Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/bRCmdbv5DJ2yDEVoTnBvJbweX8w.roa
File:                     bRCmdbv5DJ2yDEVoTnBvJbweX8w.roa (raw, json)
Hash identifier:          eAhAuMGHpCxJa8oFl6Za4nNDToObtKtD9wC9J4XRycs=
Subject key identifier:   6D:10:A6:75:BB:F9:0C:9D:B2:0C:45:68:4E:70:6F:25:BC:1E:5F:CC
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       018CC7952F45A713EE569A3F76B9FF84F4B5
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/bRCmdbv5DJ2yDEVoTnBvJbweX8w.roa
Signing time:             Tue 02 Jan 2024 00:31:32 +0000
ROA not before:           Tue 02 Jan 2024 00:31:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200195
IP address blocks:        193.233.135.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 05 Apr 2024 12:11:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:2f:45:a7:13:ee:56:9a:3f:76:b9:ff:84:f4:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Jan  2 00:31:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6d10a675bbf90c9db20c45684e706f25bc1e5fcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:5e:7c:d2:29:11:47:39:7a:21:09:e2:bf:b9:
                    e1:5e:98:27:e2:22:e3:2d:cc:a5:af:d5:fd:91:cd:
                    c3:3e:83:34:30:71:5f:52:13:d5:06:c8:ff:26:2b:
                    c0:a0:3a:a1:3a:0e:5e:40:4b:4c:79:f5:57:48:7f:
                    87:ee:f0:59:94:11:9b:83:44:4a:de:b7:f8:36:c3:
                    77:12:ce:4c:a7:c8:6e:28:24:96:71:54:c7:ee:33:
                    10:0f:29:b2:c6:f3:ab:61:35:0f:f8:0f:a2:8d:6d:
                    10:32:ed:37:4c:69:97:d4:d9:a4:15:86:6d:4d:ea:
                    78:f2:6a:75:83:2c:c3:10:97:05:ce:bb:57:cd:75:
                    95:09:f9:03:53:f2:22:db:50:e4:9c:94:d7:2b:3e:
                    b9:11:1d:86:ba:32:41:7a:ea:f7:d5:46:a9:48:f3:
                    11:f0:24:bb:2d:f8:32:b1:d4:9c:20:e8:47:23:14:
                    dc:88:00:97:d7:71:94:c7:ee:df:4e:c1:4e:61:7e:
                    d1:6d:55:b8:65:df:76:8a:c3:1f:81:2f:ba:a4:08:
                    7c:b5:f3:30:5a:f5:21:af:aa:c4:9b:5c:ae:c6:f4:
                    d2:bd:eb:99:b1:cc:45:db:9e:06:46:a7:46:6d:b5:
                    a3:bc:07:bd:7e:6e:b6:7b:c7:22:ca:3e:bb:38:49:
                    2a:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:10:A6:75:BB:F9:0C:9D:B2:0C:45:68:4E:70:6F:25:BC:1E:5F:CC
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/bRCmdbv5DJ2yDEVoTnBvJbweX8w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:c0:94:57:57:34:20:76:3e:57:20:8a:f1:94:8a:1a:b5:04:
         5e:a1:b8:58:6f:01:3c:e5:a9:7a:53:c9:b6:8d:f2:21:c7:53:
         79:1d:5d:a3:ec:9c:d8:4e:e2:55:84:96:dc:64:12:cd:13:44:
         ab:0b:74:89:7c:f0:ed:5e:0e:60:52:70:f0:37:33:08:30:fa:
         4b:36:66:c1:ea:26:87:4e:da:da:e9:83:1e:4e:42:bf:ac:53:
         12:e8:94:2a:df:be:14:b9:be:06:8c:71:c9:95:d6:99:00:85:
         7a:48:b7:e0:ea:8e:fe:83:54:b9:39:07:2c:81:07:72:fa:f1:
         51:99:76:eb:d0:33:a7:ad:76:8c:f5:a8:8c:6c:e3:33:8c:91:
         f5:1f:1b:d9:03:58:ec:ee:c0:0a:0d:c8:27:84:21:99:77:19:
         38:b0:be:80:4e:5c:92:2a:95:2a:b9:ab:33:c2:8d:51:ee:77:
         fa:4d:88:4f:bc:d8:6f:37:08:be:fe:b7:9d:9c:57:41:c6:7f:
         6e:5d:13:fd:ef:a7:91:44:2e:f5:1e:b2:7b:c9:7c:d7:ff:51:
         fd:7f:23:26:72:b7:bc:cf:f0:6d:b0:f4:bd:c3:34:4a:1e:ce:
         37:33:50:a1:c3:a5:83:52:73:9a:e3:fe:e7:c7:05:28:30:4e:
         63:0e:61:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlS9FpxPuVpo/drn/hPS1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAyMDAzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDEwYTY3NWJiZjkwYzlkYjIwYzQ1Njg0ZTcwNmYyNWJjMWU1ZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1580ikRRzl6IQniv7nhXpgn4iLj
Lcylr9X9kc3DPoM0MHFfUhPVBsj/JivAoDqhOg5eQEtMefVXSH+H7vBZlBGbg0RK
3rf4NsN3Es5Mp8huKCSWcVTH7jMQDymyxvOrYTUP+A+ijW0QMu03TGmX1NmkFYZt
Tep48mp1gyzDEJcFzrtXzXWVCfkDU/Ii21DknJTXKz65ER2GujJBeur31UapSPMR
8CS7LfgysdScIOhHIxTciACX13GUx+7fTsFOYX7RbVW4Zd92isMfgS+6pAh8tfMw
WvUhr6rEm1yuxvTSveuZscxF254GRqdGbbWjvAe9fm62e8ciyj67OEkqxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG0QpnW7+QydsgxFaE5wbyW8Hl/MMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvYlJDbWRidjVESjJ5REVWb1RuQnZKYndlWDh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwemHMA0G
CSqGSIb3DQEBCwUAA4IBAQAdwJRXVzQgdj5XIIrxlIoatQReobhYbwE85al6U8m2
jfIhx1N5HV2j7JzYTuJVhJbcZBLNE0SrC3SJfPDtXg5gUnDwNzMIMPpLNmbB6iaH
Ttra6YMeTkK/rFMS6JQq374Uub4GjHHJldaZAIV6SLfg6o7+g1S5OQcsgQdy+vFR
mXbr0DOnrXaM9aiMbOMzjJH1HxvZA1js7sAKDcgnhCGZdxk4sL6ATlySKpUquasz
wo1R7nf6TYhPvNhvNwi+/rednFdBxn9uXRP976eRRC71HrJ7yXzX/1H9fyMmcre8
z/BtsPS9wzRKHs43M1Chw6WDUnOa4/7nxwUoME5jDmHN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org