Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/H75vqYqn2o3rlIfJrS5cIqrZDZg.roa
File:                     H75vqYqn2o3rlIfJrS5cIqrZDZg.roa (raw, json)
Hash identifier:          JKqa6nl4kewsqvU9fB8OZySGCu1Bxf026DJZ1j5Qhus=
Subject key identifier:   1F:BE:6F:A9:8A:A7:DA:8D:EB:94:87:C9:AD:2E:5C:22:AA:D9:0D:98
Certificate issuer:       /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial:       018C3326FAABF34E94ABFA6B3B608FAFDB4B
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/H75vqYqn2o3rlIfJrS5cIqrZDZg.roa
Signing time:             Mon 04 Dec 2023 04:47:21 +0000
ROA not before:           Mon 04 Dec 2023 04:47:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58289
IP address blocks:        194.31.133.0/24 maxlen: 24
                          194.31.135.0/24 maxlen: 24
                          185.162.234.0/24 maxlen: 24
                          193.43.251.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:33:26:fa:ab:f3:4e:94:ab:fa:6b:3b:60:8f:af:db:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
        Validity
            Not Before: Dec  4 04:47:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1fbe6fa98aa7da8deb9487c9ad2e5c22aad90d98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:81:f4:8f:53:22:bd:2b:71:e7:db:c4:ee:4b:
                    e4:d4:17:9a:8d:49:02:4b:45:e0:2c:61:ab:2f:fd:
                    cd:9a:6d:0d:1b:1a:e6:6b:0f:fd:6f:6d:64:c7:8a:
                    3c:31:0a:91:51:a3:1d:7a:d0:13:7a:9e:ce:6e:dd:
                    f7:7d:43:fe:6a:7f:ec:23:f9:e0:4c:de:87:36:cd:
                    ca:1f:be:e9:3a:7a:60:4c:55:24:e4:08:92:e3:d0:
                    d7:2b:5e:23:1c:75:a6:c1:e0:b3:57:10:00:a5:93:
                    0f:66:c8:b9:de:dc:b5:33:04:e3:c1:79:a6:05:3b:
                    e7:e5:5c:c4:85:23:d7:8a:41:66:31:99:5c:ff:09:
                    ff:c8:b3:f1:0b:9b:c5:c4:59:63:42:66:43:7e:a9:
                    36:5e:ee:91:c5:05:06:cd:f7:af:8b:7d:f0:b6:23:
                    82:a6:b9:55:25:79:5e:8d:1d:b6:38:8a:a5:db:48:
                    ad:db:01:9b:28:ee:16:63:70:7c:cd:55:dc:62:dd:
                    cc:d6:8e:0e:30:fb:0a:ef:4f:6c:d4:8d:a1:7a:4d:
                    df:05:e4:af:b6:c8:d6:c7:bf:ea:4d:26:0e:fa:b0:
                    a1:6a:cb:9d:4b:da:d1:bb:dc:81:a4:20:bb:e6:4e:
                    8f:69:1a:d3:b0:e0:15:8e:5d:af:5c:fa:14:2f:9e:
                    4c:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:BE:6F:A9:8A:A7:DA:8D:EB:94:87:C9:AD:2E:5C:22:AA:D9:0D:98
            X509v3 Authority Key Identifier:
                keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/H75vqYqn2o3rlIfJrS5cIqrZDZg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.162.234.0/24
                  193.43.251.0/24
                  194.31.133.0/24
                  194.31.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:0b:61:73:32:53:8c:c8:e9:c2:ee:99:24:37:11:0b:b1:78:
         23:89:ea:ef:49:85:55:5f:d0:99:86:51:ea:da:77:45:36:68:
         62:1b:51:9f:b6:ea:79:66:e4:f5:ca:5f:89:75:ae:72:ad:d6:
         dd:f7:28:54:d4:32:3d:af:25:96:d6:80:b4:a1:ab:4e:92:d2:
         31:63:27:df:d8:77:ac:c0:b4:a5:3b:3e:dd:10:5e:b8:09:9e:
         ce:70:0f:b1:19:a4:fe:a9:a8:63:ca:c2:e4:07:8d:52:0a:a9:
         e1:5a:a2:75:df:1d:0a:1b:87:ef:25:52:eb:06:34:ad:92:09:
         66:f0:9d:fa:82:8a:11:e2:ef:40:92:62:4f:cb:24:f7:04:b3:
         d2:f2:68:95:95:f0:e2:a1:0a:b9:a9:bf:0a:e4:ca:de:7c:71:
         dc:1f:1f:13:49:dc:69:2d:1d:3f:02:64:a7:09:a2:9c:93:1a:
         b6:3a:9e:7b:97:a4:4c:57:36:d6:57:99:0b:65:42:e7:62:0d:
         ea:76:67:44:a0:73:38:9f:74:60:d1:6e:6f:02:19:69:26:35:
         01:50:2a:42:5b:7c:e2:8b:ac:7c:4a:9e:5e:9e:6d:c5:0e:37:
         63:69:7d:c0:5d:e2:c7:b9:bc:b4:3a:1b:41:78:83:ce:7a:56:
         73:a4:b9:83
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYwzJvqr806Uq/prO2CPr9tLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjMxMjA0MDQ0NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmJlNmZhOThhYTdkYThkZWI5NDg3YzlhZDJlNWMyMmFhZDkwZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYH0j1MivStx59vE7kvk1BeajUkC
S0XgLGGrL/3Nmm0NGxrmaw/9b21kx4o8MQqRUaMdetATep7Obt33fUP+an/sI/ng
TN6HNs3KH77pOnpgTFUk5AiS49DXK14jHHWmweCzVxAApZMPZsi53ty1MwTjwXmm
BTvn5VzEhSPXikFmMZlc/wn/yLPxC5vFxFljQmZDfqk2Xu6RxQUGzfevi33wtiOC
prlVJXlejR22OIql20it2wGbKO4WY3B8zVXcYt3M1o4OMPsK709s1I2hek3fBeSv
tsjWx7/qTSYO+rChasudS9rRu9yBpCC75k6PaRrTsOAVjl2vXPoUL55MAwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB++b6mKp9qN65SHya0uXCKq2Q2YMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvSDc1dnFZcW4ybzNybElmSnJTNWNJcXJaRFpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuaLqAwQA
wSv7AwQAwh+FAwQAwh+HMA0GCSqGSIb3DQEBCwUAA4IBAQA8C2FzMlOMyOnC7pkk
NxELsXgjiervSYVVX9CZhlHq2ndFNmhiG1Gftup5ZuT1yl+Jda5yrdbd9yhU1DI9
ryWW1oC0oatOktIxYyff2HeswLSlOz7dEF64CZ7OcA+xGaT+qahjysLkB41SCqnh
WqJ13x0KG4fvJVLrBjStkglm8J36gooR4u9AkmJPyyT3BLPS8miVlfDioQq5qb8K
5MrefHHcHx8TSdxpLR0/AmSnCaKckxq2Op57l6RMVzbWV5kLZULnYg3qdmdEoHM4
n3Rg0W5vAhlpJjUBUCpCW3zii6x8Sp5enm3FDjdjaX3AXeLHuby0OhtBeIPOelZz
pLmD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:15 2024 by rpki-client on console-fra.rpki-client.org