Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ldbeq1fGkyx9fTQTWEiesRlUZ3g.roa
File:                     Ldbeq1fGkyx9fTQTWEiesRlUZ3g.roa (raw, json)
Hash identifier:          +UgyR/5jsCs4OAFYTzjp9yTvEldRZuRiZXl3eew44J0=
Subject key identifier:   2D:D6:DE:AB:57:C6:93:2C:7D:7D:34:13:58:48:9E:B1:19:54:67:78
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018A31CD68710C0A05098E4FAD083A00E889
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ldbeq1fGkyx9fTQTWEiesRlUZ3g.roa
Signing time:             Sat 26 Aug 2023 12:24:19 +0000
ROA not before:           Sat 26 Aug 2023 12:24:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15731
IP address blocks:        62.76.226.0/24 maxlen: 24
                          194.87.1.0/24 maxlen: 24
                          194.87.3.0/24 maxlen: 24
                          193.124.16.0/24 maxlen: 24
                          194.87.11.0/24 maxlen: 24
                          194.87.12.0/24 maxlen: 24
                          194.87.16.0/24 maxlen: 24
                          194.87.24.0/22 maxlen: 24
                          194.87.26.0/23 maxlen: 23
                          194.87.34.0/24 maxlen: 24
                          194.87.36.0/24 maxlen: 24
                          194.87.108.0/24 maxlen: 24
                          194.87.118.0/24 maxlen: 24
                          194.87.114.0/23 maxlen: 23
                          194.87.122.0/24 maxlen: 24
                          194.87.124.0/24 maxlen: 24
                          194.87.119.0/24 maxlen: 24
                          193.124.133.0/24 maxlen: 24
                          194.87.130.0/24 maxlen: 24
                          194.87.131.0/24 maxlen: 24
                          194.87.134.0/23 maxlen: 23
                          194.87.40.0/24 maxlen: 24
                          194.87.56.0/24 maxlen: 24
                          194.87.63.0/24 maxlen: 24
                          193.124.80.0/24 maxlen: 24
                          194.87.73.0/24 maxlen: 24
                          194.87.83.0/24 maxlen: 24
                          195.133.73.0/24 maxlen: 24
                          195.133.85.0/24 maxlen: 24
                          195.133.84.0/23 maxlen: 23
                          195.133.26.0/24 maxlen: 24
                          195.133.30.0/24 maxlen: 24
                          212.193.31.0/24 maxlen: 24
                          195.58.36.0/24 maxlen: 24
                          194.58.38.0/24 maxlen: 24
                          194.58.47.0/24 maxlen: 24
                          212.192.241.0/24 maxlen: 24
                          195.58.54.0/24 maxlen: 24
                          195.58.55.0/24 maxlen: 24
                          195.58.58.0/23 maxlen: 23
                          195.58.62.0/23 maxlen: 23
                          194.58.67.0/24 maxlen: 24
                          195.133.0.0/24 maxlen: 24
                          195.133.6.0/24 maxlen: 24
                          195.133.7.0/24 maxlen: 24
                          194.58.154.0/24 maxlen: 24
                          194.87.200.0/24 maxlen: 24
                          194.87.222.0/24 maxlen: 24
                          194.87.151.0/24 maxlen: 24
                          212.192.8.0/24 maxlen: 24
                          192.124.178.0/24 maxlen: 24
                          194.87.168.0/24 maxlen: 24
                          194.87.179.0/24 maxlen: 24
                          194.87.176.0/24 maxlen: 24
                          192.124.191.0/24 maxlen: 24
                          194.87.180.0/24 maxlen: 24
                          194.87.190.0/24 maxlen: 24
                          193.124.200.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:31:cd:68:71:0c:0a:05:09:8e:4f:ad:08:3a:00:e8:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Aug 26 12:24:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2dd6deab57c6932c7d7d341358489eb119546778
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:4c:40:fe:5d:0f:8e:33:7d:4d:1d:46:ad:81:
                    59:33:38:7d:0e:ae:b6:c2:36:75:f1:37:34:75:24:
                    39:c3:0f:7e:78:68:9c:ad:87:54:85:46:87:cf:57:
                    b0:83:e8:23:3f:aa:0b:53:69:25:a9:8d:df:9f:3d:
                    7d:a8:3d:6e:da:6f:66:f6:cb:6e:12:54:11:5e:01:
                    36:d5:a4:12:11:fd:78:f7:48:a5:9d:fb:cc:39:b6:
                    dd:07:eb:73:15:04:a4:4d:c2:fc:84:ec:43:39:62:
                    72:f3:0a:28:62:c4:e0:cb:f6:be:d1:75:80:45:11:
                    8e:3c:29:ba:97:0b:7d:dd:bc:8a:c0:3f:f0:61:5c:
                    18:47:77:6c:68:3b:ca:26:36:2c:b2:35:19:c6:80:
                    18:66:04:21:f3:98:95:0f:55:06:e4:a8:12:00:13:
                    3b:88:eb:e5:96:13:9d:95:b1:3c:a7:bc:58:09:88:
                    c9:d0:47:a9:14:38:7c:4d:4d:3e:af:b5:d0:ed:3c:
                    f9:83:fd:0c:ca:9d:9a:ce:22:33:6a:15:f9:a7:f3:
                    29:07:14:66:0d:e7:f6:c3:71:5b:7d:d1:20:03:97:
                    19:ea:ee:38:9b:66:12:c0:c3:bd:f4:6c:7f:5d:61:
                    65:c0:fe:c7:c4:a0:c3:03:6c:c5:d5:c6:2b:ea:61:
                    2b:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:D6:DE:AB:57:C6:93:2C:7D:7D:34:13:58:48:9E:B1:19:54:67:78
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ldbeq1fGkyx9fTQTWEiesRlUZ3g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.226.0/24
                  192.124.178.0/24
                  192.124.191.0/24
                  193.124.16.0/24
                  193.124.80.0/24
                  193.124.133.0/24
                  193.124.200.0/24
                  194.58.38.0/24
                  194.58.47.0/24
                  194.58.67.0/24
                  194.58.154.0/24
                  194.87.1.0/24
                  194.87.3.0/24
                  194.87.11.0-194.87.12.255
                  194.87.16.0/24
                  194.87.24.0/22
                  194.87.34.0/24
                  194.87.36.0/24
                  194.87.40.0/24
                  194.87.56.0/24
                  194.87.63.0/24
                  194.87.73.0/24
                  194.87.83.0/24
                  194.87.108.0/24
                  194.87.114.0/23
                  194.87.118.0/23
                  194.87.122.0/24
                  194.87.124.0/24
                  194.87.130.0/23
                  194.87.134.0/23
                  194.87.151.0/24
                  194.87.168.0/24
                  194.87.176.0/24
                  194.87.179.0-194.87.180.255
                  194.87.190.0/24
                  194.87.200.0/24
                  194.87.222.0/24
                  195.58.36.0/24
                  195.58.54.0/23
                  195.58.58.0/23
                  195.58.62.0/23
                  195.133.0.0/24
                  195.133.6.0/23
                  195.133.26.0/24
                  195.133.30.0/24
                  195.133.73.0/24
                  195.133.84.0/23
                  212.192.8.0/24
                  212.192.241.0/24
                  212.193.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:80:d0:c3:c4:d9:7f:80:ea:96:b9:c6:aa:7f:be:7e:b0:ff:
         24:15:67:73:a7:ed:75:04:3f:14:b4:f6:d3:3b:2d:39:e4:98:
         bd:65:5b:aa:c7:55:a2:30:5a:12:c2:bc:89:84:d3:1d:4c:9c:
         b3:a0:81:5b:85:29:fe:43:9c:f6:db:49:bd:e8:49:e2:22:43:
         ca:4c:38:60:20:c6:27:53:ec:20:49:b2:39:01:d5:cf:29:12:
         67:d0:59:74:bd:93:a7:d3:96:32:35:54:f8:0a:d0:a1:3e:f1:
         47:41:ee:39:e5:e5:c7:f6:88:e6:38:68:33:35:a4:6d:f3:6d:
         4a:b9:bc:4f:62:f5:b0:06:6e:77:e3:55:45:ff:1b:c3:d3:1f:
         d1:74:f7:bb:96:ba:13:b8:eb:3b:df:21:74:90:00:52:a9:82:
         9d:bc:26:50:c9:ac:48:e2:7c:e2:84:bf:ec:13:b6:96:52:d6:
         59:6f:87:f2:a7:9b:2a:40:7f:a7:f5:9e:36:a5:80:4a:c0:2b:
         23:ae:0c:6b:dd:8a:f0:73:1b:ac:76:3b:24:e8:9b:a8:5e:f0:
         81:6d:54:69:f7:29:84:9c:0d:9e:0d:4d:6b:90:69:ec:f7:ab:
         fd:3d:4f:08:fa:dd:95:10:65:d1:a1:84:a5:2f:07:41:bd:7a:
         8b:f4:9f:82
-----BEGIN CERTIFICATE-----
MIIGPTCCBSWgAwIBAgISAYoxzWhxDAoFCY5PrQg6AOiJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODI2MTIyNDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGQ2ZGVhYjU3YzY5MzJjN2Q3ZDM0MTM1ODQ4OWViMTE5NTQ2Nzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkxA/l0PjjN9TR1GrYFZMzh9Dq62
wjZ18Tc0dSQ5ww9+eGicrYdUhUaHz1ewg+gjP6oLU2klqY3fnz19qD1u2m9m9stu
ElQRXgE21aQSEf1490ilnfvMObbdB+tzFQSkTcL8hOxDOWJy8wooYsTgy/a+0XWA
RRGOPCm6lwt93byKwD/wYVwYR3dsaDvKJjYssjUZxoAYZgQh85iVD1UG5KgSABM7
iOvllhOdlbE8p7xYCYjJ0EepFDh8TU0+r7XQ7Tz5g/0Myp2aziIzahX5p/MpBxRm
Def2w3FbfdEgA5cZ6u44m2YSwMO99Gx/XWFlwP7HxKDDA2zF1cYr6mEr0wIDAQAB
o4IDSTCCA0UwHQYDVR0OBBYEFC3W3qtXxpMsfX00E1hInrEZVGd4MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTGRiZXExZkdreXg5ZlRRVFdFaWVzUmxVWjNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXQYIKwYBBQUHAQcBAf8EggFMMIIBSDCCAUQEAgABMIIB
PAMEAD5M4gMEAMB8sgMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8yAMEAMI6
JgMEAMI6LwMEAMI6QwMEAMI6mgMEAMJXAQMEAMJXAzAMAwQAwlcLAwQAwlcMAwQA
wlcQAwQCwlcYAwQAwlciAwQAwlckAwQAwlcoAwQAwlc4AwQAwlc/AwQAwldJAwQA
wldTAwQAwldsAwQBwldyAwQBwld2AwQAwld6AwQAwld8AwQBwleCAwQBwleGAwQA
wleXAwQAwleoAwQAwlewMAwDBADCV7MDBADCV7QDBADCV74DBADCV8gDBADCV94D
BADDOiQDBAHDOjYDBAHDOjoDBAHDOj4DBADDhQADBAHDhQYDBADDhRoDBADDhR4D
BADDhUkDBAHDhVQDBADUwAgDBADUwPEDBADUwR8wDQYJKoZIhvcNAQELBQADggEB
ADKA0MPE2X+A6pa5xqp/vn6w/yQVZ3On7XUEPxS09tM7LTnkmL1lW6rHVaIwWhLC
vImE0x1MnLOggVuFKf5DnPbbSb3oSeIiQ8pMOGAgxidT7CBJsjkB1c8pEmfQWXS9
k6fTljI1VPgK0KE+8UdB7jnl5cf2iOY4aDM1pG3zbUq5vE9i9bAGbnfjVUX/G8PT
H9F097uWuhO46zvfIXSQAFKpgp28JlDJrEjifOKEv+wTtpZS1llvh/KnmypAf6f1
njalgErAKyOuDGvdivBzG6x2OyTom6he8IFtVGn3KYScDZ4NTWuQaez3q/09Twj6
3ZUQZdGhhKUvB0G9eov0n4I=
-----END CERTIFICATE-----
Generated at Tue Aug 29 17:35:57 2023 by rpki-client on console-ams.rpki-client.org