Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/658ILeyBjaDlGutf8YiRFUZpNz4.roa
File:                     658ILeyBjaDlGutf8YiRFUZpNz4.roa (raw, json)
Hash identifier:          H3aLIjP0ZWBy93Aojz0byqbR5QlF+t+t6/wh/b9dkQE=
Subject key identifier:   EB:9F:08:2D:EC:81:8D:A0:E5:1A:EB:5F:F1:88:91:15:46:69:37:3E
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018BD70F03D47B7EB7C3EE9353A534227A52
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/658ILeyBjaDlGutf8YiRFUZpNz4.roa
Signing time:             Thu 16 Nov 2023 07:36:07 +0000
ROA not before:           Thu 16 Nov 2023 07:36:07 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204769
IP address blocks:        195.133.85.0/24 maxlen: 24
                          212.192.213.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Dec 2023 08:43:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:d7:0f:03:d4:7b:7e:b7:c3:ee:93:53:a5:34:22:7a:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Nov 16 07:36:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eb9f082dec818da0e51aeb5ff18891154669373e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:9a:a8:3d:f8:ea:ba:32:74:06:13:de:d6:42:
                    33:e6:a1:06:e2:18:4e:bf:de:19:1a:4a:b5:e6:8a:
                    9d:84:2e:f4:22:18:13:f6:ea:da:1b:9a:92:77:7f:
                    8a:e9:e0:a3:e8:8f:d3:2b:74:b1:33:5b:44:09:0e:
                    15:36:f2:a9:f0:55:96:af:08:48:98:e0:1a:ef:70:
                    a5:91:e1:0c:e0:e3:9c:d9:7a:21:c4:3c:b5:37:27:
                    38:40:ae:02:5e:f5:e5:8f:8a:91:47:db:13:9f:8f:
                    5d:e3:9b:9c:50:da:9d:2c:3c:97:d3:23:00:48:dc:
                    5b:48:66:8c:d0:5c:aa:55:2c:28:a6:30:1c:ae:85:
                    69:ce:ae:e6:18:20:e1:ea:55:4b:ad:88:a5:39:03:
                    1f:76:8c:98:6f:f8:be:ab:20:e0:48:52:34:75:d1:
                    36:2d:f0:3f:1f:39:a0:77:cf:27:12:af:9b:56:99:
                    a2:42:48:c2:81:fe:38:fd:32:d8:2d:b5:0c:ad:8c:
                    6e:c4:7f:ba:75:89:f0:9b:f6:45:b1:45:21:f2:c5:
                    cf:47:cb:7d:5b:2c:0d:0a:c6:39:a0:6f:1f:94:ed:
                    6d:5c:04:1a:c4:c3:90:f9:25:ab:28:12:1b:65:37:
                    3e:c1:80:af:5a:2a:76:21:e9:48:9a:1d:43:1e:85:
                    c8:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:9F:08:2D:EC:81:8D:A0:E5:1A:EB:5F:F1:88:91:15:46:69:37:3E
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/658ILeyBjaDlGutf8YiRFUZpNz4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.133.85.0/24
                  212.192.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:1e:f0:93:ed:de:f2:52:d4:63:72:ad:49:9d:e6:df:fd:ba:
         2d:09:3d:58:6c:30:41:76:f7:6b:e9:f5:ec:3b:c6:77:0b:94:
         ae:c6:b4:4b:a7:d4:52:a7:89:01:70:3f:f9:b1:4d:04:62:f0:
         8f:11:21:16:f7:f7:e4:fb:26:4d:ca:2a:b9:4f:2a:2f:26:f4:
         4e:f8:d1:83:7b:64:8e:18:4a:74:27:df:64:da:f0:54:ec:78:
         11:99:fa:0e:4b:88:62:de:05:3a:e6:8f:62:22:97:3e:64:f6:
         73:3f:f1:2e:2b:36:a0:5a:3f:d4:f8:e1:3b:6a:e8:3d:60:28:
         10:6f:91:9c:bd:94:e1:75:64:77:75:fa:24:ba:c5:22:26:dd:
         c8:d4:b4:8b:ef:03:ce:b9:7d:62:bd:75:83:73:d5:b9:b2:6b:
         db:84:4c:37:19:90:13:3c:97:ce:5d:ff:95:2d:7e:ef:8c:87:
         42:89:8e:32:23:41:38:e7:37:50:dc:5a:b3:bc:fb:f3:1b:b4:
         4b:7a:68:9f:e7:6a:75:c3:42:3c:be:38:5f:2c:db:8d:33:76:
         94:1e:30:00:9e:bc:0e:73:13:b5:9b:55:40:13:ce:16:f3:45:
         38:e7:1e:c1:63:5e:e4:41:da:a6:48:ac:25:25:a9:22:2f:00:
         2f:9a:f7:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvXDwPUe363w+6TU6U0InpSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTE2MDczNjA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjlmMDgyZGVjODE4ZGEwZTUxYWViNWZmMTg4OTExNTQ2NjkzNzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZqoPfjqujJ0BhPe1kIz5qEG4hhO
v94ZGkq15oqdhC70IhgT9uraG5qSd3+K6eCj6I/TK3SxM1tECQ4VNvKp8FWWrwhI
mOAa73ClkeEM4OOc2XohxDy1Nyc4QK4CXvXlj4qRR9sTn49d45ucUNqdLDyX0yMA
SNxbSGaM0FyqVSwopjAcroVpzq7mGCDh6lVLrYilOQMfdoyYb/i+qyDgSFI0ddE2
LfA/Hzmgd88nEq+bVpmiQkjCgf44/TLYLbUMrYxuxH+6dYnwm/ZFsUUh8sXPR8t9
WywNCsY5oG8flO1tXAQaxMOQ+SWrKBIbZTc+wYCvWip2IelImh1DHoXIsQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOufCC3sgY2g5RrrX/GIkRVGaTc+MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNjU4SUxleUJqYURsR3V0ZjhZaVJGVVpwTno0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw4VVAwQA
1MDVMA0GCSqGSIb3DQEBCwUAA4IBAQBnHvCT7d7yUtRjcq1Jnebf/botCT1YbDBB
dvdr6fXsO8Z3C5SuxrRLp9RSp4kBcD/5sU0EYvCPESEW9/fk+yZNyiq5TyovJvRO
+NGDe2SOGEp0J99k2vBU7HgRmfoOS4hi3gU65o9iIpc+ZPZzP/EuKzagWj/U+OE7
aug9YCgQb5GcvZThdWR3dfokusUiJt3I1LSL7wPOuX1ivXWDc9W5smvbhEw3GZAT
PJfOXf+VLX7vjIdCiY4yI0E45zdQ3FqzvPvzG7RLemif52p1w0I8vjhfLNuNM3aU
HjAAnrwOcxO1m1VAE84W80U45x7BY17kQdqmSKwlJakiLwAvmvej
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:06 2024 by rpki-client on console-fra.rpki-client.org