Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/dRyTeTZbxZHAQHbo9N_yvrn6i7g.roa
File:                     dRyTeTZbxZHAQHbo9N_yvrn6i7g.roa (raw, json)
Hash identifier:          G9HLhGB6v72o3D9RBgeoDWGMKraNXmLa5wZTxbFJW1c=
Subject key identifier:   75:1C:93:79:36:5B:C5:91:C0:40:76:E8:F4:DF:F2:BE:B9:FA:8B:B8
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       018703FA74676FE2E0AFD1FF1DE97AB4D707
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/dRyTeTZbxZHAQHbo9N_yvrn6i7g.roa
Signing time:             Tue 21 Mar 2023 11:42:38 +0000
ROA not before:           Tue 21 Mar 2023 11:42:38 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56340
IP address blocks:        193.233.96.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:03:fa:74:67:6f:e2:e0:af:d1:ff:1d:e9:7a:b4:d7:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Mar 21 11:42:38 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=751c9379365bc591c04076e8f4dff2beb9fa8bb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:b2:6c:1b:d5:f7:0e:73:b8:15:1f:88:59:db:
                    c3:b6:c6:5c:dc:38:44:4b:3b:8b:22:6d:9e:0b:92:
                    69:e6:2b:f3:fe:08:b2:a3:ff:e7:f5:6a:60:2e:88:
                    41:7e:cd:bc:fb:f2:ab:b1:0b:b5:6c:80:98:77:62:
                    3f:72:91:70:66:8f:85:4f:c1:1d:8a:8c:0d:ef:4a:
                    19:68:a2:06:c2:34:c9:4b:62:61:50:27:58:14:1d:
                    83:2b:f7:43:2c:f7:57:67:4e:0e:a6:09:2a:24:33:
                    27:93:b6:18:b4:50:73:f2:4c:f6:1d:09:25:83:3a:
                    4c:66:d1:dd:31:e8:4b:51:67:7c:82:c9:f5:1f:06:
                    f3:13:13:2c:12:df:42:f0:26:a7:32:90:7a:ea:76:
                    03:16:4a:65:9f:bd:2b:23:63:30:b3:19:85:0f:fc:
                    30:e8:b6:84:15:3b:0a:9e:78:ae:01:c8:1d:37:49:
                    06:82:83:ec:51:3b:de:76:83:62:bd:e9:5a:3d:92:
                    b6:6f:f8:30:95:31:3b:d6:4f:8d:69:c6:9f:cd:5d:
                    26:a7:a5:84:7c:cd:a3:09:e5:74:93:8f:80:93:fe:
                    65:c9:80:c1:19:c4:a9:d9:c1:58:6c:86:83:9b:63:
                    97:16:11:34:db:89:fc:aa:57:6a:79:83:b1:ef:02:
                    cf:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:1C:93:79:36:5B:C5:91:C0:40:76:E8:F4:DF:F2:BE:B9:FA:8B:B8
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/dRyTeTZbxZHAQHbo9N_yvrn6i7g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9d:2a:47:d4:75:5c:53:dd:1e:19:21:16:35:54:96:14:e1:b6:
         a7:30:de:b9:e2:1b:a2:3e:b8:9b:e5:1f:7c:cf:7f:08:76:3a:
         30:f4:24:c1:f6:a3:63:b5:e1:65:19:1e:aa:90:28:a4:c0:a6:
         7f:5f:0b:04:50:0e:b1:7d:70:0e:2f:94:1d:07:55:55:4c:c7:
         b5:a6:ee:49:f0:d2:58:d1:c2:ca:27:3f:a9:29:9a:be:c3:ae:
         69:66:da:2f:78:27:24:2f:40:f2:fd:15:cd:c2:68:e7:d0:5b:
         24:aa:0f:e2:b7:52:71:87:d3:22:02:ac:6d:ab:48:9c:1c:4f:
         fe:de:ae:c4:fa:eb:59:3b:93:9f:04:cf:c9:4b:a8:62:64:f3:
         cb:9a:4c:05:7e:f7:77:ed:6b:8d:e9:19:6e:de:7e:c4:dd:71:
         50:19:eb:8a:3a:08:01:44:85:d7:82:40:51:a4:ea:8c:c7:27:
         26:b2:50:a3:2c:24:59:82:bb:76:b3:54:e2:eb:df:77:8c:18:
         03:d7:13:53:72:95:c3:b2:4a:b8:ae:d6:7d:54:41:22:92:07:
         d8:13:57:26:2b:f5:b8:de:8c:77:f5:69:e3:1a:76:2a:3f:48:
         be:ef:13:31:67:98:fe:b8:4e:9c:1c:43:62:a5:63:d6:b0:e5:
         af:a4:16:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcD+nRnb+Lgr9H/Hel6tNcHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMzIxMTE0MjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTFjOTM3OTM2NWJjNTkxYzA0MDc2ZThmNGRmZjJiZWI5ZmE4YmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrJsG9X3DnO4FR+IWdvDtsZc3DhE
SzuLIm2eC5Jp5ivz/giyo//n9WpgLohBfs28+/KrsQu1bICYd2I/cpFwZo+FT8Ed
iowN70oZaKIGwjTJS2JhUCdYFB2DK/dDLPdXZ04OpgkqJDMnk7YYtFBz8kz2HQkl
gzpMZtHdMehLUWd8gsn1HwbzExMsEt9C8CanMpB66nYDFkpln70rI2MwsxmFD/ww
6LaEFTsKnniuAcgdN0kGgoPsUTvedoNivelaPZK2b/gwlTE71k+NacafzV0mp6WE
fM2jCeV0k4+Ak/5lyYDBGcSp2cFYbIaDm2OXFhE024n8qldqeYOx7wLP0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHUck3k2W8WRwEB26PTf8r65+ou4MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvZFJ5VGVUWmJ4WkhBUUhibzlOX3l2cm42aTdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwelgMA0G
CSqGSIb3DQEBCwUAA4IBAQCdKkfUdVxT3R4ZIRY1VJYU4banMN654huiPrib5R98
z38Idjow9CTB9qNjteFlGR6qkCikwKZ/XwsEUA6xfXAOL5QdB1VVTMe1pu5J8NJY
0cLKJz+pKZq+w65pZtoveCckL0Dy/RXNwmjn0Fskqg/it1Jxh9MiAqxtq0icHE/+
3q7E+utZO5OfBM/JS6hiZPPLmkwFfvd37WuN6Rlu3n7E3XFQGeuKOggBRIXXgkBR
pOqMxycmslCjLCRZgrt2s1Ti6993jBgD1xNTcpXDskq4rtZ9VEEikgfYE1cmK/W4
3ox39WnjGnYqP0i+7xMxZ5j+uE6cHENipWPWsOWvpBaR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org