Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/z-MYu0Ms45xYZKLgDdGOBB25Hdk.roa
File:                     z-MYu0Ms45xYZKLgDdGOBB25Hdk.roa (raw, json)
Hash identifier:          ZE50srGQ1VLE6UwdydnIPL0gy/4uA8/5svfDgs/7yNo=
Subject key identifier:   CF:E3:18:BB:43:2C:E3:9C:58:64:A2:E0:0D:D1:8E:04:1D:B9:1D:D9
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       018DB14456D098C38EDE8CE0A7846FEBFD36
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/z-MYu0Ms45xYZKLgDdGOBB25Hdk.roa
Signing time:             Fri 16 Feb 2024 09:34:22 +0000
ROA not before:           Fri 16 Feb 2024 09:34:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202423
IP address blocks:        193.233.31.0/24 maxlen: 24
                          193.233.149.0/24 maxlen: 24
                          193.233.174.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 08 Jun 2024 11:20:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:b1:44:56:d0:98:c3:8e:de:8c:e0:a7:84:6f:eb:fd:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Feb 16 09:34:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cfe318bb432ce39c5864a2e00dd18e041db91dd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:c2:6f:90:70:df:e2:20:97:1f:7d:1b:49:23:
                    22:aa:48:4b:30:78:6f:0a:98:cf:a6:3e:7b:5d:a1:
                    94:4b:d0:32:32:e9:57:56:d4:dd:65:ce:23:18:f2:
                    79:ea:0e:c0:51:91:3d:37:62:b9:ed:98:50:2d:bc:
                    b9:74:ba:4a:b4:30:e3:5a:49:f0:f9:a7:7c:27:b3:
                    bd:97:52:85:d2:68:a9:e4:be:4b:42:0d:d5:b2:03:
                    28:78:ae:1c:3f:03:3e:46:b5:ad:ba:11:4b:ca:17:
                    a8:c9:a6:7d:2a:59:75:15:55:6b:aa:8b:92:f2:6d:
                    cb:15:ff:b9:4f:8c:55:03:76:7b:99:6a:f4:eb:e3:
                    7b:cc:88:0d:a4:f6:8d:75:76:a8:fa:db:fd:79:36:
                    a9:75:8d:a2:38:3d:eb:f1:33:28:0b:bd:2d:56:46:
                    22:80:07:7b:cf:39:73:07:26:22:cf:e0:53:a0:08:
                    0c:d1:5f:7b:d4:51:90:3a:13:bc:15:32:fd:47:7d:
                    95:b4:cb:07:6b:ed:3c:56:29:c0:07:d3:7c:02:5b:
                    4c:26:aa:e8:32:14:12:12:cb:6d:49:50:06:dd:48:
                    40:44:92:bf:64:30:dd:5b:70:c6:34:d8:fc:2d:9d:
                    ee:a6:bd:fc:4d:35:38:f9:d5:33:a9:2a:a1:24:ca:
                    18:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:E3:18:BB:43:2C:E3:9C:58:64:A2:E0:0D:D1:8E:04:1D:B9:1D:D9
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/z-MYu0Ms45xYZKLgDdGOBB25Hdk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.31.0/24
                  193.233.149.0/24
                  193.233.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:29:45:a8:d5:63:8b:62:50:ae:4f:f3:91:62:6d:51:59:31:
         c3:ce:a7:c5:2e:7f:52:d3:2a:c0:27:4b:e2:b7:a8:ee:73:61:
         9a:82:5f:52:c9:6f:99:7a:b7:3c:19:af:0c:be:61:7a:6c:c5:
         d2:b3:a6:80:90:f1:91:d5:a1:39:75:79:10:29:e7:76:ec:3a:
         2c:91:16:ea:81:b1:9c:32:94:99:15:04:48:1a:68:6b:b5:39:
         30:9b:88:18:c4:1b:43:69:fe:28:e7:c8:75:6d:74:1c:9d:85:
         8a:0d:90:87:59:a2:a6:84:c7:16:53:9c:72:32:38:77:b7:d6:
         91:ac:95:2c:d4:20:34:70:9e:fe:5a:e9:c8:c9:3d:bb:0c:e8:
         a6:6e:c3:60:3c:45:6a:72:6b:1a:fa:a9:bb:af:15:ba:fa:0e:
         c8:d7:37:97:6e:50:e0:5e:71:39:e6:23:77:cc:95:0e:4a:37:
         21:18:52:96:b7:2c:d3:41:08:65:24:5d:f7:62:2c:0c:ca:66:
         f8:90:e9:29:41:51:9c:f8:21:5e:17:78:2f:8b:7d:38:17:a0:
         35:15:6b:4b:08:5b:0c:24:c4:4a:4c:9b:9f:d3:d3:4c:4b:bf:
         26:8d:bc:5d:12:73:28:dd:0b:18:c2:94:b8:c9:1a:b8:d0:f6:
         cc:3b:d3:a0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2xRFbQmMOO3ozgp4Rv6/02MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMjE2MDkzNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmUzMThiYjQzMmNlMzljNTg2NGEyZTAwZGQxOGUwNDFkYjkxZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMJvkHDf4iCXH30bSSMiqkhLMHhv
CpjPpj57XaGUS9AyMulXVtTdZc4jGPJ56g7AUZE9N2K57ZhQLby5dLpKtDDjWknw
+ad8J7O9l1KF0mip5L5LQg3VsgMoeK4cPwM+RrWtuhFLyheoyaZ9Kll1FVVrqouS
8m3LFf+5T4xVA3Z7mWr06+N7zIgNpPaNdXao+tv9eTapdY2iOD3r8TMoC70tVkYi
gAd7zzlzByYiz+BToAgM0V971FGQOhO8FTL9R32VtMsHa+08VinAB9N8AltMJqro
MhQSEsttSVAG3UhARJK/ZDDdW3DGNNj8LZ3upr38TTU4+dUzqSqhJMoY+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM/jGLtDLOOcWGSi4A3RjgQduR3ZMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvei1NWXUwTXM0NXhZWktMZ0RkR09CQjI1SGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwekfAwQA
wemVAwQAwemuMA0GCSqGSIb3DQEBCwUAA4IBAQAaKUWo1WOLYlCuT/ORYm1RWTHD
zqfFLn9S0yrAJ0vit6juc2Gagl9SyW+Zerc8Ga8MvmF6bMXSs6aAkPGR1aE5dXkQ
Ked27DoskRbqgbGcMpSZFQRIGmhrtTkwm4gYxBtDaf4o58h1bXQcnYWKDZCHWaKm
hMcWU5xyMjh3t9aRrJUs1CA0cJ7+WunIyT27DOimbsNgPEVqcmsa+qm7rxW6+g7I
1zeXblDgXnE55iN3zJUOSjchGFKWtyzTQQhlJF33YiwMymb4kOkpQVGc+CFeF3gv
i304F6A1FWtLCFsMJMRKTJuf09NMS78mjbxdEnMo3QsYwpS4yRq40PbMO9Og
-----END CERTIFICATE-----
Generated at Sat Jun 8 13:42:32 2024 by rpki-client on console-fra.rpki-client.org