Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KQ7Rl26wAk8QKObI8ywMvayYiwk.roa
File:                     KQ7Rl26wAk8QKObI8ywMvayYiwk.roa (raw, json)
Hash identifier:          4cW/XRe04TDNspaOPWd1VBF19HkBXT2BPkEXuIvEDkM=
Subject key identifier:   29:0E:D1:97:6E:B0:02:4F:10:28:E6:C8:F3:2C:0C:BD:AC:98:8B:09
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01869DCBDFC75039D197F5553B16FF4482AC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KQ7Rl26wAk8QKObI8ywMvayYiwk.roa
Signing time:             Wed 01 Mar 2023 15:30:29 +0000
ROA not before:           Wed 01 Mar 2023 15:30:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41944
IP address blocks:        195.133.94.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:9d:cb:df:c7:50:39:d1:97:f5:55:3b:16:ff:44:82:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Mar  1 15:30:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=290ed1976eb0024f1028e6c8f32c0cbdac988b09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:75:7d:d7:dc:69:96:93:ac:24:c8:2e:8a:e2:
                    25:e7:84:a6:01:b7:2b:7a:16:2f:f5:67:16:d6:6b:
                    76:3b:8d:53:a7:db:4d:b7:56:e0:98:20:a6:71:36:
                    4d:8c:30:86:34:48:ca:18:47:2e:2b:35:1b:f0:6f:
                    b7:2f:3d:70:92:a8:11:43:ff:d3:cd:04:4f:98:8c:
                    0f:fe:ad:46:60:3d:89:9e:7f:86:09:b3:9b:f6:29:
                    cf:51:5e:54:ee:c4:5f:94:08:85:95:07:3d:c7:ef:
                    f4:6a:7f:0a:a7:22:0e:5c:5e:c8:b1:1c:56:77:8e:
                    cf:bd:e7:f8:88:43:a0:08:99:c0:5a:5f:f4:a7:0c:
                    fe:ee:e7:1d:a7:d5:fe:d2:53:32:fd:95:da:e0:47:
                    5e:b4:3e:18:2a:bc:83:9c:bb:15:88:7a:de:a3:4c:
                    f9:55:da:3c:ca:0b:06:27:12:cb:5d:1f:ef:ff:a2:
                    55:ad:22:5a:b2:bb:fd:19:e8:cd:a4:68:cf:8c:96:
                    14:c8:b1:6b:bc:c4:72:13:6d:74:3e:90:74:a0:ec:
                    6f:28:b8:54:2d:83:68:44:41:be:90:55:c8:6a:1c:
                    fe:ef:5d:fc:9e:2b:8f:3d:cf:80:a4:34:f0:21:a0:
                    28:d7:4e:42:a8:27:45:89:a5:ca:81:0d:f4:89:08:
                    78:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:0E:D1:97:6E:B0:02:4F:10:28:E6:C8:F3:2C:0C:BD:AC:98:8B:09
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KQ7Rl26wAk8QKObI8ywMvayYiwk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.133.94.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:41:5c:6b:e1:cc:25:88:11:f8:d9:f1:fe:0b:a8:43:d1:11:
         d0:bd:91:94:1d:33:dc:5c:fb:c3:27:a9:2f:e5:79:53:da:b2:
         7a:0f:89:7f:40:6f:c5:0b:6a:63:ce:94:89:1c:8c:1d:ab:7f:
         51:17:1c:3c:57:82:0e:a6:00:ad:1c:3b:67:3b:1a:3f:87:03:
         68:f1:ef:d2:fb:94:69:60:c1:11:89:e9:ce:e4:ff:95:e7:96:
         69:b6:8a:44:fd:01:87:44:c8:84:71:77:23:24:dc:04:16:8e:
         86:c4:db:47:7b:87:ad:84:c3:c1:ec:55:5c:77:b1:43:cb:a8:
         3e:78:6c:4d:a4:67:46:39:88:23:f1:0f:67:01:5a:51:1c:bf:
         a2:16:1e:0d:ba:1e:34:49:45:67:36:94:7d:8a:ac:9b:87:96:
         14:56:98:f2:ba:fd:bc:9e:1d:ff:53:6a:96:9d:14:89:fb:5a:
         c7:bf:b8:66:f3:bd:95:b4:6a:05:76:a4:7e:65:e2:f0:db:8a:
         c4:8f:ce:c3:99:87:40:56:4b:e0:1d:f4:9a:db:74:9a:30:ff:
         17:ec:d0:37:63:3b:d8:cd:7b:d0:e9:7f:08:17:5b:f9:5d:ed:
         08:63:16:6f:a4:ec:9a:42:64:d1:d4:51:54:76:d3:f0:4d:38:
         03:9a:f0:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYady9/HUDnRl/VVOxb/RIKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzAxMTUzMDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTBlZDE5NzZlYjAwMjRmMTAyOGU2YzhmMzJjMGNiZGFjOTg4YjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnV919xplpOsJMguiuIl54SmAbcr
ehYv9WcW1mt2O41Tp9tNt1bgmCCmcTZNjDCGNEjKGEcuKzUb8G+3Lz1wkqgRQ//T
zQRPmIwP/q1GYD2Jnn+GCbOb9inPUV5U7sRflAiFlQc9x+/0an8KpyIOXF7IsRxW
d47Pvef4iEOgCJnAWl/0pwz+7ucdp9X+0lMy/ZXa4EdetD4YKryDnLsViHreo0z5
Vdo8ygsGJxLLXR/v/6JVrSJasrv9GejNpGjPjJYUyLFrvMRyE210PpB0oOxvKLhU
LYNoREG+kFXIahz+7138niuPPc+ApDTwIaAo105CqCdFiaXKgQ30iQh4SwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCkO0ZdusAJPECjmyPMsDL2smIsJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS1E3UmwyNndBazhRS09iSTh5d012YXlZaXdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4VeMA0G
CSqGSIb3DQEBCwUAA4IBAQAyQVxr4cwliBH42fH+C6hD0RHQvZGUHTPcXPvDJ6kv
5XlT2rJ6D4l/QG/FC2pjzpSJHIwdq39RFxw8V4IOpgCtHDtnOxo/hwNo8e/S+5Rp
YMERienO5P+V55ZptopE/QGHRMiEcXcjJNwEFo6GxNtHe4ethMPB7FVcd7FDy6g+
eGxNpGdGOYgj8Q9nAVpRHL+iFh4Nuh40SUVnNpR9iqybh5YUVpjyuv28nh3/U2qW
nRSJ+1rHv7hm872VtGoFdqR+ZeLw24rEj87DmYdAVkvgHfSa23SaMP8X7NA3YzvY
zXvQ6X8IF1v5Xe0IYxZvpOyaQmTR1FFUdtPwTTgDmvDj
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:55 2023 by rpki-client on console-ams.rpki-client.org