Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GgXU0-MhyLb5CkeCGo7L1Cifl-E.roa
File:                     GgXU0-MhyLb5CkeCGo7L1Cifl-E.roa (raw, json)
Hash identifier:          7o1MMOJIM3kMgaXpTDt5T10AR653aicecwpNwyXKRnw=
Subject key identifier:   1A:05:D4:D3:E3:21:C8:B6:F9:0A:47:82:1A:8E:CB:D4:28:9F:97:E1
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018BCECA29BB81E75136A0A60A4E8BD677E3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GgXU0-MhyLb5CkeCGo7L1Cifl-E.roa
Signing time:             Tue 14 Nov 2023 17:03:57 +0000
ROA not before:           Tue 14 Nov 2023 17:03:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216209
IP address blocks:        193.124.124.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:ce:ca:29:bb:81:e7:51:36:a0:a6:0a:4e:8b:d6:77:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Nov 14 17:03:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1a05d4d3e321c8b6f90a47821a8ecbd4289f97e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:17:17:b6:07:1c:16:98:70:9e:d6:f0:38:b4:
                    43:18:61:84:da:5d:8b:ac:f4:99:3b:b4:d1:5a:8d:
                    28:04:f9:5f:99:4c:84:86:16:d9:28:a8:d1:9a:ca:
                    9b:41:c5:e6:dc:7b:23:fe:7a:7f:5e:f8:6f:b3:e3:
                    43:c2:c4:45:69:d0:96:15:c8:51:b9:e0:6a:d6:71:
                    cf:93:e3:2e:94:ca:5e:ce:be:ae:ee:70:b7:3a:d2:
                    42:89:f3:c0:ec:aa:0f:1d:24:77:e7:39:37:f4:ff:
                    54:26:97:46:99:d3:74:6d:54:0b:b2:68:00:e1:cb:
                    a8:30:cf:34:fb:4a:c9:74:61:ab:18:5b:f9:1c:a8:
                    d6:e5:05:8e:71:66:cc:a4:3c:69:97:5a:03:69:9c:
                    29:5c:a7:78:4b:fb:f6:23:18:7e:cf:37:9e:3c:c6:
                    4b:ed:e9:6d:49:ec:15:3d:eb:23:42:31:36:3c:7f:
                    2b:e7:dc:aa:bc:f5:74:35:7b:fd:57:7f:29:1d:24:
                    d5:ef:5d:1f:51:72:7d:5d:87:08:4e:9c:01:ba:55:
                    2d:a1:36:91:1b:43:38:d8:bf:78:1a:a9:13:b9:0d:
                    46:1f:96:af:25:a8:15:90:df:ac:68:b1:fc:5f:ba:
                    11:81:44:1a:2f:70:59:5e:eb:9b:52:1a:1f:35:89:
                    0f:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:05:D4:D3:E3:21:C8:B6:F9:0A:47:82:1A:8E:CB:D4:28:9F:97:E1
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GgXU0-MhyLb5CkeCGo7L1Cifl-E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:4e:18:90:b0:d8:23:bd:dc:89:db:d9:fb:6a:5e:be:6c:b2:
         72:eb:92:c1:62:10:3c:be:10:7f:c4:75:84:5e:3d:4b:59:16:
         cc:5c:c9:fd:ad:a5:a8:af:bf:ef:0e:b0:60:be:80:fa:0d:c9:
         c5:fe:63:c2:40:17:47:7f:1b:f6:8d:57:25:a7:2d:3d:4f:30:
         00:5f:8c:65:22:03:15:6b:26:11:2d:0b:bc:4e:26:3b:c9:cc:
         f2:35:db:34:bb:b3:a7:24:f1:dd:28:66:d1:9c:59:a3:e4:5b:
         0c:2b:c5:f5:aa:2f:c3:7a:02:e8:8d:7d:a3:3b:3a:5b:9a:de:
         7b:1d:4e:96:a8:6e:5d:1b:da:21:cf:1f:77:0d:16:40:22:1e:
         8a:ec:72:c7:25:54:df:e2:68:b0:a7:c6:01:b9:b8:27:d1:46:
         0b:04:86:40:c7:34:44:ff:aa:e7:93:72:89:26:84:29:68:fb:
         1a:26:2e:48:a8:4e:3d:c5:b2:06:fe:f5:38:be:df:b7:cd:23:
         bd:97:37:c3:69:34:e5:45:6a:10:c5:2c:08:28:7b:6d:fa:e6:
         94:83:85:a7:66:d9:fe:9b:46:1a:85:8f:6d:9a:3d:7a:d6:2e:
         6f:ce:8d:45:b6:b3:25:09:26:c5:6b:ed:dd:68:88:e9:d0:d4:
         f8:05:8b:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvOyim7gedRNqCmCk6L1nfjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTE0MTcwMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTA1ZDRkM2UzMjFjOGI2ZjkwYTQ3ODIxYThlY2JkNDI4OWY5N2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhcXtgccFphwntbwOLRDGGGE2l2L
rPSZO7TRWo0oBPlfmUyEhhbZKKjRmsqbQcXm3Hsj/np/Xvhvs+NDwsRFadCWFchR
ueBq1nHPk+MulMpezr6u7nC3OtJCifPA7KoPHSR35zk39P9UJpdGmdN0bVQLsmgA
4cuoMM80+0rJdGGrGFv5HKjW5QWOcWbMpDxpl1oDaZwpXKd4S/v2Ixh+zzeePMZL
7eltSewVPesjQjE2PH8r59yqvPV0NXv9V38pHSTV710fUXJ9XYcITpwBulUtoTaR
G0M42L94GqkTuQ1GH5avJagVkN+saLH8X7oRgUQaL3BZXuubUhofNYkPPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBoF1NPjIci2+QpHghqOy9Qon5fhMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvR2dYVTAtTWh5TGI1Q2tlQ0dvN0wxQ2lmbC1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwXx8MA0G
CSqGSIb3DQEBCwUAA4IBAQApThiQsNgjvdyJ29n7al6+bLJy65LBYhA8vhB/xHWE
Xj1LWRbMXMn9raWor7/vDrBgvoD6DcnF/mPCQBdHfxv2jVclpy09TzAAX4xlIgMV
ayYRLQu8TiY7yczyNds0u7OnJPHdKGbRnFmj5FsMK8X1qi/DegLojX2jOzpbmt57
HU6WqG5dG9ohzx93DRZAIh6K7HLHJVTf4miwp8YBubgn0UYLBIZAxzRE/6rnk3KJ
JoQpaPsaJi5IqE49xbIG/vU4vt+3zSO9lzfDaTTlRWoQxSwIKHtt+uaUg4WnZtn+
m0YahY9tmj161i5vzo1FtrMlCSbFa+3daIjp0NT4BYtM
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:18 2024 by rpki-client on console-ams.rpki-client.org