Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/PC7TXhbFqzj2Rd8KfEYUCXc75QE.roa
File:                     PC7TXhbFqzj2Rd8KfEYUCXc75QE.roa (raw, json)
Hash identifier:          Lorg+v+dN6+3sBNbvXC8EmUfDyWIvHlZqsRgYTnL1xE=
Subject key identifier:   3C:2E:D3:5E:16:C5:AB:38:F6:45:DF:0A:7C:46:14:09:77:3B:E5:01
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       018755AA430C7647D69F91F52CF5B0EA65A7
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/PC7TXhbFqzj2Rd8KfEYUCXc75QE.roa
Signing time:             Thu 06 Apr 2023 08:23:54 +0000
ROA not before:           Thu 06 Apr 2023 08:23:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56690
IP address blocks:        193.233.150.0/24 maxlen: 24
                          193.233.166.0/23 maxlen: 23
                          193.233.168.0/23 maxlen: 23
                          193.233.73.0/24 maxlen: 24
                          193.233.92.0/22 maxlen: 22
                          193.233.12.0/23 maxlen: 23
                          193.233.24.0/23 maxlen: 23
                          193.233.240.0/22 maxlen: 22
                          193.233.26.0/23 maxlen: 23
                          193.233.28.0/23 maxlen: 23
                          193.233.54.0/23 maxlen: 23
                          193.233.176.0/20 maxlen: 20
                          193.233.212.0/22 maxlen: 22
                          193.233.224.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 16 May 2023 15:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:55:aa:43:0c:76:47:d6:9f:91:f5:2c:f5:b0:ea:65:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Apr  6 08:23:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3c2ed35e16c5ab38f645df0a7c461409773be501
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:8f:16:e3:15:ff:7a:3a:d0:91:11:0c:9b:fe:
                    25:8b:b4:0d:e9:05:25:9a:cd:ad:23:b4:d2:af:6b:
                    c4:3e:ad:89:9d:ec:40:8e:5a:01:65:53:bf:3d:e1:
                    96:9b:59:20:94:46:52:43:5c:94:0a:51:05:a5:da:
                    1c:b7:2f:e6:2d:25:e2:37:98:fe:d8:09:e1:6c:2b:
                    7c:7f:98:71:e0:5a:91:e0:aa:6c:6c:fc:0d:0f:ad:
                    87:a9:2c:ff:25:0c:f0:99:39:59:70:d4:fd:19:d9:
                    88:82:d1:db:f3:c6:64:f0:d0:ca:f1:67:e8:4c:ce:
                    e7:4d:41:b0:70:17:d7:0b:7e:d0:f5:9c:8f:c9:6b:
                    e4:64:52:86:4b:6c:d9:f5:9e:69:64:c9:7f:3f:ab:
                    e3:87:65:40:d2:8c:08:7f:ba:28:d2:19:fa:72:a7:
                    f5:6d:48:a5:d5:6b:8c:e8:43:fe:6d:45:47:96:00:
                    dc:d4:02:f2:d8:ee:09:a7:03:ec:ad:08:fa:dc:6a:
                    b0:b4:67:af:f6:16:24:28:3c:d5:9c:2d:2c:5e:94:
                    cd:45:26:53:b8:f1:e5:7b:80:cc:98:96:f5:0f:d3:
                    b5:4e:e4:7e:d7:e0:bc:63:f3:65:21:00:50:cd:1b:
                    9e:0d:39:b0:eb:37:ec:df:bc:dd:69:c5:4b:f6:da:
                    ca:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:2E:D3:5E:16:C5:AB:38:F6:45:DF:0A:7C:46:14:09:77:3B:E5:01
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/PC7TXhbFqzj2Rd8KfEYUCXc75QE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.12.0/23
                  193.233.24.0-193.233.29.255
                  193.233.54.0/23
                  193.233.73.0/24
                  193.233.92.0/22
                  193.233.150.0/24
                  193.233.166.0-193.233.169.255
                  193.233.176.0/20
                  193.233.212.0/22
                  193.233.224.0/22
                  193.233.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         89:6b:e8:bd:06:89:c1:a7:eb:cc:32:22:17:c1:21:71:0e:dc:
         c1:98:70:cc:d1:c7:f2:84:fc:13:37:04:90:b3:c0:d8:ef:48:
         a5:76:17:2b:30:69:23:78:a3:5c:0d:5c:f8:3f:aa:c3:75:cd:
         94:ea:6b:2c:06:99:ea:5c:3d:f7:6e:26:5b:54:5a:a6:4c:f6:
         35:57:5c:cf:e0:28:94:45:2d:4b:1f:f8:95:4e:fb:07:96:df:
         3a:8b:48:76:e0:f9:dd:b5:e4:bb:75:4c:a1:64:00:37:e5:2a:
         30:31:ae:60:b4:60:63:d4:c0:85:47:cb:d5:39:93:8d:be:dd:
         4b:04:88:6d:26:ff:05:e4:a9:99:3c:b9:7f:a5:5d:5c:2e:7d:
         79:88:e1:64:64:3a:f3:3c:e7:0d:2c:6e:d3:32:37:e2:6c:56:
         d6:1d:b8:4f:11:dc:4b:42:72:44:9e:dd:a7:53:34:5e:62:07:
         1c:e3:8b:bc:be:ef:a6:ab:68:89:a4:a9:22:a5:4a:38:82:33:
         21:f2:ff:74:b0:e9:87:9d:0d:18:f8:0b:e1:a5:87:04:a4:75:
         df:5b:4f:ff:a8:c5:a9:a3:9e:c9:57:51:18:6c:51:b4:8c:f5:
         07:0b:b4:38:cc:3c:41:25:dd:2d:db:a4:08:12:47:6b:c0:9d:
         e0:1f:20:15
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYdVqkMMdkfWn5H1LPWw6mWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwNDA2MDgyMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzJlZDM1ZTE2YzVhYjM4ZjY0NWRmMGE3YzQ2MTQwOTc3M2JlNTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmY8W4xX/ejrQkREMm/4li7QN6QUl
ms2tI7TSr2vEPq2JnexAjloBZVO/PeGWm1kglEZSQ1yUClEFpdocty/mLSXiN5j+
2AnhbCt8f5hx4FqR4KpsbPwND62HqSz/JQzwmTlZcNT9GdmIgtHb88Zk8NDK8Wfo
TM7nTUGwcBfXC37Q9ZyPyWvkZFKGS2zZ9Z5pZMl/P6vjh2VA0owIf7oo0hn6cqf1
bUil1WuM6EP+bUVHlgDc1ALy2O4JpwPsrQj63GqwtGev9hYkKDzVnC0sXpTNRSZT
uPHle4DMmJb1D9O1TuR+1+C8Y/NlIQBQzRueDTmw6zfs37zdacVL9trK0QIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFDwu014Wxas49kXfCnxGFAl3O+UBMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvUEM3VFhoYkZxemoyUmQ4S2ZFWVVDWGM3NVFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQBwekMMAwD
BAPB6RgDBAHB6RwDBAHB6TYDBADB6UkDBALB6VwDBADB6ZYwDAMEAcHppgMEAcHp
qAMEBMHpsAMEAsHp1AMEAsHp4AMEAsHp8DANBgkqhkiG9w0BAQsFAAOCAQEAiWvo
vQaJwafrzDIiF8EhcQ7cwZhwzNHH8oT8EzcEkLPA2O9IpXYXKzBpI3ijXA1c+D+q
w3XNlOprLAaZ6lw9924mW1Rapkz2NVdcz+AolEUtSx/4lU77B5bfOotIduD53bXk
u3VMoWQAN+UqMDGuYLRgY9TAhUfL1TmTjb7dSwSIbSb/BeSpmTy5f6VdXC59eYjh
ZGQ68zznDSxu0zI34mxW1h24TxHcS0JyRJ7dp1M0XmIHHOOLvL7vpqtoiaSpIqVK
OIIzIfL/dLDph50NGPgL4aWHBKR131tP/6jFqaOeyVdRGGxRtIz1Bwu0OMw8QSXd
LdukCBJHa8Cd4B8gFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org