Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3C45NXClsk4XFXbO6-RqshvagE0.roa
File:                     3C45NXClsk4XFXbO6-RqshvagE0.roa (raw, json)
Hash identifier:          wVLIpiqN2eabt7yXOUGdVkNwRwKeF7ZAQXWBrvRfnZk=
Subject key identifier:   DC:2E:39:35:70:A5:B2:4E:17:15:76:CE:EB:E4:6A:B2:1B:DA:80:4D
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018871963FC295CFD07A09A1A16A3BEAB6AC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3C45NXClsk4XFXbO6-RqshvagE0.roa
Signing time:             Wed 31 May 2023 11:34:12 +0000
ROA not before:           Wed 31 May 2023 11:34:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3507
IP address blocks:        194.87.25.0/24 maxlen: 24
                          194.87.33.0/24 maxlen: 24
                          194.87.182.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:71:96:3f:c2:95:cf:d0:7a:09:a1:a1:6a:3b:ea:b6:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: May 31 11:34:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dc2e393570a5b24e171576ceebe46ab21bda804d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:d8:74:7b:ec:eb:10:4e:b4:af:f5:71:cc:60:
                    3b:d5:8f:9c:69:f1:45:f2:e5:9e:97:a4:a8:15:36:
                    5d:fa:68:66:66:fe:8a:67:1b:46:45:c0:4e:1a:44:
                    2f:40:77:37:3a:58:29:57:a0:95:c2:18:f4:fe:05:
                    8e:2b:07:79:bd:f0:52:62:dc:79:f6:f8:3f:21:dc:
                    b4:3c:3f:48:7b:5f:e0:65:a5:82:c3:9e:98:ad:87:
                    33:59:e2:7b:ab:33:85:a6:f4:fd:e3:d6:e1:a3:e1:
                    8c:cc:87:65:d7:18:dd:44:a3:9d:a0:18:db:18:1e:
                    6c:b8:0b:b3:c0:c1:5d:d7:2c:fc:7f:ad:cf:0c:94:
                    8a:51:3e:75:29:ea:56:b1:61:89:9c:d8:42:33:60:
                    72:69:64:32:6f:b7:25:f5:0d:1f:16:8d:d2:ca:54:
                    5b:fd:bb:6d:12:25:9e:58:71:a2:99:f5:2a:1c:fb:
                    91:2f:e3:8a:f6:07:fd:b9:40:51:12:28:9f:79:bb:
                    6f:96:9f:f9:f5:b9:f0:01:07:c0:ef:88:88:e2:43:
                    c2:b2:8d:84:d3:c3:bd:98:48:1c:73:e7:73:dc:45:
                    4a:41:9a:95:88:ae:81:62:4b:7d:c0:5d:28:af:d1:
                    47:04:65:18:4a:02:94:69:c7:c2:99:be:60:29:04:
                    5e:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:2E:39:35:70:A5:B2:4E:17:15:76:CE:EB:E4:6A:B2:1B:DA:80:4D
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3C45NXClsk4XFXbO6-RqshvagE0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.25.0/24
                  194.87.33.0/24
                  194.87.182.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:e0:ab:14:4b:54:fd:08:f2:15:f7:63:2d:88:0f:47:13:6c:
         07:20:02:95:0c:d8:a0:99:08:56:c7:bc:bb:29:79:12:c7:d8:
         7e:35:be:15:d3:87:f1:83:98:8d:0e:33:60:c9:59:0f:d8:17:
         5c:33:93:58:c5:a7:e1:5d:03:e0:5d:a5:c7:e9:fa:76:b0:1d:
         09:49:b5:8b:d7:5c:bb:e5:8b:ba:17:f7:3a:3e:ee:b9:29:00:
         eb:44:0d:74:d9:38:a5:c7:92:27:af:61:46:53:37:07:8a:3d:
         18:36:79:bb:68:ea:24:3c:db:c9:3a:e9:48:35:c3:fb:b5:c4:
         5b:43:d0:ce:d0:92:de:30:38:e1:54:da:cd:e3:1c:ee:44:88:
         4e:87:31:48:81:80:a8:c1:2e:41:13:49:eb:0e:17:db:33:26:
         08:f4:27:73:2e:f3:76:fb:b5:70:4e:c4:0e:bf:6b:77:76:d7:
         bf:c8:79:f2:6f:e6:fa:ba:e1:05:c8:cd:fe:6b:da:36:a6:7e:
         e4:dc:19:7b:af:10:f1:10:04:4e:98:ab:7e:43:65:00:f4:52:
         58:83:70:e4:b3:c2:4c:8e:f1:d4:cb:4a:06:a4:95:79:5f:a8:
         27:df:a0:9f:af:45:d1:12:85:40:d1:b9:ef:e4:8a:05:2d:56:
         cf:6a:ee:f5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYhxlj/Clc/QegmhoWo76rasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTMxMTEzNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzJlMzkzNTcwYTViMjRlMTcxNTc2Y2VlYmU0NmFiMjFiZGE4MDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Nh0e+zrEE60r/VxzGA71Y+cafFF
8uWel6SoFTZd+mhmZv6KZxtGRcBOGkQvQHc3OlgpV6CVwhj0/gWOKwd5vfBSYtx5
9vg/Idy0PD9Ie1/gZaWCw56YrYczWeJ7qzOFpvT949bho+GMzIdl1xjdRKOdoBjb
GB5suAuzwMFd1yz8f63PDJSKUT51KepWsWGJnNhCM2ByaWQyb7cl9Q0fFo3SylRb
/bttEiWeWHGimfUqHPuRL+OK9gf9uUBREiifebtvlp/59bnwAQfA74iI4kPCso2E
08O9mEgcc+dz3EVKQZqViK6BYkt9wF0or9FHBGUYSgKUacfCmb5gKQReAwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNwuOTVwpbJOFxV2zuvkarIb2oBNMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvM0M0NU5YQ2xzazRYRlhiTzYtUnFzaHZhZ0UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlcZAwQA
wlchAwQAwle2MA0GCSqGSIb3DQEBCwUAA4IBAQBb4KsUS1T9CPIV92MtiA9HE2wH
IAKVDNigmQhWx7y7KXkSx9h+Nb4V04fxg5iNDjNgyVkP2BdcM5NYxafhXQPgXaXH
6fp2sB0JSbWL11y75Yu6F/c6Pu65KQDrRA102Tilx5Inr2FGUzcHij0YNnm7aOok
PNvJOulINcP7tcRbQ9DO0JLeMDjhVNrN4xzuRIhOhzFIgYCowS5BE0nrDhfbMyYI
9CdzLvN2+7VwTsQOv2t3dte/yHnyb+b6uuEFyM3+a9o2pn7k3Bl7rxDxEAROmKt+
Q2UA9FJYg3Dks8JMjvHUy0oGpJV5X6gn36Cfr0XREoVA0bnv5IoFLVbPau71
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-ams.rpki-client.org