Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/6gCduyB0MoCVUw6eomdFevZp__k.roa
File:                     6gCduyB0MoCVUw6eomdFevZp__k.roa (raw, json)
Hash identifier:          Uu2zkHGoI0BZKA98Pn0MOXmaLzt+/oSobbrgyBwmmD0=
Subject key identifier:   EA:00:9D:BB:20:74:32:80:95:53:0E:9E:A2:67:45:7A:F6:69:FF:F9
Certificate issuer:       /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial:       018BA8F25B1D07D562759763C9F918647C60
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/6gCduyB0MoCVUw6eomdFevZp__k.roa
Signing time:             Tue 07 Nov 2023 08:42:17 +0000
ROA not before:           Tue 07 Nov 2023 08:42:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3218
IP address blocks:        193.232.192.0/22 maxlen: 22
                          193.232.196.0/23 maxlen: 23
                          193.232.206.0/23 maxlen: 23
                          193.232.212.0/24 maxlen: 24
                          193.232.208.0/23 maxlen: 23
                          194.85.212.0/23 maxlen: 23
                          194.85.208.0/23 maxlen: 23
                          193.232.2.0/24 maxlen: 24
                          193.232.218.0/23 maxlen: 23
                          193.232.0.0/22 maxlen: 22
                          193.232.4.0/23 maxlen: 23
                          193.232.6.0/24 maxlen: 24
                          193.232.8.0/21 maxlen: 21
                          193.232.16.0/22 maxlen: 22
                          193.232.22.0/23 maxlen: 23
                          193.232.24.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:a8:f2:5b:1d:07:d5:62:75:97:63:c9:f9:18:64:7c:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
        Validity
            Not Before: Nov  7 08:42:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ea009dbb2074328095530e9ea267457af669fff9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:a6:03:a4:4f:32:40:a7:e0:47:46:9a:56:23:
                    9f:ca:54:5c:47:62:57:72:89:1a:a9:85:b3:f7:ae:
                    cf:0a:66:04:04:ac:e3:44:d4:b2:46:f6:8b:1c:a0:
                    76:46:60:dd:66:7e:22:7f:e6:46:05:48:55:a7:20:
                    9a:78:9c:43:4f:9d:2e:41:98:11:33:3d:31:c8:8f:
                    fd:43:4a:f8:c4:e2:d0:93:7f:bc:46:61:af:de:7a:
                    5c:f3:7b:f7:11:3c:be:ab:f8:89:4d:17:43:6c:d3:
                    1e:5b:90:ef:3a:44:50:6c:98:38:36:1e:b5:e6:cf:
                    6a:b0:06:6a:bd:68:28:dd:b4:05:92:b5:3e:35:d6:
                    38:fc:48:b2:e2:b2:5c:7f:7e:28:09:33:29:69:24:
                    84:76:28:f4:6e:5b:a3:2c:49:a4:08:2f:ec:dd:8b:
                    cf:d9:c1:3e:17:3b:f2:a7:7b:14:6d:15:37:54:aa:
                    35:5c:7e:1f:95:c3:03:ed:30:43:31:99:68:d2:22:
                    83:17:1c:80:9f:5c:be:75:89:41:48:0d:c5:f0:f8:
                    02:6f:a3:84:94:26:00:6c:f5:dd:51:e4:6e:b3:2c:
                    f8:3e:72:53:98:6b:09:54:f9:dd:0c:64:f7:84:37:
                    ab:31:b9:22:67:93:33:aa:bf:dc:c5:e5:ed:29:e1:
                    f4:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:00:9D:BB:20:74:32:80:95:53:0E:9E:A2:67:45:7A:F6:69:FF:F9
            X509v3 Authority Key Identifier:
                keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/6gCduyB0MoCVUw6eomdFevZp__k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.232.0.0-193.232.6.255
                  193.232.8.0-193.232.19.255
                  193.232.22.0-193.232.31.255
                  193.232.192.0-193.232.197.255
                  193.232.206.0-193.232.209.255
                  193.232.212.0/24
                  193.232.218.0/23
                  194.85.208.0/23
                  194.85.212.0/23

    Signature Algorithm: sha256WithRSAEncryption
         28:d5:6c:18:90:17:90:2d:19:97:ab:a8:db:a0:cc:c8:85:47:
         a8:75:b9:89:75:92:3c:d9:8d:0e:53:02:0a:b6:be:b4:5d:f8:
         a7:b0:1b:22:0d:9b:14:d6:c8:ae:17:c3:e6:ce:c7:97:b0:34:
         a9:fe:55:4b:14:f2:52:6e:7d:65:40:a3:67:01:1b:96:ff:d6:
         c1:2e:78:30:10:69:6d:05:5e:85:2f:e4:57:b7:90:16:fe:2a:
         26:75:40:74:83:c4:80:87:c8:f5:b6:49:a8:61:7d:5a:95:f2:
         3e:37:2c:2e:08:26:87:1c:7c:23:69:a8:f3:de:4e:e4:20:55:
         27:6c:15:8a:be:04:d4:ce:74:00:24:fe:ae:29:f3:dc:b6:b1:
         60:44:df:81:4e:bf:78:0e:f9:89:54:94:58:e2:8f:fa:e1:66:
         83:58:f6:ec:65:91:f9:77:16:66:49:8f:bd:5f:fc:50:16:65:
         cd:27:ec:73:af:2e:dc:c1:01:e4:9c:50:a2:69:07:17:84:c4:
         41:bc:4c:dc:9c:ae:10:63:f0:1a:15:2c:6d:bf:9c:a4:52:8f:
         cf:05:bd:ef:a6:4c:2f:c0:58:05:ae:00:80:8b:03:86:7c:ba:
         bb:68:a7:54:49:15:2b:1b:66:95:b8:e9:6b:d5:0a:be:f7:55:
         77:7c:73:70
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYuo8lsdB9VidZdjyfkYZHxgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjMxMTA3MDg0MjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTAwOWRiYjIwNzQzMjgwOTU1MzBlOWVhMjY3NDU3YWY2NjlmZmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqYDpE8yQKfgR0aaViOfylRcR2JX
cokaqYWz967PCmYEBKzjRNSyRvaLHKB2RmDdZn4if+ZGBUhVpyCaeJxDT50uQZgR
Mz0xyI/9Q0r4xOLQk3+8RmGv3npc83v3ETy+q/iJTRdDbNMeW5DvOkRQbJg4Nh61
5s9qsAZqvWgo3bQFkrU+NdY4/Eiy4rJcf34oCTMpaSSEdij0blujLEmkCC/s3YvP
2cE+Fzvyp3sUbRU3VKo1XH4flcMD7TBDMZlo0iKDFxyAn1y+dYlBSA3F8PgCb6OE
lCYAbPXdUeRusyz4PnJTmGsJVPndDGT3hDerMbkiZ5Mzqr/cxeXtKeH0bwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFOoAnbsgdDKAlVMOnqJnRXr2af/5MB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvNmdDZHV5QjBNb0NWVXc2ZW9tZEZldlpwX19rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBjBAIAATBdMAsDAwPB6AME
AMHoBjAMAwQDwegIAwQCwegQMAwDBAHB6BYDBAXB6AAwDAMEBsHowAMEAcHoxDAM
AwQBwejOAwQBwejQAwQAwejUAwQBwejaAwQBwlXQAwQBwlXUMA0GCSqGSIb3DQEB
CwUAA4IBAQAo1WwYkBeQLRmXq6jboMzIhUeodbmJdZI82Y0OUwIKtr60XfinsBsi
DZsU1siuF8PmzseXsDSp/lVLFPJSbn1lQKNnARuW/9bBLngwEGltBV6FL+RXt5AW
/iomdUB0g8SAh8j1tkmoYX1alfI+NywuCCaHHHwjaajz3k7kIFUnbBWKvgTUznQA
JP6uKfPctrFgRN+BTr94DvmJVJRY4o/64WaDWPbsZZH5dxZmSY+9X/xQFmXNJ+xz
ry7cwQHknFCiaQcXhMRBvEzcnK4QY/AaFSxtv5ykUo/PBb3vpkwvwFgFrgCAiwOG
fLq7aKdUSRUrG2aVuOlr1Qq+91V3fHNw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:56 2024 by rpki-client on console-fra.rpki-client.org