Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/l86nFdOQzxGPcWFzQsRASR_Bnuc.roa
File:                     l86nFdOQzxGPcWFzQsRASR_Bnuc.roa (raw, json)
Hash identifier:          lC/91UDdupKnP8wVPYNo487D3bmTPfNk41MIJiz+6rQ=
Subject key identifier:   97:CE:A7:15:D3:90:CF:11:8F:71:61:73:42:C4:40:49:1F:C1:9E:E7
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       01856F26E8A19D5A8CC42B124000DA53EC3A
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/l86nFdOQzxGPcWFzQsRASR_Bnuc.roa
Signing time:             Sun 01 Jan 2023 21:04:58 +0000
ROA not before:           Sun 01 Jan 2023 21:04:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51659
IP address blocks:        193.233.16.0/24 maxlen: 24
                          193.233.19.0/24 maxlen: 24
                          193.233.84.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Fri 17 Mar 2023 14:52:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:26:e8:a1:9d:5a:8c:c4:2b:12:40:00:da:53:ec:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Jan  1 21:04:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=97cea715d390cf118f71617342c440491fc19ee7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:1e:2d:c8:88:4d:9d:e9:df:88:55:07:8e:c2:
                    dd:3b:91:00:56:10:36:ab:22:0a:d5:6a:cb:ea:27:
                    eb:77:50:8a:c1:29:f4:77:d7:92:be:a1:4b:a3:4b:
                    69:6f:fa:88:97:ae:4c:f4:f4:43:87:b0:e6:ba:cb:
                    a9:7b:22:44:1c:fc:4e:c8:ed:7a:17:d8:ab:6d:6d:
                    f5:7d:4a:a1:fd:56:86:5c:1d:11:a0:8e:29:9b:12:
                    9e:17:36:4a:ab:c0:f4:1c:47:ca:45:92:7e:46:79:
                    7e:18:03:77:99:e0:55:9d:38:e0:95:26:8e:a0:57:
                    60:d6:30:e7:d9:0b:c1:c4:5a:0e:54:10:18:76:05:
                    04:4f:dc:d6:ca:f8:67:e1:c3:99:a5:09:1e:1a:3f:
                    0f:04:72:04:d1:55:94:9b:72:cc:fb:35:97:29:10:
                    6e:17:d5:ac:e3:35:76:bf:c1:85:6d:de:b4:a4:2a:
                    17:a9:4f:61:9b:12:04:ca:bc:27:1a:91:71:46:34:
                    da:1d:fa:84:9e:24:62:42:12:e3:b3:93:91:84:70:
                    8a:e9:f8:f1:e1:30:d5:9c:61:d0:d5:35:25:ad:f2:
                    f7:41:75:c0:b3:31:0c:ab:45:a2:9c:54:9a:37:68:
                    b9:4c:46:5c:c8:98:8a:06:5e:69:7d:36:d3:b7:35:
                    4c:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:CE:A7:15:D3:90:CF:11:8F:71:61:73:42:C4:40:49:1F:C1:9E:E7
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/l86nFdOQzxGPcWFzQsRASR_Bnuc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.16.0/24
                  193.233.19.0/24
                  193.233.84.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6d:44:03:d2:c5:69:80:cf:8e:a0:bd:6a:63:60:56:e5:66:c0:
         ae:e5:12:63:8d:7c:56:f3:3b:d1:41:56:b1:b2:9e:32:13:f0:
         a2:1d:86:1c:52:d6:aa:67:68:b6:7e:67:b1:ab:c1:c9:f5:d2:
         49:9b:57:f2:72:05:c3:6d:c5:16:76:d3:7a:eb:ba:ef:a5:3f:
         98:d0:5c:45:28:ef:4a:53:e8:e7:74:5a:fb:ff:78:cc:ca:37:
         82:af:86:88:9a:27:59:75:85:2e:55:36:6d:c2:b1:61:53:0c:
         94:ea:f7:3e:33:01:76:e1:fc:c8:57:a8:f6:21:01:7e:d8:a0:
         44:22:1a:52:b2:af:09:47:08:08:cc:3c:b8:d9:7d:f2:5e:a4:
         a6:3d:48:80:87:98:ab:d6:de:39:70:15:53:1a:1e:1f:df:21:
         ad:73:02:2b:0f:5a:cc:50:a6:d6:6c:6c:e1:3c:c0:ba:5e:1b:
         e0:34:5d:27:c5:f1:7e:bb:3d:f5:7a:93:d5:e1:0c:24:46:b7:
         71:dd:1c:a8:15:0b:ec:f3:89:d7:aa:d9:5c:64:d6:64:0c:94:
         b6:3c:2f:90:26:16:57:73:3b:fd:b5:a4:3c:23:c8:7e:76:dc:
         62:2c:5e:5f:f3:24:89:88:85:00:29:04:f4:a0:20:94:b5:dd:
         7b:a9:42:02
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvJuihnVqMxCsSQADaU+w6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTAxMjEwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2NlYTcxNWQzOTBjZjExOGY3MTYxNzM0MmM0NDA0OTFmYzE5ZWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjR4tyIhNnenfiFUHjsLdO5EAVhA2
qyIK1WrL6ifrd1CKwSn0d9eSvqFLo0tpb/qIl65M9PRDh7DmusupeyJEHPxOyO16
F9irbW31fUqh/VaGXB0RoI4pmxKeFzZKq8D0HEfKRZJ+Rnl+GAN3meBVnTjglSaO
oFdg1jDn2QvBxFoOVBAYdgUET9zWyvhn4cOZpQkeGj8PBHIE0VWUm3LM+zWXKRBu
F9Ws4zV2v8GFbd60pCoXqU9hmxIEyrwnGpFxRjTaHfqEniRiQhLjs5ORhHCK6fjx
4TDVnGHQ1TUlrfL3QXXAszEMq0WinFSaN2i5TEZcyJiKBl5pfTbTtzVMAQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJfOpxXTkM8Rj3Fhc0LEQEkfwZ7nMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvbDg2bkZkT1F6eEdQY1dGelFzUkFTUl9CbnVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwekQAwQA
wekTAwQCwelUMA0GCSqGSIb3DQEBCwUAA4IBAQBtRAPSxWmAz46gvWpjYFblZsCu
5RJjjXxW8zvRQVaxsp4yE/CiHYYcUtaqZ2i2fmexq8HJ9dJJm1fycgXDbcUWdtN6
67rvpT+Y0FxFKO9KU+jndFr7/3jMyjeCr4aImidZdYUuVTZtwrFhUwyU6vc+MwF2
4fzIV6j2IQF+2KBEIhpSsq8JRwgIzDy42X3yXqSmPUiAh5ir1t45cBVTGh4f3yGt
cwIrD1rMUKbWbGzhPMC6XhvgNF0nxfF+uz31epPV4QwkRrdx3RyoFQvs84nXqtlc
ZNZkDJS2PC+QJhZXczv9taQ8I8h+dtxiLF5f8ySJiIUAKQT0oCCUtd17qUIC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org