Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Jw5tlpQQVY5WLotng0KwFilRE0s.roa
File:                     Jw5tlpQQVY5WLotng0KwFilRE0s.roa (raw, json)
Hash identifier:          hEA8kcmtm7t7tXnAjmfVKHkCNaoiXsZlRl5ge5x+r44=
Subject key identifier:   27:0E:6D:96:94:10:55:8E:56:2E:8B:67:83:42:B0:16:29:51:13:4B
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018DC283ECD53866E7B32861FBCAF564C3C8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Jw5tlpQQVY5WLotng0KwFilRE0s.roa
Signing time:             Mon 19 Feb 2024 17:57:22 +0000
ROA not before:           Mon 19 Feb 2024 17:57:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     147287
IP address blocks:        195.133.78.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 19 Feb 2024 19:26:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:c2:83:ec:d5:38:66:e7:b3:28:61:fb:ca:f5:64:c3:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Feb 19 17:57:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=270e6d969410558e562e8b678342b0162951134b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:f3:e3:c3:52:bd:d7:9f:fd:b1:1d:f4:2e:df:
                    5c:53:01:8d:e0:84:23:6a:65:ef:22:37:a2:45:76:
                    c6:67:ce:1c:ee:ad:42:14:c6:cf:f2:8b:15:59:b2:
                    40:e4:bb:a1:ad:d0:9f:56:51:36:6c:27:85:ac:9c:
                    e3:19:04:6a:88:51:87:03:b5:89:b2:6d:e7:11:38:
                    e5:f9:06:e0:91:6a:e1:bc:50:c7:aa:87:3a:48:5b:
                    b7:9f:07:c3:38:74:47:5f:e7:b3:25:65:10:72:0e:
                    d0:73:a9:66:3e:2a:e4:96:cd:80:ed:a4:c7:8c:76:
                    e9:9f:b5:5b:d1:78:c2:60:28:00:64:6d:32:45:66:
                    dd:6f:11:76:4d:13:91:69:64:0c:0c:5c:88:f3:8c:
                    3e:37:45:43:0f:4b:3f:ca:d5:92:4a:e7:9f:70:04:
                    6f:a8:b9:6c:9a:10:b5:35:21:70:b3:63:72:6e:c8:
                    cb:8e:5f:65:8d:82:30:3f:4a:10:fa:61:27:e5:e5:
                    8c:84:6b:d4:76:a5:d8:42:9d:ea:aa:74:1b:2a:42:
                    80:26:43:fe:12:c8:c3:3a:f6:b0:34:95:cd:68:d1:
                    f6:31:f2:2b:4b:4d:54:0d:80:a7:49:29:7e:05:3c:
                    af:b0:a5:b3:f0:e2:01:76:87:71:68:10:80:a3:48:
                    ee:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:0E:6D:96:94:10:55:8E:56:2E:8B:67:83:42:B0:16:29:51:13:4B
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Jw5tlpQQVY5WLotng0KwFilRE0s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.133.78.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:d3:6c:c5:e9:37:af:f4:fd:e0:14:83:3b:6c:0e:6d:fb:29:
         3d:70:9e:75:f1:86:dc:9a:a1:fd:13:cb:22:dd:b8:60:60:96:
         25:14:bb:84:7c:47:c0:48:f0:52:5b:a7:5b:45:cb:e5:ca:9c:
         10:6d:c0:50:2a:ab:4c:8b:5a:65:76:5b:02:d3:37:ef:4a:ae:
         10:16:d6:0c:ca:8e:9b:de:db:7f:c5:63:6b:0a:6d:15:f9:35:
         12:26:49:57:6a:ed:69:f1:a7:0e:53:6f:f0:d9:77:c3:13:e3:
         1e:3a:4e:18:0f:81:44:a3:e8:8d:7a:4e:d3:49:df:a3:e0:35:
         ad:ac:d3:52:a8:2b:6e:59:55:4d:6a:ca:f4:04:14:85:2d:92:
         4e:37:9b:26:bc:ef:b6:06:11:06:4c:b8:21:2b:b7:00:7d:ce:
         c5:9c:10:3b:c2:1a:22:f5:38:43:eb:75:13:0a:6c:e4:b6:9b:
         b7:32:8a:69:59:96:49:bc:60:2b:bc:dd:72:71:34:44:76:fc:
         2c:2f:f7:7c:02:33:aa:e4:43:07:ab:de:a2:ef:d0:21:79:d2:
         e6:39:92:a6:ff:12:9e:ca:8d:fc:60:95:9b:ed:85:d4:ec:dd:
         be:91:7f:e0:18:0e:99:27:69:76:ee:01:19:a2:67:3c:ba:26:
         17:a1:a0:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3Cg+zVOGbnsyhh+8r1ZMPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjE5MTc1NzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzBlNmQ5Njk0MTA1NThlNTYyZThiNjc4MzQyYjAxNjI5NTExMzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPPjw1K915/9sR30Lt9cUwGN4IQj
amXvIjeiRXbGZ84c7q1CFMbP8osVWbJA5LuhrdCfVlE2bCeFrJzjGQRqiFGHA7WJ
sm3nETjl+QbgkWrhvFDHqoc6SFu3nwfDOHRHX+ezJWUQcg7Qc6lmPirkls2A7aTH
jHbpn7Vb0XjCYCgAZG0yRWbdbxF2TRORaWQMDFyI84w+N0VDD0s/ytWSSuefcARv
qLlsmhC1NSFws2NybsjLjl9ljYIwP0oQ+mEn5eWMhGvUdqXYQp3qqnQbKkKAJkP+
EsjDOvawNJXNaNH2MfIrS01UDYCnSSl+BTyvsKWz8OIBdodxaBCAo0juMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCcObZaUEFWOVi6LZ4NCsBYpURNLMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSnc1dGxwUVFWWTVXTG90bmcwS3dGaWxSRTBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4VOMA0G
CSqGSIb3DQEBCwUAA4IBAQCQ02zF6Tev9P3gFIM7bA5t+yk9cJ518YbcmqH9E8si
3bhgYJYlFLuEfEfASPBSW6dbRcvlypwQbcBQKqtMi1pldlsC0zfvSq4QFtYMyo6b
3tt/xWNrCm0V+TUSJklXau1p8acOU2/w2XfDE+MeOk4YD4FEo+iNek7TSd+j4DWt
rNNSqCtuWVVNasr0BBSFLZJON5smvO+2BhEGTLghK7cAfc7FnBA7whoi9ThD63UT
Cmzktpu3MoppWZZJvGArvN1ycTREdvwsL/d8AjOq5EMHq96i79AhedLmOZKm/xKe
yo38YJWb7YXU7N2+kX/gGA6ZJ2l27gEZomc8uiYXoaDQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:13 2024 by rpki-client on console-fra.rpki-client.org