Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/tWsHOrM_iaKv_7l4dTe9Ye2RSew.roa
File:                     tWsHOrM_iaKv_7l4dTe9Ye2RSew.roa (raw, json)
Hash identifier:          9b8T+HrrBChJkmF/RT3sWc512LK9KLj6hflZKUQoGn4=
Subject key identifier:   B5:6B:07:3A:B3:3F:89:A2:AF:FF:B9:78:75:37:BD:61:ED:91:49:EC
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       018BA93449DE6D9E42CE963AC288948D8A6A
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/tWsHOrM_iaKv_7l4dTe9Ye2RSew.roa
Signing time:             Tue 07 Nov 2023 09:54:18 +0000
ROA not before:           Tue 07 Nov 2023 09:54:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        193.233.197.0/24 maxlen: 24
                          193.233.100.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sun 26 Nov 2023 15:10:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:a9:34:49:de:6d:9e:42:ce:96:3a:c2:88:94:8d:8a:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Nov  7 09:54:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b56b073ab33f89a2afffb9787537bd61ed9149ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:7f:cb:fb:c7:ab:d5:cc:36:64:b2:7f:ec:ad:
                    28:43:3c:d6:be:1d:97:fe:14:32:2c:ce:c3:03:b6:
                    45:04:ce:56:46:dd:3f:74:75:2c:d1:6f:0e:38:ec:
                    9f:77:f5:1d:62:9e:e9:9a:9a:92:c2:7b:d4:e5:a2:
                    dd:86:05:b1:34:10:ed:e9:ff:f9:07:3b:17:12:f4:
                    d2:ad:73:0a:83:94:dd:1e:c1:ac:ac:43:7d:65:d0:
                    93:81:92:b7:4f:46:7e:b2:06:39:74:36:24:fa:cd:
                    f7:9a:e2:17:5a:f5:b1:9a:bc:48:86:76:2e:ef:89:
                    60:1d:92:a0:f8:0d:51:63:6d:a8:e8:f3:ee:c4:b4:
                    d8:57:b3:56:0e:c1:81:a3:c3:2c:82:02:a6:0a:dd:
                    81:b0:fd:72:53:f3:0c:0d:7b:aa:31:58:fa:f1:1a:
                    7d:1b:b9:54:e1:2a:65:ca:d4:fe:fc:c3:21:44:86:
                    45:32:7d:e8:e3:8a:24:09:f1:33:9b:2d:02:ea:76:
                    88:f2:d9:49:1b:17:dc:17:82:57:3d:79:02:cc:b7:
                    fc:e0:ce:65:f3:17:63:b7:6c:64:10:3a:c3:8d:6d:
                    0d:1b:f7:34:f5:39:d1:cb:2c:f1:12:63:68:e5:25:
                    64:54:d2:ac:48:d5:ec:54:44:32:89:88:df:66:15:
                    b0:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:6B:07:3A:B3:3F:89:A2:AF:FF:B9:78:75:37:BD:61:ED:91:49:EC
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/tWsHOrM_iaKv_7l4dTe9Ye2RSew.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.100.0/22
                  193.233.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:71:82:21:44:b7:71:b8:31:9c:1a:47:05:b2:69:52:70:8c:
         aa:8d:21:29:7e:69:87:6b:db:69:69:a4:66:44:f7:52:5d:a3:
         b2:90:b1:d4:1d:a2:09:d4:6c:34:b7:d7:7f:6d:c4:a9:51:bc:
         a6:f5:65:30:4e:a6:71:fe:92:27:48:20:f4:0f:2f:d2:3d:c1:
         6b:db:31:37:32:5e:24:3c:a3:1f:a0:78:7d:e6:9f:0a:ad:43:
         5d:4d:9b:7e:06:08:46:40:49:51:91:8f:b3:b7:7f:bc:36:bc:
         c0:98:ea:bb:51:b6:41:32:d7:de:79:7f:b2:3c:26:d7:86:d0:
         9a:6c:b1:97:3e:1b:14:36:62:3c:42:33:d0:ab:4c:e8:90:bd:
         2e:f9:e5:0f:19:51:d7:9d:e6:15:59:7f:aa:ae:26:7d:92:75:
         9d:f5:c0:33:be:b8:88:ad:aa:a0:28:b2:d8:56:6f:a0:c2:73:
         8f:24:f7:d8:5d:bc:2b:cf:65:78:52:ce:b4:4f:a4:f0:5c:cc:
         d6:cc:67:cc:b0:27:6f:18:e1:d4:a7:f2:40:cb:b7:de:1a:d1:
         47:37:b2:7c:d3:12:ba:66:3d:81:fe:c7:7a:60:8d:b9:49:c3:
         24:98:77:2f:7b:d2:79:ef:ea:2c:f6:a7:22:46:af:dd:76:9c:
         be:bb:e0:33
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYupNEnebZ5CzpY6woiUjYpqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMxMTA3MDk1NDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTZiMDczYWIzM2Y4OWEyYWZmZmI5Nzg3NTM3YmQ2MWVkOTE0OWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArX/L+8er1cw2ZLJ/7K0oQzzWvh2X
/hQyLM7DA7ZFBM5WRt0/dHUs0W8OOOyfd/UdYp7pmpqSwnvU5aLdhgWxNBDt6f/5
BzsXEvTSrXMKg5TdHsGsrEN9ZdCTgZK3T0Z+sgY5dDYk+s33muIXWvWxmrxIhnYu
74lgHZKg+A1RY22o6PPuxLTYV7NWDsGBo8MsggKmCt2BsP1yU/MMDXuqMVj68Rp9
G7lU4SplytT+/MMhRIZFMn3o44okCfEzmy0C6naI8tlJGxfcF4JXPXkCzLf84M5l
8xdjt2xkEDrDjW0NG/c09TnRyyzxEmNo5SVkVNKsSNXsVEQyiYjfZhWwNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLVrBzqzP4mir/+5eHU3vWHtkUnsMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvdFdzSE9yTV9pYUt2XzdsNGRUZTlZZTJSU2V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwelkAwQA
wenFMA0GCSqGSIb3DQEBCwUAA4IBAQBBcYIhRLdxuDGcGkcFsmlScIyqjSEpfmmH
a9tpaaRmRPdSXaOykLHUHaIJ1Gw0t9d/bcSpUbym9WUwTqZx/pInSCD0Dy/SPcFr
2zE3Ml4kPKMfoHh95p8KrUNdTZt+BghGQElRkY+zt3+8NrzAmOq7UbZBMtfeeX+y
PCbXhtCabLGXPhsUNmI8QjPQq0zokL0u+eUPGVHXneYVWX+qriZ9knWd9cAzvriI
raqgKLLYVm+gwnOPJPfYXbwrz2V4Us60T6TwXMzWzGfMsCdvGOHUp/JAy7feGtFH
N7J80xK6Zj2B/sd6YI25ScMkmHcve9J57+os9qciRq/ddpy+u+Az
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:40 2024 by rpki-client on console-fra.rpki-client.org