Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/N6dyd5hwW155Gw8zb9KRVdcvacU.roa
File:                     N6dyd5hwW155Gw8zb9KRVdcvacU.roa (raw, json)
Hash identifier:          2Rzj2Kc5nUVs5Uc2F6kJd7FYYaQKcTnVVkdHxeWg0Xs=
Subject key identifier:   37:A7:72:77:98:70:5B:5E:79:1B:0F:33:6F:D2:91:55:D7:2F:69:C5
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0185BA744D075CC6432543EC9A50544EE542
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/N6dyd5hwW155Gw8zb9KRVdcvacU.roa
Signing time:             Mon 16 Jan 2023 12:01:01 +0000
ROA not before:           Mon 16 Jan 2023 12:01:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2118
IP address blocks:        193.124.3.0/24 maxlen: 24
                          193.124.6.0/24 maxlen: 24
                          193.124.8.0/24 maxlen: 24
                          62.76.231.0/24 maxlen: 24
                          194.87.3.0/24 maxlen: 24
                          194.87.6.0/24 maxlen: 24
                          194.87.7.0/24 maxlen: 24
                          194.87.16.0/24 maxlen: 24
                          194.87.22.0/24 maxlen: 24
                          194.87.24.0/22 maxlen: 24
                          194.87.27.0/24 maxlen: 24
                          194.87.104.0/24 maxlen: 24
                          194.87.115.0/24 maxlen: 24
                          194.87.116.0/24 maxlen: 24
                          194.87.118.0/24 maxlen: 24
                          194.87.114.0/24 maxlen: 24
                          194.87.123.0/24 maxlen: 24
                          193.124.133.0/24 maxlen: 24
                          194.87.126.0/24 maxlen: 24
                          194.87.138.0/23 maxlen: 23
                          194.87.136.0/24 maxlen: 24
                          194.87.56.0/24 maxlen: 24
                          194.87.76.0/24 maxlen: 24
                          194.87.82.0/24 maxlen: 24
                          194.87.83.0/24 maxlen: 24
                          195.133.86.0/24 maxlen: 24
                          195.133.94.0/24 maxlen: 24
                          195.133.12.0/24 maxlen: 24
                          195.133.55.0/24 maxlen: 24
                          195.133.194.0/24 maxlen: 24
                          195.133.195.0/24 maxlen: 24
                          212.193.12.0/24 maxlen: 24
                          194.58.38.0/24 maxlen: 24
                          194.58.39.0/24 maxlen: 24
                          194.58.42.0/24 maxlen: 24
                          194.58.46.0/23 maxlen: 24
                          194.58.45.0/24 maxlen: 24
                          195.58.50.0/24 maxlen: 24
                          194.58.47.0/24 maxlen: 24
                          195.58.52.0/22 maxlen: 22
                          195.58.58.0/24 maxlen: 24
                          195.58.56.0/21 maxlen: 24
                          195.58.61.0/24 maxlen: 24
                          194.58.59.0/24 maxlen: 24
                          195.58.62.0/24 maxlen: 24
                          212.193.0.0/24 maxlen: 24
                          212.193.6.0/24 maxlen: 24
                          194.58.155.0/24 maxlen: 24
                          194.87.202.0/24 maxlen: 24
                          194.87.204.0/24 maxlen: 24
                          194.87.208.0/23 maxlen: 24
                          194.87.222.0/23 maxlen: 24
                          194.87.233.0/24 maxlen: 24
                          212.192.0.0/23 maxlen: 24
                          194.87.149.0/24 maxlen: 24
                          192.124.172.0/24 maxlen: 24
                          194.87.165.0/24 maxlen: 24
                          194.87.163.0/24 maxlen: 24
                          192.124.178.0/24 maxlen: 24
                          192.124.181.0/24 maxlen: 24
                          192.124.180.0/22 maxlen: 24
                          192.124.182.0/23 maxlen: 24
                          194.87.171.0/24 maxlen: 24
                          194.87.172.0/24 maxlen: 24
                          192.124.190.0/24 maxlen: 24
                          194.87.176.0/24 maxlen: 24
                          193.124.202.0/24 maxlen: 24
                          193.124.203.0/24 maxlen: 24
                          194.87.190.0/24 maxlen: 24
                          194.87.198.0/24 maxlen: 24
                          193.124.207.0/24 maxlen: 24
                          194.87.199.0/24 maxlen: 24
                          212.192.208.0/23 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:ba:74:4d:07:5c:c6:43:25:43:ec:9a:50:54:4e:e5:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan 16 12:01:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=37a7727798705b5e791b0f336fd29155d72f69c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:1f:84:77:a9:24:c5:13:09:64:3e:e4:45:94:
                    37:9d:35:ca:ce:85:c9:33:1a:45:1f:c5:9a:20:1a:
                    25:b5:cb:07:db:94:83:c7:59:62:63:57:6b:43:73:
                    68:9b:30:95:c5:03:93:90:90:b1:a4:87:ea:71:f5:
                    79:5e:cf:04:fc:86:97:5f:22:a8:e2:c6:5d:8b:34:
                    92:fb:30:4c:ce:d6:f4:92:13:b5:43:ab:32:c0:c3:
                    00:07:1b:2a:3a:f3:11:76:18:28:d6:dc:30:ba:e7:
                    2e:b4:98:57:db:35:f5:5e:93:79:2b:e2:3a:0d:b8:
                    b9:30:92:a4:42:ce:94:f5:64:1e:48:01:27:a4:0d:
                    a9:70:95:26:1e:d0:ba:06:02:ed:a5:39:44:7f:87:
                    fd:fa:f4:a3:19:80:79:f4:26:b6:af:b1:55:87:2a:
                    6b:c7:23:b3:cb:11:c4:41:0a:54:79:a1:2a:cf:87:
                    fd:45:0e:70:8a:f0:83:f0:89:7a:33:0a:56:bf:32:
                    27:d6:a0:d7:b0:b3:90:a2:d6:83:cd:e5:91:7d:01:
                    5b:40:27:84:01:e5:2c:66:eb:53:a9:41:b2:a1:f8:
                    9f:7c:48:c9:6a:29:38:be:37:ab:25:1d:ce:71:80:
                    31:47:8b:9e:07:61:31:44:ca:a0:b8:dc:31:a1:c1:
                    93:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:A7:72:77:98:70:5B:5E:79:1B:0F:33:6F:D2:91:55:D7:2F:69:C5
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/N6dyd5hwW155Gw8zb9KRVdcvacU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.231.0/24
                  192.124.172.0/24
                  192.124.178.0/24
                  192.124.180.0/22
                  192.124.190.0/24
                  193.124.3.0/24
                  193.124.6.0/24
                  193.124.8.0/24
                  193.124.133.0/24
                  193.124.202.0/23
                  193.124.207.0/24
                  194.58.38.0/23
                  194.58.42.0/24
                  194.58.45.0-194.58.47.255
                  194.58.59.0/24
                  194.58.155.0/24
                  194.87.3.0/24
                  194.87.6.0/23
                  194.87.16.0/24
                  194.87.22.0/24
                  194.87.24.0/22
                  194.87.56.0/24
                  194.87.76.0/24
                  194.87.82.0/23
                  194.87.104.0/24
                  194.87.114.0-194.87.116.255
                  194.87.118.0/24
                  194.87.123.0/24
                  194.87.126.0/24
                  194.87.136.0/24
                  194.87.138.0/23
                  194.87.149.0/24
                  194.87.163.0/24
                  194.87.165.0/24
                  194.87.171.0-194.87.172.255
                  194.87.176.0/24
                  194.87.190.0/24
                  194.87.198.0/23
                  194.87.202.0/24
                  194.87.204.0/24
                  194.87.208.0/23
                  194.87.222.0/23
                  194.87.233.0/24
                  195.58.50.0/24
                  195.58.52.0-195.58.63.255
                  195.133.12.0/24
                  195.133.55.0/24
                  195.133.86.0/24
                  195.133.94.0/24
                  195.133.194.0/23
                  212.192.0.0/23
                  212.192.208.0/23
                  212.193.0.0/24
                  212.193.6.0/24
                  212.193.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:7d:8f:92:9e:84:00:b2:fd:5b:b0:5d:12:68:d0:32:9b:10:
         83:9e:41:8b:4a:ea:28:99:12:65:c9:8f:80:30:85:61:c1:5b:
         1d:2e:5a:92:f5:e2:ad:34:c9:6b:29:e8:12:eb:c5:38:bf:d7:
         27:38:8b:8b:29:07:d1:53:99:77:48:71:2e:a0:fb:3d:65:eb:
         92:81:97:18:45:31:0d:4a:13:dd:ae:d5:22:66:b9:af:3e:dc:
         dc:70:35:de:f1:8d:ce:3c:c4:92:62:4b:ac:e2:47:5f:49:10:
         8a:f4:01:c8:0a:5a:d0:67:64:3d:50:dd:bd:1d:4a:a8:4d:1a:
         a1:a8:6b:ab:2d:9d:bd:e2:13:f2:29:07:4a:fb:06:fc:1b:d2:
         af:f4:7d:44:cd:07:3d:71:01:a6:4e:6b:ef:6f:30:cf:59:62:
         f3:b0:11:90:fb:27:09:9d:85:2a:1b:d1:46:01:fa:33:cf:84:
         55:dd:a9:d7:1b:75:c5:c4:7e:4b:af:a2:28:f0:dd:5e:ae:c7:
         84:03:40:ce:92:1e:09:ae:80:a2:ee:29:15:a2:a4:3b:9c:79:
         80:7b:56:2d:26:ac:d2:63:61:2d:40:25:c9:a7:38:55:04:24:
         11:d9:23:33:73:df:30:66:95:f1:6d:a0:4e:b7:ed:dc:08:f7:
         f8:b4:f1:1a
-----BEGIN CERTIFICATE-----
MIIGazCCBVOgAwIBAgISAYW6dE0HXMZDJUPsmlBUTuVCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTE2MTIwMTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2E3NzI3Nzk4NzA1YjVlNzkxYjBmMzM2ZmQyOTE1NWQ3MmY2OWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtR+Ed6kkxRMJZD7kRZQ3nTXKzoXJ
MxpFH8WaIBoltcsH25SDx1liY1drQ3NomzCVxQOTkJCxpIfqcfV5Xs8E/IaXXyKo
4sZdizSS+zBMztb0khO1Q6sywMMABxsqOvMRdhgo1twwuucutJhX2zX1XpN5K+I6
Dbi5MJKkQs6U9WQeSAEnpA2pcJUmHtC6BgLtpTlEf4f9+vSjGYB59Ca2r7FVhypr
xyOzyxHEQQpUeaEqz4f9RQ5wivCD8Il6MwpWvzIn1qDXsLOQotaDzeWRfQFbQCeE
AeUsZutTqUGyofiffEjJaik4vjerJR3OcYAxR4ueB2ExRMqguNwxocGTWwIDAQAB
o4IDdzCCA3MwHQYDVR0OBBYEFDencneYcFteeRsPM2/SkVXXL2nFMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTjZkeWQ1aHdXMTU1R3c4emI5S1JWZGN2YWNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBiwYIKwYBBQUHAQcBAf8EggF6MIIBdjCCAXIEAgABMIIB
agMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tAMEAMB8vgMEAMF8AwMEAMF8BgMEAMF8
CAMEAMF8hQMEAcF8ygMEAMF8zwMEAcI6JgMEAMI6KjAMAwQAwjotAwQEwjogAwQA
wjo7AwQAwjqbAwQAwlcDAwQBwlcGAwQAwlcQAwQAwlcWAwQCwlcYAwQAwlc4AwQA
wldMAwQBwldSAwQAwldoMAwDBAHCV3IDBADCV3QDBADCV3YDBADCV3sDBADCV34D
BADCV4gDBAHCV4oDBADCV5UDBADCV6MDBADCV6UwDAMEAMJXqwMEAMJXrAMEAMJX
sAMEAMJXvgMEAcJXxgMEAMJXygMEAMJXzAMEAcJX0AMEAcJX3gMEAMJX6QMEAMM6
MjAMAwQCwzo0AwQGwzoAAwQAw4UMAwQAw4U3AwQAw4VWAwQAw4VeAwQBw4XCAwQB
1MAAAwQB1MDQAwQA1MEAAwQA1MEGAwQA1MEMMA0GCSqGSIb3DQEBCwUAA4IBAQBV
fY+SnoQAsv1bsF0SaNAymxCDnkGLSuoomRJlyY+AMIVhwVsdLlqS9eKtNMlrKegS
68U4v9cnOIuLKQfRU5l3SHEuoPs9ZeuSgZcYRTENShPdrtUiZrmvPtzccDXe8Y3O
PMSSYkus4kdfSRCK9AHIClrQZ2Q9UN29HUqoTRqhqGurLZ294hPyKQdK+wb8G9Kv
9H1EzQc9cQGmTmvvbzDPWWLzsBGQ+ycJnYUqG9FGAfozz4RV3anXG3XFxH5Lr6Io
8N1erseEA0DOkh4JroCi7ikVoqQ7nHmAe1YtJqzSY2EtQCXJpzhVBCQR2SMzc98w
ZpXxbaBOt+3cCPf4tPEa
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:56 2023 by rpki-client on console-ams.rpki-client.org