Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/zEp3gWc0GC2V-TKApjafUnhn5H4.roa
File:                     zEp3gWc0GC2V-TKApjafUnhn5H4.roa (raw, json)
Hash identifier:          mDEkO3PNTrw9psargX8pPo13tzvmmdU6pxvFlwQFjFw=
Subject key identifier:   CC:4A:77:81:67:34:18:2D:95:F9:32:80:A6:36:9F:52:78:67:E4:7E
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       018CDF44F7F8D7FBFA6E0D183102143CACAE
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/zEp3gWc0GC2V-TKApjafUnhn5H4.roa
Signing time:             Sat 06 Jan 2024 14:54:48 +0000
ROA not before:           Sat 06 Jan 2024 14:54:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210644
IP address blocks:        193.233.232.0/24 maxlen: 24
                          193.233.233.0/24 maxlen: 24
                          193.233.133.0/24 maxlen: 24
                          147.45.40.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Thu 25 Jan 2024 17:20:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:df:44:f7:f8:d7:fb:fa:6e:0d:18:31:02:14:3c:ac:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Jan  6 14:54:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cc4a77816734182d95f93280a6369f527867e47e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:92:73:77:ef:93:ff:10:bc:8e:be:94:48:0e:
                    c9:ba:b3:83:14:cd:81:80:bf:7b:bf:65:6b:dc:da:
                    7c:19:b7:af:8a:9d:4b:55:fe:dc:00:4c:20:0b:f4:
                    c2:63:df:ea:c2:00:3c:ba:4c:81:3f:fa:80:19:23:
                    1f:5f:60:d8:98:80:e2:91:1e:a6:fb:f2:d4:73:a5:
                    92:b5:cb:aa:90:14:3e:b7:52:6d:6e:00:4f:54:38:
                    15:76:55:4c:70:55:0d:9a:39:19:57:bb:0b:e1:77:
                    82:4e:ae:6e:f7:13:cb:93:cf:4f:a8:10:e7:66:f7:
                    d2:c2:3c:2d:7b:45:88:97:97:51:12:c0:86:c7:5e:
                    04:1f:f9:16:67:7a:46:0c:67:7c:6e:9a:37:6c:db:
                    e1:df:58:77:c7:f8:05:b4:6e:88:53:0e:63:70:1e:
                    e6:6a:b6:b9:68:01:0e:7b:33:9b:95:b7:44:64:3b:
                    57:b8:5a:78:1c:d1:bd:18:6a:15:35:d7:ca:9c:2a:
                    15:c8:86:42:10:c9:a0:52:58:33:da:b3:ed:c9:f3:
                    15:8f:43:8e:cd:23:aa:58:80:70:45:8c:01:ad:fb:
                    01:33:78:42:34:45:76:0f:31:80:96:28:86:1d:3c:
                    bb:5e:b3:5e:d9:a6:da:4e:e4:bc:eb:e2:7c:39:f4:
                    48:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:4A:77:81:67:34:18:2D:95:F9:32:80:A6:36:9F:52:78:67:E4:7E
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/zEp3gWc0GC2V-TKApjafUnhn5H4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.45.40.0/22
                  193.233.133.0/24
                  193.233.232.0/23

    Signature Algorithm: sha256WithRSAEncryption
         08:40:75:c6:8a:f2:15:ac:37:f8:d6:fa:2e:ac:4f:70:aa:20:
         d2:35:02:10:c9:b8:6d:9b:08:7a:22:bd:c5:53:bf:95:2b:ff:
         52:6f:7a:be:55:65:c3:0c:1a:27:a3:88:97:1d:99:24:19:e8:
         86:b4:7a:7f:37:fd:28:ff:1d:53:ef:0e:bd:8a:53:a9:9d:b6:
         c0:43:4e:46:9f:87:ca:fa:0b:f1:eb:47:a9:e8:8e:c1:6f:81:
         87:64:dd:8b:88:40:38:59:99:3d:79:1d:ee:79:c9:57:04:7a:
         a6:eb:75:a9:d7:35:10:9f:97:14:bf:25:70:2e:de:12:2e:3a:
         33:46:91:5d:59:77:c3:b5:e8:70:dc:95:b0:8b:4f:ec:96:15:
         13:04:4f:e0:7b:6c:17:76:73:d4:ea:0c:d5:96:4d:e6:2b:1c:
         6e:44:d9:66:fb:07:e6:23:e6:a7:1b:2e:f5:57:dc:4a:97:f4:
         bc:d6:2d:ec:be:cf:09:c7:3a:71:9c:43:6b:47:d3:1d:7a:d8:
         35:12:b9:7a:48:68:fe:18:bc:85:64:b9:b5:f3:ba:5c:b9:8d:
         79:7a:f1:a6:c8:8b:de:91:cd:d6:79:01:fc:0b:dc:02:19:6d:
         7d:bf:fc:fe:16:f6:61:7b:22:fb:22:6a:e4:6d:62:ec:4f:fb:
         ec:d1:6e:b2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzfRPf41/v6bg0YMQIUPKyuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTA2MTQ1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzRhNzc4MTY3MzQxODJkOTVmOTMyODBhNjM2OWY1Mjc4NjdlNDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJJzd++T/xC8jr6USA7JurODFM2B
gL97v2Vr3Np8Gbevip1LVf7cAEwgC/TCY9/qwgA8ukyBP/qAGSMfX2DYmIDikR6m
+/LUc6WStcuqkBQ+t1JtbgBPVDgVdlVMcFUNmjkZV7sL4XeCTq5u9xPLk89PqBDn
ZvfSwjwte0WIl5dREsCGx14EH/kWZ3pGDGd8bpo3bNvh31h3x/gFtG6IUw5jcB7m
ara5aAEOezOblbdEZDtXuFp4HNG9GGoVNdfKnCoVyIZCEMmgUlgz2rPtyfMVj0OO
zSOqWIBwRYwBrfsBM3hCNEV2DzGAliiGHTy7XrNe2abaTuS86+J8OfRIGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMxKd4FnNBgtlfkygKY2n1J4Z+R+MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvekVwM2dXYzBHQzJWLVRLQXBqYWZVbmhuNUg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCky0oAwQA
wemFAwQBwenoMA0GCSqGSIb3DQEBCwUAA4IBAQAIQHXGivIVrDf41vourE9wqiDS
NQIQybhtmwh6Ir3FU7+VK/9Sb3q+VWXDDBono4iXHZkkGeiGtHp/N/0o/x1T7w69
ilOpnbbAQ05Gn4fK+gvx60ep6I7Bb4GHZN2LiEA4WZk9eR3ueclXBHqm63Wp1zUQ
n5cUvyVwLt4SLjozRpFdWXfDtehw3JWwi0/slhUTBE/ge2wXdnPU6gzVlk3mKxxu
RNlm+wfmI+anGy71V9xKl/S81i3svs8JxzpxnENrR9Mdetg1Erl6SGj+GLyFZLm1
87pcuY15evGmyIvekc3WeQH8C9wCGW19v/z+FvZheyL7ImrkbWLsT/vs0W6y
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:33 2024 by rpki-client on console-ams.rpki-client.org