Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/s4qHdTXtQOEFkuYuNFWT-tTv26A.roa
File:                     s4qHdTXtQOEFkuYuNFWT-tTv26A.roa (raw, json)
Hash identifier:          U+XHTi1J5vJehN3ZnsTky7UJMAaYVHrN6/q1YUy2p+o=
Subject key identifier:   B3:8A:87:75:35:ED:40:E1:05:92:E6:2E:34:55:93:FA:D4:EF:DB:A0
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       018CC79523868ABA453207C935363C90F735
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/s4qHdTXtQOEFkuYuNFWT-tTv26A.roa
Signing time:             Tue 02 Jan 2024 00:31:29 +0000
ROA not before:           Tue 02 Jan 2024 00:31:29 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     34665
IP address blocks:        193.233.234.0/24 maxlen: 24
                          193.233.61.0/24 maxlen: 24
                          193.233.197.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 06 Jan 2024 13:42:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:23:86:8a:ba:45:32:07:c9:35:36:3c:90:f7:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Jan  2 00:31:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b38a877535ed40e10592e62e345593fad4efdba0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:2e:a8:b3:b1:e9:83:98:b6:57:6b:46:ec:36:
                    5e:f2:55:3a:05:b6:fb:3f:44:c3:09:87:4c:1a:44:
                    c6:bc:a3:1e:3e:d3:51:1e:7c:9e:8e:4c:78:e5:f3:
                    57:ac:cc:f2:6d:f2:98:06:2a:53:c5:64:73:39:2f:
                    6b:f6:35:1b:35:2f:bd:9f:14:d9:ca:c3:0b:23:b5:
                    93:ec:6d:81:00:3a:d3:01:85:66:90:8e:c9:3d:dd:
                    f9:8a:a3:7e:20:42:e6:b4:85:f7:b9:2c:99:ca:e0:
                    e6:77:86:0f:53:92:9f:c9:bd:fb:7e:ef:ba:bb:a3:
                    6b:99:24:06:c8:a1:02:c2:16:e7:80:b1:eb:f9:20:
                    d1:14:89:59:f5:5d:66:6a:02:d2:39:04:88:6f:08:
                    ec:40:fb:e0:a0:e1:34:23:99:75:cc:5e:61:d2:82:
                    fa:82:01:06:69:2f:89:43:76:2b:a9:bd:44:6c:38:
                    51:76:a0:f9:ee:a3:47:fa:58:5b:fd:86:19:ee:6c:
                    07:b5:3c:d7:db:53:46:de:dd:1d:bc:ff:8c:07:d6:
                    8a:2c:73:61:23:e0:1d:2d:ca:34:26:fa:ce:72:99:
                    4d:31:8c:af:59:8f:42:e2:28:b6:67:1f:4c:c3:e7:
                    6b:f7:5f:75:78:41:c6:fd:fe:50:b1:df:9d:50:32:
                    9d:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:8A:87:75:35:ED:40:E1:05:92:E6:2E:34:55:93:FA:D4:EF:DB:A0
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/s4qHdTXtQOEFkuYuNFWT-tTv26A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.61.0/24
                  193.233.197.0/24
                  193.233.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:61:0b:94:07:7c:0a:c1:24:58:29:0d:c7:48:de:84:ff:5f:
         ed:15:b9:63:8a:08:4d:d4:aa:23:dd:93:7a:38:c1:33:58:36:
         26:e8:fc:6e:1c:d2:12:ae:6c:d6:12:79:79:fb:09:ff:08:ce:
         63:4a:48:23:0a:3d:cb:7e:b0:ce:6a:ae:43:b1:44:6c:77:4f:
         4c:d2:dc:aa:0c:c7:cd:25:01:ed:1d:3c:6e:b2:91:f3:b9:6c:
         3d:06:07:9c:a7:5c:f2:b2:92:7f:8e:aa:76:40:f7:48:88:5c:
         17:03:25:e5:ba:bb:ec:c7:79:a2:01:db:41:65:6a:aa:85:d5:
         c8:a8:0a:62:d4:21:a5:ac:02:aa:55:67:17:e3:b2:1a:8a:a5:
         b7:11:60:64:e1:3e:35:9c:83:ca:f5:28:15:03:c7:9c:53:ce:
         3d:4f:f3:bf:e5:28:c9:6e:15:e6:98:30:4d:53:b0:9d:dd:0c:
         87:0a:ff:f2:8e:af:69:4b:08:85:b1:d1:16:2b:fe:85:f8:53:
         2c:88:48:46:c8:8d:d0:34:de:06:86:51:20:8a:80:0c:44:92:
         bf:50:b8:c0:d6:49:1d:73:20:a7:c7:91:29:10:c4:8c:d2:8c:
         c3:c8:5c:f4:54:78:3d:57:da:32:a3:bd:02:7e:69:a9:9c:ad:
         77:86:48:f5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHlSOGirpFMgfJNTY8kPc1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAyMDAzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzhhODc3NTM1ZWQ0MGUxMDU5MmU2MmUzNDU1OTNmYWQ0ZWZkYmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvi6os7Hpg5i2V2tG7DZe8lU6Bbb7
P0TDCYdMGkTGvKMePtNRHnyejkx45fNXrMzybfKYBipTxWRzOS9r9jUbNS+9nxTZ
ysMLI7WT7G2BADrTAYVmkI7JPd35iqN+IELmtIX3uSyZyuDmd4YPU5Kfyb37fu+6
u6NrmSQGyKECwhbngLHr+SDRFIlZ9V1magLSOQSIbwjsQPvgoOE0I5l1zF5h0oL6
ggEGaS+JQ3Yrqb1EbDhRdqD57qNH+lhb/YYZ7mwHtTzX21NG3t0dvP+MB9aKLHNh
I+AdLco0JvrOcplNMYyvWY9C4ii2Zx9Mw+dr9191eEHG/f5Qsd+dUDKdHwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLOKh3U17UDhBZLmLjRVk/rU79ugMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvczRxSGRUWHRRT0VGa3VZdU5GV1QtdFR2MjZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwek9AwQA
wenFAwQAwenqMA0GCSqGSIb3DQEBCwUAA4IBAQCWYQuUB3wKwSRYKQ3HSN6E/1/t
FbljighN1Koj3ZN6OMEzWDYm6PxuHNISrmzWEnl5+wn/CM5jSkgjCj3LfrDOaq5D
sURsd09M0tyqDMfNJQHtHTxuspHzuWw9Bgecp1zyspJ/jqp2QPdIiFwXAyXlurvs
x3miAdtBZWqqhdXIqApi1CGlrAKqVWcX47IaiqW3EWBk4T41nIPK9SgVA8ecU849
T/O/5SjJbhXmmDBNU7Cd3QyHCv/yjq9pSwiFsdEWK/6F+FMsiEhGyI3QNN4GhlEg
ioAMRJK/ULjA1kkdcyCnx5EpEMSM0ozDyFz0VHg9V9oyo70CfmmpnK13hkj1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org