Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/E3mIEs2sGCmZtr7BmCanWGWusK8.roa
File:                     E3mIEs2sGCmZtr7BmCanWGWusK8.roa (raw, json)
Hash identifier:          oT0M9ctjIrCZDi1MoLbz3/qHJ4CDl0UXIRPI2x0/1cA=
Subject key identifier:   13:79:88:12:CD:AC:18:29:99:B6:BE:C1:98:26:A7:58:65:AE:B0:AF
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018B42C852D63F706BF587CF64007E09898F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/E3mIEs2sGCmZtr7BmCanWGWusK8.roa
Signing time:             Wed 18 Oct 2023 12:35:06 +0000
ROA not before:           Wed 18 Oct 2023 12:35:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60117
IP address blocks:        194.87.54.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 08 Nov 2023 13:23:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:42:c8:52:d6:3f:70:6b:f5:87:cf:64:00:7e:09:89:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Oct 18 12:35:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=13798812cdac182999b6bec19826a75865aeb0af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:90:82:f2:9d:5b:a5:02:76:34:c2:f5:b8:63:
                    3b:5b:3b:f4:26:ef:f6:af:27:e3:5d:ea:99:0e:20:
                    c5:fa:73:6e:e3:44:57:67:fb:f8:aa:82:4d:6c:3e:
                    3a:4e:73:13:6d:36:33:a6:be:02:a2:fb:dd:d1:85:
                    a7:31:9d:00:02:ff:44:5d:37:6e:f0:b6:32:d1:cb:
                    b0:e5:ba:8a:9f:04:dc:5d:98:16:5a:d6:32:7f:b0:
                    91:f4:50:f7:52:3d:cb:db:26:8d:74:2f:a6:e7:06:
                    99:df:79:74:ea:d4:1e:ec:f1:4f:50:a5:f3:99:01:
                    a0:28:fd:9a:86:99:48:76:97:1d:ef:ed:37:97:f2:
                    21:ee:ca:21:de:6d:1c:7d:39:80:e9:78:e5:53:d6:
                    fc:30:54:15:10:73:c6:1f:ed:a6:5b:40:00:f0:81:
                    b9:a0:0a:a6:26:67:cb:b1:ff:ce:45:c2:6f:f1:c2:
                    ed:30:43:6f:59:ca:4d:49:3c:0d:7f:c8:c8:ae:9a:
                    65:01:3b:f1:e1:4c:fa:08:7e:97:fb:c9:5f:63:22:
                    75:23:87:7e:8a:bd:94:37:92:4f:45:1c:6b:02:66:
                    c0:e3:73:c9:05:d7:eb:4a:95:ea:94:b5:d8:05:f0:
                    57:55:3a:9a:be:74:5a:c0:87:88:61:cc:a3:52:d6:
                    60:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:79:88:12:CD:AC:18:29:99:B6:BE:C1:98:26:A7:58:65:AE:B0:AF
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/E3mIEs2sGCmZtr7BmCanWGWusK8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:d2:59:60:5a:20:7e:1f:05:7a:86:da:2e:98:e9:f4:cf:9b:
         dc:bd:40:ca:fb:de:41:73:3e:49:23:4c:26:18:db:61:0e:d5:
         2d:6b:70:7f:78:9e:9e:31:f9:8e:ef:77:a4:43:1e:e5:11:81:
         db:0e:a3:fb:8c:09:bb:f4:32:4e:6c:dc:e7:4b:71:b3:7a:7b:
         8b:9e:5d:3d:74:1b:42:6d:c6:2f:42:2f:21:52:13:0f:ba:13:
         ec:2e:7d:2f:3a:9f:b4:33:e7:1b:7a:9c:7e:77:8d:26:f1:cf:
         96:b3:8f:34:97:26:23:67:24:d8:ea:30:1a:a7:12:84:c3:5e:
         e5:fa:a7:65:9e:8c:aa:32:f0:ec:4e:a9:ee:97:4a:35:05:cf:
         14:46:64:ac:6d:a9:eb:8d:46:01:38:dd:94:b4:db:fb:90:82:
         cd:85:c7:25:1c:20:90:d7:51:fa:ce:39:58:56:b7:0a:09:17:
         85:4e:52:8a:c8:48:31:aa:49:f8:d5:2c:45:0b:05:a4:c5:56:
         18:40:e8:e0:2d:08:c0:ee:2d:f8:92:c2:2e:cb:e7:2d:f7:6d:
         1b:6e:e2:de:e9:27:9c:44:7f:7f:d9:b6:78:2d:ab:57:b1:23:
         d8:a8:7a:49:51:d6:4e:c6:69:36:87:06:0d:04:d9:53:07:49:
         aa:07:4b:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtCyFLWP3Br9YfPZAB+CYmPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDE4MTIzNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzc5ODgxMmNkYWMxODI5OTliNmJlYzE5ODI2YTc1ODY1YWViMGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJCC8p1bpQJ2NML1uGM7Wzv0Ju/2
ryfjXeqZDiDF+nNu40RXZ/v4qoJNbD46TnMTbTYzpr4Covvd0YWnMZ0AAv9EXTdu
8LYy0cuw5bqKnwTcXZgWWtYyf7CR9FD3Uj3L2yaNdC+m5waZ33l06tQe7PFPUKXz
mQGgKP2ahplIdpcd7+03l/Ih7soh3m0cfTmA6XjlU9b8MFQVEHPGH+2mW0AA8IG5
oAqmJmfLsf/ORcJv8cLtMENvWcpNSTwNf8jIrpplATvx4Uz6CH6X+8lfYyJ1I4d+
ir2UN5JPRRxrAmbA43PJBdfrSpXqlLXYBfBXVTqavnRawIeIYcyjUtZgVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBN5iBLNrBgpmba+wZgmp1hlrrCvMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRTNtSUVzMnNHQ21adHI3Qm1DYW5XR1d1c0s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlc2MA0G
CSqGSIb3DQEBCwUAA4IBAQAr0llgWiB+HwV6htoumOn0z5vcvUDK+95Bcz5JI0wm
GNthDtUta3B/eJ6eMfmO73ekQx7lEYHbDqP7jAm79DJObNznS3GzenuLnl09dBtC
bcYvQi8hUhMPuhPsLn0vOp+0M+cbepx+d40m8c+Ws480lyYjZyTY6jAapxKEw17l
+qdlnoyqMvDsTqnul0o1Bc8URmSsbanrjUYBON2UtNv7kILNhcclHCCQ11H6zjlY
VrcKCReFTlKKyEgxqkn41SxFCwWkxVYYQOjgLQjA7i34ksIuy+ct920bbuLe6Sec
RH9/2bZ4LatXsSPYqHpJUdZOxmk2hwYNBNlTB0mqB0uf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:10 2024 by rpki-client on console-fra.rpki-client.org