Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/QhIBhtM_VaLe6ItcKgFFOmMOrWo.roa
File:                     QhIBhtM_VaLe6ItcKgFFOmMOrWo.roa (raw, json)
Hash identifier:          p5jkD5y1oxU0h28nHg5v948AACBASLGSLhJw0d76UL0=
Subject key identifier:   42:12:01:86:D3:3F:55:A2:DE:E8:8B:5C:2A:01:45:3A:63:0E:AD:6A
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       018CC79528243D21B8E4D7458D7EB159551C
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/QhIBhtM_VaLe6ItcKgFFOmMOrWo.roa
Signing time:             Tue 02 Jan 2024 00:31:30 +0000
ROA not before:           Tue 02 Jan 2024 00:31:30 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     47418
IP address blocks:        193.233.235.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Apr 2024 10:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:28:24:3d:21:b8:e4:d7:45:8d:7e:b1:59:55:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Jan  2 00:31:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=42120186d33f55a2dee88b5c2a01453a630ead6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:7b:ad:00:26:54:f9:6c:4c:79:92:14:3b:02:
                    24:a8:17:ee:fa:3c:32:db:9a:fe:37:28:96:24:a7:
                    55:5a:9b:70:dd:36:39:56:31:d0:7d:ef:54:8d:18:
                    bc:9e:d8:f7:70:66:69:fe:67:b9:89:3e:83:2e:1a:
                    4c:fe:c8:dc:6b:fc:9e:e6:f6:60:c1:68:1e:27:d7:
                    e0:cd:3a:08:56:9a:e0:fa:f4:9f:d1:1f:e6:94:83:
                    8a:65:0e:51:5b:21:d9:6b:eb:72:0d:e2:e2:7b:21:
                    2c:7d:3a:e8:00:07:98:80:69:98:d4:70:02:95:e0:
                    e1:ab:a6:bd:b0:43:ad:c7:2b:97:bb:9e:56:83:bd:
                    a4:c6:c4:77:52:f6:ae:4a:98:dd:a7:52:fe:be:ee:
                    77:09:86:db:ed:22:d3:79:53:5b:7f:8d:f4:de:43:
                    24:d0:8a:ad:f1:41:74:7e:44:58:43:54:02:43:27:
                    a0:c9:96:d7:f3:6a:f4:ef:79:6c:1e:ec:16:ee:3a:
                    1f:6a:d4:7d:45:25:4a:8d:a3:91:b7:89:9f:d3:32:
                    b0:49:7d:77:e7:04:8a:4e:53:17:c7:95:17:2d:41:
                    0e:95:19:ab:49:41:c3:98:15:5b:f9:fa:a5:37:14:
                    ae:7c:b9:ad:7c:dc:b6:0f:8b:e8:d3:04:29:0b:6a:
                    a0:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:12:01:86:D3:3F:55:A2:DE:E8:8B:5C:2A:01:45:3A:63:0E:AD:6A
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/QhIBhtM_VaLe6ItcKgFFOmMOrWo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:29:84:39:4a:e0:1a:d3:6f:1a:7b:5b:23:c7:5c:aa:f4:2b:
         fa:7a:68:86:10:ef:4e:c7:bf:de:d0:8d:d8:ce:4c:bd:3c:1d:
         68:c6:fe:7c:8a:b0:4e:c8:ee:f8:d3:67:a4:40:9e:43:cf:77:
         9f:1e:ec:ee:0c:62:03:93:25:e3:45:92:4b:ab:be:99:99:f5:
         9c:52:bc:47:87:21:82:ce:fe:a9:58:66:55:b9:09:b0:a9:d2:
         dc:be:fe:db:1d:ce:10:9e:b5:0c:37:a8:4d:6b:45:d5:89:21:
         df:7d:cf:0a:a4:5a:3b:a9:93:a6:32:f9:ad:01:a6:e8:83:41:
         d4:f4:7c:95:45:aa:c1:da:44:4e:0a:12:14:f8:43:4f:4f:d9:
         c3:61:67:fe:67:05:93:a6:52:93:c4:0b:76:15:29:3f:91:b4:
         b7:42:49:05:06:d8:c1:ac:a2:9a:6a:77:c3:3a:89:81:50:b1:
         b9:2e:21:dd:f2:de:4b:18:71:c3:6e:08:6f:1f:a9:ba:e1:eb:
         cb:92:2a:c1:75:d1:d8:b9:e4:08:3a:0c:05:ca:42:c7:6b:df:
         30:30:a9:40:08:a7:d9:47:a8:b2:e9:06:d7:b3:43:02:a9:62:
         b8:c2:ac:0e:83:91:52:3e:3e:c2:9e:4d:d9:c1:30:d0:22:3f:
         ba:2e:4d:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlSgkPSG45NdFjX6xWVUcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAyMDAzMTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjEyMDE4NmQzM2Y1NWEyZGVlODhiNWMyYTAxNDUzYTYzMGVhZDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHutACZU+WxMeZIUOwIkqBfu+jwy
25r+NyiWJKdVWptw3TY5VjHQfe9UjRi8ntj3cGZp/me5iT6DLhpM/sjca/ye5vZg
wWgeJ9fgzToIVprg+vSf0R/mlIOKZQ5RWyHZa+tyDeLieyEsfTroAAeYgGmY1HAC
leDhq6a9sEOtxyuXu55Wg72kxsR3UvauSpjdp1L+vu53CYbb7SLTeVNbf4303kMk
0Iqt8UF0fkRYQ1QCQyegyZbX82r073lsHuwW7jofatR9RSVKjaORt4mf0zKwSX13
5wSKTlMXx5UXLUEOlRmrSUHDmBVb+fqlNxSufLmtfNy2D4vo0wQpC2qgBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEISAYbTP1Wi3uiLXCoBRTpjDq1qMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvUWhJQmh0TV9WYUxlNkl0Y0tnRkZPbU1PcldvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwenrMA0G
CSqGSIb3DQEBCwUAA4IBAQCBKYQ5SuAa028ae1sjx1yq9Cv6emiGEO9Ox7/e0I3Y
zky9PB1oxv58irBOyO7402ekQJ5Dz3efHuzuDGIDkyXjRZJLq76ZmfWcUrxHhyGC
zv6pWGZVuQmwqdLcvv7bHc4QnrUMN6hNa0XViSHffc8KpFo7qZOmMvmtAabog0HU
9HyVRarB2kROChIU+ENPT9nDYWf+ZwWTplKTxAt2FSk/kbS3QkkFBtjBrKKaanfD
OomBULG5LiHd8t5LGHHDbghvH6m64evLkirBddHYueQIOgwFykLHa98wMKlACKfZ
R6iy6QbXs0MCqWK4wqwOg5FSPj7Cnk3ZwTDQIj+6Lk1t
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org