Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/M9pX6erOgDxvQzLGX-ZVjYfsE8g.roa
File:                     M9pX6erOgDxvQzLGX-ZVjYfsE8g.roa (raw, json)
Hash identifier:          GrhOmVajKqn/EB/clS5zlDx1/mfq6BH5yhaq2El+QFA=
Subject key identifier:   33:DA:57:E9:EA:CE:80:3C:6F:43:32:C6:5F:E6:55:8D:87:EC:13:C8
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018CAC19C27AD098D4708240D9CBC96B77EA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/M9pX6erOgDxvQzLGX-ZVjYfsE8g.roa
Signing time:             Wed 27 Dec 2023 16:26:58 +0000
ROA not before:           Wed 27 Dec 2023 16:26:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21769
IP address blocks:        194.87.22.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ac:19:c2:7a:d0:98:d4:70:82:40:d9:cb:c9:6b:77:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Dec 27 16:26:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=33da57e9eace803c6f4332c65fe6558d87ec13c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:07:e7:49:ac:05:cd:f1:42:fc:ba:a0:5c:91:
                    b7:6d:13:dd:1b:51:af:8a:20:62:58:50:7d:95:bb:
                    0d:0c:42:db:56:63:00:d5:3f:f0:e4:8b:59:53:55:
                    b3:02:f0:48:d6:2c:24:08:5c:ff:9a:88:d5:fb:35:
                    0e:04:cb:13:1b:a4:10:cb:ac:c2:92:1c:8c:99:43:
                    04:dc:53:b8:ae:bc:2e:9c:b8:f9:18:f2:91:72:ce:
                    36:23:19:f1:c0:e4:30:c0:b2:83:49:7b:96:94:79:
                    bb:82:0a:a2:a6:95:19:da:86:d5:95:f3:78:e5:0d:
                    32:88:bd:c2:fe:97:0a:4a:bb:be:56:d2:eb:9d:b3:
                    4c:b0:ae:fc:b6:69:54:56:b1:ed:9a:33:89:7f:85:
                    aa:b5:12:ad:00:bd:8c:6d:cd:d1:ce:77:d5:cf:b7:
                    04:77:cd:1b:28:4b:ed:57:4a:10:ec:84:73:f5:67:
                    be:e8:b8:63:13:88:d4:5a:9b:84:10:f0:f9:db:33:
                    90:39:87:dd:a7:6a:c5:43:55:0b:7c:2d:f8:a6:c2:
                    50:e5:71:58:61:42:68:64:72:73:9d:0d:ad:02:59:
                    1b:68:a1:c9:cc:e7:9d:fe:29:b4:9d:12:2d:3b:e3:
                    9a:b1:f1:cd:73:85:fc:a1:79:e1:af:f1:82:a2:a5:
                    3a:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:DA:57:E9:EA:CE:80:3C:6F:43:32:C6:5F:E6:55:8D:87:EC:13:C8
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/M9pX6erOgDxvQzLGX-ZVjYfsE8g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:20:cc:1f:90:7e:50:da:8c:3f:78:dd:6f:cd:7f:a7:4b:df:
         5a:1e:69:a7:a2:62:73:44:ee:a4:99:e5:45:7a:4b:13:3e:79:
         e3:5e:0f:02:b9:f1:45:88:b6:da:9c:73:32:5f:5c:35:42:c8:
         6b:d0:96:1e:e5:09:7f:fe:cf:ba:d1:71:96:65:0d:72:a6:83:
         94:69:7e:41:31:9f:b0:3f:24:dd:57:e7:60:5b:5e:09:9b:cc:
         1d:cd:63:cb:dd:f4:34:8f:67:f6:f3:59:35:bc:d9:88:bb:73:
         4c:ac:c2:7c:4b:ab:ba:7b:06:47:f5:53:32:77:32:1f:f0:d9:
         99:03:32:19:4a:84:7f:bd:3e:25:92:ab:98:c3:00:11:4f:98:
         6f:bd:6a:e8:dc:9d:5e:e3:bf:f0:de:c0:5b:03:e3:18:f8:79:
         60:df:eb:ee:12:54:9b:e6:83:30:76:3d:67:b0:fb:fa:c5:14:
         8c:68:fd:4d:f1:bd:99:07:6b:95:03:d6:dd:40:58:bd:f9:c6:
         e1:5c:91:79:c0:c4:b0:67:5b:d4:26:69:c4:bb:12:1c:96:ed:
         41:e4:23:01:2d:e6:22:81:ba:5e:eb:32:ef:93:70:e7:99:2a:
         e6:6c:17:d4:85:b7:ef:05:72:30:13:52:d3:dd:85:a0:19:60:
         04:5f:80:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYysGcJ60JjUcIJA2cvJa3fqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjI3MTYyNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2RhNTdlOWVhY2U4MDNjNmY0MzMyYzY1ZmU2NTU4ZDg3ZWMxM2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwfnSawFzfFC/LqgXJG3bRPdG1Gv
iiBiWFB9lbsNDELbVmMA1T/w5ItZU1WzAvBI1iwkCFz/mojV+zUOBMsTG6QQy6zC
khyMmUME3FO4rrwunLj5GPKRcs42IxnxwOQwwLKDSXuWlHm7ggqippUZ2obVlfN4
5Q0yiL3C/pcKSru+VtLrnbNMsK78tmlUVrHtmjOJf4WqtRKtAL2Mbc3RznfVz7cE
d80bKEvtV0oQ7IRz9We+6LhjE4jUWpuEEPD52zOQOYfdp2rFQ1ULfC34psJQ5XFY
YUJoZHJznQ2tAlkbaKHJzOed/im0nRItO+OasfHNc4X8oXnhr/GCoqU6HwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDPaV+nqzoA8b0Myxl/mVY2H7BPIMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTTlwWDZlck9nRHh2UXpMR1gtWlZqWWZzRThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlcWMA0G
CSqGSIb3DQEBCwUAA4IBAQBUIMwfkH5Q2ow/eN1vzX+nS99aHmmnomJzRO6kmeVF
eksTPnnjXg8CufFFiLbanHMyX1w1Qshr0JYe5Ql//s+60XGWZQ1ypoOUaX5BMZ+w
PyTdV+dgW14Jm8wdzWPL3fQ0j2f281k1vNmIu3NMrMJ8S6u6ewZH9VMydzIf8NmZ
AzIZSoR/vT4lkquYwwART5hvvWro3J1e47/w3sBbA+MY+Hlg3+vuElSb5oMwdj1n
sPv6xRSMaP1N8b2ZB2uVA9bdQFi9+cbhXJF5wMSwZ1vUJmnEuxIclu1B5CMBLeYi
gbpe6zLvk3DnmSrmbBfUhbfvBXIwE1LT3YWgGWAEX4DO
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:18 2024 by rpki-client on console-ams.rpki-client.org