Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/oQhQImdiB6RpvOYLhfDLCzq35_U.roa
File:                     oQhQImdiB6RpvOYLhfDLCzq35_U.roa (raw, json)
Hash identifier:          XHRsUGtejkQUHCOjIetJ3byfwikFmboRcDLzUcMR7qA=
Subject key identifier:   A1:08:50:22:67:62:07:A4:69:BC:E6:0B:85:F0:CB:0B:3A:B7:E7:F5
Certificate issuer:       /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial:       01856BEECC2181683F529995DA3EB375D129
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/oQhQImdiB6RpvOYLhfDLCzq35_U.roa
Signing time:             Sun 01 Jan 2023 06:04:49 +0000
ROA not before:           Sun 01 Jan 2023 06:04:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200745
IP address blocks:        193.192.165.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:ee:cc:21:81:68:3f:52:99:95:da:3e:b3:75:d1:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
        Validity
            Not Before: Jan  1 06:04:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a1085022676207a469bce60b85f0cb0b3ab7e7f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:b5:21:7d:a6:92:55:fb:69:f7:eb:d6:21:5d:
                    59:81:f6:35:0b:c5:25:db:ac:a9:5e:dd:31:ed:4a:
                    4b:54:55:77:1e:aa:57:db:be:3b:61:28:15:d1:b9:
                    20:8e:0d:fb:38:76:db:5c:6b:76:93:cb:f4:9b:3b:
                    80:ce:93:c5:d7:70:29:44:d2:28:ad:0b:b2:dc:aa:
                    7e:8e:56:b5:a4:fb:f3:a8:e9:4b:99:b3:af:5c:30:
                    6c:e1:de:c9:57:fb:ee:5f:74:66:da:40:c4:3b:b4:
                    b1:66:bc:7e:b0:b8:e5:3f:95:c9:84:54:35:bc:df:
                    b0:c2:b1:1a:d8:9b:4a:5a:59:4d:5a:e2:d1:02:25:
                    93:0e:ba:69:d5:d6:db:22:3b:41:fe:82:dd:c7:16:
                    ba:2e:8e:82:9a:54:92:41:4a:80:d2:56:34:46:94:
                    d0:2e:cd:38:ae:1d:d1:18:0c:46:f4:0f:2d:1c:f0:
                    45:f6:cb:43:48:a3:1c:f1:ee:b8:c7:ed:5f:9a:61:
                    d5:c7:92:fd:c9:9b:0a:15:9a:42:f1:79:ca:3f:f4:
                    50:9c:bb:5d:c9:a1:1d:bb:04:e7:4d:35:99:d6:e7:
                    e6:8d:f1:e4:4f:8d:f0:38:be:f8:b3:d5:29:cc:ab:
                    76:40:86:11:51:22:be:ec:4f:fa:ed:3b:23:ce:0d:
                    16:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:08:50:22:67:62:07:A4:69:BC:E6:0B:85:F0:CB:0B:3A:B7:E7:F5
            X509v3 Authority Key Identifier:
                keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/oQhQImdiB6RpvOYLhfDLCzq35_U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.192.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:68:11:46:6a:72:0c:1e:d7:28:fe:98:f4:ef:18:be:a1:b8:
         3c:f0:46:89:5e:5a:64:e6:43:09:95:e5:79:84:7b:fa:a3:c9:
         e0:d7:de:2d:73:ff:04:2c:f9:b3:64:dc:08:87:c7:4b:c8:d4:
         44:5a:d8:7c:a2:a9:c6:90:d9:7c:bb:b8:98:9d:df:23:f1:38:
         04:47:0c:65:a0:d8:fd:b2:65:58:b6:87:37:5d:36:5c:c1:48:
         c6:8f:11:8b:d3:da:27:d7:90:06:bb:09:c8:29:7e:d3:85:d3:
         6d:03:c0:bb:e1:15:e1:03:9e:c2:9b:e9:ad:b9:e6:45:7e:42:
         ab:bb:b5:46:80:67:c4:05:bd:f7:55:43:ef:59:83:82:0d:12:
         9e:f1:b7:9e:aa:fa:f6:79:7c:56:e1:af:91:cb:24:e2:57:af:
         5b:51:ba:4e:c4:2b:28:cc:78:2a:ff:6c:4e:52:d5:8d:71:19:
         dc:5d:0f:03:8a:d1:ac:ff:d6:fd:ac:a2:80:34:21:da:aa:bd:
         fd:6c:df:61:f5:39:45:f3:a8:12:d4:33:61:b6:33:4c:02:01:
         24:ef:14:f4:6b:ef:2c:09:26:e7:6e:6f:5f:66:45:9e:ce:7b:
         75:1e:d2:d2:6d:37:12:ef:6a:53:83:22:05:a3:cc:b2:89:a5:
         30:57:e6:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr7swhgWg/UpmV2j6zddEpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjMwMTAxMDYwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTA4NTAyMjY3NjIwN2E0NjliY2U2MGI4NWYwY2IwYjNhYjdlN2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLUhfaaSVftp9+vWIV1ZgfY1C8Ul
26ypXt0x7UpLVFV3HqpX2747YSgV0bkgjg37OHbbXGt2k8v0mzuAzpPF13ApRNIo
rQuy3Kp+jla1pPvzqOlLmbOvXDBs4d7JV/vuX3Rm2kDEO7SxZrx+sLjlP5XJhFQ1
vN+wwrEa2JtKWllNWuLRAiWTDrpp1dbbIjtB/oLdxxa6Lo6CmlSSQUqA0lY0RpTQ
Ls04rh3RGAxG9A8tHPBF9stDSKMc8e64x+1fmmHVx5L9yZsKFZpC8XnKP/RQnLtd
yaEduwTnTTWZ1ufmjfHkT43wOL74s9UpzKt2QIYRUSK+7E/67Tsjzg0WVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKEIUCJnYgekabzmC4Xwyws6t+f1MB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvb1FoUUltZGlCNlJwdk9ZTGhmRExDenEzNV9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwcClMA0G
CSqGSIb3DQEBCwUAA4IBAQAJaBFGanIMHtco/pj07xi+obg88EaJXlpk5kMJleV5
hHv6o8ng194tc/8ELPmzZNwIh8dLyNREWth8oqnGkNl8u7iYnd8j8TgERwxloNj9
smVYtoc3XTZcwUjGjxGL09on15AGuwnIKX7ThdNtA8C74RXhA57Cm+mtueZFfkKr
u7VGgGfEBb33VUPvWYOCDRKe8beeqvr2eXxW4a+RyyTiV69bUbpOxCsozHgq/2xO
UtWNcRncXQ8DitGs/9b9rKKANCHaqr39bN9h9TlF86gS1DNhtjNMAgEk7xT0a+8s
CSbnbm9fZkWeznt1HtLSbTcS72pTgyIFo8yyiaUwV+ZV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:47 2024 by rpki-client on console-fra.rpki-client.org