Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/r0O7z3myUYwDUDKoP0Sn2sUJK3A.roa
File:                     r0O7z3myUYwDUDKoP0Sn2sUJK3A.roa (raw, json)
Hash identifier:          Ox3Z9nDFSw2F3/UZQVsW9r7mKbSAef+hy3M1BRhQ81I=
Subject key identifier:   AF:43:BB:CF:79:B2:51:8C:03:50:32:A8:3F:44:A7:DA:C5:09:2B:70
Certificate issuer:       /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial:       018CB198ED0586AA44EF84E6D63824998A87
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/r0O7z3myUYwDUDKoP0Sn2sUJK3A.roa
Signing time:             Thu 28 Dec 2023 18:03:58 +0000
ROA not before:           Thu 28 Dec 2023 18:03:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     396356
IP address blocks:        194.146.93.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:b1:98:ed:05:86:aa:44:ef:84:e6:d6:38:24:99:8a:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
        Validity
            Not Before: Dec 28 18:03:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=af43bbcf79b2518c035032a83f44a7dac5092b70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:24:7c:9b:01:16:7d:d2:a6:ae:7a:f2:98:3b:
                    57:b3:f5:f5:9d:21:7e:09:c2:6a:95:f2:cd:32:bd:
                    b4:48:ab:0f:45:90:b5:09:a9:e9:96:85:79:42:52:
                    0e:cb:ec:a8:02:ed:e2:58:c2:8d:76:6f:dc:cc:9d:
                    7b:11:46:64:ed:d5:d0:4e:c3:b0:95:1b:da:60:f1:
                    26:61:b6:25:49:f7:46:99:20:15:ce:28:2f:6a:fc:
                    ce:55:d0:9d:c5:7e:50:d1:a7:4b:0b:a0:5c:f9:b7:
                    3a:ef:fa:ae:73:8b:99:2f:59:34:30:63:fd:fc:6d:
                    0a:34:27:8b:f2:96:74:26:c5:c2:7a:fc:72:78:da:
                    1c:ce:fb:82:93:fb:45:13:60:13:a9:cb:ed:d3:ff:
                    2a:a8:9a:0c:66:8f:04:f6:00:0e:ac:82:1a:4c:9e:
                    1b:b8:21:32:80:01:5d:07:b2:29:51:0f:29:62:77:
                    7a:3c:5a:63:5c:c7:80:ec:f7:87:20:0e:14:72:e1:
                    44:d6:72:2d:34:ba:9a:8a:0a:c5:d1:76:66:ef:56:
                    b3:78:46:a2:89:75:a6:ba:48:3e:15:d7:09:33:77:
                    86:78:e7:78:e5:ea:9c:05:22:32:0b:97:c5:ca:c4:
                    b8:7a:61:8e:5e:46:6c:3e:9e:2f:59:3d:8d:da:75:
                    df:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:43:BB:CF:79:B2:51:8C:03:50:32:A8:3F:44:A7:DA:C5:09:2B:70
            X509v3 Authority Key Identifier:
                keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/r0O7z3myUYwDUDKoP0Sn2sUJK3A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.146.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:a3:40:1f:41:2b:22:e6:d4:25:ab:7c:d8:2b:07:67:9a:25:
         62:ba:ab:3f:22:21:02:a2:dc:13:73:6f:67:8d:6c:9d:d9:ca:
         df:cc:8f:d6:d2:e3:7e:0e:2c:3e:a7:7f:22:bb:73:f1:cb:c6:
         c9:25:b0:e4:5c:a8:72:d4:9d:b0:0b:b2:79:61:57:4d:ea:85:
         8d:d3:2f:32:d0:7b:ac:3a:d1:3a:f9:13:c6:5e:62:56:41:e4:
         22:85:da:61:66:bb:65:40:96:ed:3c:c9:b6:66:fa:34:d3:3b:
         24:d5:55:45:1a:36:95:07:22:df:1a:67:4e:1d:75:ff:3e:db:
         d1:3d:22:8c:1d:98:d7:66:79:84:fb:dd:89:b6:73:eb:10:a8:
         23:e2:43:12:a9:94:31:9a:31:29:8e:96:a1:27:b5:5a:c5:19:
         37:19:af:78:5d:01:2f:71:54:66:ea:dd:bf:ae:f9:7d:71:21:
         26:7f:c6:33:44:92:15:fe:2b:6b:3b:d9:d1:95:ea:26:fa:e0:
         9a:c1:4f:43:71:18:d9:f4:84:97:32:08:f7:cc:70:ed:a3:0c:
         e4:39:11:40:eb:1d:b0:ca:93:1f:71:e7:a9:81:11:17:f9:42:
         fa:b4:e7:04:0e:52:c9:b3:4e:df:ae:b7:9a:ee:c9:63:4c:42:
         82:7c:01:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyxmO0FhqpE74Tm1jgkmYqHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMxMjI4MTgwMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjQzYmJjZjc5YjI1MThjMDM1MDMyYTgzZjQ0YTdkYWM1MDkyYjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCR8mwEWfdKmrnrymDtXs/X1nSF+
CcJqlfLNMr20SKsPRZC1CanploV5QlIOy+yoAu3iWMKNdm/czJ17EUZk7dXQTsOw
lRvaYPEmYbYlSfdGmSAVzigvavzOVdCdxX5Q0adLC6Bc+bc67/quc4uZL1k0MGP9
/G0KNCeL8pZ0JsXCevxyeNoczvuCk/tFE2ATqcvt0/8qqJoMZo8E9gAOrIIaTJ4b
uCEygAFdB7IpUQ8pYnd6PFpjXMeA7PeHIA4UcuFE1nItNLqaigrF0XZm71azeEai
iXWmukg+FdcJM3eGeOd45eqcBSIyC5fFysS4emGOXkZsPp4vWT2N2nXf4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK9Du895slGMA1AyqD9Ep9rFCStwMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvcjBPN3ozbXlVWXdEVURLb1AwU24yc1VKSzNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpJdMA0G
CSqGSIb3DQEBCwUAA4IBAQCOo0AfQSsi5tQlq3zYKwdnmiViuqs/IiECotwTc29n
jWyd2crfzI/W0uN+Diw+p38iu3Pxy8bJJbDkXKhy1J2wC7J5YVdN6oWN0y8y0Hus
OtE6+RPGXmJWQeQihdphZrtlQJbtPMm2Zvo00zsk1VVFGjaVByLfGmdOHXX/PtvR
PSKMHZjXZnmE+92JtnPrEKgj4kMSqZQxmjEpjpahJ7VaxRk3Ga94XQEvcVRm6t2/
rvl9cSEmf8YzRJIV/itrO9nRleom+uCawU9DcRjZ9ISXMgj3zHDtowzkORFA6x2w
ypMfceepgREX+UL6tOcEDlLJs07frrea7sljTEKCfAFg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org