Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/coO3yJ-7XOpnS7dwT-tcSariPRU.roa
File:                     coO3yJ-7XOpnS7dwT-tcSariPRU.roa (raw, json)
Hash identifier:          iYBrtYk5j4wzuEIgL/QyEsv+r3DRoPGJYP84FQg98Ts=
Subject key identifier:   72:83:B7:C8:9F:BB:5C:EA:67:4B:B7:70:4F:EB:5C:49:AA:E2:3D:15
Certificate issuer:       /CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
Certificate serial:       01856E8B2419CAD661C69D89E520ED8C4476
Authority key identifier: 08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/coO3yJ-7XOpnS7dwT-tcSariPRU.roa
Signing time:             Sun 01 Jan 2023 18:14:50 +0000
ROA not before:           Sun 01 Jan 2023 18:14:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206617
IP address blocks:        188.241.251.0/24 maxlen: 24
                          195.2.218.0/23 maxlen: 23
                          193.178.224.0/23 maxlen: 23
                          185.18.24.0/22 maxlen: 24
                          31.14.184.0/21 maxlen: 22
                          188.213.16.0/24 maxlen: 24
                          188.241.186.0/24 maxlen: 24
                          188.213.40.0/21 maxlen: 22
                          93.114.170.0/24 maxlen: 24
                          188.240.42.0/24 maxlen: 24
                          188.240.44.0/23 maxlen: 23
                          188.241.153.0/24 maxlen: 24
                          93.114.245.0/24 maxlen: 24
                          93.115.210.0/24 maxlen: 24
                          185.167.52.0/22 maxlen: 22
                          89.40.234.0/23 maxlen: 23
                          89.32.152.0/23 maxlen: 23
                          2a03:f140::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 24 Aug 2023 09:29:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:8b:24:19:ca:d6:61:c6:9d:89:e5:20:ed:8c:44:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
        Validity
            Not Before: Jan  1 18:14:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7283b7c89fbb5cea674bb7704feb5c49aae23d15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:6a:f2:43:08:5f:6e:c7:e1:12:05:04:77:30:
                    9a:07:48:04:e9:6c:34:0f:22:ad:8a:1c:6f:87:f6:
                    f0:cf:65:6c:b3:10:f6:45:2a:65:42:96:9c:b2:0e:
                    fb:b3:3c:32:48:7a:bf:08:74:c8:87:8d:9b:5b:39:
                    5d:c6:d3:fe:8b:aa:5b:9a:e7:10:05:d9:bf:06:b9:
                    e6:37:73:13:f1:8d:58:1e:13:6c:3a:b1:27:08:cc:
                    bc:08:34:0a:61:49:3a:08:63:d8:42:cb:82:b6:4e:
                    16:e4:80:5c:6a:d3:44:b8:c0:4d:64:21:df:88:ca:
                    b2:5f:bb:47:8a:67:fa:55:a9:14:82:48:9a:e3:43:
                    92:78:26:bf:09:83:02:5f:80:d8:99:28:9e:20:18:
                    af:80:b5:5e:26:9d:50:a6:a2:5f:4e:de:71:47:36:
                    1e:68:16:99:cc:58:68:2a:68:08:d6:81:6d:19:03:
                    38:e1:ca:84:a8:ac:1b:21:bb:4e:b6:7b:a4:47:91:
                    c4:00:51:ac:92:d9:f3:51:a9:5c:3d:4f:2e:0b:c3:
                    5e:3b:4d:0d:56:03:11:42:6e:54:95:66:5a:21:63:
                    bb:b4:d9:44:b4:2a:8d:30:50:9f:b1:d0:04:a4:87:
                    0b:1c:47:93:cd:59:35:d8:4e:38:8d:81:f1:83:92:
                    16:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:83:B7:C8:9F:BB:5C:EA:67:4B:B7:70:4F:EB:5C:49:AA:E2:3D:15
            X509v3 Authority Key Identifier:
                keyid:08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/coO3yJ-7XOpnS7dwT-tcSariPRU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.14.184.0/21
                  89.32.152.0/23
                  89.40.234.0/23
                  93.114.170.0/24
                  93.114.245.0/24
                  93.115.210.0/24
                  185.18.24.0/22
                  185.167.52.0/22
                  188.213.16.0/24
                  188.213.40.0/21
                  188.240.42.0/24
                  188.240.44.0/23
                  188.241.153.0/24
                  188.241.186.0/24
                  188.241.251.0/24
                  193.178.224.0/23
                  195.2.218.0/23
                IPv6:
                  2a03:f140::/32

    Signature Algorithm: sha256WithRSAEncryption
         3a:17:37:d5:66:0b:17:f6:45:41:f9:75:40:58:cc:ac:55:52:
         67:31:c4:c7:b4:8d:86:e7:25:09:f5:f1:2b:69:91:3e:63:fc:
         24:76:5f:de:c3:d1:5e:98:7a:1d:99:0d:06:f5:5b:fa:86:ce:
         c3:51:5a:8d:c2:a2:f4:c2:36:f1:ed:85:6c:0f:98:33:4c:c7:
         c0:b7:9d:43:2f:bb:2a:12:d4:04:2b:0b:5f:84:0e:f3:1e:1e:
         8d:83:ad:65:b1:13:30:32:fd:44:5d:5c:e5:48:a1:38:4c:1f:
         ae:07:63:26:38:f6:17:c8:8a:51:9c:ad:74:13:7e:cb:c0:4f:
         8b:3c:6f:76:52:05:6b:a8:88:61:72:64:8d:18:5b:5d:1d:3b:
         91:87:04:de:5c:8e:f5:69:5d:df:46:f0:29:f3:38:cb:f1:06:
         a5:48:5e:7e:5f:50:1c:32:9b:64:bf:66:68:a6:87:c1:8a:19:
         fa:f8:fb:c1:57:1c:71:36:27:b6:bf:b5:70:01:0c:24:af:dc:
         3a:44:74:f0:45:4e:55:3b:a9:40:a8:db:09:1d:e6:e3:6c:b6:
         68:ed:ca:42:2f:f4:07:d2:d5:3e:97:c0:dd:6d:ba:de:b2:be:
         cf:a2:a3:a0:6e:93:40:10:42:20:c5:f2:40:40:68:3b:c4:21:
         c4:bb:c0:48
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYVuiyQZytZhxp2J5SDtjER2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTM0ZGFhYTg4N2Q5OGE1MzQ4YzNhNDYwYTIxZmM4NGUx
MWE0ZTYwHhcNMjMwMTAxMTgxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjgzYjdjODlmYmI1Y2VhNjc0YmI3NzA0ZmViNWM0OWFhZTIzZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2ryQwhfbsfhEgUEdzCaB0gE6Ww0
DyKtihxvh/bwz2VssxD2RSplQpacsg77szwySHq/CHTIh42bWzldxtP+i6pbmucQ
Bdm/BrnmN3MT8Y1YHhNsOrEnCMy8CDQKYUk6CGPYQsuCtk4W5IBcatNEuMBNZCHf
iMqyX7tHimf6VakUgkia40OSeCa/CYMCX4DYmSieIBivgLVeJp1QpqJfTt5xRzYe
aBaZzFhoKmgI1oFtGQM44cqEqKwbIbtOtnukR5HEAFGsktnzUalcPU8uC8NeO00N
VgMRQm5UlWZaIWO7tNlEtCqNMFCfsdAEpIcLHEeTzVk12E44jYHxg5IW6QIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFHKDt8ifu1zqZ0u3cE/rXEmq4j0VMB8GA1UdIwQY
MBaAFAijTaqoh9mKU0jDpGCiH8hOEaTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAt
YzYyY2YyMGE1ZWM5LzEvY29PM3lKLTdYT3BuUzdkd1QtdGNTYXJpUFJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAtYzYyY2YyMGE1ZWM5
LzEvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAx8OuAME
AVkgmAMEAVko6gMEAF1yqgMEAF1y9QMEAF1z0gMEArkSGAMEArmnNAMEALzVEAME
A7zVKAMEALzwKgMEAbzwLAMEALzxmQMEALzxugMEALzx+wMEAcGy4AMEAcMC2jAN
BAIAAjAHAwUAKgPxQDANBgkqhkiG9w0BAQsFAAOCAQEAOhc31WYLF/ZFQfl1QFjM
rFVSZzHEx7SNhuclCfXxK2mRPmP8JHZf3sPRXph6HZkNBvVb+obOw1FajcKi9MI2
8e2FbA+YM0zHwLedQy+7KhLUBCsLX4QO8x4ejYOtZbETMDL9RF1c5UihOEwfrgdj
Jjj2F8iKUZytdBN+y8BPizxvdlIFa6iIYXJkjRhbXR07kYcE3lyO9Wld30bwKfM4
y/EGpUhefl9QHDKbZL9maKaHwYoZ+vj7wVcccTYntr+1cAEMJK/cOkR08EVOVTup
QKjbCR3m42y2aO3KQi/0B9LVPpfA3W263rK+z6KjoG6TQBBCIMXyQEBoO8QhxLvA
SA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:54 2024 by rpki-client on console-fra.rpki-client.org