Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/O73EwhXbMJBj5TadMvUBfS5IeZA.roa
File:                     O73EwhXbMJBj5TadMvUBfS5IeZA.roa (raw, json)
Hash identifier:          r+13YDsX5KdlNk8gJmQ9qnNYljSUM/LsC/GGYq0vtgg=
Subject key identifier:   3B:BD:C4:C2:15:DB:30:90:63:E5:36:9D:32:F5:01:7D:2E:48:79:90
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018A0240A3BE010AA8A3B1C28C13428269CE
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/O73EwhXbMJBj5TadMvUBfS5IeZA.roa
Signing time:             Thu 17 Aug 2023 06:48:25 +0000
ROA not before:           Thu 17 Aug 2023 06:48:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60721
IP address blocks:        194.87.86.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 17 Aug 2023 20:05:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:02:40:a3:be:01:0a:a8:a3:b1:c2:8c:13:42:82:69:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Aug 17 06:48:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3bbdc4c215db309063e5369d32f5017d2e487990
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:9b:1d:19:17:76:86:50:d8:35:d1:05:47:91:
                    e2:77:75:ba:f8:07:db:24:68:7c:f5:8d:7a:7e:ce:
                    55:d4:70:53:b6:6a:55:64:c3:94:48:7e:ba:af:be:
                    b5:34:fc:1f:15:28:f4:10:8a:7a:89:e8:5f:f4:a0:
                    51:58:24:9c:55:d4:1f:56:8a:c0:a8:e9:ab:7e:f7:
                    68:99:32:2b:34:6f:c9:41:96:01:07:57:88:6f:ea:
                    7e:17:26:00:a3:49:ed:60:ad:b4:dc:17:b8:36:26:
                    76:b3:10:e8:7c:8c:2e:75:47:32:f6:08:7d:83:9e:
                    b7:6f:de:bd:c9:e2:1f:01:83:81:d2:0d:be:d9:a4:
                    cb:cc:6c:bc:a1:2c:4d:19:52:26:7f:c1:e3:1c:fd:
                    9e:bf:44:86:80:3a:8f:eb:58:d9:60:e7:e0:58:80:
                    2b:44:47:42:a6:82:14:5e:74:ab:ca:57:66:ee:b0:
                    27:ca:b6:f7:ae:24:a2:bc:6e:18:ea:3a:68:52:4b:
                    a3:4b:a9:d3:3f:bf:24:49:f1:01:48:82:fc:64:12:
                    39:79:eb:37:96:1c:6d:ea:1b:98:b8:ed:b2:20:17:
                    b2:19:d0:4c:77:2a:7e:dd:f7:b0:72:8f:7f:8f:d8:
                    fa:52:b4:98:a5:e8:92:01:72:df:d4:dc:ce:be:60:
                    72:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:BD:C4:C2:15:DB:30:90:63:E5:36:9D:32:F5:01:7D:2E:48:79:90
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/O73EwhXbMJBj5TadMvUBfS5IeZA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.86.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:f3:51:69:4b:49:9a:7f:54:b7:eb:0f:0b:3c:8d:1b:2b:f3:
         9f:5a:41:8c:19:6a:11:5a:b2:91:6c:e6:48:71:28:7a:85:6b:
         c4:6c:8a:1f:3f:bb:78:bc:dc:39:8e:39:b3:93:15:c2:74:5e:
         83:96:97:96:d3:f3:c8:2d:97:0c:31:5d:a8:d4:6b:48:33:b5:
         c3:77:d5:5a:45:90:e3:4c:8b:1a:fb:c9:88:28:5d:cd:74:78:
         4f:c8:33:df:ca:50:ac:15:c5:cf:c6:5c:b7:1b:98:c3:23:52:
         f8:f1:8a:89:80:28:a1:88:ca:1b:32:6b:59:d1:9b:e0:20:bb:
         7d:0e:7e:5a:69:fe:77:1e:45:03:42:56:09:6f:7e:d3:1a:18:
         a8:3c:e6:6a:5d:4d:c2:da:70:74:68:38:ca:48:44:e8:ce:48:
         d7:46:e0:94:b9:8f:3d:c7:26:93:7b:65:84:33:14:f0:10:56:
         75:eb:78:9e:74:f3:cf:d8:b9:40:71:78:c2:e4:bf:d4:20:09:
         18:9d:5e:a1:eb:e1:c7:ce:13:74:b5:3b:cd:e8:9c:09:5b:6f:
         e1:91:ca:2f:3c:47:f2:0b:40:fe:a0:9e:b1:db:68:0d:43:86:
         cd:c8:78:06:34:76:29:b2:50:3f:3a:6e:2d:28:ad:9d:0f:d1:
         ec:83:9f:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoCQKO+AQqoo7HCjBNCgmnOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODE3MDY0ODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmJkYzRjMjE1ZGIzMDkwNjNlNTM2OWQzMmY1MDE3ZDJlNDg3OTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypsdGRd2hlDYNdEFR5Hid3W6+Afb
JGh89Y16fs5V1HBTtmpVZMOUSH66r761NPwfFSj0EIp6iehf9KBRWCScVdQfVorA
qOmrfvdomTIrNG/JQZYBB1eIb+p+FyYAo0ntYK203Be4NiZ2sxDofIwudUcy9gh9
g563b969yeIfAYOB0g2+2aTLzGy8oSxNGVImf8HjHP2ev0SGgDqP61jZYOfgWIAr
REdCpoIUXnSryldm7rAnyrb3riSivG4Y6jpoUkujS6nTP78kSfEBSIL8ZBI5ees3
lhxt6huYuO2yIBeyGdBMdyp+3fewco9/j9j6UrSYpeiSAXLf1NzOvmByTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDu9xMIV2zCQY+U2nTL1AX0uSHmQMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTzczRXdoWGJNSkJqNVRhZE12VUJmUzVJZVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwldWMA0G
CSqGSIb3DQEBCwUAA4IBAQBw81FpS0maf1S36w8LPI0bK/OfWkGMGWoRWrKRbOZI
cSh6hWvEbIofP7t4vNw5jjmzkxXCdF6DlpeW0/PILZcMMV2o1GtIM7XDd9VaRZDj
TIsa+8mIKF3NdHhPyDPfylCsFcXPxly3G5jDI1L48YqJgCihiMobMmtZ0ZvgILt9
Dn5aaf53HkUDQlYJb37TGhioPOZqXU3C2nB0aDjKSETozkjXRuCUuY89xyaTe2WE
MxTwEFZ163iedPPP2LlAcXjC5L/UIAkYnV6h6+HHzhN0tTvN6JwJW2/hkcovPEfy
C0D+oJ6x22gNQ4bNyHgGNHYpslA/Om4tKK2dD9Hsg58M
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:14 2024 by rpki-client on console-fra.rpki-client.org