Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PDFmahr6OaxJuTayVRa7teKkYb8.roa
File:                     PDFmahr6OaxJuTayVRa7teKkYb8.roa (raw, json)
Hash identifier:          ZjAz47/uh/m5B+ZXtbTJ96D4bwBw4Z64YR3oCu4VteM=
Subject key identifier:   3C:31:66:6A:1A:FA:39:AC:49:B9:36:B2:55:16:BB:B5:E2:A4:61:BF
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0185C4411D936F760AC11B5AA5B8A2075063
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PDFmahr6OaxJuTayVRa7teKkYb8.roa
Signing time:             Wed 18 Jan 2023 09:41:19 +0000
ROA not before:           Wed 18 Jan 2023 09:41:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400377
IP address blocks:        194.87.205.0/24 maxlen: 24
                          195.133.76.0/24 maxlen: 24
                          62.76.226.0/24 maxlen: 24
                          194.87.2.0/24 maxlen: 24
                          194.87.10.0/24 maxlen: 24
                          194.87.233.0/24 maxlen: 24
                          194.87.252.0/24 maxlen: 24
                          193.124.46.0/24 maxlen: 24
                          212.192.1.0/24 maxlen: 24
                          212.192.9.0/24 maxlen: 24
                          194.58.40.0/24 maxlen: 24
                          194.87.170.0/24 maxlen: 24
                          195.58.51.0/24 maxlen: 24
                          192.124.183.0/24 maxlen: 24
                          193.124.200.0/24 maxlen: 24
                          195.133.193.0/24 maxlen: 24
                          194.87.125.0/24 maxlen: 24
                          194.87.124.0/24 maxlen: 24
                          194.87.122.0/24 maxlen: 24
                          194.87.139.0/24 maxlen: 24
                          193.124.90.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:c4:41:1d:93:6f:76:0a:c1:1b:5a:a5:b8:a2:07:50:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan 18 09:41:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3c31666a1afa39ac49b936b25516bbb5e2a461bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:3e:b8:37:93:00:a0:aa:c9:f4:ce:46:63:27:
                    94:83:a6:bc:13:05:74:f4:ae:68:18:ad:14:ec:0e:
                    b5:78:f3:d8:4d:31:50:a1:9c:d4:1d:30:2f:eb:96:
                    10:a8:ff:f3:b0:37:34:46:d2:ab:66:c2:d9:57:b9:
                    b9:29:78:60:2d:49:a5:23:04:8e:b8:7b:6b:df:6e:
                    a2:89:b6:a7:32:7e:72:34:72:94:65:9d:91:ae:ce:
                    1d:3d:c6:e1:32:ad:41:46:ec:34:a8:92:fd:f3:4b:
                    de:aa:63:1f:e4:43:8e:27:98:0b:c6:e0:20:21:04:
                    fa:c5:16:ea:38:54:6b:a5:92:d0:06:4c:e1:2e:cd:
                    b3:f0:37:e7:4b:0a:cb:80:ad:c9:6a:c4:65:34:73:
                    a4:41:b5:81:a3:af:19:6a:eb:82:03:4f:05:1f:92:
                    05:f5:e6:b7:01:0d:f4:d8:d0:7f:ba:c7:a9:a5:7f:
                    f1:ca:23:98:b1:d5:e9:01:f6:ef:a4:73:0e:53:4a:
                    eb:3d:9b:25:62:cf:4b:e0:3f:96:b3:d9:8c:06:9a:
                    1a:7d:6e:87:4e:71:af:fc:44:09:14:e5:64:ff:23:
                    c2:44:32:5a:ce:e6:3c:2f:68:d3:25:8d:ce:ed:51:
                    fe:e7:6a:31:cf:76:b2:5e:f5:40:80:36:57:1f:8e:
                    be:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:31:66:6A:1A:FA:39:AC:49:B9:36:B2:55:16:BB:B5:E2:A4:61:BF
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PDFmahr6OaxJuTayVRa7teKkYb8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.226.0/24
                  192.124.183.0/24
                  193.124.46.0/24
                  193.124.90.0/24
                  193.124.200.0/24
                  194.58.40.0/24
                  194.87.2.0/24
                  194.87.10.0/24
                  194.87.122.0/24
                  194.87.124.0/23
                  194.87.139.0/24
                  194.87.170.0/24
                  194.87.205.0/24
                  194.87.233.0/24
                  194.87.252.0/24
                  195.58.51.0/24
                  195.133.76.0/24
                  195.133.193.0/24
                  212.192.1.0/24
                  212.192.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:85:97:91:d5:d8:63:ac:0b:89:77:9b:bf:69:7d:7e:9f:98:
         01:d5:c5:2e:3b:a8:a3:9c:3e:25:dc:84:fc:46:4b:ce:bc:1a:
         44:b7:2a:8e:16:f1:37:b4:ac:d9:1f:e8:d8:ba:d0:77:77:b9:
         d0:a7:9f:66:6f:67:44:7e:af:ec:3c:96:58:f8:eb:2f:46:4f:
         5d:cc:39:3a:f5:68:93:ee:1f:28:c6:70:e6:9b:e7:d0:28:cd:
         05:e2:ce:a0:ee:7a:98:c5:9b:23:43:ca:8d:77:6f:08:24:52:
         74:35:47:28:06:ac:0d:84:b5:fc:52:e5:18:8f:00:f2:10:48:
         b5:d4:c5:80:04:32:8a:a9:24:8e:5e:78:4a:a8:26:ea:d2:38:
         83:49:60:58:5c:0d:cb:b8:26:a3:28:f2:21:23:c7:14:cf:27:
         2e:eb:8e:e2:53:ac:1c:1d:3a:4b:c2:8d:f9:46:fc:7f:1c:51:
         34:bd:df:57:e9:64:fa:f5:1e:98:0c:bc:ca:34:16:3b:3a:0d:
         4f:69:24:61:49:4b:89:40:1f:29:4f:94:50:32:b4:cd:9b:17:
         9b:ac:2f:b8:96:ec:ff:ec:12:23:22:25:06:bf:78:3a:10:d7:
         e3:98:19:d2:b9:54:9b:29:40:f3:f0:07:7a:50:c5:25:ce:27:
         06:cf:d2:48
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYXEQR2Tb3YKwRtapbiiB1BjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTE4MDk0MTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzMxNjY2YTFhZmEzOWFjNDliOTM2YjI1NTE2YmJiNWUyYTQ2MWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhD64N5MAoKrJ9M5GYyeUg6a8EwV0
9K5oGK0U7A61ePPYTTFQoZzUHTAv65YQqP/zsDc0RtKrZsLZV7m5KXhgLUmlIwSO
uHtr326iibanMn5yNHKUZZ2Rrs4dPcbhMq1BRuw0qJL980veqmMf5EOOJ5gLxuAg
IQT6xRbqOFRrpZLQBkzhLs2z8DfnSwrLgK3JasRlNHOkQbWBo68ZauuCA08FH5IF
9ea3AQ302NB/useppX/xyiOYsdXpAfbvpHMOU0rrPZslYs9L4D+Ws9mMBpoafW6H
TnGv/EQJFOVk/yPCRDJazuY8L2jTJY3O7VH+52oxz3ayXvVAgDZXH46+pQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFDwxZmoa+jmsSbk2slUWu7XipGG/MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUERGbWFocjZPYXhKdVRheVZSYTd0ZUtrWWI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAPkzi
AwQAwHy3AwQAwXwuAwQAwXxaAwQAwXzIAwQAwjooAwQAwlcCAwQAwlcKAwQAwld6
AwQBwld8AwQAwleLAwQAwleqAwQAwlfNAwQAwlfpAwQAwlf8AwQAwzozAwQAw4VM
AwQAw4XBAwQA1MABAwQA1MAJMA0GCSqGSIb3DQEBCwUAA4IBAQAVhZeR1dhjrAuJ
d5u/aX1+n5gB1cUuO6ijnD4l3IT8RkvOvBpEtyqOFvE3tKzZH+jYutB3d7nQp59m
b2dEfq/sPJZY+OsvRk9dzDk69WiT7h8oxnDmm+fQKM0F4s6g7nqYxZsjQ8qNd28I
JFJ0NUcoBqwNhLX8UuUYjwDyEEi11MWABDKKqSSOXnhKqCbq0jiDSWBYXA3LuCaj
KPIhI8cUzycu647iU6wcHTpLwo35Rvx/HFE0vd9X6WT69R6YDLzKNBY7Og1PaSRh
SUuJQB8pT5RQMrTNmxebrC+4luz/7BIjIiUGv3g6ENfjmBnSuVSbKUDz8Ad6UMUl
zicGz9JI
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:57 2023 by rpki-client on console-ams.rpki-client.org