Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/O4IbmjsJ30OL2L3YwNLZ3VcoYN4.roa
File:                     O4IbmjsJ30OL2L3YwNLZ3VcoYN4.roa (raw, json)
Hash identifier:          QEu/P8hvIapCnghI5w0ZwbISJEBrcEYX6YNMDnET+zQ=
Subject key identifier:   3B:82:1B:9A:3B:09:DF:43:8B:D8:BD:D8:C0:D2:D9:DD:57:28:60:DE
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0188664FC99CDDDCCE8D8A254E771C04FE02
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/O4IbmjsJ30OL2L3YwNLZ3VcoYN4.roa
Signing time:             Mon 29 May 2023 07:01:24 +0000
ROA not before:           Mon 29 May 2023 07:01:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212219
IP address blocks:        212.193.15.0/24 maxlen: 24
                          194.58.67.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 11 Jun 2023 10:20:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:66:4f:c9:9c:dd:dc:ce:8d:8a:25:4e:77:1c:04:fe:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: May 29 07:01:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3b821b9a3b09df438bd8bdd8c0d2d9dd572860de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:ec:4d:95:63:07:48:0b:97:27:e2:a9:66:be:
                    2d:40:09:f4:70:11:18:05:e9:8b:1a:71:fd:2a:6b:
                    88:22:66:b3:44:45:3b:f8:0f:4a:1b:34:35:b6:78:
                    b5:c4:96:84:d8:66:2a:43:ea:f7:48:d4:d2:3a:9a:
                    b2:da:e4:d9:3c:14:06:4a:b4:03:a0:89:90:12:2a:
                    16:ff:3e:19:1e:61:93:5e:53:00:74:ac:f8:56:38:
                    68:0e:15:34:1c:05:ca:3a:4b:79:99:a1:bb:56:ea:
                    25:28:6c:b5:46:de:02:9c:34:2f:85:0b:37:77:28:
                    e7:25:69:42:5b:7d:88:49:b7:b6:0e:de:0a:83:5d:
                    22:b0:b4:bf:2e:8f:30:8e:4e:5b:bb:01:99:1d:74:
                    a0:fb:46:43:e3:cf:26:a0:b7:e0:28:c0:45:97:f1:
                    28:6a:cb:be:56:68:c9:39:3b:3e:df:de:32:e9:c2:
                    e8:9d:cf:83:5a:2e:c9:5e:a8:c0:78:a2:d3:73:5e:
                    c4:94:84:aa:bb:2f:bb:37:6a:15:0d:cd:2e:63:34:
                    f8:89:d9:d9:dd:4c:35:40:2d:9e:3a:32:82:9a:16:
                    0e:bc:e3:23:b5:b1:af:28:69:af:60:67:ad:2e:17:
                    ca:2e:c9:5f:0e:da:5e:24:ff:9a:1b:62:0f:cc:56:
                    62:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:82:1B:9A:3B:09:DF:43:8B:D8:BD:D8:C0:D2:D9:DD:57:28:60:DE
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/O4IbmjsJ30OL2L3YwNLZ3VcoYN4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.58.67.0/24
                  212.193.15.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:1a:27:49:f4:55:74:e8:8a:46:06:8a:37:be:c6:d2:c0:80:
         30:ad:85:7d:b1:8f:c7:58:be:b8:2c:67:3c:e0:ed:5e:5d:cc:
         9c:a8:ea:32:95:76:e7:1e:ca:d9:5f:9e:b7:8d:8a:57:94:8b:
         8c:39:5b:b5:af:ab:d3:8f:d0:f6:2e:ff:b4:0b:64:47:42:d5:
         e7:ce:13:e5:f6:9c:3e:1f:41:85:6e:74:3f:58:68:78:60:21:
         6c:f1:87:60:46:14:9a:ba:19:59:41:94:b5:e7:4f:e3:2a:9d:
         2b:21:8c:28:e6:ae:09:18:de:ed:40:f0:14:70:75:a5:b4:fd:
         56:28:9e:b6:c0:fc:74:81:09:08:6e:e8:13:41:ec:99:b6:9b:
         dd:dd:0d:17:46:e0:13:f3:bf:72:89:5f:a7:e9:35:b0:df:f3:
         1d:86:60:a6:00:02:86:db:e2:58:bc:e5:0b:db:4c:17:0f:78:
         2b:af:74:18:32:d2:20:91:40:fc:d4:de:e2:0a:a2:60:ac:ee:
         8a:1c:00:56:f4:38:83:ac:22:53:f3:bd:05:f5:ce:26:b6:4e:
         ec:8c:62:78:c3:04:01:16:18:1e:ad:bc:f6:f7:a1:f8:6d:30:
         83:e3:a5:00:aa:b9:b7:9e:f4:46:b6:8d:22:87:e6:ad:1a:56:
         3e:03:c4:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhmT8mc3dzOjYolTnccBP4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTI5MDcwMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjgyMWI5YTNiMDlkZjQzOGJkOGJkZDhjMGQyZDlkZDU3Mjg2MGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluxNlWMHSAuXJ+KpZr4tQAn0cBEY
BemLGnH9KmuIImazREU7+A9KGzQ1tni1xJaE2GYqQ+r3SNTSOpqy2uTZPBQGSrQD
oImQEioW/z4ZHmGTXlMAdKz4VjhoDhU0HAXKOkt5maG7VuolKGy1Rt4CnDQvhQs3
dyjnJWlCW32ISbe2Dt4Kg10isLS/Lo8wjk5buwGZHXSg+0ZD488moLfgKMBFl/Eo
asu+VmjJOTs+394y6cLonc+DWi7JXqjAeKLTc17ElISquy+7N2oVDc0uYzT4idnZ
3Uw1QC2eOjKCmhYOvOMjtbGvKGmvYGetLhfKLslfDtpeJP+aG2IPzFZihwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDuCG5o7Cd9Di9i92MDS2d1XKGDeMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTzRJYm1qc0ozME9MMkwzWXdOTFozVmNvWU40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwjpDAwQA
1MEPMA0GCSqGSIb3DQEBCwUAA4IBAQAeGidJ9FV06IpGBoo3vsbSwIAwrYV9sY/H
WL64LGc84O1eXcycqOoylXbnHsrZX563jYpXlIuMOVu1r6vTj9D2Lv+0C2RHQtXn
zhPl9pw+H0GFbnQ/WGh4YCFs8YdgRhSauhlZQZS150/jKp0rIYwo5q4JGN7tQPAU
cHWltP1WKJ62wPx0gQkIbugTQeyZtpvd3Q0XRuAT879yiV+n6TWw3/MdhmCmAAKG
2+JYvOUL20wXD3grr3QYMtIgkUD81N7iCqJgrO6KHABW9DiDrCJT870F9c4mtk7s
jGJ4wwQBFhgerbz296H4bTCD46UAqrm3nvRGto0ih+atGlY+A8RA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:14 2024 by rpki-client on console-fra.rpki-client.org