4j9i+uE+SyqWCkZ1hX+maa3ZiTaXo1zqWs/ed2r0aSJv/QO+h6E
S2EJJv9KLM8mEK8NNkITCR9dC/x62A2nCuvNnHdKfWu3t4fDVScx/7ZvqB37HYsn
1cHkAVJAF0Nzy9GL7Xbc6oUZ7KaE3/iNTd+9re5z9esOf/8KEs+j6bOk2yFeuXPD
y4zF27PafibNcDvwSsjNInajLiAkAN/l43UREbi2MUVr6B4/JpBQHzTz4xbR7uBi
76jiqUIWG7/Ldqdpws42NjZpoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org