Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MEI_0UFsGtpma1tvAHlSKsLFEL0.roa
File:                     MEI_0UFsGtpma1tvAHlSKsLFEL0.roa (raw, json)
Hash identifier:          sUaK44zqdTVDLxPKg6R4upA5BhLEOGO+qH3uPLO4KlQ=
Subject key identifier:   30:42:3F:D1:41:6C:1A:DA:66:6B:5B:6F:00:79:52:2A:C2:C5:10:BD
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018B0581595F61AA06112DB0CD05B416FFA5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MEI_0UFsGtpma1tvAHlSKsLFEL0.roa
Signing time:             Fri 06 Oct 2023 15:00:44 +0000
ROA not before:           Fri 06 Oct 2023 15:00:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49392
IP address blocks:        194.87.118.0/23 maxlen: 24
                          194.87.220.0/24 maxlen: 24
                          193.124.254.0/24 maxlen: 24
                          195.133.10.0/23 maxlen: 23
                          194.135.32.0/24 maxlen: 24
                          185.72.10.0/24 maxlen: 24
                          195.133.26.0/23 maxlen: 24
                          195.133.52.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Wed 11 Oct 2023 17:58:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:05:81:59:5f:61:aa:06:11:2d:b0:cd:05:b4:16:ff:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Oct  6 15:00:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=30423fd1416c1ada666b5b6f0079522ac2c510bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:f4:eb:14:32:c7:4d:18:dd:aa:dd:8f:ac:a5:
                    a7:7f:ae:ba:df:2c:19:c4:0d:d8:f0:38:5b:46:b2:
                    40:8e:1d:88:5e:e7:dc:4b:a9:65:9e:f3:00:66:14:
                    9e:09:18:19:3a:72:78:60:9f:fc:a1:df:e1:fa:e1:
                    d5:73:d7:d6:d9:fd:1f:e5:9e:2b:fb:8b:e7:20:68:
                    99:d8:ef:0e:1c:f9:5b:eb:67:26:26:ca:2f:ea:8d:
                    33:d1:da:4c:6e:54:85:4d:d7:a0:95:1b:4a:27:ba:
                    fc:7f:4b:34:1f:b9:a0:93:9e:05:1b:6d:0c:2a:ce:
                    b9:a0:95:ed:58:04:b0:23:b0:ec:96:8e:d6:f3:c8:
                    eb:48:e8:98:99:60:cc:c1:0e:c3:1a:34:92:17:4d:
                    ac:8e:d9:bf:fe:76:0e:57:41:c2:7a:88:b5:91:fc:
                    d0:b1:08:60:d6:55:b6:92:15:79:db:19:94:0b:a5:
                    5d:0d:a4:d6:9d:df:54:10:66:c7:0f:56:a6:ab:cc:
                    49:44:09:73:ee:20:1f:74:65:d6:01:20:da:a7:5f:
                    df:4d:63:f5:45:e5:6d:88:d0:96:19:89:cb:fb:29:
                    2b:c9:10:c5:81:55:5a:6c:d8:af:44:69:7b:91:70:
                    9c:a1:a2:a0:2c:c5:f2:b9:78:30:d7:9d:af:48:f3:
                    28:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:42:3F:D1:41:6C:1A:DA:66:6B:5B:6F:00:79:52:2A:C2:C5:10:BD
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MEI_0UFsGtpma1tvAHlSKsLFEL0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.72.10.0/24
                  193.124.254.0/24
                  194.87.118.0/23
                  194.87.220.0/24
                  194.135.32.0/24
                  195.133.10.0/23
                  195.133.26.0/23
                  195.133.52.0/23

    Signature Algorithm: sha256WithRSAEncryption
         90:36:bb:50:64:2d:5a:0e:9d:f2:e9:78:ec:32:b2:50:7b:d2:
         9e:71:1a:9d:1b:6a:9b:5e:22:40:25:8e:7b:9b:21:e0:86:56:
         90:12:15:24:c3:e9:ef:d1:4d:5e:6d:13:8f:30:f8:e1:f3:0a:
         81:69:7b:cd:d7:df:fe:5f:1b:cf:1a:0c:89:53:f0:bf:93:1a:
         3c:2c:df:b8:09:af:8e:ea:f0:ee:90:b7:cd:e0:09:2f:91:b7:
         b7:96:1f:96:9e:ec:b3:d5:32:5d:da:d2:63:0e:a2:fa:5e:58:
         58:4e:fd:a5:0d:8c:63:e2:44:64:a3:ee:0c:fb:5d:a1:46:0c:
         9c:70:60:49:1d:a4:18:48:b6:e7:52:39:68:cd:0b:ab:25:6d:
         ba:3e:0c:12:41:5d:30:bb:cd:73:c3:44:0d:20:61:3e:76:62:
         9a:e2:e9:8a:02:4e:cc:5e:27:2d:ee:78:20:ab:7f:21:10:18:
         3c:00:bf:40:b7:86:71:68:bd:3e:38:f7:6a:ec:b1:d1:5a:ff:
         31:42:69:dc:c4:8a:e9:63:b7:35:9d:8f:c0:b2:16:32:33:58:
         b5:f5:6f:ee:08:ae:01:e8:88:5e:48:63:af:3c:c8:b8:27:5f:
         c0:2e:2d:64:54:85:24:71:f1:2f:5e:37:99:63:d2:59:8c:e8:
         a7:9c:de:3a
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYsFgVlfYaoGES2wzQW0Fv+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDA2MTUwMDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDQyM2ZkMTQxNmMxYWRhNjY2YjViNmYwMDc5NTIyYWMyYzUxMGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfTrFDLHTRjdqt2PrKWnf6663ywZ
xA3Y8DhbRrJAjh2IXufcS6llnvMAZhSeCRgZOnJ4YJ/8od/h+uHVc9fW2f0f5Z4r
+4vnIGiZ2O8OHPlb62cmJsov6o0z0dpMblSFTdeglRtKJ7r8f0s0H7mgk54FG20M
Ks65oJXtWASwI7Dslo7W88jrSOiYmWDMwQ7DGjSSF02sjtm//nYOV0HCeoi1kfzQ
sQhg1lW2khV52xmUC6VdDaTWnd9UEGbHD1amq8xJRAlz7iAfdGXWASDap1/fTWP1
ReVtiNCWGYnL+ykryRDFgVVabNivRGl7kXCcoaKgLMXyuXgw152vSPMowwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDBCP9FBbBraZmtbbwB5UirCxRC9MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTUVJXzBVRnNHdHBtYTF0dkFIbFNLc0xGRUwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAuUgKAwQA
wXz+AwQBwld2AwQAwlfcAwQAwocgAwQBw4UKAwQBw4UaAwQBw4U0MA0GCSqGSIb3
DQEBCwUAA4IBAQCQNrtQZC1aDp3y6XjsMrJQe9KecRqdG2qbXiJAJY57myHghlaQ
EhUkw+nv0U1ebROPMPjh8wqBaXvN19/+XxvPGgyJU/C/kxo8LN+4Ca+O6vDukLfN
4Akvkbe3lh+Wnuyz1TJd2tJjDqL6XlhYTv2lDYxj4kRko+4M+12hRgyccGBJHaQY
SLbnUjlozQurJW26PgwSQV0wu81zw0QNIGE+dmKa4umKAk7MXict7nggq38hEBg8
AL9At4ZxaL0+OPdq7LHRWv8xQmncxIrpY7c1nY/AshYyM1i19W/uCK4B6IheSGOv
PMi4J1/ALi1kVIUkcfEvXjeZY9JZjOinnN46
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:14 2024 by rpki-client on console-fra.rpki-client.org