Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/e9c8fe-a687-4952-9d88-bfac928bf658/1/Of3R_hYoXrlRzo6qCcLni6aJw7o.roa
File:                     Of3R_hYoXrlRzo6qCcLni6aJw7o.roa (raw, json)
Hash identifier:          QBamQov3SKCZu6F2J0O3Mh/0M6a1j2ACZeVv5FaIrZ8=
Subject key identifier:   39:FD:D1:FE:16:28:5E:B9:51:CE:8E:AA:09:C2:E7:8B:A6:89:C3:BA
Certificate issuer:       /CN=c4ddbd9f230919321bf56706f1069377926119f9
Certificate serial:       018C7C267C63F3657561CC40C0462325EFC6
Authority key identifier: C4:DD:BD:9F:23:09:19:32:1B:F5:67:06:F1:06:93:77:92:61:19:F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xN29nyMJGTIb9WcG8QaTd5JhGfk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/e9c8fe-a687-4952-9d88-bfac928bf658/1/Of3R_hYoXrlRzo6qCcLni6aJw7o.roa
Signing time:             Mon 18 Dec 2023 08:59:06 +0000
ROA not before:           Mon 18 Dec 2023 08:59:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199041
IP address blocks:        193.32.65.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:7c:26:7c:63:f3:65:75:61:cc:40:c0:46:23:25:ef:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4ddbd9f230919321bf56706f1069377926119f9
        Validity
            Not Before: Dec 18 08:59:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=39fdd1fe16285eb951ce8eaa09c2e78ba689c3ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:9a:a2:22:32:d7:00:11:36:76:24:60:20:7a:
                    00:f4:73:20:10:35:a7:66:5a:f4:d0:e5:54:92:b5:
                    d1:22:20:20:90:5b:86:c3:b3:05:0f:bd:0c:0f:be:
                    88:80:c0:61:25:03:26:6b:fc:e8:1a:7a:33:76:0b:
                    8a:ad:83:84:ef:96:48:48:1b:25:0d:bd:e0:63:df:
                    12:e2:b7:9f:e4:55:f3:6a:3f:8b:65:d8:36:a6:fb:
                    53:96:99:36:e3:5c:df:29:11:96:e5:b0:af:68:31:
                    90:8d:5f:39:e0:61:f6:ca:d9:55:02:96:d0:af:8c:
                    6b:69:2f:da:e9:7f:8c:40:ad:7a:90:cd:a4:5c:37:
                    ae:5a:12:c2:c1:a7:10:85:cf:37:0f:53:49:70:b8:
                    a9:8b:0a:83:25:64:09:dc:58:46:e5:8d:9b:21:b7:
                    2e:51:ab:51:aa:50:ed:4e:02:2e:bc:a0:86:6b:64:
                    41:21:38:e5:38:f5:22:d6:f1:ab:17:38:a8:30:be:
                    84:d4:af:46:22:33:76:11:4c:93:f0:63:22:47:1b:
                    c1:50:bd:f6:3d:56:0f:ef:08:c0:a5:e4:bf:63:57:
                    c9:eb:b3:6b:99:a2:70:09:fe:fb:72:e1:c9:47:94:
                    f5:e2:21:fa:1d:f7:c9:d6:b2:80:49:60:a1:23:ca:
                    6d:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:FD:D1:FE:16:28:5E:B9:51:CE:8E:AA:09:C2:E7:8B:A6:89:C3:BA
            X509v3 Authority Key Identifier:
                keyid:C4:DD:BD:9F:23:09:19:32:1B:F5:67:06:F1:06:93:77:92:61:19:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xN29nyMJGTIb9WcG8QaTd5JhGfk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/e9c8fe-a687-4952-9d88-bfac928bf658/1/Of3R_hYoXrlRzo6qCcLni6aJw7o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/e9c8fe-a687-4952-9d88-bfac928bf658/1/xN29nyMJGTIb9WcG8QaTd5JhGfk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.32.65.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:a3:8c:17:03:3e:e7:9a:94:50:e9:43:6c:67:84:45:db:2a:
         c0:98:e7:a0:c3:3f:63:46:73:78:d6:2c:cf:99:5e:bc:a9:44:
         71:29:cc:e4:19:e9:da:f6:18:4f:2e:97:94:ca:60:73:3f:28:
         1c:94:fa:40:ee:52:20:06:a6:14:e5:6c:55:fc:2c:0b:9f:be:
         f7:03:09:44:ad:9b:31:77:73:93:0e:89:b8:e2:78:99:2a:dd:
         bd:9e:f7:9a:43:f7:00:ef:db:ac:41:6b:2c:68:75:fc:c5:3e:
         23:99:1b:bb:60:4c:6a:bd:86:10:86:cc:72:95:d1:ec:17:73:
         e2:89:09:68:ca:b2:8a:6a:07:cd:56:91:aa:9f:80:fe:26:54:
         17:c2:53:e6:71:85:ba:e1:ca:47:c3:ff:43:91:d2:16:36:fe:
         3b:c0:6d:34:27:b9:a0:b9:33:ab:2a:dc:46:1b:2f:e1:d4:ba:
         91:0e:54:b2:7e:4b:d3:fb:c2:bc:c8:78:6b:78:04:4b:dc:fa:
         5d:78:72:99:e6:43:71:c3:b3:32:67:17:ad:49:cb:ae:51:9d:
         dd:ec:98:75:93:1a:9f:7a:c7:2f:52:07:e2:f1:b0:aa:ff:26:
         0a:4a:8a:74:c2:90:85:e3:d8:b8:a6:fe:bb:0f:60:2f:81:01:
         95:df:b7:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYx8Jnxj82V1YcxAwEYjJe/GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZGRiZDlmMjMwOTE5MzIxYmY1NjcwNmYxMDY5Mzc3OTI2
MTE5ZjkwHhcNMjMxMjE4MDg1OTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWZkZDFmZTE2Mjg1ZWI5NTFjZThlYWEwOWMyZTc4YmE2ODljM2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJqiIjLXABE2diRgIHoA9HMgEDWn
Zlr00OVUkrXRIiAgkFuGw7MFD70MD76IgMBhJQMma/zoGnozdguKrYOE75ZISBsl
Db3gY98S4ref5FXzaj+LZdg2pvtTlpk241zfKRGW5bCvaDGQjV854GH2ytlVApbQ
r4xraS/a6X+MQK16kM2kXDeuWhLCwacQhc83D1NJcLipiwqDJWQJ3FhG5Y2bIbcu
UatRqlDtTgIuvKCGa2RBITjlOPUi1vGrFzioML6E1K9GIjN2EUyT8GMiRxvBUL32
PVYP7wjApeS/Y1fJ67NrmaJwCf77cuHJR5T14iH6HffJ1rKASWChI8ptMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDn90f4WKF65Uc6OqgnC54umicO6MB8GA1UdIwQY
MBaAFMTdvZ8jCRkyG/VnBvEGk3eSYRn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE4yOW55TUpHVEliOVdjRzhRYVRkNUpoR2ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9lOWM4ZmUtYTY4Ny00OTUyLTlkODgt
YmZhYzkyOGJmNjU4LzEvT2YzUl9oWW9YcmxSem82cUNjTG5pNmFKdzdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9lOWM4ZmUtYTY4Ny00OTUyLTlkODgtYmZhYzkyOGJmNjU4
LzEveE4yOW55TUpHVEliOVdjRzhRYVRkNUpoR2ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSBBMA0G
CSqGSIb3DQEBCwUAA4IBAQCLo4wXAz7nmpRQ6UNsZ4RF2yrAmOegwz9jRnN41izP
mV68qURxKczkGena9hhPLpeUymBzPygclPpA7lIgBqYU5WxV/CwLn773AwlErZsx
d3OTDom44niZKt29nveaQ/cA79usQWssaHX8xT4jmRu7YExqvYYQhsxyldHsF3Pi
iQloyrKKagfNVpGqn4D+JlQXwlPmcYW64cpHw/9DkdIWNv47wG00J7mguTOrKtxG
Gy/h1LqRDlSyfkvT+8K8yHhreARL3PpdeHKZ5kNxw7MyZxetScuuUZ3d7Jh1kxqf
escvUgfi8bCq/yYKSop0wpCF49i4pv67D2AvgQGV37fW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:51 2024 by rpki-client on console-fra.rpki-client.org