Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1A5m1nhSjZQZYJmJuBJ2y-8c0OI.roa
File:                     1A5m1nhSjZQZYJmJuBJ2y-8c0OI.roa (raw, json)
Hash identifier:          i1xd1iC0hcS+9rbMBVDJFaPhJbufqhylbBxfRlQnrwY=
Subject key identifier:   D4:0E:66:D6:78:52:8D:94:19:60:99:89:B8:12:76:CB:EF:1C:D0:E2
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018A317585131434B285FA3B72DE735B7798
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1A5m1nhSjZQZYJmJuBJ2y-8c0OI.roa
Signing time:             Sat 26 Aug 2023 10:48:19 +0000
ROA not before:           Sat 26 Aug 2023 10:48:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15731
IP address blocks:        194.87.1.0/24 maxlen: 24
                          193.124.16.0/24 maxlen: 24
                          194.87.11.0/24 maxlen: 24
                          194.87.12.0/24 maxlen: 24
                          194.87.24.0/22 maxlen: 24
                          194.87.26.0/23 maxlen: 23
                          195.58.36.0/24 maxlen: 24
                          194.58.47.0/24 maxlen: 24
                          212.192.241.0/24 maxlen: 24
                          195.58.54.0/24 maxlen: 24
                          195.58.58.0/23 maxlen: 23
                          195.58.62.0/23 maxlen: 23
                          194.87.108.0/24 maxlen: 24
                          194.87.114.0/23 maxlen: 23
                          194.87.122.0/24 maxlen: 24
                          193.124.133.0/24 maxlen: 24
                          194.87.124.0/24 maxlen: 24
                          194.87.130.0/24 maxlen: 24
                          194.87.131.0/24 maxlen: 24
                          195.133.0.0/24 maxlen: 24
                          194.87.134.0/23 maxlen: 23
                          195.133.6.0/24 maxlen: 24
                          195.133.7.0/24 maxlen: 24
                          194.87.40.0/24 maxlen: 24
                          194.87.56.0/24 maxlen: 24
                          194.87.63.0/24 maxlen: 24
                          194.58.154.0/24 maxlen: 24
                          193.124.80.0/24 maxlen: 24
                          194.87.73.0/24 maxlen: 24
                          194.87.83.0/24 maxlen: 24
                          194.87.200.0/24 maxlen: 24
                          195.133.73.0/24 maxlen: 24
                          195.133.85.0/24 maxlen: 24
                          195.133.84.0/23 maxlen: 23
                          194.87.222.0/24 maxlen: 24
                          194.87.151.0/24 maxlen: 24
                          192.124.178.0/24 maxlen: 24
                          195.133.30.0/24 maxlen: 24
                          194.87.168.0/24 maxlen: 24
                          194.87.179.0/24 maxlen: 24
                          194.87.190.0/24 maxlen: 24
                          193.124.200.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:31:75:85:13:14:34:b2:85:fa:3b:72:de:73:5b:77:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Aug 26 10:48:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d40e66d678528d9419609989b81276cbef1cd0e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:d5:0d:d3:b7:52:b2:53:7a:66:a2:be:85:76:
                    3a:df:6f:df:e5:ce:f9:40:e4:80:02:53:dd:77:c8:
                    c8:e3:3d:72:80:e8:ef:92:33:ac:46:59:5c:62:f5:
                    8c:46:9c:37:51:e6:9d:e2:88:74:ae:85:b4:cc:ba:
                    b6:05:78:83:b9:35:e6:e7:87:69:0c:67:69:41:9d:
                    22:53:b7:a0:bb:3b:22:85:7f:bb:29:67:b4:d2:5c:
                    a4:ca:ff:4a:c1:59:15:95:43:c6:4f:49:c6:9b:5a:
                    15:88:17:77:b5:fb:b5:9e:5c:09:d7:2b:10:d4:3a:
                    79:35:56:6a:ea:a5:c5:e0:e0:fc:49:39:4a:86:ff:
                    53:cc:e8:6c:bf:89:27:72:cb:2a:09:67:c1:e2:eb:
                    df:a9:c5:9c:cb:7e:3d:fb:0b:3d:87:56:e5:5d:b4:
                    85:b8:7e:56:1a:bf:d8:e0:ad:de:77:c2:a1:27:b0:
                    d4:12:2c:f2:7d:ea:50:0c:c1:73:54:75:27:14:b4:
                    11:64:78:f8:b3:d4:15:18:99:d0:a6:fd:9c:ce:28:
                    69:2c:4a:dd:26:9d:01:f8:84:d0:87:f8:45:e5:05:
                    93:e7:75:f8:51:2f:aa:a5:55:18:20:f9:1f:6c:d6:
                    93:e1:07:69:57:fa:59:a1:57:d7:99:14:fa:69:46:
                    b8:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:0E:66:D6:78:52:8D:94:19:60:99:89:B8:12:76:CB:EF:1C:D0:E2
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1A5m1nhSjZQZYJmJuBJ2y-8c0OI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.124.178.0/24
                  193.124.16.0/24
                  193.124.80.0/24
                  193.124.133.0/24
                  193.124.200.0/24
                  194.58.47.0/24
                  194.58.154.0/24
                  194.87.1.0/24
                  194.87.11.0-194.87.12.255
                  194.87.24.0/22
                  194.87.40.0/24
                  194.87.56.0/24
                  194.87.63.0/24
                  194.87.73.0/24
                  194.87.83.0/24
                  194.87.108.0/24
                  194.87.114.0/23
                  194.87.122.0/24
                  194.87.124.0/24
                  194.87.130.0/23
                  194.87.134.0/23
                  194.87.151.0/24
                  194.87.168.0/24
                  194.87.179.0/24
                  194.87.190.0/24
                  194.87.200.0/24
                  194.87.222.0/24
                  195.58.36.0/24
                  195.58.54.0/24
                  195.58.58.0/23
                  195.58.62.0/23
                  195.133.0.0/24
                  195.133.6.0/23
                  195.133.30.0/24
                  195.133.73.0/24
                  195.133.84.0/23
                  212.192.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:da:ed:6d:26:85:56:e8:2b:4b:76:0e:31:de:2d:9f:ab:fb:
         7c:26:2d:f5:8a:6d:b1:83:ca:8e:9e:a5:5e:a4:9c:62:19:c2:
         50:6a:5d:bd:e5:da:e0:7f:ac:e7:6d:76:b7:6d:ff:55:bb:33:
         a6:fa:f9:99:1e:be:d6:29:b7:2a:dd:96:72:c3:8d:90:ef:15:
         19:5f:a0:42:35:1e:0c:d4:47:04:22:21:c2:92:47:1e:71:f0:
         1e:85:90:a6:7a:4e:86:3e:4e:3a:7e:05:ee:a8:66:74:ab:1a:
         23:bc:0e:ba:39:94:0d:c3:01:6b:f3:69:80:33:d0:0e:5f:ca:
         4c:f8:3e:d2:92:ee:dd:47:05:b0:24:58:0b:7e:e5:88:cf:3b:
         66:47:13:5e:50:35:b7:5e:63:65:cf:66:1b:5e:3e:bc:fd:c5:
         ce:e3:22:e2:87:50:3c:a2:6d:4d:ff:43:ab:f0:52:e3:96:52:
         94:a6:15:0b:ff:d2:05:41:83:3c:8b:da:7b:64:81:21:39:5d:
         9a:f7:23:23:1b:07:c8:65:30:44:24:ae:62:ab:9a:19:05:96:
         e5:0b:1c:14:79:2e:4f:c9:d4:66:5b:a6:74:81:5f:d7:a9:ae:
         06:8f:bf:db:6a:3e:fd:22:63:64:53:b0:ea:0a:06:3f:a8:db:
         ec:cb:fc:84
-----BEGIN CERTIFICATE-----
MIIF4zCCBMugAwIBAgISAYoxdYUTFDSyhfo7ct5zW3eYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODI2MTA0ODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDBlNjZkNjc4NTI4ZDk0MTk2MDk5ODliODEyNzZjYmVmMWNkMGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNUN07dSslN6ZqK+hXY632/f5c75
QOSAAlPdd8jI4z1ygOjvkjOsRllcYvWMRpw3Uead4oh0roW0zLq2BXiDuTXm54dp
DGdpQZ0iU7eguzsihX+7KWe00lykyv9KwVkVlUPGT0nGm1oViBd3tfu1nlwJ1ysQ
1Dp5NVZq6qXF4OD8STlKhv9TzOhsv4kncssqCWfB4uvfqcWcy349+ws9h1blXbSF
uH5WGr/Y4K3ed8KhJ7DUEizyfepQDMFzVHUnFLQRZHj4s9QVGJnQpv2czihpLErd
Jp0B+ITQh/hF5QWT53X4US+qpVUYIPkfbNaT4QdpV/pZoVfXmRT6aUa4mwIDAQAB
o4IC7zCCAuswHQYDVR0OBBYEFNQOZtZ4Uo2UGWCZibgSdsvvHNDiMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMUE1bTFuaFNqWlFaWUptSnVCSjJ5LThjME9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAwYIKwYBBQUHAQcBAf8EgfMwgfAwge0EAgABMIHmAwQA
wHyyAwQAwXwQAwQAwXxQAwQAwXyFAwQAwXzIAwQAwjovAwQAwjqaAwQAwlcBMAwD
BADCVwsDBADCVwwDBALCVxgDBADCVygDBADCVzgDBADCVz8DBADCV0kDBADCV1MD
BADCV2wDBAHCV3IDBADCV3oDBADCV3wDBAHCV4IDBAHCV4YDBADCV5cDBADCV6gD
BADCV7MDBADCV74DBADCV8gDBADCV94DBADDOiQDBADDOjYDBAHDOjoDBAHDOj4D
BADDhQADBAHDhQYDBADDhR4DBADDhUkDBAHDhVQDBADUwPEwDQYJKoZIhvcNAQEL
BQADggEBAFza7W0mhVboK0t2DjHeLZ+r+3wmLfWKbbGDyo6epV6knGIZwlBqXb3l
2uB/rOdtdrdt/1W7M6b6+ZkevtYptyrdlnLDjZDvFRlfoEI1HgzURwQiIcKSRx5x
8B6FkKZ6ToY+Tjp+Be6oZnSrGiO8Dro5lA3DAWvzaYAz0A5fykz4PtKS7t1HBbAk
WAt+5YjPO2ZHE15QNbdeY2XPZhtePrz9xc7jIuKHUDyibU3/Q6vwUuOWUpSmFQv/
0gVBgzyL2ntkgSE5XZr3IyMbB8hlMEQkrmKrmhkFluULHBR5Lk/J1GZbpnSBX9ep
rgaPv9tqPv0iY2RTsOoKBj+o2+zL/IQ=
-----END CERTIFICATE-----
Generated at Sat Aug 26 12:17:48 2023 by rpki-client on console-fra.rpki-client.org