Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/E-2SXwy4hsb4AMdfOD26pXO7Yzw.roa
File:                     E-2SXwy4hsb4AMdfOD26pXO7Yzw.roa (raw, json)
Hash identifier:          8Q+Zz3lbflORXRQBGI1R/ttQbpIdW2YMlCdX63rF6o0=
Subject key identifier:   13:ED:92:5F:0C:B8:86:C6:F8:00:C7:5F:38:3D:BA:A5:73:BB:63:3C
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018DB1D412904449CD56D318E28A27441E56
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/E-2SXwy4hsb4AMdfOD26pXO7Yzw.roa
Signing time:             Fri 16 Feb 2024 12:11:22 +0000
ROA not before:           Fri 16 Feb 2024 12:11:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     7018
IP address blocks:        194.87.134.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 21 Feb 2024 16:37:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:b1:d4:12:90:44:49:cd:56:d3:18:e2:8a:27:44:1e:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Feb 16 12:11:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=13ed925f0cb886c6f800c75f383dbaa573bb633c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:17:e4:f1:70:23:75:cb:cb:51:34:ff:b8:87:
                    97:17:22:ff:31:fd:df:b0:4d:e8:f4:f6:b8:00:bd:
                    ec:9e:2e:c5:4b:87:b6:d8:84:c8:d3:5c:fb:ce:6c:
                    10:eb:ea:3e:2e:ae:fd:54:32:e6:32:d4:b2:34:12:
                    52:95:2c:20:6f:3d:a8:a7:7b:51:d0:f5:5c:3d:e6:
                    28:69:3b:41:4b:78:3a:d0:89:f8:3f:e3:82:a7:c8:
                    a8:37:17:91:08:af:be:49:9d:59:f7:51:b7:39:2c:
                    43:00:3f:86:d4:6e:80:72:45:22:b4:c2:d1:ba:8e:
                    cc:8c:cb:8d:99:ec:5a:5f:15:7b:26:d6:72:29:f1:
                    3c:41:00:bf:b5:a4:04:ca:49:56:29:b8:28:2e:25:
                    03:32:5a:e8:e7:b7:0c:0f:8b:a7:a0:d8:15:dd:03:
                    58:b5:40:ad:c4:45:f6:f8:02:b1:f1:9d:5d:a6:90:
                    38:9d:c3:43:a3:74:93:fd:dc:a5:b5:36:d2:83:34:
                    67:23:5f:5e:32:08:0b:3c:aa:a7:71:ba:c0:df:bb:
                    03:8c:f9:19:b1:42:f7:99:ec:5c:b6:24:29:a4:b5:
                    64:fc:c1:74:e2:36:8a:7d:cb:97:cd:3e:fe:7c:24:
                    31:9c:99:26:f0:0d:1b:cb:bb:64:50:37:14:a4:19:
                    c9:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:ED:92:5F:0C:B8:86:C6:F8:00:C7:5F:38:3D:BA:A5:73:BB:63:3C
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/E-2SXwy4hsb4AMdfOD26pXO7Yzw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.134.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:3c:66:31:0c:ab:ae:fa:f0:56:db:4b:2b:01:82:ae:ba:15:
         b5:2c:bc:b4:c1:03:c4:20:52:46:96:a2:42:4d:9b:fa:0e:ac:
         80:20:83:6a:d4:ce:5e:8e:72:41:c3:26:ea:ae:f2:00:5b:9d:
         f3:f9:16:1a:87:84:2f:97:05:a9:f3:c6:8e:28:17:d7:b0:be:
         6b:0b:9c:6d:b5:ba:f7:20:03:5d:5b:00:1f:d6:04:95:2c:35:
         b4:0e:99:62:96:8a:bf:b3:d5:14:83:6b:d8:a6:47:48:06:7c:
         da:9f:05:28:cb:01:90:55:3e:1e:ac:43:41:af:61:63:cd:28:
         a4:b7:b5:9c:40:91:70:dd:e7:c0:fb:a7:f6:18:02:7f:d2:13:
         36:05:4e:b1:ac:6d:35:cf:90:a3:7e:09:53:0d:64:d2:60:e5:
         39:f4:c7:80:9f:45:c8:64:db:1b:b4:de:5b:21:75:f8:92:1e:
         07:8b:d0:0b:b0:54:41:25:c8:a5:60:fc:dd:ef:f6:7a:2c:55:
         4c:e5:59:7b:e5:f3:0c:26:84:e1:05:fa:f6:dd:7b:cf:41:f2:
         1b:cb:87:01:57:2b:7a:d1:f2:73:71:9b:1d:13:cd:91:a4:6f:
         1a:fe:2b:00:f2:ac:d0:8a:52:44:b5:0e:ae:71:e7:bf:3b:e1:
         6c:24:ef:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2x1BKQREnNVtMY4oonRB5WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjE2MTIxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2VkOTI1ZjBjYjg4NmM2ZjgwMGM3NWYzODNkYmFhNTczYmI2MzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRfk8XAjdcvLUTT/uIeXFyL/Mf3f
sE3o9Pa4AL3sni7FS4e22ITI01z7zmwQ6+o+Lq79VDLmMtSyNBJSlSwgbz2op3tR
0PVcPeYoaTtBS3g60In4P+OCp8ioNxeRCK++SZ1Z91G3OSxDAD+G1G6AckUitMLR
uo7MjMuNmexaXxV7JtZyKfE8QQC/taQEyklWKbgoLiUDMlro57cMD4unoNgV3QNY
tUCtxEX2+AKx8Z1dppA4ncNDo3ST/dyltTbSgzRnI19eMggLPKqncbrA37sDjPkZ
sUL3mexctiQppLVk/MF04jaKfcuXzT7+fCQxnJkm8A0by7tkUDcUpBnJFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBPtkl8MuIbG+ADHXzg9uqVzu2M8MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRS0yU1h3eTRoc2I0QU1kZk9EMjZwWE83WXp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwleGMA0G
CSqGSIb3DQEBCwUAA4IBAQBCPGYxDKuu+vBW20srAYKuuhW1LLy0wQPEIFJGlqJC
TZv6DqyAIINq1M5ejnJBwybqrvIAW53z+RYah4QvlwWp88aOKBfXsL5rC5xttbr3
IANdWwAf1gSVLDW0Dpliloq/s9UUg2vYpkdIBnzanwUoywGQVT4erENBr2FjzSik
t7WcQJFw3efA+6f2GAJ/0hM2BU6xrG01z5CjfglTDWTSYOU59MeAn0XIZNsbtN5b
IXX4kh4Hi9ALsFRBJcilYPzd7/Z6LFVM5Vl75fMMJoThBfr23XvPQfIby4cBVyt6
0fJzcZsdE82RpG8a/isA8qzQilJEtQ6ucee/O+FsJO8u
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:10 2024 by rpki-client on console-fra.rpki-client.org