Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/87yn9Zhw6NWmag7JnJXUXNckoZQ.roa
File:                     87yn9Zhw6NWmag7JnJXUXNckoZQ.roa (raw, json)
Hash identifier:          1baDCSeraDuNGTDtvSZ3iJzCnVVRUCxit+OEc8I89PI=
Subject key identifier:   F3:BC:A7:F5:98:70:E8:D5:A6:6A:0E:C9:9C:95:D4:5C:D7:24:A1:94
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01856F66FFDD56420DE8154061B416FE2F7E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/87yn9Zhw6NWmag7JnJXUXNckoZQ.roa
Signing time:             Sun 01 Jan 2023 22:14:59 +0000
ROA not before:           Sun 01 Jan 2023 22:14:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     136923
IP address blocks:        194.87.11.0/24 maxlen: 24
                          194.58.58.0/24 maxlen: 24
                          212.193.7.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:66:ff:dd:56:42:0d:e8:15:40:61:b4:16:fe:2f:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan  1 22:14:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f3bca7f59870e8d5a66a0ec99c95d45cd724a194
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:4e:eb:c0:0f:d7:c2:33:47:04:06:d3:c4:9d:
                    2f:d1:5c:03:9d:38:ca:b3:0c:af:25:94:1f:9e:ef:
                    be:52:7e:36:d6:57:61:02:71:a5:a0:b1:35:52:10:
                    65:92:1e:2f:a0:9d:ed:1f:89:f1:de:8b:d9:4b:64:
                    7b:36:92:6e:dd:a5:61:69:fd:51:fd:af:e7:58:df:
                    7e:87:90:a5:e7:cf:6b:8f:62:05:de:ba:a6:f2:8e:
                    9d:d0:e5:2e:68:be:78:f2:c5:fa:01:90:9f:59:91:
                    95:46:8c:92:b5:2e:52:32:10:9c:c6:69:59:8f:05:
                    34:16:6a:41:b4:42:e3:69:d7:81:d9:3b:73:35:cf:
                    55:3f:2f:02:61:92:b1:fb:0d:c8:ec:d5:3d:b7:72:
                    cb:01:c9:9b:ce:13:82:e3:a8:9d:5d:f9:db:0a:34:
                    71:a6:0a:2c:c6:5c:8f:6e:65:9b:52:10:68:98:fe:
                    67:7a:88:79:56:b4:1c:e2:9d:e0:a9:0e:08:30:a5:
                    ba:d8:5a:5b:fe:2d:88:6f:1b:af:66:31:71:cb:b3:
                    d9:60:c4:02:95:39:c8:fc:d8:36:6b:5b:ea:ef:9a:
                    dc:74:51:ec:be:08:2b:8b:f8:09:98:75:60:16:61:
                    c2:f8:a0:b1:82:5b:32:20:60:58:1f:aa:86:41:7d:
                    d0:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:BC:A7:F5:98:70:E8:D5:A6:6A:0E:C9:9C:95:D4:5C:D7:24:A1:94
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/87yn9Zhw6NWmag7JnJXUXNckoZQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.58.58.0/24
                  194.87.11.0/24
                  212.193.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:bb:3e:b6:04:27:b7:cd:96:cf:a8:b1:82:be:72:87:66:e3:
         1e:d8:6a:ea:21:c8:7b:87:01:59:f9:a2:d1:33:c9:83:ac:93:
         eb:37:0c:e0:fb:f0:60:1c:c6:8d:2e:1f:ff:22:3a:53:a4:d3:
         b5:5b:93:ba:a1:a9:39:ba:41:69:d5:51:c5:9e:04:c7:c4:72:
         a3:e1:7b:29:e6:18:fc:9c:38:7a:e6:7d:36:f3:44:88:33:53:
         ae:b1:13:f0:81:6d:e2:2d:2e:dc:62:1b:a9:97:d8:23:88:ed:
         d4:fd:e7:fc:6c:17:ce:c4:96:e9:a2:53:60:8f:f1:34:e0:09:
         29:53:e1:77:73:d4:e4:40:80:21:60:ba:70:53:f1:35:d3:d0:
         4f:05:aa:96:7d:a8:03:a6:6a:7e:e6:95:72:04:36:a6:85:5c:
         e2:ed:e9:bf:e5:99:a4:48:7a:59:08:2a:43:f8:60:99:a5:19:
         23:36:56:8f:f0:d2:1d:cc:f5:35:4f:e7:67:d6:f7:55:87:fe:
         c3:55:61:26:83:74:84:c4:48:0b:d5:79:99:7c:42:97:2e:2c:
         ba:10:32:0e:62:f4:a0:59:c9:7f:91:e8:15:9b:14:63:b9:79:
         ba:9f:46:e0:9d:7a:7c:a7:cb:17:e6:7d:5c:bb:96:b7:44:41:
         c6:aa:0c:2f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvZv/dVkIN6BVAYbQW/i9+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2JjYTdmNTk4NzBlOGQ1YTY2YTBlYzk5Yzk1ZDQ1Y2Q3MjRhMTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0U7rwA/XwjNHBAbTxJ0v0VwDnTjK
swyvJZQfnu++Un421ldhAnGloLE1UhBlkh4voJ3tH4nx3ovZS2R7NpJu3aVhaf1R
/a/nWN9+h5Cl589rj2IF3rqm8o6d0OUuaL548sX6AZCfWZGVRoyStS5SMhCcxmlZ
jwU0FmpBtELjadeB2TtzNc9VPy8CYZKx+w3I7NU9t3LLAcmbzhOC46idXfnbCjRx
pgosxlyPbmWbUhBomP5neoh5VrQc4p3gqQ4IMKW62Fpb/i2IbxuvZjFxy7PZYMQC
lTnI/Ng2a1vq75rcdFHsvggri/gJmHVgFmHC+KCxglsyIGBYH6qGQX3QlwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPO8p/WYcOjVpmoOyZyV1FzXJKGUMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvODd5bjlaaHc2TldtYWc3Sm5KWFVYTmNrb1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwjo6AwQA
wlcLAwQA1MEHMA0GCSqGSIb3DQEBCwUAA4IBAQANuz62BCe3zZbPqLGCvnKHZuMe
2GrqIch7hwFZ+aLRM8mDrJPrNwzg+/BgHMaNLh//IjpTpNO1W5O6oak5ukFp1VHF
ngTHxHKj4Xsp5hj8nDh65n0280SIM1OusRPwgW3iLS7cYhupl9gjiO3U/ef8bBfO
xJbpolNgj/E04AkpU+F3c9TkQIAhYLpwU/E109BPBaqWfagDpmp+5pVyBDamhVzi
7em/5ZmkSHpZCCpD+GCZpRkjNlaP8NIdzPU1T+dn1vdVh/7DVWEmg3SExEgL1XmZ
fEKXLiy6EDIOYvSgWcl/kegVmxRjuXm6n0bgnXp8p8sX5n1cu5a3REHGqgwv
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-ams.rpki-client.org