Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1hyAe_Tm8ynk_8V4ip0pz1gR9rY.roa
File:                     1hyAe_Tm8ynk_8V4ip0pz1gR9rY.roa (raw, json)
Hash identifier:          09NajF/E7OXmyPfJ1KORjHQ25Uy97xR7gu3EK8g4rcg=
Subject key identifier:   D6:1C:80:7B:F4:E6:F3:29:E4:FF:C5:78:8A:9D:29:CF:58:11:F6:B6
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01877A09E7074FC8851FE03A494FAB9D352B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1hyAe_Tm8ynk_8V4ip0pz1gR9rY.roa
Signing time:             Thu 13 Apr 2023 09:54:41 +0000
ROA not before:           Thu 13 Apr 2023 09:54:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204843
IP address blocks:        194.87.36.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7a:09:e7:07:4f:c8:85:1f:e0:3a:49:4f:ab:9d:35:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Apr 13 09:54:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d61c807bf4e6f329e4ffc5788a9d29cf5811f6b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:f9:c3:03:46:59:19:4c:03:37:99:97:ea:be:
                    86:a9:c5:e7:c5:33:6c:73:eb:c3:7a:2f:ae:f6:0e:
                    79:99:61:a5:28:dc:85:86:1f:26:7f:74:6f:b3:1a:
                    b4:75:03:92:b7:29:0a:02:1e:53:ad:98:b1:b2:0d:
                    ea:11:55:71:72:91:db:43:69:19:fc:e8:83:07:9d:
                    ac:bb:d1:f8:f8:88:01:ae:60:25:36:d4:64:e9:b1:
                    24:dc:75:8d:a7:c0:8b:f4:d2:27:db:aa:dd:ec:33:
                    01:a3:06:58:4c:25:91:32:3b:77:6a:46:04:22:6a:
                    19:06:fe:2e:d0:90:10:d7:a4:8a:38:19:4d:60:7a:
                    fb:4d:fd:1b:7c:7e:d5:29:e6:4b:33:99:f6:ba:14:
                    83:dc:ae:d6:a5:41:71:23:5a:d3:84:40:bd:97:09:
                    9c:32:37:50:7b:a6:83:d1:1d:37:61:f2:b6:0e:af:
                    6b:df:6c:22:29:e4:cc:d2:f7:55:c7:d9:90:80:a7:
                    01:e9:61:d4:4e:e2:d1:ef:4e:d2:16:ae:03:7c:b5:
                    05:72:c7:ab:3f:05:ae:94:c8:3c:aa:c8:f9:54:af:
                    7c:9f:cd:7f:6b:6f:f1:71:f9:dd:78:5e:fb:b7:dc:
                    4c:3f:f6:07:a8:52:6e:eb:3f:e7:a3:de:63:e9:78:
                    45:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:1C:80:7B:F4:E6:F3:29:E4:FF:C5:78:8A:9D:29:CF:58:11:F6:B6
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1hyAe_Tm8ynk_8V4ip0pz1gR9rY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.36.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:80:90:e8:ed:77:60:61:4c:59:61:21:90:a4:1a:3f:ee:13:
         c5:26:49:06:b9:5d:7e:21:a3:8f:6d:bb:38:91:9c:4b:0c:4b:
         00:87:2c:e7:28:e3:69:47:fa:bc:04:db:a6:17:c0:fe:9a:66:
         32:90:89:70:d9:6e:39:4e:ff:d3:18:20:98:14:80:e4:be:ab:
         a1:0b:45:1a:90:85:c1:5f:24:e6:9b:33:71:d2:54:7f:6f:68:
         af:a6:11:9a:70:5c:bd:0e:be:d7:bb:e2:cc:b0:e9:7b:63:cc:
         07:9d:5e:5b:db:b4:72:ad:72:a3:e0:73:34:72:02:53:cf:88:
         d9:01:45:fe:28:45:eb:29:7a:e4:ed:78:7d:8b:87:4a:c8:a8:
         75:72:d5:3c:53:56:d3:64:75:c6:01:86:f3:d8:f5:b5:0d:d9:
         2f:a5:81:a5:d2:26:78:33:d2:a1:34:a5:db:12:e9:75:7d:04:
         75:0c:ef:6e:a7:1b:a7:c4:b6:18:b7:10:a3:09:07:2e:42:13:
         c2:9a:ec:09:3b:d4:4d:cd:43:a2:21:df:3f:04:88:68:10:b4:
         c5:a0:17:1b:30:05:36:98:67:1e:25:d8:08:a2:a2:a1:53:95:
         67:6b:6a:ce:a1:7e:08:54:c6:97:70:3b:d9:30:d9:b1:b9:c4:
         87:6d:39:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd6CecHT8iFH+A6SU+rnTUrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDEzMDk1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjFjODA3YmY0ZTZmMzI5ZTRmZmM1Nzg4YTlkMjljZjU4MTFmNmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/nDA0ZZGUwDN5mX6r6GqcXnxTNs
c+vDei+u9g55mWGlKNyFhh8mf3Rvsxq0dQOStykKAh5TrZixsg3qEVVxcpHbQ2kZ
/OiDB52su9H4+IgBrmAlNtRk6bEk3HWNp8CL9NIn26rd7DMBowZYTCWRMjt3akYE
ImoZBv4u0JAQ16SKOBlNYHr7Tf0bfH7VKeZLM5n2uhSD3K7WpUFxI1rThEC9lwmc
MjdQe6aD0R03YfK2Dq9r32wiKeTM0vdVx9mQgKcB6WHUTuLR707SFq4DfLUFcser
PwWulMg8qsj5VK98n81/a2/xcfndeF77t9xMP/YHqFJu6z/no95j6XhFZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNYcgHv05vMp5P/FeIqdKc9YEfa2MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMWh5QWVfVG04eW5rXzhWNGlwMHB6MWdSOXJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlckMA0G
CSqGSIb3DQEBCwUAA4IBAQAagJDo7XdgYUxZYSGQpBo/7hPFJkkGuV1+IaOPbbs4
kZxLDEsAhyznKONpR/q8BNumF8D+mmYykIlw2W45Tv/TGCCYFIDkvquhC0UakIXB
XyTmmzNx0lR/b2ivphGacFy9Dr7Xu+LMsOl7Y8wHnV5b27RyrXKj4HM0cgJTz4jZ
AUX+KEXrKXrk7Xh9i4dKyKh1ctU8U1bTZHXGAYbz2PW1DdkvpYGl0iZ4M9KhNKXb
Eul1fQR1DO9upxunxLYYtxCjCQcuQhPCmuwJO9RNzUOiId8/BIhoELTFoBcbMAU2
mGceJdgIoqKhU5Vna2rOoX4IVMaXcDvZMNmxucSHbTlW
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:54 2023 by rpki-client on console-fra.rpki-client.org