Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EH4FMz3cyAU4hZVx9qbjGfRYdRI.roa
File:                     EH4FMz3cyAU4hZVx9qbjGfRYdRI.roa (raw, json)
Hash identifier:          HLlwcy6WZ8xvbR6t+qdMZPd6g6FCsYZkfPvXGZWJzTw=
Subject key identifier:   10:7E:05:33:3D:DC:C8:05:38:85:95:71:F6:A6:E3:19:F4:58:75:12
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018606AF7836CC4F948438B5AFCB333F31EB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EH4FMz3cyAU4hZVx9qbjGfRYdRI.roa
Signing time:             Tue 31 Jan 2023 07:16:48 +0000
ROA not before:           Tue 31 Jan 2023 07:16:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210388
IP address blocks:        194.87.160.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:06:af:78:36:cc:4f:94:84:38:b5:af:cb:33:3f:31:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan 31 07:16:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=107e05333ddcc80538859571f6a6e319f4587512
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:b6:c2:38:ea:df:ce:ec:d2:cd:40:68:7f:9a:
                    ab:eb:fa:06:d1:2f:06:f4:e5:a2:20:59:dc:b2:45:
                    00:17:7f:7f:8a:e1:61:df:3a:1d:d4:5a:ee:4c:c2:
                    9b:a1:47:91:ff:72:90:37:ce:6e:1d:e9:76:16:40:
                    44:94:76:d5:85:ca:23:5e:18:3a:49:a8:5f:c8:27:
                    db:e0:0e:f3:73:3b:9f:99:0e:8c:97:76:65:98:b4:
                    47:2a:40:b1:97:54:79:f5:b8:72:dc:2c:85:9f:1d:
                    54:e7:f2:c4:30:74:0b:f0:c7:67:3b:e8:82:df:3e:
                    80:58:45:46:8f:e4:6d:1d:1b:d3:ce:a4:f2:f1:eb:
                    da:ab:30:73:35:97:45:b6:f6:93:01:86:19:00:ab:
                    27:03:a8:29:76:77:ac:81:43:31:27:67:06:23:89:
                    bf:40:d4:34:d0:b5:05:7f:0d:a4:86:c9:58:59:8a:
                    4b:5a:b5:a8:dd:d5:d1:55:e9:ec:66:f8:a5:07:6f:
                    e2:d4:15:6a:39:2b:b6:47:2d:8f:f7:c8:de:8d:d2:
                    bc:19:2a:8e:92:18:31:dd:fd:ce:f0:ed:5e:a3:a7:
                    c2:ef:e7:94:cd:04:ad:7e:f7:13:78:17:50:90:42:
                    3e:2f:7b:dc:2f:f3:b9:9b:29:f7:3d:72:ee:96:4b:
                    9b:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:7E:05:33:3D:DC:C8:05:38:85:95:71:F6:A6:E3:19:F4:58:75:12
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EH4FMz3cyAU4hZVx9qbjGfRYdRI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:de:55:f4:d4:3e:d8:b8:62:43:40:77:26:1f:f7:d9:ed:20:
         3a:16:98:d2:9d:7f:af:50:92:94:95:4d:e0:ea:d9:6e:09:c8:
         4a:53:3d:82:6f:13:2b:d4:0c:7d:13:a3:7a:6f:25:05:51:12:
         8a:41:ad:4b:4c:e7:cb:98:e7:f4:e3:43:03:c2:32:d6:13:65:
         c6:6a:54:b7:df:74:16:90:b9:4e:e0:5a:81:97:96:d7:07:f3:
         56:af:1e:05:3f:e2:66:41:56:6f:56:3f:1f:71:09:22:75:14:
         c6:94:0b:81:ce:ab:6a:d9:c7:6c:90:d3:c5:91:ca:0e:a6:86:
         49:2b:fb:25:fb:d9:38:ac:18:8f:d0:32:48:a3:8b:f2:18:88:
         d5:83:9c:ad:7a:ab:19:c3:1c:ea:ce:df:32:82:aa:34:11:8c:
         11:e4:92:7c:12:90:41:c0:b5:e2:86:f8:48:75:93:ad:df:12:
         c9:4d:54:f7:70:fb:9d:99:bc:08:c1:f8:96:b0:a9:ca:50:d1:
         cd:97:59:29:85:08:83:7b:3e:d9:be:94:8d:d3:11:ae:8d:ff:
         ed:00:bf:ed:fe:53:b3:2a:d5:ee:b1:b4:78:c2:75:80:51:5e:
         ee:ac:f5:8d:af:17:1a:c6:84:d5:5a:aa:f8:c4:ec:42:b2:f6:
         9d:de:72:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYGr3g2zE+UhDi1r8szPzHrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTMxMDcxNjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDdlMDUzMzNkZGNjODA1Mzg4NTk1NzFmNmE2ZTMxOWY0NTg3NTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLbCOOrfzuzSzUBof5qr6/oG0S8G
9OWiIFncskUAF39/iuFh3zod1FruTMKboUeR/3KQN85uHel2FkBElHbVhcojXhg6
SahfyCfb4A7zczufmQ6Ml3ZlmLRHKkCxl1R59bhy3CyFnx1U5/LEMHQL8MdnO+iC
3z6AWEVGj+RtHRvTzqTy8evaqzBzNZdFtvaTAYYZAKsnA6gpdnesgUMxJ2cGI4m/
QNQ00LUFfw2khslYWYpLWrWo3dXRVensZvilB2/i1BVqOSu2Ry2P98jejdK8GSqO
khgx3f3O8O1eo6fC7+eUzQStfvcTeBdQkEI+L3vcL/O5myn3PXLulkubqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBB+BTM93MgFOIWVcfam4xn0WHUSMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRUg0Rk16M2N5QVU0aFpWeDlxYmpHZlJZZFJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlegMA0G
CSqGSIb3DQEBCwUAA4IBAQCK3lX01D7YuGJDQHcmH/fZ7SA6FpjSnX+vUJKUlU3g
6tluCchKUz2CbxMr1Ax9E6N6byUFURKKQa1LTOfLmOf040MDwjLWE2XGalS333QW
kLlO4FqBl5bXB/NWrx4FP+JmQVZvVj8fcQkidRTGlAuBzqtq2cdskNPFkcoOpoZJ
K/sl+9k4rBiP0DJIo4vyGIjVg5yteqsZwxzqzt8ygqo0EYwR5JJ8EpBBwLXihvhI
dZOt3xLJTVT3cPudmbwIwfiWsKnKUNHNl1kphQiDez7ZvpSN0xGujf/tAL/t/lOz
KtXusbR4wnWAUV7urPWNrxcaxoTVWqr4xOxCsvad3nLM
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:53 2023 by rpki-client on console-ams.rpki-client.org