Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/uo33aWILmSmWtTPOEuPWVQeZUDo.roa
File:                     uo33aWILmSmWtTPOEuPWVQeZUDo.roa (raw, json)
Hash identifier:          n93MR9+QnqegFDhP35unlmqXbRGAW9WHiGxHXoNjWCQ=
Subject key identifier:   BA:8D:F7:69:62:0B:99:29:96:B5:33:CE:12:E3:D6:55:07:99:50:3A
Certificate issuer:       /CN=9ba94bc14937bb0b3632374355a446724104a981
Certificate serial:       018E7A181F969FD46CD3B7700824688469F2
Authority key identifier: 9B:A9:4B:C1:49:37:BB:0B:36:32:37:43:55:A4:46:72:41:04:A9:81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m6lLwUk3uws2MjdDVaRGckEEqYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/uo33aWILmSmWtTPOEuPWVQeZUDo.roa
Signing time:             Tue 26 Mar 2024 09:29:45 +0000
ROA not before:           Tue 26 Mar 2024 09:29:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     31480
IP address blocks:        91.196.32.0/22 maxlen: 22
                          185.59.136.0/24 maxlen: 24
                          193.151.108.0/22 maxlen: 22
                          193.151.108.0/24 maxlen: 24
                          193.151.110.0/24 maxlen: 24
                          2a0c:1d80::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 12 Nov 2024 14:49:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:7a:18:1f:96:9f:d4:6c:d3:b7:70:08:24:68:84:69:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ba94bc14937bb0b3632374355a446724104a981
        Validity
            Not Before: Mar 26 09:29:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ba8df769620b992996b533ce12e3d6550799503a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:72:4d:63:bb:3b:c7:68:48:77:2d:72:58:d0:
                    97:72:ab:dc:a8:29:21:8b:5a:98:95:62:93:03:d3:
                    92:b5:6f:e1:8c:a9:14:c1:42:33:97:92:05:c9:df:
                    9c:f2:3e:d6:0d:b4:16:59:73:7d:fd:47:94:eb:4b:
                    8a:70:25:ae:9e:38:3a:f1:47:70:8d:b3:f4:65:ab:
                    c8:b2:93:d1:74:ff:53:ae:4a:18:cc:a2:64:c1:d4:
                    a3:57:d9:41:65:50:90:eb:dc:48:a4:aa:e2:31:77:
                    0a:8f:02:46:55:3f:b8:65:4f:d2:6e:06:9d:02:8e:
                    a0:97:50:e2:bd:c9:d7:c3:f4:f2:5a:61:ee:cf:ac:
                    4b:6f:5d:4c:48:fc:4e:b7:7e:01:89:e2:0c:53:61:
                    68:36:5f:24:27:ca:48:8f:de:6a:ae:1d:fb:46:b5:
                    93:9e:9b:cc:48:ac:a9:b3:39:1c:4f:76:ba:00:9a:
                    6a:a4:2d:bc:8b:f4:40:cd:b3:83:ea:a1:de:51:a9:
                    93:3e:be:9e:ee:93:6d:63:1e:1d:b0:fc:ef:dc:21:
                    a0:c0:2f:82:50:fb:96:95:e3:54:bf:b0:5e:d4:a0:
                    a6:e0:19:85:0b:f4:9d:ad:2d:92:24:24:c8:4e:ac:
                    95:69:3a:b9:42:b0:e8:f8:14:a6:c0:d5:24:2e:02:
                    4f:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:8D:F7:69:62:0B:99:29:96:B5:33:CE:12:E3:D6:55:07:99:50:3A
            X509v3 Authority Key Identifier:
                keyid:9B:A9:4B:C1:49:37:BB:0B:36:32:37:43:55:A4:46:72:41:04:A9:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m6lLwUk3uws2MjdDVaRGckEEqYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/uo33aWILmSmWtTPOEuPWVQeZUDo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/m6lLwUk3uws2MjdDVaRGckEEqYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.196.32.0/22
                  185.59.136.0/24
                  193.151.108.0/22
                IPv6:
                  2a0c:1d80::/29

    Signature Algorithm: sha256WithRSAEncryption
         00:d1:7f:01:d3:f6:de:57:16:95:0a:24:cc:77:67:32:c6:aa:
         53:31:bd:86:d6:85:84:40:c1:b4:c8:54:13:33:39:74:7a:52:
         52:f9:21:82:c3:e5:4b:15:82:53:80:87:2a:89:1e:6d:86:6b:
         20:58:95:b6:59:53:48:81:53:da:d7:6e:d7:38:f1:96:3a:9f:
         77:1e:05:b8:ed:88:ce:32:f2:58:8c:6c:9b:fe:37:1e:ff:ae:
         73:a0:87:78:12:ad:1f:34:25:d0:e8:35:71:b0:18:71:55:48:
         f4:16:e4:d6:9f:7d:99:16:a6:b8:06:cd:78:51:da:7f:4d:55:
         a5:ad:45:9c:df:93:4f:22:11:71:55:c2:6f:49:e4:6d:49:d3:
         d4:fa:f9:7a:11:9e:dd:47:b2:6b:88:0e:8a:d3:74:fd:53:a8:
         6c:57:1b:c8:bd:c0:74:e3:ad:13:52:a1:f0:3d:d4:65:f8:7a:
         a9:88:d1:28:d3:d2:ef:d7:a2:e3:ea:6f:3c:6f:1a:fd:55:b5:
         81:e9:29:45:78:46:25:e5:66:f5:f1:f9:75:17:9f:e6:a7:a5:
         f6:76:f8:74:e8:ff:7a:6b:6b:48:fa:73:7e:4f:05:7b:b6:33:
         cc:ec:04:e0:b7:00:fa:2d:f3:0b:5f:cd:b3:49:21:d5:8a:14:
         04:bc:f5:d0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY56GB+Wn9Rs07dwCCRohGnyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYTk0YmMxNDkzN2JiMGIzNjMyMzc0MzU1YTQ0NjcyNDEw
NGE5ODEwHhcNMjQwMzI2MDkyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYThkZjc2OTYyMGI5OTI5OTZiNTMzY2UxMmUzZDY1NTA3OTk1MDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3JNY7s7x2hIdy1yWNCXcqvcqCkh
i1qYlWKTA9OStW/hjKkUwUIzl5IFyd+c8j7WDbQWWXN9/UeU60uKcCWunjg68Udw
jbP0ZavIspPRdP9TrkoYzKJkwdSjV9lBZVCQ69xIpKriMXcKjwJGVT+4ZU/Sbgad
Ao6gl1DivcnXw/TyWmHuz6xLb11MSPxOt34BieIMU2FoNl8kJ8pIj95qrh37RrWT
npvMSKypszkcT3a6AJpqpC28i/RAzbOD6qHeUamTPr6e7pNtYx4dsPzv3CGgwC+C
UPuWleNUv7Be1KCm4BmFC/SdrS2SJCTITqyVaTq5QrDo+BSmwNUkLgJPjwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLqN92liC5kplrUzzhLj1lUHmVA6MB8GA1UdIwQY
MBaAFJupS8FJN7sLNjI3Q1WkRnJBBKmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTZsTHdVazN1d3MyTWpkRFZhUkdja0VFcVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9jYzc4NDMtZDEzNi00ZmZiLThiOTkt
ODM2YzMxMmFjOGMyLzEvdW8zM2FXSUxtU21XdFRQT0V1UFdWUWVaVURvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9jYzc4NDMtZDEzNi00ZmZiLThiOTktODM2YzMxMmFjOGMy
LzEvbTZsTHdVazN1d3MyTWpkRFZhUkdja0VFcVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCW8QgAwQA
uTuIAwQCwZdsMA0EAgACMAcDBQMqDB2AMA0GCSqGSIb3DQEBCwUAA4IBAQAA0X8B
0/beVxaVCiTMd2cyxqpTMb2G1oWEQMG0yFQTMzl0elJS+SGCw+VLFYJTgIcqiR5t
hmsgWJW2WVNIgVPa127XOPGWOp93HgW47YjOMvJYjGyb/jce/65zoId4Eq0fNCXQ
6DVxsBhxVUj0FuTWn32ZFqa4Bs14Udp/TVWlrUWc35NPIhFxVcJvSeRtSdPU+vl6
EZ7dR7JriA6K03T9U6hsVxvIvcB0460TUqHwPdRl+HqpiNEo09Lv16Lj6m88bxr9
VbWB6SlFeEYl5Wb18fl1F5/mp6X2dvh06P96a2tI+nN+TwV7tjPM7ATgtwD6LfML
X82zSSHVihQEvPXQ
-----END CERTIFICATE-----
Generated at Tue Nov 12 18:29:13 2024 by rpki-client on console-fra.rpki-client.org