Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3NljpuhYD8chbA4Pz5qEquNVn7U.roa
File:                     3NljpuhYD8chbA4Pz5qEquNVn7U.roa (raw, json)
Hash identifier:          9h0B2kmQA3od/WxeNoAjdMTwbmE4MYRqAiyKV3pTCEk=
Subject key identifier:   DC:D9:63:A6:E8:58:0F:C7:21:6C:0E:0F:CF:9A:84:AA:E3:55:9F:B5
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0185A55E174233185476F95353CC7E570D10
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3NljpuhYD8chbA4Pz5qEquNVn7U.roa
Signing time:             Thu 12 Jan 2023 09:44:45 +0000
ROA not before:           Thu 12 Jan 2023 09:44:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     17447
IP address blocks:        194.87.200.0/24 maxlen: 24
                          195.133.73.0/24 maxlen: 24
                          193.124.47.0/24 maxlen: 24
                          194.87.162.0/24 maxlen: 24
                          195.58.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:a5:5e:17:42:33:18:54:76:f9:53:53:cc:7e:57:0d:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan 12 09:44:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dcd963a6e8580fc7216c0e0fcf9a84aae3559fb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:47:4b:f7:f9:35:82:5c:e8:c2:66:13:1a:6d:
                    e5:dc:7b:8d:26:89:61:c8:57:3f:3e:80:11:19:3f:
                    c7:42:df:01:ad:50:79:74:5d:f2:a2:3d:4f:47:f7:
                    da:8f:5d:c3:23:d1:ef:d9:b3:0f:c9:6a:96:b5:f6:
                    64:87:99:94:dd:39:5d:32:b0:84:2d:98:aa:25:ee:
                    be:80:35:48:e5:fc:c2:b1:11:71:81:a4:5a:e2:37:
                    0e:ab:4e:69:60:81:4b:f2:f1:c9:75:17:56:ff:32:
                    96:eb:26:82:7f:34:6f:a7:da:e5:a7:39:32:e0:4f:
                    c4:ea:d7:90:2c:ab:a4:c8:76:43:05:5f:93:ca:1c:
                    64:af:c8:7d:ac:f9:1f:24:19:f5:be:b6:58:e0:6e:
                    3f:5e:76:7e:68:7e:7d:9c:a1:e2:58:2a:a5:72:e7:
                    4a:f2:86:d5:b8:7d:c7:70:bd:80:ed:ca:6d:6b:6d:
                    76:41:1e:57:e7:39:cb:40:26:ca:ae:94:70:2c:8f:
                    93:1a:43:43:e8:f5:15:22:e8:34:88:65:6c:d1:9e:
                    ea:3f:15:88:18:af:d6:dd:f7:2c:75:c8:b2:f7:85:
                    dd:ea:94:64:a3:9f:b3:ad:d2:5e:80:32:f4:43:72:
                    49:81:fb:61:84:b2:56:86:30:c9:4e:26:80:3c:a3:
                    30:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:D9:63:A6:E8:58:0F:C7:21:6C:0E:0F:CF:9A:84:AA:E3:55:9F:B5
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3NljpuhYD8chbA4Pz5qEquNVn7U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.47.0/24
                  194.87.162.0/24
                  194.87.200.0/24
                  195.58.63.0/24
                  195.133.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:5f:8b:f3:5d:88:39:3a:68:37:41:8a:01:db:ef:b2:55:14:
         c7:10:26:ce:64:c7:14:dd:21:ef:ad:aa:65:a8:65:58:2a:6f:
         14:7c:fc:cb:95:36:43:90:b8:36:dd:cb:c9:cd:5e:78:01:8d:
         0c:ad:f5:96:a0:bb:cd:86:c9:fe:5c:bd:51:35:a9:9b:ce:6e:
         6b:5c:97:d1:59:73:30:9e:2f:54:09:a7:73:c6:bd:b6:96:49:
         3e:78:d1:22:e3:fc:b3:4d:7b:9f:3e:f8:7e:20:39:2f:3e:85:
         82:11:db:03:4b:0c:64:5a:5a:93:36:ae:e1:d9:4c:ac:0b:d6:
         1e:e1:2f:09:72:21:76:19:20:b8:30:16:b4:e0:76:b6:5f:ab:
         98:8f:74:ec:c1:5d:03:81:2d:52:53:d3:74:8f:f2:1e:ca:34:
         00:b3:86:14:9e:ca:2a:ee:1a:06:80:90:eb:1a:16:11:44:77:
         fc:27:05:b9:20:0a:40:f2:50:d7:9b:75:01:33:7d:82:c7:93:
         25:3d:7f:9f:a6:83:5e:d1:21:b0:20:63:ec:22:23:2b:e9:3d:
         c2:7c:3c:56:0a:7c:de:bf:3b:fa:c6:28:04:89:ba:ea:bd:10:
         24:f8:71:35:ab:42:13:3b:7a:e9:04:da:20:12:77:1f:01:99:
         26:b6:9b:b7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYWlXhdCMxhUdvlTU8x+Vw0QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTEyMDk0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2Q5NjNhNmU4NTgwZmM3MjE2YzBlMGZjZjlhODRhYWUzNTU5ZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUdL9/k1glzowmYTGm3l3HuNJolh
yFc/PoARGT/HQt8BrVB5dF3yoj1PR/faj13DI9Hv2bMPyWqWtfZkh5mU3TldMrCE
LZiqJe6+gDVI5fzCsRFxgaRa4jcOq05pYIFL8vHJdRdW/zKW6yaCfzRvp9rlpzky
4E/E6teQLKukyHZDBV+Tyhxkr8h9rPkfJBn1vrZY4G4/XnZ+aH59nKHiWCqlcudK
8obVuH3HcL2A7cpta212QR5X5znLQCbKrpRwLI+TGkND6PUVIug0iGVs0Z7qPxWI
GK/W3fcsdciy94Xd6pRko5+zrdJegDL0Q3JJgfthhLJWhjDJTiaAPKMw9wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNzZY6boWA/HIWwOD8+ahKrjVZ+1MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvM05sanB1aFlEOGNoYkE0UHo1cUVxdU5WbjdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXwvAwQA
wleiAwQAwlfIAwQAwzo/AwQAw4VJMA0GCSqGSIb3DQEBCwUAA4IBAQBkX4vzXYg5
Omg3QYoB2++yVRTHECbOZMcU3SHvraplqGVYKm8UfPzLlTZDkLg23cvJzV54AY0M
rfWWoLvNhsn+XL1RNambzm5rXJfRWXMwni9UCadzxr22lkk+eNEi4/yzTXufPvh+
IDkvPoWCEdsDSwxkWlqTNq7h2UysC9Ye4S8JciF2GSC4MBa04Ha2X6uYj3TswV0D
gS1SU9N0j/IeyjQAs4YUnsoq7hoGgJDrGhYRRHf8JwW5IApA8lDXm3UBM32Cx5Ml
PX+fpoNe0SGwIGPsIiMr6T3CfDxWCnzevzv6xigEibrqvRAk+HE1q0ITO3rpBNog
EncfAZkmtpu3
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-ams.rpki-client.org