Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/OvcSvSmCZ_YQ---uAK2M3IDe7u0.roa
File:                     OvcSvSmCZ_YQ---uAK2M3IDe7u0.roa (raw, json)
Hash identifier:          ECn2pb0gc3KXfi1r9UoxaJ5tyZ+kngVIdSmXqPK8qf8=
Subject key identifier:   3A:F7:12:BD:29:82:67:F6:10:FB:EF:AE:00:AD:8C:DC:80:DE:EE:ED
Certificate issuer:       /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial:       018CF46C32BDBE538E8502457039D21E81B9
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/OvcSvSmCZ_YQ---uAK2M3IDe7u0.roa
Signing time:             Wed 10 Jan 2024 17:29:40 +0000
ROA not before:           Wed 10 Jan 2024 17:29:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        188.191.100.0/24 maxlen: 24
                          185.227.7.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 14 Jan 2024 19:28:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:f4:6c:32:bd:be:53:8e:85:02:45:70:39:d2:1e:81:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
        Validity
            Not Before: Jan 10 17:29:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3af712bd298267f610fbefae00ad8cdc80deeeed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:bf:46:64:bf:51:01:f4:c6:3f:ee:85:58:ac:
                    d4:dc:f9:e9:76:29:dc:62:9f:6e:c0:74:b4:18:57:
                    e9:2b:1c:ec:d9:60:01:56:b8:90:73:c0:57:7a:39:
                    1c:6f:63:05:ea:5a:5c:47:12:f4:90:c8:56:88:41:
                    ab:3c:07:95:ea:8c:f0:86:5a:cc:b8:d4:84:88:3b:
                    8e:67:84:0e:53:11:79:6e:ee:1a:28:01:de:57:27:
                    74:b0:a9:3d:ad:08:ed:ac:69:bd:bb:a1:d2:1f:d5:
                    88:1a:7a:b1:c8:22:33:75:20:aa:22:f5:82:3b:ae:
                    aa:2d:0c:56:6a:e0:f2:be:8b:32:24:b4:85:22:94:
                    d3:89:16:6b:af:92:d9:f0:9b:18:4e:ad:05:f0:5f:
                    6e:83:77:57:97:dd:ff:84:5e:7c:a9:58:b6:29:a5:
                    87:7f:06:87:c7:b5:3f:62:51:4f:0f:09:89:fc:61:
                    eb:15:34:ff:d0:3e:ca:50:ba:fb:ce:6d:6c:70:45:
                    9b:7c:06:b6:19:c9:5e:7e:ec:c7:c3:cb:96:a5:45:
                    76:e2:44:c5:6c:c7:5a:97:ba:43:0c:88:65:14:55:
                    89:3b:b7:5b:fb:58:ca:c8:90:48:d6:eb:99:c0:64:
                    f9:03:df:e2:5a:c1:6d:8b:26:3f:6b:c8:c2:b9:e3:
                    bd:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:F7:12:BD:29:82:67:F6:10:FB:EF:AE:00:AD:8C:DC:80:DE:EE:ED
            X509v3 Authority Key Identifier:
                keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/OvcSvSmCZ_YQ---uAK2M3IDe7u0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.227.7.0/24
                  188.191.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:ba:ec:bf:fa:e1:ae:99:e6:bb:71:bd:05:47:8a:30:b3:7f:
         12:ab:7f:4d:82:f1:ef:1b:b1:8b:9e:b1:2b:2a:57:7e:2a:dd:
         7b:b1:a7:31:a5:9c:30:13:92:fd:6f:d4:11:2e:d4:39:cf:92:
         26:68:d5:2e:fc:68:41:fb:d5:a0:f3:91:8c:b3:de:84:d5:6d:
         72:09:e5:27:eb:d2:0d:37:a8:39:c1:56:e2:7d:26:26:bb:30:
         69:59:89:c9:1b:de:e9:2f:f5:24:ea:14:d9:bc:d6:25:8c:0a:
         b4:68:8d:3a:17:c2:75:d2:4f:c6:02:4a:67:8b:0a:66:64:50:
         8e:0d:49:55:45:f2:73:0d:31:aa:b0:9d:5b:df:51:07:09:87:
         1d:af:10:05:40:f3:43:71:17:f5:ca:f4:ff:d5:c9:cb:2d:8c:
         06:73:d8:14:f8:e3:1d:8e:a0:83:a9:ff:c7:c2:dd:f6:9a:19:
         96:08:bd:e6:f9:10:7f:ff:b7:77:f6:bc:ea:2d:1b:f9:25:39:
         fb:f0:bb:ba:b8:c1:96:e5:bf:8f:20:d1:4f:d3:71:76:29:72:
         dc:f6:f1:2d:e7:5f:10:98:29:67:92:ad:0a:cc:93:64:2f:1e:
         7f:59:3a:d1:b6:04:ed:2b:9f:45:97:e7:13:87:f7:8d:a6:b9:
         d2:9d:de:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYz0bDK9vlOOhQJFcDnSHoG5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjQwMTEwMTcyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWY3MTJiZDI5ODI2N2Y2MTBmYmVmYWUwMGFkOGNkYzgwZGVlZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyL9GZL9RAfTGP+6FWKzU3Pnpdinc
Yp9uwHS0GFfpKxzs2WABVriQc8BXejkcb2MF6lpcRxL0kMhWiEGrPAeV6ozwhlrM
uNSEiDuOZ4QOUxF5bu4aKAHeVyd0sKk9rQjtrGm9u6HSH9WIGnqxyCIzdSCqIvWC
O66qLQxWauDyvosyJLSFIpTTiRZrr5LZ8JsYTq0F8F9ug3dXl93/hF58qVi2KaWH
fwaHx7U/YlFPDwmJ/GHrFTT/0D7KULr7zm1scEWbfAa2GclefuzHw8uWpUV24kTF
bMdal7pDDIhlFFWJO7db+1jKyJBI1uuZwGT5A9/iWsFtiyY/a8jCueO9/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDr3Er0pgmf2EPvvrgCtjNyA3u7tMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvT3ZjU3ZTbUNaX1lRLS0tdUFLMk0zSURlN3UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAueMHAwQA
vL9kMA0GCSqGSIb3DQEBCwUAA4IBAQB/uuy/+uGumea7cb0FR4ows38Sq39NgvHv
G7GLnrErKld+Kt17sacxpZwwE5L9b9QRLtQ5z5ImaNUu/GhB+9Wg85GMs96E1W1y
CeUn69INN6g5wVbifSYmuzBpWYnJG97pL/Uk6hTZvNYljAq0aI06F8J10k/GAkpn
iwpmZFCODUlVRfJzDTGqsJ1b31EHCYcdrxAFQPNDcRf1yvT/1cnLLYwGc9gU+OMd
jqCDqf/Hwt32mhmWCL3m+RB//7d39rzqLRv5JTn78Lu6uMGW5b+PINFP03F2KXLc
9vEt518QmClnkq0KzJNkLx5/WTrRtgTtK59Fl+cTh/eNprnSnd4p
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org