Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CLOMD_PBXoEPouou8gWd0-KhsHk.roa
File:                     CLOMD_PBXoEPouou8gWd0-KhsHk.roa (raw, json)
Hash identifier:          RdBHFE3gY7ZiXvAXo3ZvoOz3/e4fTNsNsTQJjgfX/ng=
Subject key identifier:   08:B3:8C:0F:F3:C1:5E:81:0F:A2:EA:2E:F2:05:9D:D3:E2:A1:B0:79
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0187DBBCE84B1B3EC5701899CD4FC472E133
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CLOMD_PBXoEPouou8gWd0-KhsHk.roa
Signing time:             Tue 02 May 2023 09:13:23 +0000
ROA not before:           Tue 02 May 2023 09:13:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        194.87.246.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 22 May 2023 11:19:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:db:bc:e8:4b:1b:3e:c5:70:18:99:cd:4f:c4:72:e1:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: May  2 09:13:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=08b38c0ff3c15e810fa2ea2ef2059dd3e2a1b079
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:85:84:b7:d7:8a:cd:3d:a2:f8:43:80:47:0a:
                    6f:b1:a8:a0:65:c9:49:ed:cc:64:82:03:58:84:b7:
                    d7:d5:61:8c:60:7d:0c:6a:db:08:db:02:07:aa:e2:
                    af:ea:79:7c:83:39:69:7d:ab:39:73:de:fb:76:f6:
                    1b:19:4a:58:7d:aa:37:80:48:f2:8e:b7:c2:5c:6d:
                    03:dd:8a:1a:ba:a5:3b:38:dc:5b:7a:51:42:c8:5a:
                    39:fb:0d:34:b0:54:64:e0:e2:38:f3:d3:bd:5e:2b:
                    81:fd:58:55:9b:cc:6b:1f:6e:6a:89:09:4f:19:2d:
                    81:d3:5d:9f:9b:97:d1:5d:b3:29:fd:64:bb:a8:ee:
                    d4:ad:da:f2:62:c2:3a:1f:e4:8f:97:f3:33:09:2f:
                    48:28:44:c7:f5:63:07:ef:1e:a7:f6:eb:36:c9:dd:
                    c9:d9:16:3f:b6:6c:a8:1a:b7:74:9c:97:9e:1b:38:
                    97:cf:c7:eb:dc:db:f3:06:05:4d:5f:c4:52:87:bd:
                    5a:1f:89:b6:14:04:dd:44:82:4c:fb:a8:96:13:e8:
                    be:d6:d5:b9:e8:c8:37:ac:91:c0:47:0d:b9:25:2c:
                    ac:c1:7f:5d:f5:27:08:89:c5:6a:7f:ea:07:73:98:
                    29:47:d6:17:70:33:d6:d1:e3:62:9a:26:73:2a:d6:
                    7a:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:B3:8C:0F:F3:C1:5E:81:0F:A2:EA:2E:F2:05:9D:D3:E2:A1:B0:79
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CLOMD_PBXoEPouou8gWd0-KhsHk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:f3:bd:77:51:b7:32:27:cd:2e:c2:ea:e8:86:2f:ad:8b:86:
         d5:60:c6:19:2d:bb:7f:30:4e:15:f2:a8:95:d5:55:2e:51:a5:
         86:5d:ed:8e:26:26:85:1e:e6:43:17:49:6a:e9:63:d1:e3:c9:
         ce:a6:f9:8f:06:be:8f:b9:36:43:1d:02:a1:67:8f:62:e9:b4:
         e1:cc:97:8d:78:be:17:20:09:74:9e:ac:2b:e0:20:1c:64:0f:
         c0:d0:62:ba:f9:ed:06:9f:7b:60:b5:80:59:25:9a:9d:eb:b2:
         39:c8:5b:f1:6b:49:2e:aa:95:e8:49:cf:db:98:77:56:30:57:
         1e:83:d6:41:ff:c9:3e:1a:d2:55:b6:e7:90:21:d2:57:e8:94:
         20:e1:bb:58:23:db:78:01:d7:05:44:fc:79:98:72:a2:0f:61:
         e8:4a:75:63:6f:b8:c9:25:f9:59:e4:4f:9e:58:da:6b:73:2e:
         78:fd:ad:a3:c6:44:45:8d:54:85:4d:51:b0:c7:37:ae:a6:f3:
         2c:4f:3e:af:88:4d:8d:6f:46:61:13:1f:b8:0b:8c:25:52:3e:
         6e:80:c7:e5:3d:9c:0b:38:be:6d:5c:cb:1d:26:24:75:d7:16:
         1e:27:f3:48:f0:34:99:1b:d4:b7:90:2a:b1:fe:e9:4a:96:ee:
         bc:b6:64:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfbvOhLGz7FcBiZzU/EcuEzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTAyMDkxMzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGIzOGMwZmYzYzE1ZTgxMGZhMmVhMmVmMjA1OWRkM2UyYTFiMDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYWEt9eKzT2i+EOARwpvsaigZclJ
7cxkggNYhLfX1WGMYH0MatsI2wIHquKv6nl8gzlpfas5c977dvYbGUpYfao3gEjy
jrfCXG0D3YoauqU7ONxbelFCyFo5+w00sFRk4OI489O9XiuB/VhVm8xrH25qiQlP
GS2B012fm5fRXbMp/WS7qO7UrdryYsI6H+SPl/MzCS9IKETH9WMH7x6n9us2yd3J
2RY/tmyoGrd0nJeeGziXz8fr3NvzBgVNX8RSh71aH4m2FATdRIJM+6iWE+i+1tW5
6Mg3rJHARw25JSyswX9d9ScIicVqf+oHc5gpR9YXcDPW0eNimiZzKtZ6vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAizjA/zwV6BD6LqLvIFndPiobB5MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQ0xPTURfUEJYb0VQb3VvdThnV2QwLUtoc0hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlf2MA0G
CSqGSIb3DQEBCwUAA4IBAQAC8713UbcyJ80uwurohi+ti4bVYMYZLbt/ME4V8qiV
1VUuUaWGXe2OJiaFHuZDF0lq6WPR48nOpvmPBr6PuTZDHQKhZ49i6bThzJeNeL4X
IAl0nqwr4CAcZA/A0GK6+e0Gn3tgtYBZJZqd67I5yFvxa0kuqpXoSc/bmHdWMFce
g9ZB/8k+GtJVtueQIdJX6JQg4btYI9t4AdcFRPx5mHKiD2HoSnVjb7jJJflZ5E+e
WNprcy54/a2jxkRFjVSFTVGwxzeupvMsTz6viE2Nb0ZhEx+4C4wlUj5ugMflPZwL
OL5tXMsdJiR11xYeJ/NI8DSZG9S3kCqx/ulKlu68tmRH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:09 2024 by rpki-client on console-fra.rpki-client.org