Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/tUFtVIYs-dAJQjp3xTTTtMm76Eo.roa
File:                     tUFtVIYs-dAJQjp3xTTTtMm76Eo.roa (raw, json)
Hash identifier:          xfrzEHyogSusFYStHb3V1EgTZFxQUdp4K9ASV8D6lsg=
Subject key identifier:   B5:41:6D:54:86:2C:F9:D0:09:42:3A:77:C5:34:D3:B4:C9:BB:E8:4A
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       018B5BB03351E423D18C937CC3A7D15DD120
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/tUFtVIYs-dAJQjp3xTTTtMm76Eo.roa
Signing time:             Mon 23 Oct 2023 08:39:15 +0000
ROA not before:           Mon 23 Oct 2023 08:39:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202423
IP address blocks:        193.233.30.0/24 maxlen: 24
                          193.233.31.0/24 maxlen: 24
                          193.233.149.0/24 maxlen: 24
                          193.233.174.0/24 maxlen: 24
                          193.233.72.0/24 maxlen: 24
                          193.233.75.0/24 maxlen: 24
                          193.233.74.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 30 Nov 2023 19:05:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:5b:b0:33:51:e4:23:d1:8c:93:7c:c3:a7:d1:5d:d1:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Oct 23 08:39:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b5416d54862cf9d009423a77c534d3b4c9bbe84a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:6e:57:3c:c5:24:01:ae:00:9a:c6:4d:92:7f:
                    ec:89:94:e7:a9:49:40:c8:5d:7c:d5:bd:60:12:39:
                    7f:1f:36:54:a8:cc:7b:83:43:62:da:3d:ce:2a:c5:
                    8e:f8:11:9d:d0:fd:b8:dc:52:77:0c:02:0f:58:b6:
                    48:66:fe:d8:d2:30:46:02:c7:22:ee:57:07:f2:d2:
                    f8:7a:b3:88:dd:51:f4:44:a9:f1:36:f8:ff:b8:0c:
                    4e:f5:95:33:ea:68:40:82:85:44:d6:38:39:d8:15:
                    3b:81:45:9b:42:0a:d0:68:02:d8:d3:55:a2:f8:25:
                    68:b3:8c:11:a7:d4:a5:ac:bc:37:80:7f:aa:44:f1:
                    44:75:77:44:45:0b:55:12:8b:8c:81:9f:1d:11:f5:
                    73:aa:ba:bb:51:6b:91:35:6b:1d:d9:4c:70:2c:eb:
                    96:ae:f0:8e:d0:c6:df:31:ba:d6:99:1d:4f:e0:89:
                    8c:e3:9e:4c:ab:05:f5:19:b6:da:da:5a:84:2a:fa:
                    1f:52:a2:29:35:ca:82:a1:cd:b0:83:39:95:7c:80:
                    0e:b1:e2:ea:be:07:44:53:0d:c1:f1:f6:ad:fc:7e:
                    d9:b0:25:8d:a3:60:df:d2:59:8c:08:0e:3e:28:40:
                    c7:8d:e3:bd:14:a7:66:2a:91:84:23:99:b6:88:c3:
                    05:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:41:6D:54:86:2C:F9:D0:09:42:3A:77:C5:34:D3:B4:C9:BB:E8:4A
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/tUFtVIYs-dAJQjp3xTTTtMm76Eo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.30.0/23
                  193.233.72.0/24
                  193.233.74.0/23
                  193.233.149.0/24
                  193.233.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:19:cb:88:05:ae:aa:28:3a:32:8e:94:c1:45:e9:32:f0:f6:
         74:fd:2d:24:57:7c:e8:54:2f:4a:b6:99:9d:46:00:54:90:61:
         9b:be:c9:f6:1e:ed:60:8a:06:7b:f5:95:a9:23:b8:b4:4d:65:
         e6:3d:64:5c:03:b3:9f:fd:3c:69:64:53:19:e7:51:e9:1c:5e:
         eb:ce:2e:15:ee:8f:97:87:66:fc:d9:33:a3:e1:50:68:f5:9b:
         4f:ea:54:7a:0c:d8:16:36:ad:c3:9a:00:02:a0:13:9a:a3:80:
         fd:73:c2:7d:a4:e4:96:2b:d8:b0:25:75:ea:58:6a:18:15:19:
         ab:7c:9a:2e:65:71:74:82:5b:a0:2e:23:7a:1d:9d:c6:27:94:
         a4:1e:3c:34:f3:d0:2c:63:18:8d:e2:8c:e7:88:70:69:08:d1:
         5f:96:4a:0a:da:2a:20:7d:d2:4c:c3:36:03:0c:f1:2e:f1:22:
         df:3c:cd:ba:83:46:ac:a5:c1:be:80:1c:8c:7c:6a:3e:dc:b8:
         b1:31:aa:39:33:c2:7f:d7:90:fd:dd:e2:39:26:bd:36:21:f9:
         79:c8:8c:7e:0b:9d:3e:d8:1d:0a:ea:6f:d9:5a:f8:8b:50:af:
         13:51:dc:ca:2d:00:22:b1:f3:74:b5:98:b0:03:6b:55:e6:86:
         d8:d2:90:61
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYtbsDNR5CPRjJN8w6fRXdEgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMxMDIzMDgzOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTQxNmQ1NDg2MmNmOWQwMDk0MjNhNzdjNTM0ZDNiNGM5YmJlODRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhm5XPMUkAa4AmsZNkn/siZTnqUlA
yF181b1gEjl/HzZUqMx7g0Ni2j3OKsWO+BGd0P243FJ3DAIPWLZIZv7Y0jBGAsci
7lcH8tL4erOI3VH0RKnxNvj/uAxO9ZUz6mhAgoVE1jg52BU7gUWbQgrQaALY01Wi
+CVos4wRp9SlrLw3gH+qRPFEdXdERQtVEouMgZ8dEfVzqrq7UWuRNWsd2UxwLOuW
rvCO0MbfMbrWmR1P4ImM455MqwX1Gbba2lqEKvofUqIpNcqCoc2wgzmVfIAOseLq
vgdEUw3B8fat/H7ZsCWNo2Df0lmMCA4+KEDHjeO9FKdmKpGEI5m2iMMF0QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLVBbVSGLPnQCUI6d8U007TJu+hKMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvdFVGdFZJWXMtZEFKUWpwM3hUVFR0TW03NkVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBwekeAwQA
welIAwQBwelKAwQAwemVAwQAwemuMA0GCSqGSIb3DQEBCwUAA4IBAQBJGcuIBa6q
KDoyjpTBReky8PZ0/S0kV3zoVC9KtpmdRgBUkGGbvsn2Hu1gigZ79ZWpI7i0TWXm
PWRcA7Of/TxpZFMZ51HpHF7rzi4V7o+Xh2b82TOj4VBo9ZtP6lR6DNgWNq3DmgAC
oBOao4D9c8J9pOSWK9iwJXXqWGoYFRmrfJouZXF0glugLiN6HZ3GJ5SkHjw089As
YxiN4ozniHBpCNFflkoK2iogfdJMwzYDDPEu8SLfPM26g0aspcG+gByMfGo+3Lix
Mao5M8J/15D93eI5Jr02Ifl5yIx+C50+2B0K6m/ZWviLUK8TUdzKLQAisfN0tZiw
A2tV5obY0pBh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:40 2024 by rpki-client on console-fra.rpki-client.org