Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7-HRq22BtUflwvJyLakc5f0HG6g.roa
File:                     7-HRq22BtUflwvJyLakc5f0HG6g.roa (raw, json)
Hash identifier:          O95EHqILSh/bjSg6PQo/iE6B/XoAA+a7xUnLqrOFM7o=
Subject key identifier:   EF:E1:D1:AB:6D:81:B5:47:E5:C2:F2:72:2D:A9:1C:E5:FD:07:1B:A8
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018A1474EF3DFFEC4A7C302E5C2844BF91F4
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7-HRq22BtUflwvJyLakc5f0HG6g.roa
Signing time:             Sun 20 Aug 2023 19:38:42 +0000
ROA not before:           Sun 20 Aug 2023 19:38:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202372
IP address blocks:        195.58.61.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:14:74:ef:3d:ff:ec:4a:7c:30:2e:5c:28:44:bf:91:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Aug 20 19:38:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=efe1d1ab6d81b547e5c2f2722da91ce5fd071ba8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:f2:5f:30:dd:16:9c:b3:78:54:6c:50:00:6b:
                    37:1e:94:c4:19:97:d2:f8:aa:a8:62:c8:96:7f:14:
                    e7:ec:be:83:33:75:12:cb:e8:c3:fb:79:79:f0:4d:
                    34:bd:29:f9:d5:cf:ec:f0:60:9d:6a:96:b5:b1:47:
                    ed:8d:60:3e:5d:36:66:11:06:14:c0:52:2e:f9:ab:
                    67:6c:cc:13:50:5e:63:e3:ee:9f:22:33:11:5e:38:
                    41:45:aa:84:66:0f:a6:ed:5d:a6:88:89:e0:c3:07:
                    6d:f6:dd:ab:41:34:74:f7:2a:5b:16:87:74:5b:1f:
                    f9:6d:96:b0:d7:12:f8:fb:2d:32:3a:0b:af:46:a2:
                    0d:df:56:ed:d1:2b:4b:0c:16:fc:63:eb:b5:a1:d7:
                    23:da:c8:64:b3:01:82:d2:05:12:75:55:e1:21:a3:
                    3b:4e:78:ba:8d:89:f9:c2:a1:5b:65:f1:24:4a:57:
                    00:6c:aa:e7:64:6f:cd:c8:a2:43:c5:e7:e9:74:4c:
                    c8:13:a1:a3:9c:1e:bb:e8:2b:f7:ba:d2:54:d9:dd:
                    6f:1e:7a:b0:57:1f:0a:ee:42:c9:9e:4f:52:9d:92:
                    68:fa:67:9f:4e:47:3e:02:2e:1e:7f:3c:ef:f1:f3:
                    03:fa:d3:8f:6d:f1:f3:8e:25:97:a7:b8:55:ec:24:
                    62:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:E1:D1:AB:6D:81:B5:47:E5:C2:F2:72:2D:A9:1C:E5:FD:07:1B:A8
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7-HRq22BtUflwvJyLakc5f0HG6g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.58.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:1e:5b:3c:12:13:81:ee:d7:5e:2c:fd:6b:e4:90:99:6a:7b:
         41:f9:c4:59:a6:92:32:43:ae:0b:2f:25:5f:31:a7:d4:8d:b1:
         84:a3:dd:09:69:a8:f8:2c:f9:ab:6a:00:83:a8:25:4e:a6:07:
         07:b6:10:ed:c3:c0:05:c8:e2:9b:ff:f9:91:aa:f1:52:66:c1:
         d7:3d:8a:a1:42:b8:3c:62:01:ab:b6:a1:62:20:5b:d3:2e:73:
         7e:dc:c0:db:8f:18:4e:3c:31:f9:7a:6a:e7:2f:d8:2a:97:c0:
         cf:1d:58:17:3d:1b:a8:1e:a0:4c:a7:35:41:24:6e:be:11:84:
         d8:00:86:78:95:a4:12:f3:2f:d6:38:2b:ce:14:bf:ba:04:61:
         bc:75:6b:0c:ae:fc:ba:55:89:a9:2e:fe:b8:df:3e:7b:bc:19:
         12:3e:61:69:d6:12:58:09:1a:24:ce:42:5a:4b:9c:3a:cd:57:
         05:82:2a:67:80:ed:ec:54:54:af:72:75:95:cc:86:b7:6a:42:
         31:96:bb:b8:df:11:c9:ec:fc:78:69:0a:cb:fd:de:d4:5f:aa:
         61:e9:8c:7c:21:72:23:ac:64:72:9c:28:6d:91:36:01:d1:d2:
         de:c6:45:ac:69:a2:7c:fb:18:47:cf:46:dd:93:f5:d7:bf:f1:
         0f:d1:cc:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoUdO89/+xKfDAuXChEv5H0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODIwMTkzODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmUxZDFhYjZkODFiNTQ3ZTVjMmYyNzIyZGE5MWNlNWZkMDcxYmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPJfMN0WnLN4VGxQAGs3HpTEGZfS
+KqoYsiWfxTn7L6DM3USy+jD+3l58E00vSn51c/s8GCdapa1sUftjWA+XTZmEQYU
wFIu+atnbMwTUF5j4+6fIjMRXjhBRaqEZg+m7V2miIngwwdt9t2rQTR09ypbFod0
Wx/5bZaw1xL4+y0yOguvRqIN31bt0StLDBb8Y+u1odcj2shkswGC0gUSdVXhIaM7
Tni6jYn5wqFbZfEkSlcAbKrnZG/NyKJDxefpdEzIE6GjnB676Cv3utJU2d1vHnqw
Vx8K7kLJnk9SnZJo+mefTkc+Ai4efzzv8fMD+tOPbfHzjiWXp7hV7CRi6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO/h0attgbVH5cLyci2pHOX9BxuoMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNy1IUnEyMkJ0VWZsd3ZKeUxha2M1ZjBIRzZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzo9MA0G
CSqGSIb3DQEBCwUAA4IBAQAeHls8EhOB7tdeLP1r5JCZantB+cRZppIyQ64LLyVf
MafUjbGEo90Jaaj4LPmragCDqCVOpgcHthDtw8AFyOKb//mRqvFSZsHXPYqhQrg8
YgGrtqFiIFvTLnN+3MDbjxhOPDH5emrnL9gql8DPHVgXPRuoHqBMpzVBJG6+EYTY
AIZ4laQS8y/WOCvOFL+6BGG8dWsMrvy6VYmpLv643z57vBkSPmFp1hJYCRokzkJa
S5w6zVcFgipngO3sVFSvcnWVzIa3akIxlru43xHJ7Px4aQrL/d7UX6ph6Yx8IXIj
rGRynChtkTYB0dLexkWsaaJ8+xhHz0bdk/XXv/EP0cwq
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:18 2024 by rpki-client on console-ams.rpki-client.org