Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3oow4XmYCD1ZbVhLUlT2FABp4IY.roa
File:                     3oow4XmYCD1ZbVhLUlT2FABp4IY.roa (raw, json)
Hash identifier:          2er8j5Vio340gIyxMV959DV9u+Q2tFf1RHbCa73oo4Y=
Subject key identifier:   DE:8A:30:E1:79:98:08:3D:59:6D:58:4B:52:54:F6:14:00:69:E0:86
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01856F67094D2D5B0CC96D898D48B3FD373B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3oow4XmYCD1ZbVhLUlT2FABp4IY.roa
Signing time:             Sun 01 Jan 2023 22:15:01 +0000
ROA not before:           Sun 01 Jan 2023 22:15:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206092
IP address blocks:        192.124.177.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:67:09:4d:2d:5b:0c:c9:6d:89:8d:48:b3:fd:37:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan  1 22:15:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=de8a30e17998083d596d584b5254f6140069e086
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:ab:40:6e:e2:ca:63:23:cd:05:eb:6c:53:c7:
                    0c:55:36:50:c5:cc:55:1a:d2:82:16:9d:43:4b:f1:
                    d5:a6:cb:50:12:4a:24:16:0b:58:0f:51:ec:d8:ed:
                    2a:5e:84:17:ad:0c:fc:e5:9d:0d:cb:81:49:6f:75:
                    21:c7:ed:e0:b0:c2:5d:b5:09:a6:b3:e4:06:eb:2c:
                    8d:03:20:c7:62:50:68:62:c3:8c:c6:f5:0b:87:5d:
                    8b:43:e1:e4:72:5e:16:b5:f0:61:00:5a:c4:38:ff:
                    b3:9b:10:4f:92:df:9e:f5:81:e4:26:70:a7:26:82:
                    af:02:ea:fa:5e:70:c9:b4:9b:20:f1:80:ef:3d:99:
                    c3:1d:0e:c2:52:da:5c:a1:77:8f:30:05:27:fd:f9:
                    89:47:5a:a9:60:3a:7c:ec:ec:74:d8:dd:72:93:dd:
                    01:6d:7e:d4:e0:cf:e9:06:4e:e0:05:db:0a:e4:2b:
                    f7:38:5e:a3:53:87:32:a1:fc:3b:79:fa:4d:19:e8:
                    cc:bc:56:d6:33:fd:8a:88:d7:c9:4d:e0:a3:f1:31:
                    7a:ab:3b:8f:e8:b8:a9:55:6e:b3:bb:0e:17:4c:df:
                    af:5c:5c:68:13:47:7c:3c:72:8b:f2:14:55:6a:ed:
                    7c:36:de:c3:8b:69:9e:2b:e4:00:32:24:82:d8:cf:
                    f4:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:8A:30:E1:79:98:08:3D:59:6D:58:4B:52:54:F6:14:00:69:E0:86
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3oow4XmYCD1ZbVhLUlT2FABp4IY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.124.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:b8:80:32:44:fd:a6:f9:13:ee:a8:7d:ca:9a:b9:6a:33:de:
         f5:6d:6c:9d:e4:7b:ba:7c:dc:b4:16:84:13:44:4d:aa:bb:f5:
         81:5f:38:78:07:d0:eb:1b:6c:fb:f6:23:cc:a4:18:f2:7c:da:
         15:75:a4:12:c1:04:81:38:7b:86:51:f1:a8:03:9c:23:e6:42:
         92:72:81:ac:ff:74:96:e3:0a:fe:35:6d:ee:c9:79:8a:80:fe:
         b4:ca:dc:26:fe:83:bd:24:8c:f8:98:39:07:ea:8c:9b:e6:76:
         b1:81:99:2a:04:41:7a:7b:e6:e9:5b:39:19:ab:53:71:71:29:
         a3:14:29:19:c2:53:49:a0:04:98:ce:71:80:f2:cc:88:66:cb:
         a6:09:7b:93:e9:cc:5f:ee:50:2b:e1:49:c6:43:04:60:f7:32:
         05:80:eb:27:91:aa:5c:6f:09:4e:56:e1:b8:11:1a:75:a1:fa:
         a7:d2:35:71:b2:d7:dc:d7:ce:74:89:06:5b:5e:95:4a:6e:b5:
         e8:c6:35:f3:8e:92:ee:e6:2a:20:77:68:2b:3a:df:1a:63:11:
         15:fe:bf:f0:b7:44:4e:60:2e:e8:d1:9a:28:b6:46:73:a0:7a:
         4d:03:8f:3d:d9:56:e2:51:0c:bd:de:a6:97:e6:c8:c5:22:1e:
         65:98:6c:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZwlNLVsMyW2JjUiz/Tc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZThhMzBlMTc5OTgwODNkNTk2ZDU4NGI1MjU0ZjYxNDAwNjllMDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6tAbuLKYyPNBetsU8cMVTZQxcxV
GtKCFp1DS/HVpstQEkokFgtYD1Hs2O0qXoQXrQz85Z0Ny4FJb3Uhx+3gsMJdtQmm
s+QG6yyNAyDHYlBoYsOMxvULh12LQ+Hkcl4WtfBhAFrEOP+zmxBPkt+e9YHkJnCn
JoKvAur6XnDJtJsg8YDvPZnDHQ7CUtpcoXePMAUn/fmJR1qpYDp87Ox02N1yk90B
bX7U4M/pBk7gBdsK5Cv3OF6jU4cyofw7efpNGejMvFbWM/2KiNfJTeCj8TF6qzuP
6LipVW6zuw4XTN+vXFxoE0d8PHKL8hRVau18Nt7Di2meK+QAMiSC2M/02wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN6KMOF5mAg9WW1YS1JU9hQAaeCGMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvM29vdzRYbVlDRDFaYlZoTFVsVDJGQUJwNElZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwHyxMA0G
CSqGSIb3DQEBCwUAA4IBAQCTuIAyRP2m+RPuqH3KmrlqM971bWyd5Hu6fNy0FoQT
RE2qu/WBXzh4B9DrG2z79iPMpBjyfNoVdaQSwQSBOHuGUfGoA5wj5kKScoGs/3SW
4wr+NW3uyXmKgP60ytwm/oO9JIz4mDkH6oyb5naxgZkqBEF6e+bpWzkZq1NxcSmj
FCkZwlNJoASYznGA8syIZsumCXuT6cxf7lAr4UnGQwRg9zIFgOsnkapcbwlOVuG4
ERp1ofqn0jVxstfc1850iQZbXpVKbrXoxjXzjpLu5iogd2grOt8aYxEV/r/wt0RO
YC7o0ZootkZzoHpNA4892VbiUQy93qaX5sjFIh5lmGxd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:05 2024 by rpki-client on console-fra.rpki-client.org