Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/9a694b-c61b-41b2-93ce-4dc2f793c3cd/1/osacd593PZL502kYiqhwmwi9lEA.roa
File:                     osacd593PZL502kYiqhwmwi9lEA.roa (raw, json)
Hash identifier:          /EbxWZrZWfdvbQJvdi2aXwe86CI61FuEt9rG29uFcYg=
Subject key identifier:   A2:C6:9C:77:9F:77:3D:92:F9:D3:69:18:8A:A8:70:9B:08:BD:94:40
Certificate issuer:       /CN=c32a16b207e3b6f6f72d3d0ad5fceba8ea103636
Certificate serial:       01856D4195A866E857140BC357BE921FBAB1
Authority key identifier: C3:2A:16:B2:07:E3:B6:F6:F7:2D:3D:0A:D5:FC:EB:A8:EA:10:36:36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wyoWsgfjtvb3LT0K1fzrqOoQNjY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/9a694b-c61b-41b2-93ce-4dc2f793c3cd/1/osacd593PZL502kYiqhwmwi9lEA.roa
Signing time:             Sun 01 Jan 2023 12:14:52 +0000
ROA not before:           Sun 01 Jan 2023 12:14:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198290
IP address blocks:        193.169.158.0/23 maxlen: 23
                          185.44.56.0/22 maxlen: 22
                          2a01:7360::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 16 May 2023 05:59:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:41:95:a8:66:e8:57:14:0b:c3:57:be:92:1f:ba:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c32a16b207e3b6f6f72d3d0ad5fceba8ea103636
        Validity
            Not Before: Jan  1 12:14:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a2c69c779f773d92f9d369188aa8709b08bd9440
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:84:53:b7:48:62:13:81:41:a5:5b:5d:2d:45:
                    76:c3:8c:d4:0e:d8:e1:84:ca:b6:b3:af:f6:ee:4a:
                    24:f7:02:f2:b1:05:5c:02:db:7f:ac:d1:e7:d4:e4:
                    28:8c:4e:a8:a1:08:99:89:62:46:c7:c6:36:1d:b1:
                    b3:47:eb:b2:6d:6d:70:5d:c9:6b:ad:5a:14:b3:4c:
                    54:85:8c:73:40:9f:50:99:aa:32:11:64:47:2a:1c:
                    04:71:06:a6:f3:aa:ea:be:a3:64:27:c3:0e:6d:5a:
                    6a:89:92:21:d8:26:ff:97:1d:9a:07:7f:24:20:5b:
                    40:1a:87:2f:ec:86:14:a0:ea:20:72:4d:fb:cd:94:
                    15:e2:0a:50:4b:cd:56:35:32:ad:13:16:d2:6a:a2:
                    0a:91:f4:c2:2d:ff:3d:27:89:34:0b:51:2c:ff:29:
                    2a:1e:fd:db:69:8c:23:4c:4b:99:14:ec:98:bf:35:
                    0a:e0:54:b2:ee:e4:cd:28:d2:24:f6:b7:2d:30:fb:
                    cb:46:62:39:46:f9:68:dd:27:53:78:45:dd:6f:be:
                    77:4f:6a:32:c5:d7:40:60:c5:4c:5a:b4:7e:28:85:
                    08:4a:94:a5:3f:36:5d:a6:19:54:5f:b7:63:1a:8b:
                    62:0c:75:f9:4f:7a:5a:9f:37:7e:8d:51:aa:0c:8b:
                    fd:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:C6:9C:77:9F:77:3D:92:F9:D3:69:18:8A:A8:70:9B:08:BD:94:40
            X509v3 Authority Key Identifier:
                keyid:C3:2A:16:B2:07:E3:B6:F6:F7:2D:3D:0A:D5:FC:EB:A8:EA:10:36:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wyoWsgfjtvb3LT0K1fzrqOoQNjY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/9a694b-c61b-41b2-93ce-4dc2f793c3cd/1/osacd593PZL502kYiqhwmwi9lEA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/9a694b-c61b-41b2-93ce-4dc2f793c3cd/1/wyoWsgfjtvb3LT0K1fzrqOoQNjY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.44.56.0/22
                  193.169.158.0/23
                IPv6:
                  2a01:7360::/32

    Signature Algorithm: sha256WithRSAEncryption
         9c:51:70:e7:9f:8f:1c:c2:0b:f4:b4:50:36:29:40:ef:2f:b5:
         09:e6:6b:93:f4:92:c8:75:b4:66:ca:af:de:7d:be:f6:61:a7:
         b8:3f:60:ce:ec:10:cf:d3:89:b7:d4:31:5b:de:e9:2e:c3:f7:
         95:25:fa:1f:dd:ee:61:fe:64:5f:2d:92:fe:4f:ba:82:16:f7:
         16:0e:ee:5e:ac:2c:62:c0:b9:cd:78:40:cc:05:d3:7e:b3:79:
         0e:87:a7:1b:3a:62:35:72:d3:fb:07:92:a7:ca:ac:33:18:58:
         49:9f:0f:1b:05:2b:35:d9:2c:57:76:ca:8f:b2:31:19:54:0b:
         1f:d4:62:e2:35:53:bc:5f:41:c8:e6:19:f6:60:b1:49:81:f0:
         c3:5e:da:01:a3:c1:2e:9e:91:3f:94:21:1c:19:ed:6d:1c:9c:
         52:ef:f7:c1:fa:84:e8:87:1d:40:f6:e8:39:39:70:6d:79:2a:
         52:ee:81:38:fd:ee:d3:ae:2a:ed:60:5c:91:ca:9e:ba:50:48:
         17:57:17:83:97:ec:fc:11:51:11:87:6b:d8:58:09:78:1d:cd:
         15:96:fe:e7:79:13:b3:74:26:f1:19:67:2a:d2:48:a5:50:d2:
         9d:7d:55:e6:c6:2c:25:0a:bc:62:07:1d:03:8a:4f:8d:34:f1:
         59:fd:76:28
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtQZWoZuhXFAvDV76SH7qxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMmExNmIyMDdlM2I2ZjZmNzJkM2QwYWQ1ZmNlYmE4ZWEx
MDM2MzYwHhcNMjMwMTAxMTIxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmM2OWM3NzlmNzczZDkyZjlkMzY5MTg4YWE4NzA5YjA4YmQ5NDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoRTt0hiE4FBpVtdLUV2w4zUDtjh
hMq2s6/27kok9wLysQVcAtt/rNHn1OQojE6ooQiZiWJGx8Y2HbGzR+uybW1wXclr
rVoUs0xUhYxzQJ9QmaoyEWRHKhwEcQam86rqvqNkJ8MObVpqiZIh2Cb/lx2aB38k
IFtAGocv7IYUoOogck37zZQV4gpQS81WNTKtExbSaqIKkfTCLf89J4k0C1Es/ykq
Hv3baYwjTEuZFOyYvzUK4FSy7uTNKNIk9rctMPvLRmI5Rvlo3SdTeEXdb753T2oy
xddAYMVMWrR+KIUISpSlPzZdphlUX7djGotiDHX5T3panzd+jVGqDIv9mQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKLGnHefdz2S+dNpGIqocJsIvZRAMB8GA1UdIwQY
MBaAFMMqFrIH47b29y09CtX866jqEDY2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3lvV3NnZmp0dmIzTFQwSzFmenJxT29RTmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC85YTY5NGItYzYxYi00MWIyLTkzY2Ut
NGRjMmY3OTNjM2NkLzEvb3NhY2Q1OTNQWkw1MDJrWWlxaHdtd2k5bEVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC85YTY5NGItYzYxYi00MWIyLTkzY2UtNGRjMmY3OTNjM2Nk
LzEvd3lvV3NnZmp0dmIzTFQwSzFmenJxT29RTmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuSw4AwQB
wameMA0EAgACMAcDBQAqAXNgMA0GCSqGSIb3DQEBCwUAA4IBAQCcUXDnn48cwgv0
tFA2KUDvL7UJ5muT9JLIdbRmyq/efb72Yae4P2DO7BDP04m31DFb3ukuw/eVJfof
3e5h/mRfLZL+T7qCFvcWDu5erCxiwLnNeEDMBdN+s3kOh6cbOmI1ctP7B5Knyqwz
GFhJnw8bBSs12SxXdsqPsjEZVAsf1GLiNVO8X0HI5hn2YLFJgfDDXtoBo8EunpE/
lCEcGe1tHJxS7/fB+oTohx1A9ug5OXBteSpS7oE4/e7TrirtYFyRyp66UEgXVxeD
l+z8EVERh2vYWAl4Hc0Vlv7neROzdCbxGWcq0kilUNKdfVXmxiwlCrxiBx0Dik+N
NPFZ/XYo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:49 2024 by rpki-client on console-fra.rpki-client.org