Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OHPYhyz-2s_1-kyVCUdedNPuxFE.roa
File:                     OHPYhyz-2s_1-kyVCUdedNPuxFE.roa (raw, json)
Hash identifier:          XRd6uvV9z4Ftddg6G6JjMZ+I3qJDlE44GpCRag5a778=
Subject key identifier:   38:73:D8:87:2C:FE:DA:CF:F5:FA:4C:95:09:47:5E:74:D3:EE:C4:51
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0188C2C66C7007B676D8922923102C258671
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OHPYhyz-2s_1-kyVCUdedNPuxFE.roa
Signing time:             Fri 16 Jun 2023 05:56:03 +0000
ROA not before:           Fri 16 Jun 2023 05:56:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211014
IP address blocks:        195.133.29.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:c2:c6:6c:70:07:b6:76:d8:92:29:23:10:2c:25:86:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jun 16 05:56:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3873d8872cfedacff5fa4c9509475e74d3eec451
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:ef:27:16:e8:4f:75:84:6f:4d:b1:ad:43:bd:
                    2c:7c:e4:14:34:e3:53:99:74:b9:ec:99:d3:77:c2:
                    63:16:12:c8:2f:2c:6a:5b:70:2d:83:21:6e:bd:16:
                    07:50:c0:53:59:ff:40:d3:54:cd:93:9b:e8:79:64:
                    fb:4f:ed:29:21:0b:d8:47:b5:4d:9a:b8:67:09:40:
                    3b:99:d3:1a:4d:56:5b:50:47:71:7d:35:a2:ea:2a:
                    95:6d:da:26:bc:81:16:ef:c1:8e:aa:2b:6a:1f:1f:
                    da:33:0f:2b:44:f4:09:22:2b:d9:2a:42:f4:e8:00:
                    ca:bf:99:a7:2b:78:a9:1a:c5:63:72:b7:0b:ae:b2:
                    6c:71:d6:49:b4:c6:53:c4:4c:83:d2:7b:73:bc:ec:
                    92:bf:eb:f9:67:ee:0f:75:62:39:2d:75:8e:5e:0f:
                    69:54:a3:33:32:0f:e9:2c:21:da:9d:9a:52:95:6e:
                    06:93:e8:53:ed:a2:7b:77:6f:33:e0:63:48:b4:6f:
                    51:17:8e:56:1f:06:51:ae:8d:e5:90:01:f7:0d:8e:
                    64:1c:aa:42:d5:5b:32:6d:74:fd:08:e9:93:24:c1:
                    96:d6:c4:d3:4e:74:cd:a0:fc:e2:e6:fd:d1:c1:34:
                    e7:9d:d4:e9:38:15:58:33:00:d6:21:52:2a:a7:45:
                    ec:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:73:D8:87:2C:FE:DA:CF:F5:FA:4C:95:09:47:5E:74:D3:EE:C4:51
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OHPYhyz-2s_1-kyVCUdedNPuxFE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.133.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:b1:11:a8:87:28:3f:26:9d:e6:27:82:d5:3b:00:b8:81:4c:
         fb:d7:4d:56:50:34:fa:0e:1b:f8:fe:d1:0f:45:e8:b3:e8:d8:
         f1:af:d3:af:d9:43:da:7b:c6:65:d8:87:6c:2c:60:ee:d1:ed:
         a9:5c:28:4f:48:a3:24:09:0a:83:f3:f5:50:59:9f:06:c0:d8:
         cb:8b:df:04:57:47:f7:a0:51:eb:35:44:e9:fb:4d:d4:d6:98:
         a7:84:46:fa:4e:4f:80:96:71:af:d7:e0:e2:5d:01:59:3b:38:
         f6:bc:44:cf:b6:29:5f:df:d4:cf:05:42:14:db:70:f9:83:a0:
         1b:cc:ce:b7:cc:ba:01:e6:fb:90:da:23:99:cb:81:28:69:9a:
         27:93:ef:ae:b1:73:a1:61:21:cb:b6:56:19:fe:e6:2e:60:e5:
         29:9e:be:d4:8d:2b:ac:30:b0:3b:cc:fc:b6:2e:e7:ce:7b:2c:
         35:9e:ce:f4:00:ab:da:0b:b2:7d:76:91:56:56:21:7f:0e:93:
         af:9b:f7:43:f0:32:47:a0:28:21:66:e2:56:c4:4b:41:2c:2a:
         47:ef:76:2f:b4:f6:02:30:68:4c:43:d0:07:08:91:ef:b0:e4:
         ba:80:1f:34:9d:22:bf:ee:c5:f8:db:78:72:13:76:8a:94:6f:
         7a:b9:da:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjCxmxwB7Z22JIpIxAsJYZxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjE2MDU1NjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODczZDg4NzJjZmVkYWNmZjVmYTRjOTUwOTQ3NWU3NGQzZWVjNDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+8nFuhPdYRvTbGtQ70sfOQUNONT
mXS57JnTd8JjFhLILyxqW3AtgyFuvRYHUMBTWf9A01TNk5voeWT7T+0pIQvYR7VN
mrhnCUA7mdMaTVZbUEdxfTWi6iqVbdomvIEW78GOqitqHx/aMw8rRPQJIivZKkL0
6ADKv5mnK3ipGsVjcrcLrrJscdZJtMZTxEyD0ntzvOySv+v5Z+4PdWI5LXWOXg9p
VKMzMg/pLCHanZpSlW4Gk+hT7aJ7d28z4GNItG9RF45WHwZRro3lkAH3DY5kHKpC
1VsybXT9COmTJMGW1sTTTnTNoPzi5v3RwTTnndTpOBVYMwDWIVIqp0XsWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDhz2Ics/trP9fpMlQlHXnTT7sRRMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvT0hQWWh5ei0yc18xLWt5VkNVZGVkTlB1eEZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4UdMA0G
CSqGSIb3DQEBCwUAA4IBAQBQsRGohyg/Jp3mJ4LVOwC4gUz7101WUDT6Dhv4/tEP
Reiz6Njxr9Ov2UPae8Zl2IdsLGDu0e2pXChPSKMkCQqD8/VQWZ8GwNjLi98EV0f3
oFHrNUTp+03U1pinhEb6Tk+AlnGv1+DiXQFZOzj2vETPtilf39TPBUIU23D5g6Ab
zM63zLoB5vuQ2iOZy4EoaZonk++usXOhYSHLtlYZ/uYuYOUpnr7UjSusMLA7zPy2
LufOeyw1ns70AKvaC7J9dpFWViF/DpOvm/dD8DJHoCghZuJWxEtBLCpH73YvtPYC
MGhMQ9AHCJHvsOS6gB80nSK/7sX423hyE3aKlG96udpZ
-----END CERTIFICATE-----
Generated at Thu Jul 27 16:35:08 2023 by rpki-client on console-ams.rpki-client.org