Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/O3zgbshgcPCW_zMLnusKxBZFJUA.roa
File:                     O3zgbshgcPCW_zMLnusKxBZFJUA.roa (raw, json)
Hash identifier:          eQyzrxTgoBcasmAtWMnyArKZrolPKB9FvZrrh6+eJNs=
Subject key identifier:   3B:7C:E0:6E:C8:60:70:F0:96:FF:33:0B:9E:EB:0A:C4:16:45:25:40
Certificate issuer:       /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial:       018A902BE44BDDD3838E6DC8B23165B3D02E
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/O3zgbshgcPCW_zMLnusKxBZFJUA.roa
Signing time:             Wed 13 Sep 2023 20:11:50 +0000
ROA not before:           Wed 13 Sep 2023 20:11:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        193.32.184.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Thu 21 Dec 2023 14:13:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:90:2b:e4:4b:dd:d3:83:8e:6d:c8:b2:31:65:b3:d0:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
        Validity
            Not Before: Sep 13 20:11:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3b7ce06ec86070f096ff330b9eeb0ac416452540
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:d8:39:54:67:43:ad:ab:85:83:a4:6b:94:85:
                    68:00:f9:4a:8f:08:81:96:14:71:08:92:be:e0:01:
                    e2:35:74:b4:6b:be:81:fe:11:62:67:0d:4c:f0:2d:
                    51:0b:0e:a3:82:0d:fc:ed:c0:4c:bf:ad:83:26:58:
                    1c:69:eb:53:11:bd:fe:ba:29:5a:48:8e:87:e9:60:
                    1b:bb:86:37:d2:b7:c5:8f:0b:ea:f7:56:7e:22:fc:
                    a9:82:a0:b9:59:e4:77:8b:ad:10:1e:49:1d:9d:70:
                    ac:82:3b:f4:da:24:24:2c:66:c2:79:90:88:2a:55:
                    78:f5:df:4c:27:f9:22:c2:91:a1:e0:9b:63:6e:b7:
                    0e:48:29:77:be:80:4e:ba:27:24:2a:47:79:0a:a9:
                    6e:94:e3:db:5e:7d:1c:d4:4a:56:64:4a:1d:ed:71:
                    c2:6f:8f:38:2a:95:3f:70:f3:72:e7:4d:52:b2:60:
                    87:d8:29:fc:f3:c6:57:9f:f5:e8:d7:5b:bd:ca:ac:
                    9e:c3:97:ff:eb:9b:0b:e8:40:99:8b:7a:5c:e7:7c:
                    55:f6:7d:1f:bb:18:61:dc:9c:af:1a:6f:4e:3f:90:
                    2b:16:9e:b6:4f:25:59:a1:eb:25:74:86:d4:e1:c4:
                    fe:d3:84:aa:d5:e0:08:3c:55:25:f3:e7:f2:64:14:
                    1c:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:7C:E0:6E:C8:60:70:F0:96:FF:33:0B:9E:EB:0A:C4:16:45:25:40
            X509v3 Authority Key Identifier:
                keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/O3zgbshgcPCW_zMLnusKxBZFJUA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.32.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c3:0d:58:48:89:a5:90:48:aa:12:6a:2a:7b:0a:45:70:cd:91:
         ad:3b:d0:ae:e1:e1:f6:e5:1f:83:3f:28:40:7e:d6:ae:fe:9f:
         5e:3a:d0:e9:6d:b5:61:80:7a:3c:a9:61:5f:24:47:44:e1:2a:
         66:94:bd:41:08:92:3b:b1:5f:5c:c7:ab:df:cd:1a:19:7e:65:
         7e:e1:65:2d:54:01:63:d8:c1:78:c7:63:0a:88:49:61:b4:01:
         5f:86:02:f8:69:c2:63:15:f6:6a:d1:c8:31:09:34:23:95:7a:
         65:a4:ea:68:3d:c4:e6:72:e7:72:1e:e5:87:bb:6f:87:3e:e3:
         ff:2b:2c:08:2e:22:df:e6:02:8c:4f:4f:79:b1:f2:73:67:c7:
         e0:da:4a:05:91:e9:88:4e:f5:1f:19:a9:fe:a2:77:3f:a2:15:
         32:26:56:b0:cf:17:30:4e:92:56:95:89:da:77:71:91:f7:1f:
         80:1d:11:f0:c5:8e:a7:61:d4:24:ea:9c:04:64:72:23:f1:b2:
         a2:3b:ea:d3:7a:9a:e6:3b:45:d0:cf:1d:57:a8:57:d4:55:c6:
         0a:90:3b:0a:20:b2:31:c0:81:c9:30:b1:69:a3:32:0a:b2:1e:
         a5:89:fa:0e:36:57:f8:ea:29:44:aa:78:50:36:01:30:6f:01:
         aa:1c:c5:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqQK+RL3dODjm3IsjFls9AuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwOTEzMjAxMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjdjZTA2ZWM4NjA3MGYwOTZmZjMzMGI5ZWViMGFjNDE2NDUyNTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNg5VGdDrauFg6RrlIVoAPlKjwiB
lhRxCJK+4AHiNXS0a76B/hFiZw1M8C1RCw6jgg387cBMv62DJlgcaetTEb3+uila
SI6H6WAbu4Y30rfFjwvq91Z+IvypgqC5WeR3i60QHkkdnXCsgjv02iQkLGbCeZCI
KlV49d9MJ/kiwpGh4JtjbrcOSCl3voBOuickKkd5CqlulOPbXn0c1EpWZEod7XHC
b484KpU/cPNy501SsmCH2Cn888ZXn/Xo11u9yqyew5f/65sL6ECZi3pc53xV9n0f
uxhh3JyvGm9OP5ArFp62TyVZoesldIbU4cT+04Sq1eAIPFUl8+fyZBQcAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDt84G7IYHDwlv8zC57rCsQWRSVAMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvTzN6Z2JzaGdjUENXX3pNTG51c0t4QlpGSlVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSC4MA0G
CSqGSIb3DQEBCwUAA4IBAQDDDVhIiaWQSKoSaip7CkVwzZGtO9Cu4eH25R+DPyhA
ftau/p9eOtDpbbVhgHo8qWFfJEdE4SpmlL1BCJI7sV9cx6vfzRoZfmV+4WUtVAFj
2MF4x2MKiElhtAFfhgL4acJjFfZq0cgxCTQjlXplpOpoPcTmcudyHuWHu2+HPuP/
KywILiLf5gKMT095sfJzZ8fg2koFkemITvUfGan+onc/ohUyJlawzxcwTpJWlYna
d3GR9x+AHRHwxY6nYdQk6pwEZHIj8bKiO+rTeprmO0XQzx1XqFfUVcYKkDsKILIx
wIHJMLFpozIKsh6lifoONlf46ilEqnhQNgEwbwGqHMU4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org