Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-d_Sjl6qhpUq4JzCRiFJtMemsLw.roa
File:                     1-d_Sjl6qhpUq4JzCRiFJtMemsLw.roa (raw, json)
Hash identifier:          yWHV4SvU2swc2JWq6BBN92N3ZHvYG1zuhkidzDbjV7U=
Subject key identifier:   F9:DF:D2:8E:5E:AA:86:95:2A:E0:9C:C2:46:21:49:B4:C7:A6:B0:BC
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018C481B7CA4D3CE67FFF3CE024D6A887E22
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-d_Sjl6qhpUq4JzCRiFJtMemsLw.roa
Signing time:             Fri 08 Dec 2023 06:26:50 +0000
ROA not before:           Fri 08 Dec 2023 06:26:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210773
IP address blocks:        212.193.4.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:48:1b:7c:a4:d3:ce:67:ff:f3:ce:02:4d:6a:88:7e:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Dec  8 06:26:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f9dfd28e5eaa86952ae09cc2462149b4c7a6b0bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:8d:7a:bc:25:6e:e1:9d:5b:76:1a:03:d1:85:
                    bb:2f:a0:4f:2f:00:79:82:ea:24:28:b7:e2:cb:8c:
                    b8:9d:3d:61:24:89:d0:e5:41:1f:ba:50:89:ee:89:
                    42:9f:23:09:6b:dc:8b:e2:9f:23:12:22:0e:8a:6a:
                    3a:f6:fe:4a:ac:bc:13:2d:b4:f6:5a:af:6c:71:c1:
                    21:df:2b:28:b6:40:de:60:ff:06:5f:66:a1:c0:85:
                    73:6d:20:0c:66:48:f1:1e:80:97:90:00:5a:a3:ef:
                    c9:cc:3e:eb:dc:5d:76:ba:97:33:e0:87:27:9e:c7:
                    65:b5:ea:89:6a:18:4e:3d:e9:6e:f1:e1:87:22:3f:
                    14:bd:85:11:1c:71:47:14:51:4a:55:8d:54:37:e5:
                    9c:1a:ba:e3:f5:23:86:4f:07:85:26:2d:48:8a:dd:
                    15:e2:60:82:dd:fe:74:ba:8f:3d:c8:5c:49:1d:88:
                    37:ea:e3:94:b6:53:4f:24:3d:d4:78:cb:9c:e2:06:
                    6d:1f:68:ca:d0:a6:68:ca:46:6c:b5:e2:bf:c4:9d:
                    cd:59:c7:28:b6:f8:33:cf:50:f6:64:b8:0e:59:44:
                    1d:5f:c7:6e:29:52:2d:3e:71:16:08:7b:88:5f:76:
                    c1:c0:68:7c:f0:70:90:cd:86:23:67:e1:8a:11:9a:
                    70:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:DF:D2:8E:5E:AA:86:95:2A:E0:9C:C2:46:21:49:B4:C7:A6:B0:BC
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-d_Sjl6qhpUq4JzCRiFJtMemsLw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.193.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:6b:34:d2:54:c5:15:62:6a:10:22:e4:df:b3:30:1c:ca:b1:
         cf:6c:5e:24:1a:0a:5f:84:81:d2:9f:2c:76:a4:03:06:68:ad:
         f1:52:07:db:3f:08:d7:6b:3d:87:1e:99:d9:a9:82:db:07:e1:
         64:a6:50:1d:d1:c4:3b:35:75:46:11:e0:b6:59:f4:5d:3e:c0:
         a2:52:74:b5:3d:0d:40:01:b6:9d:fb:d5:50:43:59:84:ba:13:
         6e:4c:70:05:3f:4b:67:41:04:8e:a4:72:79:e6:f9:6a:7e:24:
         9d:06:5c:34:78:a4:6e:60:d1:20:44:2a:6d:ce:fa:db:40:bd:
         14:d0:89:df:9d:7a:e3:47:ac:3f:35:78:87:97:8b:16:01:53:
         fe:35:77:f3:90:5e:42:16:19:8c:37:a2:90:52:48:e0:86:4c:
         15:15:07:0d:9b:18:7b:96:b8:04:80:be:d2:41:ee:d9:3e:3a:
         d6:c2:83:b0:cc:c1:1f:50:d1:56:c1:4e:df:49:54:0b:12:d4:
         4b:f0:ae:c7:3a:60:70:a7:a9:ed:06:a2:1d:c1:9b:f3:9d:6f:
         a7:77:cf:fb:46:81:9e:38:fc:3e:f0:78:de:6e:16:85:bc:cf:
         d2:68:e3:a7:ba:95:aa:c9:44:a4:26:81:3f:5a:0b:bb:e2:83:
         cf:9f:8e:ec
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYxIG3yk085n//POAk1qiH4iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjA4MDYyNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWRmZDI4ZTVlYWE4Njk1MmFlMDljYzI0NjIxNDliNGM3YTZiMGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiY16vCVu4Z1bdhoD0YW7L6BPLwB5
guokKLfiy4y4nT1hJInQ5UEfulCJ7olCnyMJa9yL4p8jEiIOimo69v5KrLwTLbT2
Wq9sccEh3ysotkDeYP8GX2ahwIVzbSAMZkjxHoCXkABao+/JzD7r3F12upcz4Icn
nsdlteqJahhOPelu8eGHIj8UvYURHHFHFFFKVY1UN+WcGrrj9SOGTweFJi1Iit0V
4mCC3f50uo89yFxJHYg36uOUtlNPJD3UeMuc4gZtH2jK0KZoykZsteK/xJ3NWcco
tvgzz1D2ZLgOWUQdX8duKVItPnEWCHuIX3bBwGh88HCQzYYjZ+GKEZpwkwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPnf0o5eqoaVKuCcwkYhSbTHprC8MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMS1kX1NqbDZxaHBVcTRKekNSaUZKdE1lbXNMdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0
My8xL05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANTBBDAN
BgkqhkiG9w0BAQsFAAOCAQEAlms00lTFFWJqECLk37MwHMqxz2xeJBoKX4SB0p8s
dqQDBmit8VIH2z8I12s9hx6Z2amC2wfhZKZQHdHEOzV1RhHgtln0XT7AolJ0tT0N
QAG2nfvVUENZhLoTbkxwBT9LZ0EEjqRyeeb5an4knQZcNHikbmDRIEQqbc7620C9
FNCJ351640esPzV4h5eLFgFT/jV385BeQhYZjDeikFJI4IZMFRUHDZsYe5a4BIC+
0kHu2T461sKDsMzBH1DRVsFO30lUCxLUS/CuxzpgcKep7QaiHcGb851vp3fP+0aB
njj8PvB43m4WhbzP0mjjp7qVqslEpCaBP1oLu+KDz5+O7A==
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:18 2024 by rpki-client on console-ams.rpki-client.org