Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MrdFLEMS1cbfNZnmdc5pABCb-qs.roa
File:                     MrdFLEMS1cbfNZnmdc5pABCb-qs.roa (raw, json)
Hash identifier:          aGwsnNd1QW33Kdd2I2dVGm7HrursKf9Ie7UT1c/Z66g=
Subject key identifier:   32:B7:45:2C:43:12:D5:C6:DF:35:99:E6:75:CE:69:00:10:9B:FA:AB
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018A73E30D73F7FDA6071F67145AFBE6AB4D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MrdFLEMS1cbfNZnmdc5pABCb-qs.roa
Signing time:             Fri 08 Sep 2023 08:22:54 +0000
ROA not before:           Fri 08 Sep 2023 08:22:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     36113
IP address blocks:        62.76.230.0/24 maxlen: 24
                          195.133.81.0/24 maxlen: 24
                          195.133.194.0/24 maxlen: 24
                          194.87.228.0/24 maxlen: 24
                          194.135.30.0/24 maxlen: 24
                          194.87.141.0/24 maxlen: 24
                          194.58.41.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:73:e3:0d:73:f7:fd:a6:07:1f:67:14:5a:fb:e6:ab:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Sep  8 08:22:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=32b7452c4312d5c6df3599e675ce6900109bfaab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:b0:6a:28:78:98:fb:4c:21:de:48:16:12:ba:
                    56:27:2f:5c:cb:bc:75:75:6c:f7:2e:a0:13:51:db:
                    f6:27:4a:ed:2d:b7:48:18:13:93:d3:63:95:ff:54:
                    5b:75:8c:a1:de:19:86:2c:ec:84:f6:7a:a6:08:19:
                    49:2b:bf:e7:06:54:50:5f:90:3d:41:cb:14:2f:77:
                    84:97:13:a1:8a:67:8f:10:4e:69:c9:7b:53:38:4c:
                    94:c1:56:34:2d:dd:ad:2f:3a:35:31:13:e3:0f:0a:
                    6f:e6:94:8e:4e:04:e8:70:54:ed:40:46:35:a9:4c:
                    fa:c1:c2:e1:11:4f:3e:ba:8f:60:6c:92:77:35:0e:
                    8a:29:e2:49:c4:f5:12:8d:fb:f2:da:e8:8c:57:24:
                    7b:6d:d6:ac:7e:12:cf:72:af:f1:e2:02:67:3e:b3:
                    15:59:07:cf:05:3e:a8:51:b8:d6:32:cb:9d:82:70:
                    a3:3f:41:6b:34:19:06:1e:c5:f5:28:46:b6:88:8f:
                    1e:f9:39:41:f5:bd:dd:f6:ef:b5:fc:2a:47:4e:be:
                    5f:82:78:9d:2b:22:b3:a5:a4:3c:2e:57:75:54:40:
                    ea:b9:db:a2:34:cb:63:44:c4:9b:61:4e:8c:de:f4:
                    12:6c:15:de:09:f0:8a:6f:7b:02:7e:24:29:6f:e1:
                    15:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:B7:45:2C:43:12:D5:C6:DF:35:99:E6:75:CE:69:00:10:9B:FA:AB
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MrdFLEMS1cbfNZnmdc5pABCb-qs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.230.0/24
                  194.58.41.0/24
                  194.87.141.0/24
                  194.87.228.0/24
                  194.135.30.0/24
                  195.133.81.0/24
                  195.133.194.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:75:90:84:2a:55:a1:63:9e:d9:40:53:d6:a4:fa:fc:98:75:
         02:ab:21:04:5b:58:ca:70:34:50:a9:c1:c1:9d:8a:71:f8:e8:
         b5:87:b6:bd:4e:85:42:df:42:21:11:08:71:49:fe:78:bb:2b:
         be:e0:7b:ea:5a:55:6d:2b:97:1b:60:6b:72:36:12:1b:9a:03:
         2d:21:9c:f6:4e:de:78:f8:80:d5:b7:a8:9d:7c:4d:d6:0b:41:
         ba:97:05:84:cc:24:94:5c:d3:74:02:e9:39:5e:5e:14:96:b2:
         92:4e:da:e7:f8:55:ee:70:8a:e9:07:71:b5:62:a7:fa:c1:95:
         6a:15:80:d9:93:a1:11:a2:0d:dc:e2:d9:62:07:7b:51:52:cc:
         5d:eb:e7:00:a8:b6:22:6a:e0:3e:ba:84:0b:08:83:3c:ff:a4:
         df:a8:7c:7b:53:86:a0:8d:49:d1:95:b6:e4:16:8e:65:e6:8d:
         8e:e7:92:de:73:0f:16:98:74:f4:9b:3f:7f:3b:95:96:47:67:
         a8:89:ff:7d:92:e1:e1:41:3d:8a:94:f5:b2:cd:ee:8a:5d:e8:
         6c:ab:f7:db:5c:26:70:34:db:68:85:be:c3:7f:d5:30:32:43:
         88:e2:dc:c9:35:d9:3a:59:6c:71:5d:ba:af:bd:04:7f:c8:18:
         d7:cb:d4:6b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYpz4w1z9/2mBx9nFFr75qtNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTA4MDgyMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmI3NDUyYzQzMTJkNWM2ZGYzNTk5ZTY3NWNlNjkwMDEwOWJmYWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLBqKHiY+0wh3kgWErpWJy9cy7x1
dWz3LqATUdv2J0rtLbdIGBOT02OV/1RbdYyh3hmGLOyE9nqmCBlJK7/nBlRQX5A9
QcsUL3eElxOhimePEE5pyXtTOEyUwVY0Ld2tLzo1MRPjDwpv5pSOTgTocFTtQEY1
qUz6wcLhEU8+uo9gbJJ3NQ6KKeJJxPUSjfvy2uiMVyR7bdasfhLPcq/x4gJnPrMV
WQfPBT6oUbjWMsudgnCjP0FrNBkGHsX1KEa2iI8e+TlB9b3d9u+1/CpHTr5fgnid
KyKzpaQ8Lld1VEDquduiNMtjRMSbYU6M3vQSbBXeCfCKb3sCfiQpb+EV0QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDK3RSxDEtXG3zWZ5nXOaQAQm/qrMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTXJkRkxFTVMxY2JmTlpubWRjNXBBQkNiLXFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAPkzmAwQA
wjopAwQAwleNAwQAwlfkAwQAwoceAwQAw4VRAwQAw4XCMA0GCSqGSIb3DQEBCwUA
A4IBAQAxdZCEKlWhY57ZQFPWpPr8mHUCqyEEW1jKcDRQqcHBnYpx+Oi1h7a9ToVC
30IhEQhxSf54uyu+4HvqWlVtK5cbYGtyNhIbmgMtIZz2Tt54+IDVt6idfE3WC0G6
lwWEzCSUXNN0Auk5Xl4UlrKSTtrn+FXucIrpB3G1Yqf6wZVqFYDZk6ERog3c4tli
B3tRUsxd6+cAqLYiauA+uoQLCIM8/6TfqHx7U4agjUnRlbbkFo5l5o2O55Lecw8W
mHT0mz9/O5WWR2eoif99kuHhQT2KlPWyze6KXehsq/fbXCZwNNtohb7Df9UwMkOI
4tzJNdk6WWxxXbqvvQR/yBjXy9Rr
-----END CERTIFICATE-----
Generated at Sat Sep 9 08:34:22 2023 by rpki-client on console-ams.rpki-client.org