Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/LXnvrTORrMydQIwkF4gTExT8cBw.roa
File:                     LXnvrTORrMydQIwkF4gTExT8cBw.roa (raw, json)
Hash identifier:          UcjqoyYqQBYnrlXrQRdIuUBfvDfvCNFCswL7Pabynx4=
Subject key identifier:   2D:79:EF:AD:33:91:AC:CC:9D:40:8C:24:17:88:13:13:14:FC:70:1C
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       01856F26DF1FB76507FBA264C3E24EB39467
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/LXnvrTORrMydQIwkF4gTExT8cBw.roa
Signing time:             Sun 01 Jan 2023 21:04:56 +0000
ROA not before:           Sun 01 Jan 2023 21:04:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35783
IP address blocks:        193.233.173.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:26:df:1f:b7:65:07:fb:a2:64:c3:e2:4e:b3:94:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Jan  1 21:04:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2d79efad3391accc9d408c241788131314fc701c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:60:d8:74:ba:4f:71:30:61:02:fc:05:e2:07:
                    c5:95:6e:ba:2d:6f:ab:4e:7e:21:aa:bb:77:72:10:
                    da:a4:a7:8b:55:e8:b8:7f:74:b5:28:d9:28:53:d1:
                    73:04:8f:ba:19:fe:0a:da:ef:65:a7:65:a9:ae:89:
                    20:30:54:c6:22:cd:bf:ab:dc:35:e9:95:75:29:ca:
                    fb:74:6c:a3:e3:87:1c:77:01:d4:a9:f6:65:98:9c:
                    ef:a2:99:bf:e6:33:b1:02:6a:17:9a:92:85:1e:ce:
                    c7:fc:89:f9:82:bc:01:6e:37:20:e5:83:d3:ac:18:
                    d7:61:60:8c:7f:b7:7e:03:e0:36:ea:fc:83:c2:0e:
                    e5:d7:d0:bc:78:39:25:ba:2a:bc:6e:5a:a2:c9:d3:
                    47:e0:f0:1e:85:ff:41:e5:6e:66:3e:81:39:91:89:
                    92:d2:57:84:e3:47:4b:09:43:d5:3b:61:46:0d:0f:
                    0f:9a:5c:1a:67:f3:e2:a5:fd:fc:4e:c7:1b:12:7b:
                    ca:b1:ee:d1:5d:61:2f:e4:df:b9:c3:56:1c:f3:54:
                    81:37:2d:57:46:10:9b:6c:4e:1c:c5:c4:28:f1:34:
                    a1:97:3b:6d:02:3e:b9:ad:23:76:8a:65:af:56:d3:
                    a9:e7:6c:62:34:71:27:4c:f1:3b:00:34:f8:48:b2:
                    a0:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:79:EF:AD:33:91:AC:CC:9D:40:8C:24:17:88:13:13:14:FC:70:1C
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/LXnvrTORrMydQIwkF4gTExT8cBw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.173.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:16:9a:c5:08:f5:b1:14:22:3a:1c:8a:30:36:ba:de:60:80:
         88:f5:68:6f:56:7f:6f:fe:e8:c7:bf:dc:c1:5a:58:fd:a0:74:
         be:41:16:0a:85:c7:fb:55:03:aa:39:69:29:5d:49:9b:2b:6b:
         34:8e:cd:fa:7e:4e:ab:0b:73:be:66:fa:83:11:48:fa:17:7e:
         0f:48:dd:3d:0a:53:1c:d9:0a:3b:60:37:2f:ab:d6:2f:f2:d0:
         ed:4f:96:29:f6:df:42:60:fa:25:8a:fb:f1:06:5a:1d:72:59:
         9e:04:6e:a7:b4:20:93:57:9a:56:c2:3d:9c:87:ce:fa:33:2d:
         cb:32:50:ad:25:65:fa:6a:56:7b:aa:07:07:d9:d9:34:00:68:
         be:7a:a1:e7:c3:14:62:cf:5f:a1:7d:a1:38:d3:d2:ae:68:d0:
         2a:f5:bf:c7:f5:c0:6f:bc:7d:fc:59:1e:ad:e8:c1:85:f0:36:
         09:48:a0:82:cf:a8:0d:44:85:b4:21:ca:4f:6f:42:83:13:cb:
         9a:96:55:25:93:57:55:5e:34:28:a4:0e:c4:e6:4d:4c:98:66:
         19:c9:96:a0:71:95:8b:17:a2:ae:b4:8c:05:ba:da:b3:f6:cd:
         3f:b8:c5:66:fa:25:a2:43:29:4b:63:ce:53:17:a8:11:00:bf:
         74:df:f5:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvJt8ft2UH+6Jkw+JOs5RnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTAxMjEwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDc5ZWZhZDMzOTFhY2NjOWQ0MDhjMjQxNzg4MTMxMzE0ZmM3MDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGDYdLpPcTBhAvwF4gfFlW66LW+r
Tn4hqrt3chDapKeLVei4f3S1KNkoU9FzBI+6Gf4K2u9lp2WprokgMFTGIs2/q9w1
6ZV1Kcr7dGyj44ccdwHUqfZlmJzvopm/5jOxAmoXmpKFHs7H/In5grwBbjcg5YPT
rBjXYWCMf7d+A+A26vyDwg7l19C8eDkluiq8blqiydNH4PAehf9B5W5mPoE5kYmS
0leE40dLCUPVO2FGDQ8PmlwaZ/Pipf38TscbEnvKse7RXWEv5N+5w1Yc81SBNy1X
RhCbbE4cxcQo8TShlzttAj65rSN2imWvVtOp52xiNHEnTPE7ADT4SLKg+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC15760zkazMnUCMJBeIExMU/HAcMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvTFhudnJUT1JyTXlkUUl3a0Y0Z1RFeFQ4Y0J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwemtMA0G
CSqGSIb3DQEBCwUAA4IBAQBpFprFCPWxFCI6HIowNrreYICI9WhvVn9v/ujHv9zB
Wlj9oHS+QRYKhcf7VQOqOWkpXUmbK2s0js36fk6rC3O+ZvqDEUj6F34PSN09ClMc
2Qo7YDcvq9Yv8tDtT5Yp9t9CYPolivvxBlodclmeBG6ntCCTV5pWwj2ch876My3L
MlCtJWX6alZ7qgcH2dk0AGi+eqHnwxRiz1+hfaE409KuaNAq9b/H9cBvvH38WR6t
6MGF8DYJSKCCz6gNRIW0IcpPb0KDE8uallUlk1dVXjQopA7E5k1MmGYZyZagcZWL
F6KutIwFutqz9s0/uMVm+iWiQylLY85TF6gRAL903/U1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org