Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/ee66fb-5dc0-4122-9bc7-b27d8730a270/1/OhUwT5ll05Qa247dIVYN1tjoMDA.roa
File:                     OhUwT5ll05Qa247dIVYN1tjoMDA.roa (raw, json)
Hash identifier:          3DW7+3pKeFiWFwTAhORejwx8W+6kt7uCa8pd49dz7No=
Subject key identifier:   3A:15:30:4F:99:65:D3:94:1A:DB:8E:DD:21:56:0D:D6:D8:E8:30:30
Certificate issuer:       /CN=81a7ce8bacbeceeb16f600b607d1bfd08033b302
Certificate serial:       018AA8AFD4CA0B9A85AD8D26AEEE0A19C28F
Authority key identifier: 81:A7:CE:8B:AC:BE:CE:EB:16:F6:00:B6:07:D1:BF:D0:80:33:B3:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gafOi6y-zusW9gC2B9G_0IAzswI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/ee66fb-5dc0-4122-9bc7-b27d8730a270/1/OhUwT5ll05Qa247dIVYN1tjoMDA.roa
Signing time:             Mon 18 Sep 2023 14:26:50 +0000
ROA not before:           Mon 18 Sep 2023 14:26:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207021
IP address blocks:        194.50.187.0/24 maxlen: 24
                          194.0.182.0/24 maxlen: 24
                          193.227.117.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:a8:af:d4:ca:0b:9a:85:ad:8d:26:ae:ee:0a:19:c2:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81a7ce8bacbeceeb16f600b607d1bfd08033b302
        Validity
            Not Before: Sep 18 14:26:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3a15304f9965d3941adb8edd21560dd6d8e83030
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:ca:70:5b:72:19:aa:c3:6d:75:65:b3:7e:7a:
                    86:f6:ea:5c:cb:29:ba:ab:d5:79:30:12:3d:7c:e8:
                    3c:e7:e8:90:d1:d2:c1:64:f3:97:2a:ab:38:88:29:
                    2c:10:09:05:2c:04:48:5a:d8:eb:c4:32:76:22:1e:
                    a9:73:86:f1:20:fe:aa:f7:b6:14:fc:f0:d2:ed:f6:
                    9b:1b:de:d9:de:0c:af:4d:e4:75:f5:f1:b3:78:17:
                    6a:22:08:2a:d2:59:3a:9f:26:20:f1:50:83:3a:1b:
                    35:a1:8a:97:ed:f1:15:e0:06:53:4d:3c:98:04:41:
                    8b:e7:52:fc:b1:e8:61:2f:f3:42:a1:39:d0:75:79:
                    8c:47:72:69:9c:bb:7a:29:b3:c4:b3:f0:cf:fc:28:
                    2e:ae:d0:76:33:3e:9f:28:c9:73:96:13:b0:d9:37:
                    5d:68:fa:55:54:95:a2:93:46:44:07:ff:5d:05:ca:
                    bf:9c:03:00:68:08:8b:34:21:da:d5:7d:96:37:93:
                    c9:6a:a9:b3:a4:cc:9b:69:ea:ac:12:4e:29:eb:09:
                    20:82:dd:73:da:18:27:96:b5:3b:db:78:51:e0:bc:
                    bc:4f:ae:fa:7b:46:a7:d4:6f:55:4e:80:6d:de:b4:
                    ce:64:79:6f:07:bf:be:50:3a:19:2a:a5:84:04:d9:
                    13:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:15:30:4F:99:65:D3:94:1A:DB:8E:DD:21:56:0D:D6:D8:E8:30:30
            X509v3 Authority Key Identifier:
                keyid:81:A7:CE:8B:AC:BE:CE:EB:16:F6:00:B6:07:D1:BF:D0:80:33:B3:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gafOi6y-zusW9gC2B9G_0IAzswI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/ee66fb-5dc0-4122-9bc7-b27d8730a270/1/OhUwT5ll05Qa247dIVYN1tjoMDA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/ee66fb-5dc0-4122-9bc7-b27d8730a270/1/gafOi6y-zusW9gC2B9G_0IAzswI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.227.117.0/24
                  194.0.182.0/24
                  194.50.187.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:79:85:94:a5:da:e2:17:e5:9f:ec:e9:66:d0:80:51:42:8e:
         73:1f:dd:33:1d:56:3c:59:ea:7e:58:8a:53:57:5f:4f:85:63:
         5a:29:c1:5b:07:3e:6a:5f:61:ff:ff:20:cc:cd:32:25:97:13:
         14:2b:1a:18:b1:69:51:ee:93:49:77:68:25:9d:3b:8b:6c:4d:
         b4:ff:cf:98:a5:9a:45:3f:27:34:dd:dc:fa:af:fe:d4:29:a4:
         af:2a:a0:a6:a1:bc:e8:ac:19:64:80:97:ff:20:5e:14:f0:21:
         b7:ca:f8:6c:42:3c:e4:d1:88:36:6e:f6:97:84:a6:5d:cd:b9:
         ff:23:2f:84:3a:55:04:fc:8d:33:fe:32:6f:21:3e:d7:d8:62:
         78:e1:a2:d9:22:bf:54:a2:61:b0:04:6b:a0:19:0c:71:87:10:
         f5:01:ec:be:87:e3:30:90:40:3c:60:b7:f8:67:3a:b7:0d:d4:
         b1:f3:d3:66:1d:8b:46:3d:04:3c:5c:7f:c4:33:6a:9b:80:a6:
         6b:d2:64:03:a3:43:9f:9b:e3:88:84:c9:67:d2:ef:3a:fe:b9:
         e4:37:73:58:9e:bb:18:17:cf:27:db:5e:97:2a:c5:f4:64:57:
         fb:02:63:81:0d:f0:3c:0a:4a:3f:53:b2:61:0c:11:27:12:0e:
         75:bb:09:c2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqor9TKC5qFrY0mru4KGcKPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTdjZThiYWNiZWNlZWIxNmY2MDBiNjA3ZDFiZmQwODAz
M2IzMDIwHhcNMjMwOTE4MTQyNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTE1MzA0Zjk5NjVkMzk0MWFkYjhlZGQyMTU2MGRkNmQ4ZTgzMDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8pwW3IZqsNtdWWzfnqG9upcyym6
q9V5MBI9fOg85+iQ0dLBZPOXKqs4iCksEAkFLARIWtjrxDJ2Ih6pc4bxIP6q97YU
/PDS7fabG97Z3gyvTeR19fGzeBdqIggq0lk6nyYg8VCDOhs1oYqX7fEV4AZTTTyY
BEGL51L8sehhL/NCoTnQdXmMR3JpnLt6KbPEs/DP/CgurtB2Mz6fKMlzlhOw2Tdd
aPpVVJWik0ZEB/9dBcq/nAMAaAiLNCHa1X2WN5PJaqmzpMybaeqsEk4p6wkggt1z
2hgnlrU723hR4Ly8T676e0an1G9VToBt3rTOZHlvB7++UDoZKqWEBNkTywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDoVME+ZZdOUGtuO3SFWDdbY6DAwMB8GA1UdIwQY
MBaAFIGnzousvs7rFvYAtgfRv9CAM7MCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FmT2k2eS16dXNXOWdDMkI5R18wSUF6c3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9lZTY2ZmItNWRjMC00MTIyLTliYzct
YjI3ZDg3MzBhMjcwLzEvT2hVd1Q1bGwwNVFhMjQ3ZElWWU4xdGpvTURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9lZTY2ZmItNWRjMC00MTIyLTliYzctYjI3ZDg3MzBhMjcw
LzEvZ2FmT2k2eS16dXNXOWdDMkI5R18wSUF6c3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAweN1AwQA
wgC2AwQAwjK7MA0GCSqGSIb3DQEBCwUAA4IBAQBXeYWUpdriF+Wf7Olm0IBRQo5z
H90zHVY8Wep+WIpTV19PhWNaKcFbBz5qX2H//yDMzTIllxMUKxoYsWlR7pNJd2gl
nTuLbE20/8+YpZpFPyc03dz6r/7UKaSvKqCmobzorBlkgJf/IF4U8CG3yvhsQjzk
0Yg2bvaXhKZdzbn/Iy+EOlUE/I0z/jJvIT7X2GJ44aLZIr9UomGwBGugGQxxhxD1
Aey+h+MwkEA8YLf4Zzq3DdSx89NmHYtGPQQ8XH/EM2qbgKZr0mQDo0Ofm+OIhMln
0u86/rnkN3NYnrsYF88n216XKsX0ZFf7AmOBDfA8Cko/U7JhDBEnEg51uwnC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:51 2024 by rpki-client on console-fra.rpki-client.org