Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/RNmhBMd-9ZDBAstVWhQrfr3KKVM.roa
File:                     RNmhBMd-9ZDBAstVWhQrfr3KKVM.roa (raw, json)
Hash identifier:          0Az9wGO7hn5jwwGkgTdJzZDZF1lq2/CndIv28ASyDmI=
Subject key identifier:   44:D9:A1:04:C7:7E:F5:90:C1:02:CB:55:5A:14:2B:7E:BD:CA:29:53
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       01877A6747002DD4CBA8AFD7689F3ABC1A6F
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/RNmhBMd-9ZDBAstVWhQrfr3KKVM.roa
Signing time:             Thu 13 Apr 2023 11:36:41 +0000
ROA not before:           Thu 13 Apr 2023 11:36:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203727
IP address blocks:        193.233.255.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7a:67:47:00:2d:d4:cb:a8:af:d7:68:9f:3a:bc:1a:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Apr 13 11:36:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=44d9a104c77ef590c102cb555a142b7ebdca2953
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:70:a6:b4:a7:bf:75:d0:72:53:71:9d:6f:bf:
                    14:3e:fa:48:35:22:97:9f:4f:4e:c6:bd:8f:e8:58:
                    12:5b:7a:0f:f4:b4:75:3e:01:ed:81:48:b7:61:29:
                    2e:d4:85:15:a3:b8:ef:57:39:34:15:bb:ca:90:93:
                    1f:59:e8:b2:50:a1:bf:c0:98:85:95:37:94:52:7f:
                    bf:09:c8:7a:39:bf:fc:a2:c3:e3:d0:ee:db:19:e2:
                    d0:26:43:b0:92:95:91:9b:18:67:89:e5:0b:7e:95:
                    4d:f8:55:93:23:6d:d1:e7:b1:64:67:62:fd:d9:bb:
                    65:eb:6c:cd:7b:7f:d8:3e:fe:5d:ba:a5:5e:ee:8e:
                    1c:f0:73:ee:c7:28:d7:35:3b:b0:40:9c:0b:26:cc:
                    6e:87:8d:93:44:89:33:86:ac:f1:a5:b3:94:33:ad:
                    9e:cf:a5:5b:c1:8d:40:bb:19:3f:bc:20:0e:5b:6d:
                    57:35:2f:11:15:63:72:cc:21:94:25:40:c7:9b:3a:
                    f6:58:59:99:70:e3:5c:71:96:3f:46:18:b9:ac:94:
                    ac:59:7f:05:5a:9e:c7:29:99:9b:fb:68:9a:38:42:
                    e0:41:b4:17:01:d8:db:72:ae:46:70:ac:e9:51:5c:
                    2f:55:dd:90:fa:17:2e:8d:ed:2e:f2:57:f2:3e:7b:
                    81:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:D9:A1:04:C7:7E:F5:90:C1:02:CB:55:5A:14:2B:7E:BD:CA:29:53
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/RNmhBMd-9ZDBAstVWhQrfr3KKVM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:30:f8:bd:21:04:28:92:d0:e3:9f:a6:dd:4f:93:06:d0:6a:
         ba:8a:ff:f7:f4:d6:42:b5:8a:fd:ee:41:95:fd:10:57:3a:4d:
         ee:62:47:00:3f:7f:94:3d:a8:b1:0b:28:3d:ac:1f:ac:22:b5:
         0f:6c:5f:08:09:c5:ba:3d:75:95:15:9d:97:ac:e0:1e:44:7a:
         a5:c4:37:21:ab:7f:d5:ae:52:9a:44:86:5c:9f:15:05:71:a4:
         f9:eb:1e:b3:22:82:7b:77:59:2d:c8:4b:c3:21:ac:90:34:3f:
         d6:e2:8d:53:98:ec:f2:c4:e0:79:e3:99:0d:ca:96:ba:03:5d:
         a3:73:42:3e:1a:6b:3f:d9:3f:fc:26:23:75:d9:f5:c9:49:d1:
         c1:51:7d:97:04:b9:f9:66:ad:fa:3b:da:ee:cd:95:7f:29:11:
         4c:c8:08:60:ba:ae:0e:31:20:bf:e0:e2:71:1f:04:b2:2b:0b:
         4d:d1:d6:e9:1d:26:e4:68:70:27:41:76:84:27:62:69:22:da:
         00:b6:03:58:76:44:10:46:e1:ea:64:1c:8a:6c:17:91:9a:72:
         74:54:46:e8:51:98:8a:e5:03:40:fe:8b:ca:38:3f:25:ac:5f:
         4a:d4:67:87:58:16:6e:f4:99:b5:8a:df:8b:89:26:6b:41:e7:
         7f:91:8c:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd6Z0cALdTLqK/XaJ86vBpvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwNDEzMTEzNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGQ5YTEwNGM3N2VmNTkwYzEwMmNiNTU1YTE0MmI3ZWJkY2EyOTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHCmtKe/ddByU3Gdb78UPvpINSKX
n09Oxr2P6FgSW3oP9LR1PgHtgUi3YSku1IUVo7jvVzk0FbvKkJMfWeiyUKG/wJiF
lTeUUn+/Cch6Ob/8osPj0O7bGeLQJkOwkpWRmxhnieULfpVN+FWTI23R57FkZ2L9
2btl62zNe3/YPv5duqVe7o4c8HPuxyjXNTuwQJwLJsxuh42TRIkzhqzxpbOUM62e
z6VbwY1Auxk/vCAOW21XNS8RFWNyzCGUJUDHmzr2WFmZcONccZY/Rhi5rJSsWX8F
Wp7HKZmb+2iaOELgQbQXAdjbcq5GcKzpUVwvVd2Q+hcuje0u8lfyPnuBFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFETZoQTHfvWQwQLLVVoUK369yilTMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvUk5taEJNZC05WkRCQXN0VldoUXJmcjNLS1ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwen/MA0G
CSqGSIb3DQEBCwUAA4IBAQBIMPi9IQQoktDjn6bdT5MG0Gq6iv/39NZCtYr97kGV
/RBXOk3uYkcAP3+UPaixCyg9rB+sIrUPbF8ICcW6PXWVFZ2XrOAeRHqlxDchq3/V
rlKaRIZcnxUFcaT56x6zIoJ7d1ktyEvDIayQND/W4o1TmOzyxOB545kNypa6A12j
c0I+Gms/2T/8JiN12fXJSdHBUX2XBLn5Zq36O9ruzZV/KRFMyAhguq4OMSC/4OJx
HwSyKwtN0dbpHSbkaHAnQXaEJ2JpItoAtgNYdkQQRuHqZByKbBeRmnJ0VEboUZiK
5QNA/ovKOD8lrF9K1GeHWBZu9Jm1it+LiSZrQed/kYyz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org