Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HslpkEPcgGTgUt2CL-Kj4O3wSc8.roa
File:                     HslpkEPcgGTgUt2CL-Kj4O3wSc8.roa (raw, json)
Hash identifier:          3OoRwOHhnk+pXPRZFfBnCKRa1RLygFY2DAYqYOONo/c=
Subject key identifier:   1E:C9:69:90:43:DC:80:64:E0:52:DD:82:2F:E2:A3:E0:ED:F0:49:CF
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01856F671D9E66275362CB9CBB5BDC5A49F3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HslpkEPcgGTgUt2CL-Kj4O3wSc8.roa
Signing time:             Sun 01 Jan 2023 22:15:06 +0000
ROA not before:           Sun 01 Jan 2023 22:15:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400377
IP address blocks:        62.76.225.0/24 maxlen: 24
                          62.76.226.0/24 maxlen: 24
                          194.87.2.0/24 maxlen: 24
                          194.87.10.0/24 maxlen: 24
                          193.124.18.0/24 maxlen: 24
                          193.124.45.0/24 maxlen: 24
                          193.124.46.0/24 maxlen: 24
                          194.58.40.0/24 maxlen: 24
                          195.58.51.0/24 maxlen: 24
                          194.87.125.0/24 maxlen: 24
                          194.87.124.0/24 maxlen: 24
                          194.87.122.0/24 maxlen: 24
                          194.87.139.0/24 maxlen: 24
                          193.124.90.0/24 maxlen: 24
                          194.87.200.0/24 maxlen: 24
                          194.87.205.0/24 maxlen: 24
                          195.133.76.0/24 maxlen: 24
                          194.87.233.0/24 maxlen: 24
                          194.87.252.0/24 maxlen: 24
                          212.192.1.0/24 maxlen: 24
                          212.192.9.0/24 maxlen: 24
                          194.87.170.0/24 maxlen: 24
                          192.124.183.0/24 maxlen: 24
                          192.124.180.0/24 maxlen: 24
                          193.124.200.0/24 maxlen: 24
                          195.133.193.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:67:1d:9e:66:27:53:62:cb:9c:bb:5b:dc:5a:49:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan  1 22:15:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1ec9699043dc8064e052dd822fe2a3e0edf049cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:2a:1b:a8:12:5f:f7:f2:d7:3b:15:5b:93:61:
                    33:35:8d:32:c3:91:d8:9c:5d:4b:10:ed:e8:0c:0f:
                    d4:c2:0d:54:95:cb:fc:9c:40:95:e0:72:29:57:92:
                    40:ee:42:d0:fc:a4:06:c2:94:cb:c4:71:1e:6a:db:
                    21:3f:90:78:83:39:a2:d7:f7:b3:61:61:95:9e:3e:
                    56:a5:42:f9:ee:77:fb:47:ed:84:85:4d:c3:4c:d0:
                    c4:66:c2:74:11:b7:88:a6:e3:f8:d4:e6:a7:03:d4:
                    6b:dd:84:08:10:1e:93:0d:7d:9b:3f:6a:38:ac:b2:
                    d5:3d:c3:29:1b:ea:dd:58:ec:86:2e:fd:e5:49:cc:
                    f7:bd:17:95:9d:06:c4:c0:1a:da:89:2d:28:bb:71:
                    be:db:40:e3:26:fc:b3:1a:9d:d5:8a:f5:0d:34:f7:
                    7b:12:7e:43:55:f7:aa:fc:64:91:4d:4d:a1:38:81:
                    e5:62:33:41:f8:50:14:19:3e:2d:62:0e:4e:de:c2:
                    76:c6:81:e5:cc:5b:22:d5:cd:e4:42:15:1f:ec:c0:
                    7d:07:ad:ac:c0:57:9d:37:71:17:b9:30:02:de:18:
                    65:d1:9f:64:ef:cd:36:51:fd:15:6d:b8:7f:51:96:
                    bf:72:66:a3:3c:68:de:e4:39:b5:b8:37:98:ae:0d:
                    92:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:C9:69:90:43:DC:80:64:E0:52:DD:82:2F:E2:A3:E0:ED:F0:49:CF
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HslpkEPcgGTgUt2CL-Kj4O3wSc8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.225.0-62.76.226.255
                  192.124.180.0/24
                  192.124.183.0/24
                  193.124.18.0/24
                  193.124.45.0-193.124.46.255
                  193.124.90.0/24
                  193.124.200.0/24
                  194.58.40.0/24
                  194.87.2.0/24
                  194.87.10.0/24
                  194.87.122.0/24
                  194.87.124.0/23
                  194.87.139.0/24
                  194.87.170.0/24
                  194.87.200.0/24
                  194.87.205.0/24
                  194.87.233.0/24
                  194.87.252.0/24
                  195.58.51.0/24
                  195.133.76.0/24
                  195.133.193.0/24
                  212.192.1.0/24
                  212.192.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:b9:e1:50:30:95:ec:2b:40:4b:5d:f5:7e:56:27:4c:72:4c:
         5b:f4:16:91:8a:86:29:19:1d:01:50:ab:32:6a:99:a1:db:bf:
         b1:83:97:36:b6:b0:38:51:3d:89:9f:40:39:14:ce:e8:14:fe:
         10:03:e5:f6:6e:f5:0d:ec:ce:38:a1:be:d1:ef:46:b5:21:47:
         6b:dc:06:6b:6d:78:d0:e9:2f:bd:a3:ce:d6:35:c6:84:a5:d1:
         9c:f8:6d:79:88:6a:60:6b:85:2b:a5:9e:ba:44:08:4b:a3:c3:
         b4:87:5f:c5:ce:ba:43:38:23:1e:9d:58:d1:cf:f7:54:fa:58:
         af:ab:a0:83:17:53:63:da:f2:c8:cc:22:e6:1b:fa:00:79:fd:
         a0:39:14:f3:d3:ed:25:44:a3:97:78:7f:e9:4d:75:86:6a:d0:
         f4:28:cd:0c:f9:a2:33:0d:ae:e9:d8:e0:33:f0:6c:e1:39:93:
         a6:8f:ad:4a:51:03:cc:61:a7:b2:57:31:31:ba:47:de:89:02:
         9b:67:df:01:29:e4:09:58:b9:33:cf:23:f3:6c:1b:07:48:98:
         d5:50:ae:b3:2c:45:60:39:3e:48:4f:52:b7:c0:7b:84:5c:4f:
         9c:08:a9:e0:bc:f2:e9:5a:40:27:e5:15:c0:e5:41:00:7f:75:
         a7:55:6f:d5
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYVvZx2eZidTYsucu1vcWknzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWM5Njk5MDQzZGM4MDY0ZTA1MmRkODIyZmUyYTNlMGVkZjA0OWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSobqBJf9/LXOxVbk2EzNY0yw5HY
nF1LEO3oDA/Uwg1Ulcv8nECV4HIpV5JA7kLQ/KQGwpTLxHEeatshP5B4gzmi1/ez
YWGVnj5WpUL57nf7R+2EhU3DTNDEZsJ0EbeIpuP41OanA9Rr3YQIEB6TDX2bP2o4
rLLVPcMpG+rdWOyGLv3lScz3vReVnQbEwBraiS0ou3G+20DjJvyzGp3VivUNNPd7
En5DVfeq/GSRTU2hOIHlYjNB+FAUGT4tYg5O3sJ2xoHlzFsi1c3kQhUf7MB9B62s
wFedN3EXuTAC3hhl0Z9k7802Uf0Vbbh/UZa/cmajPGje5Dm1uDeYrg2SuQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFB7JaZBD3IBk4FLdgi/io+Dt8EnPMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSHNscGtFUGNnR1RnVXQyQ0wtS2o0TzN3U2M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZowDAME
AD5M4QMEAD5M4gMEAMB8tAMEAMB8twMEAMF8EjAMAwQAwXwtAwQAwXwuAwQAwXxa
AwQAwXzIAwQAwjooAwQAwlcCAwQAwlcKAwQAwld6AwQBwld8AwQAwleLAwQAwleq
AwQAwlfIAwQAwlfNAwQAwlfpAwQAwlf8AwQAwzozAwQAw4VMAwQAw4XBAwQA1MAB
AwQA1MAJMA0GCSqGSIb3DQEBCwUAA4IBAQA0ueFQMJXsK0BLXfV+VidMckxb9BaR
ioYpGR0BUKsyapmh27+xg5c2trA4UT2Jn0A5FM7oFP4QA+X2bvUN7M44ob7R70a1
IUdr3AZrbXjQ6S+9o87WNcaEpdGc+G15iGpga4UrpZ66RAhLo8O0h1/FzrpDOCMe
nVjRz/dU+livq6CDF1Nj2vLIzCLmG/oAef2gORTz0+0lRKOXeH/pTXWGatD0KM0M
+aIzDa7p2OAz8GzhOZOmj61KUQPMYaeyVzExukfeiQKbZ98BKeQJWLkzzyPzbBsH
SJjVUK6zLEVgOT5IT1K3wHuEXE+cCKngvPLpWkAn5RXA5UEAf3WnVW/V
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:54 2023 by rpki-client on console-ams.rpki-client.org