Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Kk2UlfQFz9wK8_rjZwR8GRfG5zM.roa
File:                     Kk2UlfQFz9wK8_rjZwR8GRfG5zM.roa (raw, json)
Hash identifier:          9wCT4YJF/gnw57sCCBm201KAUaMUqMHowcT/odQZ2eU=
Subject key identifier:   2A:4D:94:95:F4:05:CF:DC:0A:F3:FA:E3:67:04:7C:19:17:C6:E7:33
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018630AC95F7B51546ED1DE4910165D29CC1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Kk2UlfQFz9wK8_rjZwR8GRfG5zM.roa
Signing time:             Wed 08 Feb 2023 10:57:42 +0000
ROA not before:           Wed 08 Feb 2023 10:57:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399471
IP address blocks:        212.193.29.0/24 maxlen: 24
                          194.87.221.0/24 maxlen: 24
                          194.87.227.0/24 maxlen: 24
                          194.87.35.0/24 maxlen: 24
                          212.192.216.0/22 maxlen: 24
                          194.85.250.0/24 maxlen: 24
                          194.85.248.0/24 maxlen: 24
                          194.87.67.0/24 maxlen: 24
                          195.133.39.0/24 maxlen: 24
                          212.192.244.0/22 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:30:ac:95:f7:b5:15:46:ed:1d:e4:91:01:65:d2:9c:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Feb  8 10:57:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a4d9495f405cfdc0af3fae367047c1917c6e733
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:81:17:67:f3:95:57:72:58:67:ab:fd:bf:02:
                    6b:51:d6:d6:f0:33:f2:d3:5b:14:0c:e4:4a:e0:64:
                    20:3a:2e:38:3f:26:0b:eb:44:7c:7a:df:8d:6d:7e:
                    a9:8f:3e:e2:52:ce:88:38:61:7f:a5:0d:7c:35:a0:
                    65:24:d7:e5:b8:dc:33:8f:10:0c:2f:8e:89:5a:17:
                    6b:ad:60:b6:7c:80:6b:42:88:d8:11:70:39:c2:3f:
                    bb:dd:f2:0a:b9:72:17:aa:a9:89:70:73:f7:92:ed:
                    f3:67:5b:06:23:d1:38:df:be:d0:fe:ee:d4:bb:6b:
                    9f:88:53:58:68:0b:e0:2d:f7:43:b8:a3:1a:36:69:
                    a3:6a:2f:86:80:a6:ce:3e:5d:43:fe:81:38:62:aa:
                    bc:02:23:48:15:bb:52:0e:2c:e7:e0:06:5b:6b:07:
                    35:58:5f:65:73:7f:18:ca:0f:fc:c3:49:50:94:8f:
                    a7:e3:e1:31:0b:48:46:14:bd:70:14:8b:a3:c0:93:
                    3b:19:af:70:07:d7:37:2a:4b:7b:38:78:25:0c:ef:
                    f8:13:ce:10:88:f6:0c:9d:ad:4c:5e:fa:a8:4e:0c:
                    2c:33:a7:06:20:c6:1c:24:b7:ad:d1:5c:17:e8:13:
                    91:b9:d5:da:c0:23:04:b8:92:29:ed:38:d8:27:73:
                    09:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:4D:94:95:F4:05:CF:DC:0A:F3:FA:E3:67:04:7C:19:17:C6:E7:33
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Kk2UlfQFz9wK8_rjZwR8GRfG5zM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.85.248.0/24
                  194.85.250.0/24
                  194.87.35.0/24
                  194.87.67.0/24
                  194.87.221.0/24
                  194.87.227.0/24
                  195.133.39.0/24
                  212.192.216.0/22
                  212.192.244.0/22
                  212.193.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:40:e6:c0:af:9e:54:2f:f7:de:f1:26:4f:33:e5:38:40:6c:
         59:94:75:29:69:e4:38:f6:2e:ac:dd:fa:ff:cd:0f:d0:b2:69:
         0e:67:cc:db:8e:53:59:9f:8d:0b:4d:64:85:e4:a2:80:2c:28:
         48:78:79:6f:7d:06:6c:3e:3d:42:f8:41:5a:6e:dc:ca:bc:24:
         87:bd:87:33:0f:13:2f:6c:9e:07:9f:9a:da:48:09:2c:7c:56:
         cc:4b:1d:d5:08:76:71:ac:ee:a6:14:fe:eb:67:76:64:d1:97:
         a6:38:3a:47:a2:4d:f7:8e:35:ab:0b:c1:31:8c:bb:61:5f:d7:
         4b:fb:2b:e1:c3:ec:1e:e6:44:26:d1:ec:1e:cf:9c:ad:a3:ba:
         60:18:0c:6a:e8:14:10:7b:94:5c:69:ab:e5:d5:70:8b:8f:2b:
         7b:5c:11:3f:e7:78:56:06:f4:aa:b9:fd:32:c1:40:42:b8:e9:
         62:ea:dd:c0:67:89:db:8c:1e:a7:c4:b2:38:63:7e:f3:3d:2a:
         32:91:a5:ff:e3:89:9d:21:e0:2f:29:11:58:49:59:2b:9c:2d:
         9f:15:98:44:d4:2e:ab:ec:50:fd:dc:e5:e9:4d:63:47:cf:a4:
         a1:82:23:b1:92:8b:3b:e0:e4:89:b9:53:b9:0a:b6:53:06:08:
         dc:c8:c6:cf
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYYwrJX3tRVG7R3kkQFl0pzBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMjA4MTA1NzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTRkOTQ5NWY0MDVjZmRjMGFmM2ZhZTM2NzA0N2MxOTE3YzZlNzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYEXZ/OVV3JYZ6v9vwJrUdbW8DPy
01sUDORK4GQgOi44PyYL60R8et+NbX6pjz7iUs6IOGF/pQ18NaBlJNfluNwzjxAM
L46JWhdrrWC2fIBrQojYEXA5wj+73fIKuXIXqqmJcHP3ku3zZ1sGI9E4377Q/u7U
u2ufiFNYaAvgLfdDuKMaNmmjai+GgKbOPl1D/oE4Yqq8AiNIFbtSDizn4AZbawc1
WF9lc38Yyg/8w0lQlI+n4+ExC0hGFL1wFIujwJM7Ga9wB9c3Kkt7OHglDO/4E84Q
iPYMna1MXvqoTgwsM6cGIMYcJLet0VwX6BORudXawCMEuJIp7TjYJ3MJmQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFCpNlJX0Bc/cCvP642cEfBkXxuczMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS2syVWxmUUZ6OXdLOF9yalp3UjhHUmZHNXpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAwlX4AwQA
wlX6AwQAwlcjAwQAwldDAwQAwlfdAwQAwlfjAwQAw4UnAwQC1MDYAwQC1MD0AwQA
1MEdMA0GCSqGSIb3DQEBCwUAA4IBAQABQObAr55UL/fe8SZPM+U4QGxZlHUpaeQ4
9i6s3fr/zQ/QsmkOZ8zbjlNZn40LTWSF5KKALChIeHlvfQZsPj1C+EFabtzKvCSH
vYczDxMvbJ4Hn5raSAksfFbMSx3VCHZxrO6mFP7rZ3Zk0ZemODpHok33jjWrC8Ex
jLthX9dL+yvhw+we5kQm0ewez5yto7pgGAxq6BQQe5Rcaavl1XCLjyt7XBE/53hW
BvSquf0ywUBCuOli6t3AZ4nbjB6nxLI4Y37zPSoykaX/44mdIeAvKRFYSVkrnC2f
FZhE1C6r7FD93OXpTWNHz6ShgiOxkos74OSJuVO5CrZTBgjcyMbP
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:55 2023 by rpki-client on console-ams.rpki-client.org