Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/n284XyeRn7OUMy-W4AQlBp3bdbY.roa
File:                     n284XyeRn7OUMy-W4AQlBp3bdbY.roa (raw, json)
Hash identifier:          y4xwHoGxIJI8GyJQOagXuwbPOmavvCkVJdvFNjlCO6c=
Subject key identifier:   9F:6F:38:5F:27:91:9F:B3:94:33:2F:96:E0:04:25:06:9D:DB:75:B6
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       018C219F1012CEEF17A4B6362DAB97C64D90
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/n284XyeRn7OUMy-W4AQlBp3bdbY.roa
Signing time:             Thu 30 Nov 2023 19:05:21 +0000
ROA not before:           Thu 30 Nov 2023 19:05:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202423
IP address blocks:        193.233.31.0/24 maxlen: 24
                          193.233.149.0/24 maxlen: 24
                          193.233.174.0/24 maxlen: 24
                          193.233.72.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:21:9f:10:12:ce:ef:17:a4:b6:36:2d:ab:97:c6:4d:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Nov 30 19:05:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9f6f385f27919fb394332f96e00425069ddb75b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:ee:7b:fa:dd:38:4c:57:0b:74:7b:00:2f:f8:
                    13:dc:1f:e4:9e:02:ce:6c:3a:c0:8b:32:01:ef:5f:
                    e1:08:42:f4:5c:19:89:a0:45:ce:ef:cb:66:45:ff:
                    93:69:a0:bb:2d:ea:3b:33:0a:d0:7f:63:50:08:86:
                    d1:f6:86:fe:4b:6e:02:76:7b:b3:1b:13:7b:16:45:
                    43:e6:fc:b5:03:f4:9a:d4:4d:bc:3b:e1:c2:0a:ea:
                    45:1c:34:fa:13:b8:61:be:ba:2f:dd:a8:00:39:b5:
                    4d:61:6a:d1:8b:e9:ad:02:34:b7:89:ce:cd:14:73:
                    bb:ce:ed:eb:ac:8e:40:fb:74:c1:14:8a:cb:77:ab:
                    6e:3d:46:14:e8:96:52:10:f9:78:68:c9:51:84:00:
                    51:c5:d5:fa:bf:41:45:c6:9f:06:10:07:0e:e6:92:
                    ba:b3:31:56:fc:e0:0f:dd:dd:71:13:4c:7a:10:ac:
                    48:7d:d0:56:f2:1b:7f:95:fc:3d:83:fc:84:68:11:
                    62:d3:a0:39:40:c7:19:e9:87:1d:2b:d1:b7:93:28:
                    db:8e:9d:19:f8:7e:65:68:1b:1f:1f:44:5d:ee:a0:
                    93:28:c7:44:a4:d9:80:90:b0:bc:a8:d5:86:ff:f6:
                    37:f3:9d:52:41:19:4d:e1:6a:9f:39:f4:27:57:57:
                    76:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:6F:38:5F:27:91:9F:B3:94:33:2F:96:E0:04:25:06:9D:DB:75:B6
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/n284XyeRn7OUMy-W4AQlBp3bdbY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.31.0/24
                  193.233.72.0/24
                  193.233.149.0/24
                  193.233.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:29:85:4d:c2:65:83:53:2b:94:b9:ee:8e:33:46:9a:c1:24:
         ca:d0:bc:0e:4a:64:c2:50:eb:fd:35:a9:67:bb:23:67:50:76:
         10:d6:1a:03:b5:b3:84:d9:1e:46:7d:af:ea:60:34:45:4b:f8:
         30:64:f1:da:5c:1e:f2:b8:16:80:40:c0:12:97:ce:18:7a:20:
         e9:8d:b1:91:5e:20:32:cd:ef:da:21:75:80:14:42:eb:1f:d5:
         be:5d:00:4a:d2:6e:ae:fc:13:16:e9:fe:db:ae:d3:66:e5:b5:
         26:65:75:e5:fe:01:17:7d:13:77:a6:3f:0b:ff:d9:36:35:c9:
         ef:2c:88:e3:24:17:c5:37:e4:b5:e9:1d:89:d5:5a:a0:4d:99:
         8e:b8:8e:6f:ba:24:2b:b1:1e:bc:83:01:d5:b5:39:e9:e1:c2:
         3e:ae:34:bf:53:93:14:5c:73:31:17:0c:75:fa:4a:c2:44:c4:
         dc:75:67:9a:4a:c8:be:c1:66:79:48:45:2d:7a:bc:78:27:f3:
         48:09:aa:75:f6:f3:96:bd:cf:10:19:98:ea:c3:6d:30:d7:c4:
         70:42:13:73:ce:1a:df:35:7c:fb:21:ff:06:15:95:3f:a8:6c:
         ff:83:c8:7b:67:58:ed:c1:ce:dd:0f:1e:8e:fb:83:60:9d:8e:
         75:e5:68:4f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYwhnxASzu8XpLY2LauXxk2QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMxMTMwMTkwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjZmMzg1ZjI3OTE5ZmIzOTQzMzJmOTZlMDA0MjUwNjlkZGI3NWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAie57+t04TFcLdHsAL/gT3B/kngLO
bDrAizIB71/hCEL0XBmJoEXO78tmRf+TaaC7Leo7MwrQf2NQCIbR9ob+S24Cdnuz
GxN7FkVD5vy1A/Sa1E28O+HCCupFHDT6E7hhvrov3agAObVNYWrRi+mtAjS3ic7N
FHO7zu3rrI5A+3TBFIrLd6tuPUYU6JZSEPl4aMlRhABRxdX6v0FFxp8GEAcO5pK6
szFW/OAP3d1xE0x6EKxIfdBW8ht/lfw9g/yEaBFi06A5QMcZ6YcdK9G3kyjbjp0Z
+H5laBsfH0Rd7qCTKMdEpNmAkLC8qNWG//Y3851SQRlN4WqfOfQnV1d2RQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ9vOF8nkZ+zlDMvluAEJQad23W2MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvbjI4NFh5ZVJuN09VTXktVzRBUWxCcDNiZGJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwekfAwQA
welIAwQAwemVAwQAwemuMA0GCSqGSIb3DQEBCwUAA4IBAQB7KYVNwmWDUyuUue6O
M0aawSTK0LwOSmTCUOv9NalnuyNnUHYQ1hoDtbOE2R5Gfa/qYDRFS/gwZPHaXB7y
uBaAQMASl84YeiDpjbGRXiAyze/aIXWAFELrH9W+XQBK0m6u/BMW6f7brtNm5bUm
ZXXl/gEXfRN3pj8L/9k2NcnvLIjjJBfFN+S16R2J1VqgTZmOuI5vuiQrsR68gwHV
tTnp4cI+rjS/U5MUXHMxFwx1+krCRMTcdWeaSsi+wWZ5SEUterx4J/NICap19vOW
vc8QGZjqw20w18RwQhNzzhrfNXz7If8GFZU/qGz/g8h7Z1jtwc7dDx6O+4NgnY51
5WhP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org