Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/0QsBToQFBNmA9R--MwzHYTjRX_M.roa
File:                     0QsBToQFBNmA9R--MwzHYTjRX_M.roa (raw, json)
Hash identifier:          6B2/wmmHqoqk4qetDfkK3cdpEaL2bQmYoYT9O1VidzI=
Subject key identifier:   D1:0B:01:4E:84:05:04:D9:80:F5:1F:BE:33:0C:C7:61:38:D1:5F:F3
Certificate issuer:       /CN=29187f811597dd03513be42f43155bc15a3a0b3f
Certificate serial:       01863837D352385C6E415683673B70861654
Authority key identifier: 29:18:7F:81:15:97:DD:03:51:3B:E4:2F:43:15:5B:C1:5A:3A:0B:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KRh_gRWX3QNRO-QvQxVbwVo6Cz8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/0QsBToQFBNmA9R--MwzHYTjRX_M.roa
Signing time:             Thu 09 Feb 2023 22:07:07 +0000
ROA not before:           Thu 09 Feb 2023 22:07:07 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58012
IP address blocks:        193.17.70.0/24 maxlen: 24
                          193.17.179.0/24 maxlen: 24
                          193.17.193.0/24 maxlen: 24
                          193.17.220.0/24 maxlen: 24
                          2a0f:7540::/29 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:29:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:38:37:d3:52:38:5c:6e:41:56:83:67:3b:70:86:16:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29187f811597dd03513be42f43155bc15a3a0b3f
        Validity
            Not Before: Feb  9 22:07:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d10b014e840504d980f51fbe330cc76138d15ff3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:eb:fb:64:60:3b:8c:cf:25:bb:55:b5:38:2d:
                    09:e6:85:fc:b0:7d:f8:5d:e5:57:b4:63:fd:05:7b:
                    1d:2a:ac:39:b8:5d:19:4a:fa:f2:96:5a:33:b2:20:
                    ec:4b:b5:3e:e5:0b:b4:d3:aa:66:94:29:8f:ed:29:
                    ed:3a:ce:1b:22:db:a7:2f:09:cd:9f:b4:f2:21:2f:
                    98:b6:23:29:64:0d:74:8c:c5:05:8b:51:14:52:a4:
                    8f:fe:81:e2:f8:85:8b:a1:ec:46:5b:5a:13:c2:ca:
                    92:25:bf:a4:d6:36:86:2a:b3:ee:57:8b:3c:53:6f:
                    9e:f3:cf:d4:db:8e:49:78:8c:d6:9e:e6:18:81:59:
                    7a:91:0d:b4:af:0a:0f:9e:ec:50:7d:0a:88:d1:40:
                    f0:a2:46:a1:d0:83:2c:c4:d3:d7:7e:46:ed:e0:8b:
                    a2:80:c3:db:29:c0:46:66:03:99:5a:03:01:b4:fb:
                    aa:b4:97:a3:18:ef:f0:19:65:1e:40:10:7c:27:ee:
                    60:8d:1d:4b:f7:39:e6:b6:52:59:b2:2f:ce:c0:81:
                    37:71:5e:c9:ab:21:83:a0:7f:aa:20:72:26:29:81:
                    58:5a:2e:6b:24:02:7a:7e:4f:07:a1:ae:ca:74:d6:
                    ee:bf:3c:30:a9:ab:6e:07:cb:31:c1:3f:4c:b5:4e:
                    f4:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:0B:01:4E:84:05:04:D9:80:F5:1F:BE:33:0C:C7:61:38:D1:5F:F3
            X509v3 Authority Key Identifier:
                keyid:29:18:7F:81:15:97:DD:03:51:3B:E4:2F:43:15:5B:C1:5A:3A:0B:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRh_gRWX3QNRO-QvQxVbwVo6Cz8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/0QsBToQFBNmA9R--MwzHYTjRX_M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/KRh_gRWX3QNRO-QvQxVbwVo6Cz8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.17.70.0/24
                  193.17.179.0/24
                  193.17.193.0/24
                  193.17.220.0/24
                IPv6:
                  2a0f:7540::/29

    Signature Algorithm: sha256WithRSAEncryption
         5c:c1:ab:c3:28:30:af:f9:31:6e:a5:72:ef:f0:38:58:a3:a1:
         d3:e4:b0:b0:d2:12:9a:a5:5b:84:a9:72:c5:0f:10:21:fb:14:
         12:40:95:02:e7:c3:44:16:00:55:4b:7b:95:d9:af:70:71:5e:
         72:7b:6a:ba:41:fc:a9:f8:ce:9b:e5:ae:5c:c0:b6:ad:39:c9:
         e4:05:4f:75:03:c9:b4:7e:41:20:f0:8a:69:86:0c:3a:74:75:
         b7:09:4a:42:0c:98:6b:3a:33:62:8b:b8:96:93:9a:a2:95:19:
         cc:1d:b5:dd:cd:66:1f:d5:cc:ca:dc:50:c4:12:b2:4c:88:c8:
         76:95:03:d4:8d:fd:9b:86:ce:b0:f0:6a:34:29:05:63:b8:6b:
         5c:0f:c2:ab:fd:fa:13:2b:35:af:39:c9:0a:70:38:53:a0:2b:
         50:d4:ac:ce:62:b6:df:71:4d:81:07:a1:ea:a3:7e:59:0b:27:
         ca:3d:8f:c8:12:e0:77:61:00:6b:2d:2c:87:67:e1:13:df:12:
         54:13:6d:da:6a:2c:44:dd:b7:fc:21:25:db:84:7f:b1:62:45:
         0d:db:17:ec:bf:0b:3a:49:96:e2:2a:fb:a7:49:50:95:7c:61:
         b4:29:7b:37:75:9e:14:eb:f1:d0:a9:ac:08:b7:59:94:9e:cd:
         e4:4e:70:cd
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYY4N9NSOFxuQVaDZztwhhZUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTg3ZjgxMTU5N2RkMDM1MTNiZTQyZjQzMTU1YmMxNWEz
YTBiM2YwHhcNMjMwMjA5MjIwNzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTBiMDE0ZTg0MDUwNGQ5ODBmNTFmYmUzMzBjYzc2MTM4ZDE1ZmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnev7ZGA7jM8lu1W1OC0J5oX8sH34
XeVXtGP9BXsdKqw5uF0ZSvryllozsiDsS7U+5Qu006pmlCmP7SntOs4bItunLwnN
n7TyIS+YtiMpZA10jMUFi1EUUqSP/oHi+IWLoexGW1oTwsqSJb+k1jaGKrPuV4s8
U2+e88/U245JeIzWnuYYgVl6kQ20rwoPnuxQfQqI0UDwokah0IMsxNPXfkbt4Iui
gMPbKcBGZgOZWgMBtPuqtJejGO/wGWUeQBB8J+5gjR1L9znmtlJZsi/OwIE3cV7J
qyGDoH+qIHImKYFYWi5rJAJ6fk8Hoa7KdNbuvzwwqatuB8sxwT9MtU70kwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNELAU6EBQTZgPUfvjMMx2E40V/zMB8GA1UdIwQY
MBaAFCkYf4EVl90DUTvkL0MVW8FaOgs/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JoX2dSV1gzUU5STy1RdlF4VmJ3Vm82Q3o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84YzAwNmQtNTBmNS00NDVkLWI3ZTgt
MjQ5OTRiMDQwZjQxLzEvMFFzQlRvUUZCTm1BOVItLU13ekhZVGpSWF9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC84YzAwNmQtNTBmNS00NDVkLWI3ZTgtMjQ5OTRiMDQwZjQx
LzEvS1JoX2dSV1gzUU5STy1RdlF4VmJ3Vm82Q3o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwRFGAwQA
wRGzAwQAwRHBAwQAwRHcMA0EAgACMAcDBQMqD3VAMA0GCSqGSIb3DQEBCwUAA4IB
AQBcwavDKDCv+TFupXLv8DhYo6HT5LCw0hKapVuEqXLFDxAh+xQSQJUC58NEFgBV
S3uV2a9wcV5ye2q6Qfyp+M6b5a5cwLatOcnkBU91A8m0fkEg8Ipphgw6dHW3CUpC
DJhrOjNii7iWk5qilRnMHbXdzWYf1czK3FDEErJMiMh2lQPUjf2bhs6w8Go0KQVj
uGtcD8Kr/foTKzWvOckKcDhToCtQ1KzOYrbfcU2BB6Hqo35ZCyfKPY/IEuB3YQBr
LSyHZ+ET3xJUE23aaixE3bf8ISXbhH+xYkUN2xfsvws6SZbiKvunSVCVfGG0KXs3
dZ4U6/HQqawIt1mUns3kTnDN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:14 2024 by rpki-client on console-ams.rpki-client.org