Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/mhW1A9jXyJtDVJU6aS_arAbRLMw.roa
File:                     mhW1A9jXyJtDVJU6aS_arAbRLMw.roa (raw, json)
Hash identifier:          WPXj/j/4ElhnNRGW7OpUwFBO6fqsaJd141F0BsPo2MA=
Subject key identifier:   9A:15:B5:03:D8:D7:C8:9B:43:54:95:3A:69:2F:DA:AC:06:D1:2C:CC
Certificate issuer:       /CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Certificate serial:       0188BFABC11AA4A203B492C388E5515FDBB4
Authority key identifier: EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/mhW1A9jXyJtDVJU6aS_arAbRLMw.roa
Signing time:             Thu 15 Jun 2023 15:28:04 +0000
ROA not before:           Thu 15 Jun 2023 15:28:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8985
IP address blocks:        193.232.64.0/24 maxlen: 24
                          194.190.146.0/24 maxlen: 24
                          193.232.76.0/24 maxlen: 24
                          194.85.16.0/24 maxlen: 24
                          193.232.226.0/23 maxlen: 23
                          194.226.41.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 16 Jun 2023 07:31:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:bf:ab:c1:1a:a4:a2:03:b4:92:c3:88:e5:51:5f:db:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
        Validity
            Not Before: Jun 15 15:28:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9a15b503d8d7c89b4354953a692fdaac06d12ccc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:c7:1a:90:cb:11:49:f8:97:c3:2b:c3:c1:82:
                    0f:8a:ba:fc:17:79:99:9c:e8:93:b3:4f:24:73:85:
                    07:43:30:2f:eb:c0:55:24:9e:a0:b4:1b:ff:a5:79:
                    83:fc:73:b4:60:77:ab:ea:37:6e:cc:18:a4:67:c6:
                    1d:88:1a:1c:5e:94:ec:ce:23:6b:58:ed:86:69:ea:
                    ce:a1:e2:c2:0d:6f:dd:4e:a1:2b:11:97:19:18:31:
                    98:3a:9d:ae:12:d8:0e:17:40:28:6a:41:37:42:30:
                    87:7b:24:1c:87:c0:df:fb:78:07:ab:9f:53:0e:a9:
                    f0:3a:df:af:a5:90:aa:47:47:c4:0a:c6:9d:2d:c3:
                    48:66:77:69:ec:de:ff:47:49:da:94:66:7e:16:48:
                    a0:16:77:45:7b:3f:e9:19:6d:45:43:ba:60:cd:13:
                    4e:30:4f:29:32:34:76:08:07:36:eb:3a:08:19:cf:
                    24:28:45:64:08:e8:58:47:a4:78:15:4d:1c:0e:e5:
                    94:e8:01:0f:1f:12:71:bb:3e:c0:e8:76:3b:2f:b8:
                    23:52:eb:32:63:d0:40:a2:1f:fd:90:f8:dd:cf:62:
                    58:d6:e9:e5:02:45:e7:84:fb:a2:04:73:14:38:03:
                    57:93:40:84:6d:12:46:bc:f2:1a:8f:63:a5:4d:f8:
                    6c:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:15:B5:03:D8:D7:C8:9B:43:54:95:3A:69:2F:DA:AC:06:D1:2C:CC
            X509v3 Authority Key Identifier:
                keyid:EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/mhW1A9jXyJtDVJU6aS_arAbRLMw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.232.64.0/24
                  193.232.76.0/24
                  193.232.226.0/23
                  194.85.16.0/24
                  194.190.146.0/24
                  194.226.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:36:c5:0a:28:fe:5b:5c:01:1e:c0:2f:a3:2d:3e:e7:58:be:
         68:8f:25:59:95:d7:5f:a0:89:8b:a3:69:85:c1:7f:ef:ff:c9:
         e4:e5:30:b6:58:9e:99:a7:a7:05:7a:76:f5:d7:04:d7:0b:17:
         98:bf:13:dc:08:42:f2:02:8b:f7:2b:7a:ee:56:2d:97:1a:66:
         26:e5:db:61:0a:c1:03:dd:8a:76:d9:ba:8b:9b:35:87:e1:9b:
         5d:24:ed:65:80:71:2d:df:97:48:e3:4f:a9:ef:0c:02:fb:ba:
         0e:69:6d:64:bd:62:bf:18:82:25:53:05:33:2e:72:ef:dc:a3:
         28:e2:d7:21:d7:66:ab:19:58:2a:af:37:c9:36:89:96:91:b8:
         a0:7b:be:ce:4d:01:80:93:2d:8b:05:3c:cc:02:b8:df:74:f8:
         6d:14:5b:37:16:5c:f0:e6:3c:37:d2:51:76:4d:8c:9a:a5:80:
         6f:98:30:70:9f:3f:0a:b1:59:3c:91:ff:5f:96:d8:ba:91:0e:
         91:f6:6a:96:21:07:83:87:2d:c8:9f:f3:95:f5:94:98:60:08:
         ee:28:0c:9f:3b:3e:f9:74:bc:18:36:45:72:5c:ea:7f:8f:64:
         0e:3d:c6:4a:3e:68:c5:39:f5:c2:d1:14:f1:b1:de:c6:7e:dc:
         fc:c4:2f:27
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYi/q8EapKIDtJLDiOVRX9u0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMWM2NjViMDM4NjkyYjkzYmRmNWQxZDhmM2NlYTNlOTg2
OTdhMDMwHhcNMjMwNjE1MTUyODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTE1YjUwM2Q4ZDdjODliNDM1NDk1M2E2OTJmZGFhYzA2ZDEyY2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8cakMsRSfiXwyvDwYIPirr8F3mZ
nOiTs08kc4UHQzAv68BVJJ6gtBv/pXmD/HO0YHer6jduzBikZ8YdiBocXpTsziNr
WO2GaerOoeLCDW/dTqErEZcZGDGYOp2uEtgOF0AoakE3QjCHeyQch8Df+3gHq59T
DqnwOt+vpZCqR0fECsadLcNIZndp7N7/R0nalGZ+FkigFndFez/pGW1FQ7pgzRNO
ME8pMjR2CAc26zoIGc8kKEVkCOhYR6R4FU0cDuWU6AEPHxJxuz7A6HY7L7gjUusy
Y9BAoh/9kPjdz2JY1unlAkXnhPuiBHMUOANXk0CEbRJGvPIaj2OlTfhs9QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJoVtQPY18ibQ1SVOmkv2qwG0SzMMB8GA1UdIwQY
MBaAFO8cZlsDhpK5O99dHY886j6YaXoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAt
Njg4ZDMzM2VkOWQ1LzEvbWhXMUE5alh5SnREVkpVNmFTX2FyQWJSTE13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAtNjg4ZDMzM2VkOWQ1
LzEvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwehAAwQA
wehMAwQBwejiAwQAwlUQAwQAwr6SAwQAwuIpMA0GCSqGSIb3DQEBCwUAA4IBAQAe
NsUKKP5bXAEewC+jLT7nWL5ojyVZlddfoImLo2mFwX/v/8nk5TC2WJ6Zp6cFenb1
1wTXCxeYvxPcCELyAov3K3ruVi2XGmYm5dthCsED3Yp22bqLmzWH4ZtdJO1lgHEt
35dI40+p7wwC+7oOaW1kvWK/GIIlUwUzLnLv3KMo4tch12arGVgqrzfJNomWkbig
e77OTQGAky2LBTzMArjfdPhtFFs3Flzw5jw30lF2TYyapYBvmDBwnz8KsVk8kf9f
lti6kQ6R9mqWIQeDhy3In/OV9ZSYYAjuKAyfOz75dLwYNkVyXOp/j2QOPcZKPmjF
OfXC0RTxsd7Gftz8xC8n
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:51 2024 by rpki-client on console-ams.rpki-client.org