Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/OtryzKcM67bwiUviJ0XE6gsy1Mg.roa
File:                     OtryzKcM67bwiUviJ0XE6gsy1Mg.roa (raw, json)
Hash identifier:          NRQrDgJ5qXRIOFasdquJ6FgTWLlqRFwguiMUBbtGQH4=
Subject key identifier:   3A:DA:F2:CC:A7:0C:EB:B6:F0:89:4B:E2:27:45:C4:EA:0B:32:D4:C8
Certificate issuer:       /CN=ed30a131718560a34ab3493884e858ec431f6ad1
Certificate serial:       018D02B9662DB1938A954066FD27D98D1BCF
Authority key identifier: ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/OtryzKcM67bwiUviJ0XE6gsy1Mg.roa
Signing time:             Sat 13 Jan 2024 12:08:41 +0000
ROA not before:           Sat 13 Jan 2024 12:08:41 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49981
IP address blocks:        194.180.208.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 17 Apr 2024 10:32:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:02:b9:66:2d:b1:93:8a:95:40:66:fd:27:d9:8d:1b:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed30a131718560a34ab3493884e858ec431f6ad1
        Validity
            Not Before: Jan 13 12:08:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3adaf2cca70cebb6f0894be22745c4ea0b32d4c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:e4:ec:1b:28:49:98:33:9f:25:40:e5:2d:a6:
                    fe:dc:5c:49:39:1f:fc:d0:d8:5e:1d:63:8f:c7:29:
                    95:be:ee:82:50:b1:c3:2c:7b:6c:88:8e:85:6e:15:
                    a0:a8:5a:92:9e:a3:85:aa:5c:15:e2:71:43:e5:4d:
                    15:bd:8c:7c:69:ee:49:f5:fa:c1:90:ac:2a:53:b5:
                    ff:dd:86:a9:3e:8d:f1:bb:22:b0:dc:e8:b9:58:bf:
                    2c:28:24:a5:51:d3:6a:fb:0f:03:0c:27:9f:42:74:
                    9f:26:d2:18:02:68:7e:fa:55:0d:d7:ff:1e:3e:97:
                    3c:c8:aa:4e:73:b2:48:e7:f2:d8:f9:49:a7:88:09:
                    6e:cd:01:77:a5:ab:f6:bd:4d:0e:e6:84:ca:e3:44:
                    79:61:ab:9c:d5:0d:e2:d8:db:45:06:0e:9c:51:8c:
                    c2:8c:45:4d:b3:c7:8a:99:00:ee:3f:a7:a0:a2:b5:
                    5f:41:51:b4:86:c7:94:b8:22:71:50:a6:dc:65:7b:
                    18:9c:3c:bb:2f:ff:74:22:4c:8d:23:ff:5e:d3:72:
                    3a:fc:74:0e:98:69:f0:45:ba:75:f0:ad:65:cc:2c:
                    25:b2:e8:87:3b:76:8f:6c:f0:18:34:49:65:58:52:
                    fc:30:27:f3:45:8f:11:23:c8:7f:70:91:54:4f:54:
                    75:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:DA:F2:CC:A7:0C:EB:B6:F0:89:4B:E2:27:45:C4:EA:0B:32:D4:C8
            X509v3 Authority Key Identifier:
                keyid:ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/OtryzKcM67bwiUviJ0XE6gsy1Mg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.180.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:4c:00:9a:2b:5e:d9:7c:c6:6b:ad:fd:bb:5d:4d:1f:a0:f4:
         4b:80:64:df:37:6f:91:31:cb:53:da:7c:d0:05:d3:9f:0e:51:
         cb:2e:84:8d:a4:33:8d:61:26:6b:cf:29:61:b4:32:78:1c:bc:
         78:66:81:21:a8:e7:d1:78:d8:25:d3:cd:f6:98:e7:a3:04:5d:
         81:ff:c9:d0:6e:43:77:49:31:d3:b3:43:bc:f2:6c:73:cb:7a:
         63:df:0e:6c:05:fe:37:ab:98:e1:81:6e:65:fe:97:87:0c:05:
         a1:40:28:a7:05:3d:ec:10:f7:bc:16:c7:92:75:84:ce:1e:9d:
         05:ca:ca:0b:ad:a0:3c:dd:b1:d0:ce:c1:f9:53:fd:d9:19:85:
         34:ad:fc:9d:01:ec:da:69:ed:1a:be:f5:1e:af:40:82:98:d9:
         49:7c:40:cd:7b:bd:4e:30:78:6f:1c:fa:08:e3:56:d2:de:c7:
         d9:42:16:34:ea:89:10:d2:7d:ad:17:ac:84:a4:90:8a:a8:52:
         62:a5:4f:1c:cf:1b:88:bc:31:73:bf:ec:17:6f:da:6e:17:7c:
         51:03:3b:09:45:f6:48:a8:3a:e2:22:af:02:83:77:d9:4f:61:
         5b:d5:7f:c9:97:4e:e8:db:cb:16:44:a9:f4:8f:23:82:e1:10:
         52:a0:d1:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0CuWYtsZOKlUBm/SfZjRvPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkMzBhMTMxNzE4NTYwYTM0YWIzNDkzODg0ZTg1OGVjNDMx
ZjZhZDEwHhcNMjQwMTEzMTIwODQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWRhZjJjY2E3MGNlYmI2ZjA4OTRiZTIyNzQ1YzRlYTBiMzJkNGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeTsGyhJmDOfJUDlLab+3FxJOR/8
0NheHWOPxymVvu6CULHDLHtsiI6FbhWgqFqSnqOFqlwV4nFD5U0VvYx8ae5J9frB
kKwqU7X/3YapPo3xuyKw3Oi5WL8sKCSlUdNq+w8DDCefQnSfJtIYAmh++lUN1/8e
Ppc8yKpOc7JI5/LY+UmniAluzQF3pav2vU0O5oTK40R5Yauc1Q3i2NtFBg6cUYzC
jEVNs8eKmQDuP6egorVfQVG0hseUuCJxUKbcZXsYnDy7L/90IkyNI/9e03I6/HQO
mGnwRbp18K1lzCwlsuiHO3aPbPAYNEllWFL8MCfzRY8RI8h/cJFUT1R16wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDra8synDOu28IlL4idFxOoLMtTIMB8GA1UdIwQY
MBaAFO0woTFxhWCjSrNJOIToWOxDH2rRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTkt
NGIzYjFiNjNiNmFiLzEvT3RyeXpLY002N2J3aVV2aUowWEU2Z3N5MU1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTktNGIzYjFiNjNiNmFi
LzEvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrTQMA0G
CSqGSIb3DQEBCwUAA4IBAQAZTACaK17ZfMZrrf27XU0foPRLgGTfN2+RMctT2nzQ
BdOfDlHLLoSNpDONYSZrzylhtDJ4HLx4ZoEhqOfReNgl0832mOejBF2B/8nQbkN3
STHTs0O88mxzy3pj3w5sBf43q5jhgW5l/peHDAWhQCinBT3sEPe8FseSdYTOHp0F
ysoLraA83bHQzsH5U/3ZGYU0rfydAezaae0avvUer0CCmNlJfEDNe71OMHhvHPoI
41bS3sfZQhY06okQ0n2tF6yEpJCKqFJipU8czxuIvDFzv+wXb9puF3xRAzsJRfZI
qDriIq8Cg3fZT2Fb1X/Jl07o28sWRKn0jyOC4RBSoNHZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:01 2024 by rpki-client on console-fra.rpki-client.org