Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/oiobG6wDSe9CMdw4QrDEPgKREJM.roa
File:                     oiobG6wDSe9CMdw4QrDEPgKREJM.roa (raw, json)
Hash identifier:          ICpD2EWJnJa+hrWEuXZUz+v50TekZ4JSXstN8IX17XE=
Subject key identifier:   A2:2A:1B:1B:AC:03:49:EF:42:31:DC:38:42:B0:C4:3E:02:91:10:93
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       01856F26E53870905789FBA9845323831AD8
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/oiobG6wDSe9CMdw4QrDEPgKREJM.roa
Signing time:             Sun 01 Jan 2023 21:04:57 +0000
ROA not before:           Sun 01 Jan 2023 21:04:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48430
IP address blocks:        193.233.47.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:26:e5:38:70:90:57:89:fb:a9:84:53:23:83:1a:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Jan  1 21:04:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a22a1b1bac0349ef4231dc3842b0c43e02911093
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:cf:e0:eb:b8:d2:44:85:16:aa:b9:9d:c4:69:
                    1b:6a:5c:97:3c:f0:2b:78:34:55:87:93:da:20:e9:
                    c9:e6:13:30:a6:21:f0:d4:76:de:68:e1:4f:5c:5c:
                    b1:e9:8b:b3:4b:2f:5b:79:69:9d:34:36:fc:d8:6a:
                    30:79:cd:7e:0e:6f:81:3f:96:62:72:c7:9b:38:06:
                    97:7a:d0:9f:2f:3e:34:da:a8:d3:d6:61:02:70:6c:
                    d9:80:88:71:ab:c2:4b:1d:31:36:57:20:ab:0d:f7:
                    b5:f1:36:4f:ed:b3:e7:f4:cf:35:50:a0:9d:9a:14:
                    80:b1:8a:8c:ab:a6:e0:82:4e:64:9b:38:ca:88:ee:
                    8a:3b:93:b2:c7:69:af:4c:7c:21:23:c5:aa:8e:b8:
                    e6:5b:b4:15:2c:d5:fc:7b:85:6e:8c:1c:21:5f:5f:
                    8f:4e:52:be:62:f8:a5:a5:c0:a6:92:b0:80:f6:71:
                    1f:a3:a2:18:6f:c5:72:41:9f:b0:c0:31:e3:b8:b4:
                    51:2a:81:b2:fc:e5:18:bb:2d:db:a1:77:59:55:bc:
                    95:80:92:78:eb:fb:ae:cc:93:a3:e8:67:ad:53:36:
                    c2:31:bc:ed:25:58:c6:b4:84:05:5f:9b:a0:0b:04:
                    00:b6:da:3d:ac:eb:6a:ea:27:ce:9f:d9:46:94:85:
                    44:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:2A:1B:1B:AC:03:49:EF:42:31:DC:38:42:B0:C4:3E:02:91:10:93
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/oiobG6wDSe9CMdw4QrDEPgKREJM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:59:26:3a:aa:93:9a:bb:b8:34:22:1b:ad:4a:ac:dc:e2:50:
         2d:54:9f:0f:e1:5e:0b:57:4e:be:36:5f:c1:cf:dd:a5:5e:84:
         2b:4e:cf:78:21:58:98:0d:74:f9:4e:d9:3b:52:81:e3:c3:1c:
         b1:c9:1f:5d:14:0d:f1:0a:07:58:5c:66:45:0d:25:9b:46:a2:
         6f:a5:5c:bd:2e:ef:69:7f:e2:7a:aa:88:b8:d6:ba:3d:fd:13:
         e6:09:96:9e:1c:52:23:b0:ba:0e:a2:6c:67:ae:02:18:15:ab:
         5f:75:42:c3:66:a4:52:0f:4a:99:93:4b:aa:4a:8e:bf:7b:3a:
         33:48:8e:9e:95:ca:7a:f7:c3:8a:2a:04:22:01:8e:c4:39:07:
         79:a9:39:de:23:72:c2:f3:d8:3d:87:fe:f1:9a:06:b0:e2:3a:
         3b:42:7f:fc:aa:68:4e:0d:9a:d8:e5:f6:c6:c5:9f:af:58:ea:
         65:df:00:59:c0:a7:76:5a:b3:5d:b0:6c:48:85:00:98:6a:48:
         12:dc:22:f6:d1:17:9e:98:ef:88:2f:0e:af:e5:cb:89:75:49:
         e4:dc:f4:45:0c:bb:74:9e:d6:12:a0:1d:1e:07:d0:a1:aa:9f:
         e5:d3:b8:e9:36:f5:8e:a1:1c:65:c4:f8:21:99:4c:88:95:4a:
         b6:5c:89:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvJuU4cJBXifuphFMjgxrYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTAxMjEwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjJhMWIxYmFjMDM0OWVmNDIzMWRjMzg0MmIwYzQzZTAyOTExMDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8/g67jSRIUWqrmdxGkbalyXPPAr
eDRVh5PaIOnJ5hMwpiHw1HbeaOFPXFyx6YuzSy9beWmdNDb82Gowec1+Dm+BP5Zi
csebOAaXetCfLz402qjT1mECcGzZgIhxq8JLHTE2VyCrDfe18TZP7bPn9M81UKCd
mhSAsYqMq6bggk5kmzjKiO6KO5Oyx2mvTHwhI8WqjrjmW7QVLNX8e4VujBwhX1+P
TlK+YvilpcCmkrCA9nEfo6IYb8VyQZ+wwDHjuLRRKoGy/OUYuy3boXdZVbyVgJJ4
6/uuzJOj6GetUzbCMbztJVjGtIQFX5ugCwQAtto9rOtq6ifOn9lGlIVEdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKIqGxusA0nvQjHcOEKwxD4CkRCTMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvb2lvYkc2d0RTZTlDTWR3NFFyREVQZ0tSRUpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwekvMA0G
CSqGSIb3DQEBCwUAA4IBAQCWWSY6qpOau7g0IhutSqzc4lAtVJ8P4V4LV06+Nl/B
z92lXoQrTs94IViYDXT5Ttk7UoHjwxyxyR9dFA3xCgdYXGZFDSWbRqJvpVy9Lu9p
f+J6qoi41ro9/RPmCZaeHFIjsLoOomxnrgIYFatfdULDZqRSD0qZk0uqSo6/ezoz
SI6elcp698OKKgQiAY7EOQd5qTneI3LC89g9h/7xmgaw4jo7Qn/8qmhODZrY5fbG
xZ+vWOpl3wBZwKd2WrNdsGxIhQCYakgS3CL20ReemO+ILw6v5cuJdUnk3PRFDLt0
ntYSoB0eB9Chqp/l07jpNvWOoRxlxPghmUyIlUq2XIld
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org