Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DUo4LM1j3woNRkrVnWq903OFkEQ.roa
File:                     DUo4LM1j3woNRkrVnWq903OFkEQ.roa (raw, json)
Hash identifier:          x1tGi6rJfKuER/OnW5fG/r9jjKKGKEMFVC7H3XsdccM=
Subject key identifier:   0D:4A:38:2C:CD:63:DF:0A:0D:46:4A:D5:9D:6A:BD:D3:73:85:90:44
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018B1ECC21070816B0168CEF5A75EA9B77E1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DUo4LM1j3woNRkrVnWq903OFkEQ.roa
Signing time:             Wed 11 Oct 2023 12:52:56 +0000
ROA not before:           Wed 11 Oct 2023 12:52:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205220
IP address blocks:        195.133.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:1e:cc:21:07:08:16:b0:16:8c:ef:5a:75:ea:9b:77:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Oct 11 12:52:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0d4a382ccd63df0a0d464ad59d6abdd373859044
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:0f:af:5e:61:d8:43:c1:d9:f4:86:28:58:43:
                    22:91:a5:79:3c:15:21:9b:af:46:45:4c:2e:44:1c:
                    b1:e1:5d:6a:9b:d4:8c:d9:6c:8c:21:90:9f:f8:cb:
                    40:b9:86:b2:26:d1:86:06:b5:9a:b8:59:3f:00:ad:
                    86:a3:a4:1d:96:65:72:3c:84:fb:5f:25:f9:50:c3:
                    a5:20:b7:4d:af:b7:83:f0:86:52:03:fd:e8:8c:cd:
                    b5:bb:b5:19:16:ab:a4:c3:44:71:2b:f5:67:01:f5:
                    cf:51:eb:b3:10:dd:92:cc:4f:c2:f0:fd:a9:61:b9:
                    d5:af:64:b5:46:0d:2a:59:ff:bf:ca:1b:a0:d4:fe:
                    9d:d8:9d:3d:94:5a:5e:2b:c3:8c:d7:8d:20:82:c3:
                    49:ee:02:cc:25:db:38:6d:da:eb:d9:db:41:1f:6e:
                    6c:ff:f1:1b:3f:ff:86:6f:59:3e:ac:30:eb:be:ac:
                    77:7a:ee:89:9c:c7:f9:d7:a9:f4:e7:df:80:bf:b9:
                    62:df:8b:00:29:18:7d:3e:33:a6:19:72:1a:a5:8c:
                    cd:e3:03:ea:b4:95:ad:e9:e1:77:cd:f8:72:a4:91:
                    5b:f7:68:4c:a2:c7:1c:de:b8:90:20:2b:51:62:a7:
                    84:ad:d3:21:cb:24:79:27:a5:ec:6c:f0:4e:1d:a6:
                    fb:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:4A:38:2C:CD:63:DF:0A:0D:46:4A:D5:9D:6A:BD:D3:73:85:90:44
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DUo4LM1j3woNRkrVnWq903OFkEQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.133.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:4e:85:ef:0f:3e:bb:d9:ad:f1:b6:1e:fb:b6:1a:5e:d4:a8:
         2c:05:9a:f3:d9:40:d2:09:92:e8:90:a5:96:05:39:79:c7:db:
         a6:31:60:44:27:84:aa:08:69:3b:63:f1:49:3b:19:08:e0:f9:
         80:57:9d:f0:43:d9:d0:f6:07:cd:28:d9:5d:1e:c5:c5:1c:d7:
         60:ad:07:52:76:af:68:a2:06:f2:cd:85:7b:4f:aa:f8:91:fb:
         92:0c:b2:ef:b7:e9:bd:99:b3:0c:2a:62:25:41:71:63:27:78:
         f4:93:84:89:04:05:f1:12:1c:f1:31:e5:5e:4c:ba:6e:46:0a:
         ed:a5:7c:6f:9d:c4:45:60:46:a1:7b:09:13:72:0e:87:2c:08:
         86:4b:5b:52:6e:f9:f2:69:6b:ef:96:44:d1:cd:8c:17:66:92:
         0e:34:e6:f1:f5:1c:2d:64:4b:85:54:70:79:9d:36:47:b0:26:
         71:39:8e:9e:31:b7:b9:0f:b2:62:f4:17:39:bc:d4:8a:cc:d4:
         d4:5c:44:8e:c7:83:ff:53:00:8b:2b:b7:56:ce:ce:21:8f:3c:
         7e:af:3a:60:a0:7f:e9:43:a9:aa:cc:2f:08:f5:c4:50:93:ca:
         0a:1d:2b:c9:38:b9:41:2c:45:b8:b9:3f:31:90:82:cd:6f:bb:
         f3:25:2d:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsezCEHCBawFozvWnXqm3fhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDExMTI1MjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDRhMzgyY2NkNjNkZjBhMGQ0NjRhZDU5ZDZhYmRkMzczODU5MDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgw+vXmHYQ8HZ9IYoWEMikaV5PBUh
m69GRUwuRByx4V1qm9SM2WyMIZCf+MtAuYayJtGGBrWauFk/AK2Go6QdlmVyPIT7
XyX5UMOlILdNr7eD8IZSA/3ojM21u7UZFqukw0RxK/VnAfXPUeuzEN2SzE/C8P2p
YbnVr2S1Rg0qWf+/yhug1P6d2J09lFpeK8OM140ggsNJ7gLMJds4bdrr2dtBH25s
//EbP/+Gb1k+rDDrvqx3eu6JnMf516n059+Av7li34sAKRh9PjOmGXIapYzN4wPq
tJWt6eF3zfhypJFb92hMoscc3riQICtRYqeErdMhyyR5J6XsbPBOHab79QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA1KOCzNY98KDUZK1Z1qvdNzhZBEMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRFVvNExNMWozd29OUmtyVm5XcTkwM09Ga0VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4UqMA0G
CSqGSIb3DQEBCwUAA4IBAQAiToXvDz672a3xth77thpe1KgsBZrz2UDSCZLokKWW
BTl5x9umMWBEJ4SqCGk7Y/FJOxkI4PmAV53wQ9nQ9gfNKNldHsXFHNdgrQdSdq9o
ogbyzYV7T6r4kfuSDLLvt+m9mbMMKmIlQXFjJ3j0k4SJBAXxEhzxMeVeTLpuRgrt
pXxvncRFYEahewkTcg6HLAiGS1tSbvnyaWvvlkTRzYwXZpIONObx9RwtZEuFVHB5
nTZHsCZxOY6eMbe5D7Ji9Bc5vNSKzNTUXESOx4P/UwCLK7dWzs4hjzx+rzpgoH/p
Q6mqzC8I9cRQk8oKHSvJOLlBLEW4uT8xkILNb7vzJS2S
-----END CERTIFICATE-----
Generated at Thu Oct 12 09:53:13 2023 by rpki-client on console-ams.rpki-client.org