Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1b6je8cpVkJZT9rHw9KWFQn-4jA.roa
File:                     1b6je8cpVkJZT9rHw9KWFQn-4jA.roa (raw, json)
Hash identifier:          4FmM7Ubx8MueaEOJnndtocr62JjPNyg8KwEE9RnX1hw=
Subject key identifier:   D5:BE:A3:7B:C7:29:56:42:59:4F:DA:C7:C3:D2:96:15:09:FE:E2:30
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018AE15447863707679C8DA1CD1C5EC22EB5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1b6je8cpVkJZT9rHw9KWFQn-4jA.roa
Signing time:             Fri 29 Sep 2023 14:25:11 +0000
ROA not before:           Fri 29 Sep 2023 14:25:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208287
IP address blocks:        212.192.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:e1:54:47:86:37:07:67:9c:8d:a1:cd:1c:5e:c2:2e:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Sep 29 14:25:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d5bea37bc7295642594fdac7c3d2961509fee230
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:3f:fc:6a:55:6b:4d:94:ee:ff:ae:6d:06:22:
                    f2:33:5a:b4:87:65:a3:d9:37:94:bd:56:56:34:fb:
                    45:43:86:c5:80:c6:bd:6f:94:23:61:92:b5:79:17:
                    f9:69:3d:db:48:50:c0:f3:fa:5b:bc:31:a3:40:08:
                    6f:8b:48:46:c6:3c:f0:bc:b4:da:d0:77:12:e5:4b:
                    23:0e:ae:f8:fa:bc:1e:5e:f4:0d:aa:a4:bf:24:b7:
                    5c:04:af:0d:97:32:9e:c1:ba:11:7f:6e:a8:5f:32:
                    80:55:2e:f5:84:3e:4d:ae:07:11:e6:df:df:6d:92:
                    5f:40:1e:a5:11:37:34:a6:11:0f:4f:c2:30:29:ca:
                    60:aa:96:22:8f:66:36:4a:72:d8:2d:6a:2a:95:d4:
                    ad:6a:0c:8a:2b:6c:af:87:97:fe:66:81:00:ce:c7:
                    5d:0e:39:ea:d3:7f:7e:bb:47:e8:db:50:61:4e:2c:
                    6d:9b:be:86:23:af:b3:d5:ca:c3:8f:2f:b8:bc:7d:
                    6d:a5:9f:63:fe:b0:04:82:b4:f7:fd:e8:07:e4:d3:
                    a8:59:47:10:2e:1f:9e:e1:d6:6c:38:a9:83:ad:ac:
                    04:7e:6e:f1:a6:cf:a4:3f:a7:27:5e:52:df:67:79:
                    6e:cc:d5:5c:06:13:3d:ec:21:7b:b2:c7:00:88:c5:
                    14:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:BE:A3:7B:C7:29:56:42:59:4F:DA:C7:C3:D2:96:15:09:FE:E2:30
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1b6je8cpVkJZT9rHw9KWFQn-4jA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.192.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:1b:51:8d:ca:f9:e1:ed:00:7f:b2:72:5f:0e:47:26:90:09:
         4b:00:ae:63:8c:8d:bb:ef:2b:44:3c:79:5e:ba:5d:f0:f4:d4:
         bc:ca:ec:26:1d:7e:51:85:45:c1:3b:68:42:92:3c:85:ae:38:
         f0:05:ce:30:0f:e5:67:bd:8b:aa:f4:37:15:eb:22:d9:25:b4:
         fe:c2:a2:a7:98:8b:35:c4:12:11:16:8e:20:ef:4d:6f:0e:ce:
         11:65:b8:33:cb:aa:73:99:c5:8b:bb:69:ba:3b:1e:c9:2c:c4:
         5a:cd:fb:cc:8f:8d:d5:71:7a:1c:c4:92:a3:e5:c2:fa:b8:d1:
         a0:8b:27:f8:ea:b4:d6:50:08:9e:a6:d9:e4:5b:07:57:ad:d0:
         1c:c1:0e:91:fb:f9:04:e2:77:40:76:c3:b6:a4:de:6c:73:16:
         54:77:a6:16:f7:71:bd:71:51:a8:9e:ca:96:18:e0:d0:78:f5:
         32:7a:c9:83:d7:61:58:3b:ad:80:3c:c9:f8:91:6d:09:18:8f:
         13:30:85:8f:43:b7:c8:9d:c5:43:8f:3a:ac:61:80:3b:b5:92:
         29:e0:d0:44:d6:18:d1:2a:b4:48:06:d3:66:36:a3:2f:83:ba:
         2e:e5:48:fb:b3:2d:0a:53:b0:35:79:69:e9:d3:ae:e7:39:22:
         ec:be:06:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrhVEeGNwdnnI2hzRxewi61MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTI5MTQyNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWJlYTM3YmM3Mjk1NjQyNTk0ZmRhYzdjM2QyOTYxNTA5ZmVlMjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuz/8alVrTZTu/65tBiLyM1q0h2Wj
2TeUvVZWNPtFQ4bFgMa9b5QjYZK1eRf5aT3bSFDA8/pbvDGjQAhvi0hGxjzwvLTa
0HcS5UsjDq74+rweXvQNqqS/JLdcBK8NlzKewboRf26oXzKAVS71hD5NrgcR5t/f
bZJfQB6lETc0phEPT8IwKcpgqpYij2Y2SnLYLWoqldStagyKK2yvh5f+ZoEAzsdd
Djnq039+u0fo21BhTixtm76GI6+z1crDjy+4vH1tpZ9j/rAEgrT3/egH5NOoWUcQ
Lh+e4dZsOKmDrawEfm7xps+kP6cnXlLfZ3luzNVcBhM97CF7sscAiMUUxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNW+o3vHKVZCWU/ax8PSlhUJ/uIwMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMWI2amU4Y3BWa0paVDlySHc5S1dGUW4tNGpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1MDfMA0G
CSqGSIb3DQEBCwUAA4IBAQCIG1GNyvnh7QB/snJfDkcmkAlLAK5jjI277ytEPHle
ul3w9NS8yuwmHX5RhUXBO2hCkjyFrjjwBc4wD+VnvYuq9DcV6yLZJbT+wqKnmIs1
xBIRFo4g701vDs4RZbgzy6pzmcWLu2m6Ox7JLMRazfvMj43VcXocxJKj5cL6uNGg
iyf46rTWUAieptnkWwdXrdAcwQ6R+/kE4ndAdsO2pN5scxZUd6YW93G9cVGonsqW
GODQePUyesmD12FYO62APMn4kW0JGI8TMIWPQ7fIncVDjzqsYYA7tZIp4NBE1hjR
KrRIBtNmNqMvg7ou5Uj7sy0KU7A1eWnp067nOSLsvgZg
-----END CERTIFICATE-----
Generated at Thu Nov 2 09:27:35 2023 by rpki-client on console-fra.rpki-client.org