Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/MkZTETWGL34h9F0ct-X536UYSt8.roa
File:                     MkZTETWGL34h9F0ct-X536UYSt8.roa (raw, json)
Hash identifier:          jM/GxIhRWISgMszoa+SB+T56lbLIsTImhiQUWpp6UlM=
Subject key identifier:   32:46:53:11:35:86:2F:7E:21:F4:5D:1C:B7:E5:F9:DF:A5:18:4A:DF
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       018A6F67E4AA6794F698019D43BEFCD702F0
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/MkZTETWGL34h9F0ct-X536UYSt8.roa
Signing time:             Thu 07 Sep 2023 11:29:54 +0000
ROA not before:           Thu 07 Sep 2023 11:29:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199868
IP address blocks:        193.233.164.0/24 maxlen: 24
                          193.233.80.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 11 Nov 2023 18:53:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:6f:67:e4:aa:67:94:f6:98:01:9d:43:be:fc:d7:02:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Sep  7 11:29:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3246531135862f7e21f45d1cb7e5f9dfa5184adf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:d2:a6:9a:95:eb:b4:83:ef:49:61:b4:9d:e1:
                    e7:d5:ec:8c:ad:a6:19:8b:da:a6:d7:4c:8c:ec:46:
                    db:4a:ce:da:da:97:d1:8d:87:d0:93:a9:f4:b9:09:
                    2b:a1:6c:2a:99:45:e8:ee:7f:18:06:1a:f3:4e:b3:
                    55:ed:f2:ac:c1:44:57:bc:b7:68:6c:4e:8a:63:d6:
                    f0:59:82:92:3d:af:3b:a1:bd:48:2e:81:95:63:29:
                    47:fa:ed:b2:86:7f:af:53:c3:72:9e:5c:7a:62:db:
                    6c:2e:87:84:de:1d:77:88:cd:0f:9b:61:c1:1a:f8:
                    00:c0:d7:a3:ff:8f:9d:8c:71:9c:b3:19:78:21:78:
                    0d:f7:2c:d6:68:02:a2:2a:b7:82:09:d4:43:fe:1d:
                    7f:30:be:65:74:ad:a4:a8:55:16:7b:57:54:68:09:
                    fc:2b:80:ea:9e:3b:ff:9c:99:c2:74:4a:33:c8:67:
                    e7:07:d2:7f:ad:a0:6d:8e:31:b4:ca:b7:4d:5d:88:
                    09:60:dd:e2:e8:b3:e4:27:16:a4:d1:d8:4a:07:88:
                    7a:52:9d:55:3c:34:46:b2:d2:d0:7c:f5:2c:48:0a:
                    76:83:34:af:41:86:a1:d4:0c:8a:db:6f:dd:c6:b4:
                    54:10:d4:6d:4e:3a:c4:8d:1e:cf:47:98:5d:1b:b5:
                    c8:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:46:53:11:35:86:2F:7E:21:F4:5D:1C:B7:E5:F9:DF:A5:18:4A:DF
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/MkZTETWGL34h9F0ct-X536UYSt8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.80.0/24
                  193.233.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:18:97:42:19:11:23:6b:a2:b3:00:38:33:f3:15:1e:dc:5e:
         a1:0f:66:3d:89:98:08:7b:c0:9b:c6:f6:45:0a:88:0a:62:3e:
         9e:79:07:b2:93:eb:6e:93:69:ba:4b:7d:6e:52:8e:a1:64:dc:
         c7:b2:c2:5b:40:5c:27:c0:54:d7:85:2c:8c:06:19:7b:d3:ea:
         be:4a:99:95:b7:db:36:fa:d5:12:33:bf:b1:c8:72:f6:e4:ff:
         fd:19:eb:8c:34:fd:c9:81:59:2d:7a:92:8b:13:82:54:0d:93:
         d8:84:9e:a9:f2:b8:24:71:24:2d:26:a1:7b:2b:5a:a6:8c:56:
         cf:44:1e:14:cd:ad:c5:b7:33:53:14:93:1f:86:46:23:5b:ba:
         4f:f6:17:42:10:54:dd:86:e3:9e:9e:3e:59:cd:ae:a5:2d:86:
         6d:fb:36:35:7b:fb:ce:67:9b:c6:60:11:76:d3:7a:91:e6:d1:
         89:62:b0:72:49:38:36:98:69:c1:a5:fa:66:02:67:97:d8:3d:
         9e:22:59:b6:0e:93:58:a2:73:b6:f7:00:5c:ce:84:85:a5:a3:
         44:8d:25:ad:42:45:6d:33:78:2a:a0:9a:8f:4d:33:52:48:fe:
         d9:e1:6b:36:4c:69:6b:c9:fe:07:2a:47:fd:95:d1:41:8a:b5:
         af:a3:3c:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpvZ+SqZ5T2mAGdQ7781wLwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwOTA3MTEyOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjQ2NTMxMTM1ODYyZjdlMjFmNDVkMWNiN2U1ZjlkZmE1MTg0YWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNKmmpXrtIPvSWG0neHn1eyMraYZ
i9qm10yM7EbbSs7a2pfRjYfQk6n0uQkroWwqmUXo7n8YBhrzTrNV7fKswURXvLdo
bE6KY9bwWYKSPa87ob1ILoGVYylH+u2yhn+vU8Nynlx6YttsLoeE3h13iM0Pm2HB
GvgAwNej/4+djHGcsxl4IXgN9yzWaAKiKreCCdRD/h1/ML5ldK2kqFUWe1dUaAn8
K4Dqnjv/nJnCdEozyGfnB9J/raBtjjG0yrdNXYgJYN3i6LPkJxak0dhKB4h6Up1V
PDRGstLQfPUsSAp2gzSvQYah1AyK22/dxrRUENRtTjrEjR7PR5hdG7XI3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDJGUxE1hi9+IfRdHLfl+d+lGErfMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvTWtaVEVUV0dMMzRoOUYwY3QtWDUzNlVZU3Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwelQAwQA
wemkMA0GCSqGSIb3DQEBCwUAA4IBAQANGJdCGREja6KzADgz8xUe3F6hD2Y9iZgI
e8CbxvZFCogKYj6eeQeyk+tuk2m6S31uUo6hZNzHssJbQFwnwFTXhSyMBhl70+q+
SpmVt9s2+tUSM7+xyHL25P/9GeuMNP3JgVktepKLE4JUDZPYhJ6p8rgkcSQtJqF7
K1qmjFbPRB4Uza3FtzNTFJMfhkYjW7pP9hdCEFTdhuOenj5Zza6lLYZt+zY1e/vO
Z5vGYBF203qR5tGJYrBySTg2mGnBpfpmAmeX2D2eIlm2DpNYonO29wBczoSFpaNE
jSWtQkVtM3gqoJqPTTNSSP7Z4Ws2TGlryf4HKkf9ldFBirWvozza
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org