Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/OtnsV4La6wMMEGduY8ZaQV72Mb0.roa
File:                     OtnsV4La6wMMEGduY8ZaQV72Mb0.roa (raw, json)
Hash identifier:          k8wnjUcmRFKXFwmkKH+SzICLFjN0/vDQI0EPCol/x8Y=
Subject key identifier:   3A:D9:EC:57:82:DA:EB:03:0C:10:67:6E:63:C6:5A:41:5E:F6:31:BD
Certificate issuer:       /CN=27f5180f9b93ae7573c08a894bd452bd77ce56cd
Certificate serial:       018572FA5C24D32ABCFDEDE7FC46A30A5022
Authority key identifier: 27:F5:18:0F:9B:93:AE:75:73:C0:8A:89:4B:D4:52:BD:77:CE:56:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J_UYD5uTrnVzwIqJS9RSvXfOVs0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/OtnsV4La6wMMEGduY8ZaQV72Mb0.roa
Signing time:             Mon 02 Jan 2023 14:54:48 +0000
ROA not before:           Mon 02 Jan 2023 14:54:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6732
IP address blocks:        193.247.146.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:fa:5c:24:d3:2a:bc:fd:ed:e7:fc:46:a3:0a:50:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27f5180f9b93ae7573c08a894bd452bd77ce56cd
        Validity
            Not Before: Jan  2 14:54:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3ad9ec5782daeb030c10676e63c65a415ef631bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:3c:42:62:e5:94:89:5d:e7:f1:b3:6c:fb:1e:
                    ba:a1:3d:9d:c6:00:b3:5b:be:b5:97:60:df:90:7a:
                    15:4f:b2:88:b8:50:f1:dc:4f:9a:c5:12:5c:6c:6c:
                    0c:fd:54:03:20:d3:0a:f6:dd:99:7b:88:04:e9:50:
                    f1:48:5a:1f:88:d7:2e:d8:01:bf:25:06:3c:52:86:
                    b0:4b:d2:e5:bb:ec:c3:43:34:29:3e:5a:69:b8:70:
                    7f:ee:4e:48:dd:f2:7d:00:d3:b4:eb:e8:bd:84:d3:
                    67:63:18:ac:08:51:8f:63:08:0d:6b:10:78:84:a1:
                    a5:b3:55:7b:37:93:25:56:4a:7b:03:c6:69:8e:83:
                    80:b2:22:7f:22:d9:4e:f4:dd:20:6b:2f:f5:ae:67:
                    7c:84:e2:2c:ff:f9:ae:ad:4c:de:47:62:18:6f:89:
                    25:ec:ae:8e:33:41:69:5b:42:d8:ba:ac:ba:a8:ed:
                    3f:5c:93:49:e7:a9:9a:be:88:23:f3:06:15:19:14:
                    dc:df:7d:78:4b:5b:40:68:e2:64:3a:26:e8:1b:64:
                    e8:03:b1:14:a2:16:f8:1a:45:b2:c4:b9:77:1d:86:
                    96:fb:92:bd:78:a4:f0:f9:87:51:d7:05:1d:61:ae:
                    b4:1e:75:c2:22:8b:76:30:ef:63:2a:e9:f9:03:1e:
                    a3:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:D9:EC:57:82:DA:EB:03:0C:10:67:6E:63:C6:5A:41:5E:F6:31:BD
            X509v3 Authority Key Identifier:
                keyid:27:F5:18:0F:9B:93:AE:75:73:C0:8A:89:4B:D4:52:BD:77:CE:56:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J_UYD5uTrnVzwIqJS9RSvXfOVs0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/OtnsV4La6wMMEGduY8ZaQV72Mb0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/J_UYD5uTrnVzwIqJS9RSvXfOVs0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.247.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:f4:46:be:eb:8d:a1:34:27:55:9f:e0:1d:8f:8f:c8:23:94:
         0d:8d:15:dd:18:3b:1a:ea:fa:7d:ce:bd:58:3b:c8:17:8f:39:
         f6:e2:57:1f:e4:5f:09:30:d6:57:9d:19:8c:79:12:d2:f4:d7:
         26:49:8d:49:4e:10:cb:5d:c6:4e:bc:ac:53:c5:b6:f6:66:d5:
         ec:58:c6:fa:1c:6e:8d:13:dd:1e:38:4c:06:74:d8:d7:bd:4a:
         7f:16:28:53:19:8d:d0:80:07:b0:98:59:91:3d:c5:81:0f:50:
         74:f5:61:a8:a2:07:5e:dc:5c:f8:24:95:ff:9a:f9:54:cc:a6:
         c9:55:93:9b:71:06:cd:6d:22:57:4a:8c:6b:e5:ca:ea:40:bf:
         8b:46:c1:dc:a8:48:e2:4c:e6:a5:7c:63:75:3c:62:62:d8:fd:
         f7:f3:e2:4e:bb:69:b1:89:20:c5:c2:7c:87:bd:dc:08:4c:3f:
         1d:49:df:89:3b:25:6e:e9:44:97:4d:f0:b1:d1:3b:42:9c:d4:
         22:1f:f2:be:82:a7:c1:0d:a7:04:9e:b3:02:08:8d:91:0c:95:
         17:a6:a9:69:4c:65:55:c4:04:f9:82:d1:a9:b3:13:cd:88:98:
         97:f6:fb:90:8c:91:1f:58:bc:25:4f:ba:5c:a1:61:e7:8c:f3:
         b2:66:c0:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy+lwk0yq8/e3n/EajClAiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZjUxODBmOWI5M2FlNzU3M2MwOGE4OTRiZDQ1MmJkNzdj
ZTU2Y2QwHhcNMjMwMTAyMTQ1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWQ5ZWM1NzgyZGFlYjAzMGMxMDY3NmU2M2M2NWE0MTVlZjYzMWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTxCYuWUiV3n8bNs+x66oT2dxgCz
W761l2DfkHoVT7KIuFDx3E+axRJcbGwM/VQDINMK9t2Ze4gE6VDxSFofiNcu2AG/
JQY8UoawS9Llu+zDQzQpPlppuHB/7k5I3fJ9ANO06+i9hNNnYxisCFGPYwgNaxB4
hKGls1V7N5MlVkp7A8ZpjoOAsiJ/ItlO9N0gay/1rmd8hOIs//murUzeR2IYb4kl
7K6OM0FpW0LYuqy6qO0/XJNJ56mavogj8wYVGRTc3314S1tAaOJkOiboG2ToA7EU
ohb4GkWyxLl3HYaW+5K9eKTw+YdR1wUdYa60HnXCIot2MO9jKun5Ax6jbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDrZ7FeC2usDDBBnbmPGWkFe9jG9MB8GA1UdIwQY
MBaAFCf1GA+bk651c8CKiUvUUr13zlbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSl9VWUQ1dVRyblZ6d0lxSlM5UlN2WGZPVnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lMWI4NGItMzlhNi00YWM4LWJlNjMt
MzBmZWUyN2U4NGNiLzEvT3Ruc1Y0TGE2d01NRUdkdVk4WmFRVjcyTWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lMWI4NGItMzlhNi00YWM4LWJlNjMtMzBmZWUyN2U4NGNi
LzEvSl9VWUQ1dVRyblZ6d0lxSlM5UlN2WGZPVnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwfeSMA0G
CSqGSIb3DQEBCwUAA4IBAQAn9Ea+642hNCdVn+Adj4/II5QNjRXdGDsa6vp9zr1Y
O8gXjzn24lcf5F8JMNZXnRmMeRLS9NcmSY1JThDLXcZOvKxTxbb2ZtXsWMb6HG6N
E90eOEwGdNjXvUp/FihTGY3QgAewmFmRPcWBD1B09WGoogde3Fz4JJX/mvlUzKbJ
VZObcQbNbSJXSoxr5crqQL+LRsHcqEjiTOalfGN1PGJi2P338+JOu2mxiSDFwnyH
vdwITD8dSd+JOyVu6USXTfCx0TtCnNQiH/K+gqfBDacEnrMCCI2RDJUXpqlpTGVV
xAT5gtGpsxPNiJiX9vuQjJEfWLwlT7pcoWHnjPOyZsDk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:05 2024 by rpki-client on console-fra.rpki-client.org