Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NDdchyKzf3_rqDsgIHZCQf7581I.roa
File:                     NDdchyKzf3_rqDsgIHZCQf7581I.roa (raw, json)
Hash identifier:          5JE60mf2PucL9HGedDV6nyDcMkuD4U2OmUmw6kfkAfs=
Subject key identifier:   34:37:5C:87:22:B3:7F:7F:EB:A8:3B:20:20:76:42:41:FE:F9:F3:52
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018A3C1CE043D15BF6EFE92D93CC777F80C6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NDdchyKzf3_rqDsgIHZCQf7581I.roa
Signing time:             Mon 28 Aug 2023 12:27:19 +0000
ROA not before:           Mon 28 Aug 2023 12:27:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21082
IP address blocks:        193.124.4.0/24 maxlen: 24
                          195.133.78.0/24 maxlen: 24
                          194.87.2.0/24 maxlen: 24
                          195.133.79.0/24 maxlen: 24
                          194.87.221.0/24 maxlen: 24
                          194.87.20.0/24 maxlen: 24
                          194.87.30.0/24 maxlen: 24
                          195.58.34.0/24 maxlen: 24
                          195.133.35.0/24 maxlen: 24
                          195.58.58.0/24 maxlen: 24
                          212.192.248.0/24 maxlen: 24
                          194.135.105.0/24 maxlen: 24
                          194.87.44.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:3c:1c:e0:43:d1:5b:f6:ef:e9:2d:93:cc:77:7f:80:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Aug 28 12:27:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=34375c8722b37f7feba83b2020764241fef9f352
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:b4:7b:d7:13:8f:e1:8d:a4:36:1b:11:09:eb:
                    4f:d2:76:7f:2b:86:83:13:ef:f1:e5:20:96:99:a2:
                    54:fe:30:0e:b3:0e:89:9f:57:0e:9a:5a:da:cb:70:
                    47:bf:e9:0c:89:0f:43:44:72:78:34:65:d9:18:23:
                    26:ea:69:94:8d:f2:3f:7f:57:ab:96:b5:43:19:44:
                    e4:08:c8:92:fa:52:44:5a:ad:e0:cf:42:cd:88:c0:
                    ed:eb:95:f1:53:00:b3:a8:ea:33:da:34:d7:dd:eb:
                    8e:f5:df:c8:65:05:30:21:90:76:1b:ec:e8:e6:5c:
                    af:8d:0e:eb:ff:ad:7f:f7:15:83:c3:76:0f:de:c2:
                    16:43:24:f0:1b:a8:99:7a:46:d8:da:4c:40:e2:d9:
                    3a:55:2a:e9:63:52:d6:80:e2:30:7f:c9:0a:59:3c:
                    9f:33:2b:89:8d:10:ec:73:4e:89:77:bb:b5:6d:47:
                    24:05:9d:cc:01:ce:1d:69:7b:64:c1:c1:3b:e4:3a:
                    84:79:37:c1:c9:ef:27:da:b0:56:2c:ef:29:a9:93:
                    bf:08:ba:de:3f:56:4b:50:89:9b:45:84:96:48:80:
                    20:6c:08:1a:71:e3:c4:07:af:03:0b:09:7b:fd:94:
                    60:66:99:c7:f2:91:58:63:74:dc:51:b6:55:48:dd:
                    a3:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:37:5C:87:22:B3:7F:7F:EB:A8:3B:20:20:76:42:41:FE:F9:F3:52
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NDdchyKzf3_rqDsgIHZCQf7581I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.4.0/24
                  194.87.2.0/24
                  194.87.20.0/24
                  194.87.30.0/24
                  194.87.44.0/24
                  194.87.221.0/24
                  194.135.105.0/24
                  195.58.34.0/24
                  195.58.58.0/24
                  195.133.35.0/24
                  195.133.78.0/23
                  212.192.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:56:a1:2d:c5:72:28:60:0b:6f:5d:a4:68:49:a3:6b:46:b5:
         c2:de:4b:bb:44:14:8f:c2:ca:3f:a0:75:17:f5:fa:35:a9:35:
         bd:df:6b:6a:89:6a:6e:f5:15:29:c3:bd:a9:cf:46:b9:a6:93:
         ab:bc:65:ba:74:53:75:ab:fa:88:ae:aa:22:5e:88:56:1c:3f:
         c2:92:d7:aa:8e:34:09:22:81:8d:b4:0a:62:38:7d:9a:fa:34:
         d3:30:cd:77:f2:bd:39:eb:dc:9c:c6:ed:2b:80:74:db:c4:74:
         7c:05:5d:0a:2a:3b:e1:ec:70:8d:7b:d2:a7:51:a3:a3:b1:f9:
         0c:53:9a:14:10:05:93:1a:79:24:ec:3a:5e:cc:2b:5b:37:56:
         bc:54:d1:02:db:a7:ba:e1:eb:36:6d:fe:9f:60:aa:a9:75:b4:
         20:56:e7:14:58:52:45:2e:a1:3a:21:47:b0:a6:f3:c9:0a:34:
         3f:d2:0e:85:34:90:6c:7b:76:ee:1e:95:79:d6:e1:4f:bf:61:
         80:24:66:c9:aa:ad:8c:e4:9e:b4:1d:66:4a:ce:ab:af:d0:56:
         df:60:78:14:f0:36:80:a3:05:26:8a:8e:2f:fe:72:c2:6e:ef:
         91:80:ff:df:a8:f5:57:df:2e:ce:28:99:e1:e9:6d:79:90:34:
         34:45:c5:ac
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYo8HOBD0Vv27+ktk8x3f4DGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODI4MTIyNzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDM3NWM4NzIyYjM3ZjdmZWJhODNiMjAyMDc2NDI0MWZlZjlmMzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA77R71xOP4Y2kNhsRCetP0nZ/K4aD
E+/x5SCWmaJU/jAOsw6Jn1cOmlray3BHv+kMiQ9DRHJ4NGXZGCMm6mmUjfI/f1er
lrVDGUTkCMiS+lJEWq3gz0LNiMDt65XxUwCzqOoz2jTX3euO9d/IZQUwIZB2G+zo
5lyvjQ7r/61/9xWDw3YP3sIWQyTwG6iZekbY2kxA4tk6VSrpY1LWgOIwf8kKWTyf
MyuJjRDsc06Jd7u1bUckBZ3MAc4daXtkwcE75DqEeTfBye8n2rBWLO8pqZO/CLre
P1ZLUImbRYSWSIAgbAgacePEB68DCwl7/ZRgZpnH8pFYY3TcUbZVSN2jMQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFDQ3XIcis39/66g7ICB2QkH++fNSMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTkRkY2h5S3pmM19ycURzZ0lIWkNRZjc1ODFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAwXwEAwQA
wlcCAwQAwlcUAwQAwlceAwQAwlcsAwQAwlfdAwQAwodpAwQAwzoiAwQAwzo6AwQA
w4UjAwQBw4VOAwQA1MD4MA0GCSqGSIb3DQEBCwUAA4IBAQACVqEtxXIoYAtvXaRo
SaNrRrXC3ku7RBSPwso/oHUX9fo1qTW932tqiWpu9RUpw72pz0a5ppOrvGW6dFN1
q/qIrqoiXohWHD/CkteqjjQJIoGNtApiOH2a+jTTMM138r0569ycxu0rgHTbxHR8
BV0KKjvh7HCNe9KnUaOjsfkMU5oUEAWTGnkk7DpezCtbN1a8VNEC26e64es2bf6f
YKqpdbQgVucUWFJFLqE6IUewpvPJCjQ/0g6FNJBse3buHpV51uFPv2GAJGbJqq2M
5J60HWZKzquv0FbfYHgU8DaAowUmio4v/nLCbu+RgP/fqPVX3y7OKJnh6W15kDQ0
RcWs
-----END CERTIFICATE-----
Generated at Tue Aug 29 12:00:00 2023 by rpki-client on console-ams.rpki-client.org