Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2-77NJz3dWJd3aH5Z5-sJiwJLtk.roa
File:                     2-77NJz3dWJd3aH5Z5-sJiwJLtk.roa (raw, json)
Hash identifier:          a/cJmwt8UH8LRYXJ146iMAf/3JlY9JQzsOkuSUWdSo8=
Subject key identifier:   DB:EE:FB:34:9C:F7:75:62:5D:DD:A1:F9:67:9F:AC:26:2C:09:2E:D9
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01876A2ACCD1E01078B5F27504E6084DD9D9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2-77NJz3dWJd3aH5Z5-sJiwJLtk.roa
Signing time:             Mon 10 Apr 2023 07:56:42 +0000
ROA not before:           Mon 10 Apr 2023 07:56:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2856
IP address blocks:        195.133.78.0/24 maxlen: 24
                          194.135.105.0/24 maxlen: 24
                          194.87.20.0/23 maxlen: 23
                          212.192.212.0/22 maxlen: 24
                          195.58.34.0/24 maxlen: 24
                          212.192.252.0/22 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:6a:2a:cc:d1:e0:10:78:b5:f2:75:04:e6:08:4d:d9:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Apr 10 07:56:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dbeefb349cf775625ddda1f9679fac262c092ed9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:34:2e:8a:be:8f:c7:9a:96:20:62:b1:ce:6d:
                    e1:df:4c:54:7e:12:63:77:56:03:16:7f:62:c8:51:
                    11:78:1d:41:2b:7c:d9:93:5b:95:e7:88:ae:aa:9b:
                    28:ad:2c:6b:2a:97:6e:c6:8d:34:2d:34:97:99:f6:
                    3a:21:46:24:5a:71:c0:9e:7e:21:ae:f8:af:3c:5b:
                    69:02:70:af:d8:d5:5c:ab:21:88:70:57:75:9d:f4:
                    ac:9d:4f:8b:90:5e:59:07:6e:df:b0:88:c9:82:54:
                    80:54:d6:ce:ae:13:a6:68:8e:8d:83:d5:73:a3:d6:
                    f9:7b:bb:a6:94:bf:e6:5c:1d:e8:84:94:e7:1c:90:
                    f8:fd:a3:06:2d:f6:1e:de:85:dd:45:31:42:23:17:
                    e2:7b:ed:66:c4:87:6f:e6:e6:72:d7:c4:7d:38:fc:
                    e1:ca:11:ea:0f:83:f5:d6:7b:d3:c6:d7:09:d4:0d:
                    36:25:14:d6:da:7e:33:c0:b8:8e:12:e7:83:2c:3d:
                    a0:87:3b:37:e6:a5:fe:3e:32:fb:dc:34:74:fa:53:
                    fa:cd:55:6a:56:5b:4a:f6:bd:2b:30:25:06:8e:71:
                    4c:d3:6a:64:cd:08:33:da:81:69:14:4f:15:27:ca:
                    a4:b8:a6:16:ea:b9:94:d8:99:a2:3e:bf:af:4b:6c:
                    93:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:EE:FB:34:9C:F7:75:62:5D:DD:A1:F9:67:9F:AC:26:2C:09:2E:D9
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2-77NJz3dWJd3aH5Z5-sJiwJLtk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.20.0/23
                  194.135.105.0/24
                  195.58.34.0/24
                  195.133.78.0/24
                  212.192.212.0/22
                  212.192.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         11:41:5c:b3:f4:03:9f:a0:b6:9f:6f:c8:79:b7:df:a9:d5:34:
         de:07:08:de:d2:00:bd:50:8b:ab:ab:3c:01:30:3f:08:c6:6c:
         a1:c2:e0:89:f5:15:c8:7a:cd:85:b2:ff:48:07:ae:e8:8f:44:
         f7:8e:73:17:a4:72:61:ac:d3:ec:14:51:3e:16:43:11:da:e2:
         8a:93:b6:a4:5f:9b:45:56:9b:2a:92:21:91:2c:75:66:ae:66:
         3c:70:ff:65:7c:3d:8d:04:2a:1b:1a:a0:f9:c7:3a:b0:b2:d4:
         71:bf:82:7b:70:e5:00:f5:cc:a9:c0:53:97:48:1b:2c:90:4c:
         dc:c4:03:de:4b:4e:c5:aa:7b:5b:e3:13:3f:96:aa:73:5a:4a:
         af:d1:3a:43:8e:e5:c0:92:b6:eb:66:94:ef:da:8c:6d:b1:a1:
         5f:85:15:42:53:c7:a8:d4:f6:2d:0f:1c:d9:95:80:33:bb:fa:
         89:af:d6:51:c9:f3:3f:75:3b:52:1c:69:2f:43:f6:71:cb:f5:
         f6:f0:93:ef:3d:7c:f8:df:d7:c0:70:ee:f6:c6:03:1a:01:6b:
         b7:a2:3d:20:dc:67:84:66:82:ef:c1:38:d8:6f:70:09:ab:40:
         28:6f:cb:c5:15:eb:83:3a:d2:d1:8c:4d:c6:7c:42:03:77:52:
         85:e0:76:1a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYdqKszR4BB4tfJ1BOYITdnZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDEwMDc1NjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmVlZmIzNDljZjc3NTYyNWRkZGExZjk2NzlmYWMyNjJjMDkyZWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjQuir6Px5qWIGKxzm3h30xUfhJj
d1YDFn9iyFEReB1BK3zZk1uV54iuqpsorSxrKpduxo00LTSXmfY6IUYkWnHAnn4h
rvivPFtpAnCv2NVcqyGIcFd1nfSsnU+LkF5ZB27fsIjJglSAVNbOrhOmaI6Ng9Vz
o9b5e7umlL/mXB3ohJTnHJD4/aMGLfYe3oXdRTFCIxfie+1mxIdv5uZy18R9OPzh
yhHqD4P11nvTxtcJ1A02JRTW2n4zwLiOEueDLD2ghzs35qX+PjL73DR0+lP6zVVq
VltK9r0rMCUGjnFM02pkzQgz2oFpFE8VJ8qkuKYW6rmU2JmiPr+vS2yTlwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNvu+zSc93ViXd2h+WefrCYsCS7ZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMi03N05KejNkV0pkM2FINVo1LXNKaXdKTHRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBwlcUAwQA
wodpAwQAwzoiAwQAw4VOAwQC1MDUAwQC1MD8MA0GCSqGSIb3DQEBCwUAA4IBAQAR
QVyz9AOfoLafb8h5t9+p1TTeBwje0gC9UIurqzwBMD8IxmyhwuCJ9RXIes2Fsv9I
B67oj0T3jnMXpHJhrNPsFFE+FkMR2uKKk7akX5tFVpsqkiGRLHVmrmY8cP9lfD2N
BCobGqD5xzqwstRxv4J7cOUA9cypwFOXSBsskEzcxAPeS07Fqntb4xM/lqpzWkqv
0TpDjuXAkrbrZpTv2oxtsaFfhRVCU8eo1PYtDxzZlYAzu/qJr9ZRyfM/dTtSHGkv
Q/Zxy/X28JPvPXz439fAcO72xgMaAWu3oj0g3GeEZoLvwTjYb3AJq0Aob8vFFeuD
OtLRjE3GfEIDd1KF4HYa
-----END CERTIFICATE-----
Generated at Thu Aug 10 06:42:12 2023 by rpki-client on console-fra.rpki-client.org