Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RAtnAWYIseSRMTDYhXlrD-yn9OM.roa
File:                     RAtnAWYIseSRMTDYhXlrD-yn9OM.roa (raw, json)
Hash identifier:          HhdPlYW4330+1ATQ6yOVTVnf8oCJYE6aYXu1p+pVkVk=
Subject key identifier:   44:0B:67:01:66:08:B1:E4:91:31:30:D8:85:79:6B:0F:EC:A7:F4:E3
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018B858A9F43CF0528F89D8580B12383AAB0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RAtnAWYIseSRMTDYhXlrD-yn9OM.roa
Signing time:             Tue 31 Oct 2023 11:42:16 +0000
ROA not before:           Tue 31 Oct 2023 11:42:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205320
IP address blocks:        212.193.27.0/24 maxlen: 24
                          194.135.38.0/24 maxlen: 24
                          212.192.1.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 10 Nov 2023 07:35:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:85:8a:9f:43:cf:05:28:f8:9d:85:80:b1:23:83:aa:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Oct 31 11:42:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=440b67016608b1e4913130d885796b0feca7f4e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:8a:a0:bd:5d:49:53:be:0e:8e:ae:83:e9:a0:
                    81:90:e9:9f:16:c5:56:c8:96:09:f6:5d:d3:44:c6:
                    67:b1:24:ae:2c:a3:66:7d:65:61:7e:98:27:8b:84:
                    92:21:cb:79:96:69:57:e4:34:59:49:7b:a1:b3:f8:
                    ac:cf:fa:19:49:b6:0a:3d:65:fe:7e:9a:9a:c3:e6:
                    6f:b7:e5:30:7e:7b:39:31:1c:7d:aa:03:f6:82:e2:
                    83:aa:35:4b:6d:c2:b9:61:05:63:32:40:36:9a:22:
                    00:36:d4:05:ae:c0:e0:b9:f7:6d:ae:70:5a:12:8d:
                    b8:55:3b:4e:ad:ca:26:ef:55:8a:26:88:cc:ac:25:
                    86:6b:86:a1:04:31:d3:42:9e:f6:08:9a:fc:8e:03:
                    f9:ef:03:66:1d:99:af:c9:08:41:3e:d7:2b:27:5d:
                    ab:2b:8d:e3:53:90:ae:54:09:44:82:d2:23:08:be:
                    45:ef:65:ec:ee:8e:8b:e7:2e:24:ee:19:98:de:8e:
                    16:42:36:99:bd:72:56:e5:9f:6a:89:ee:f8:88:a9:
                    02:08:ae:5f:3d:e1:0c:b1:5e:38:41:88:7e:55:92:
                    cc:35:b5:5c:ea:e1:07:06:8e:cd:8e:e0:40:e7:04:
                    d6:46:fa:90:3b:4f:38:02:4c:0b:40:3d:e1:fb:09:
                    af:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:0B:67:01:66:08:B1:E4:91:31:30:D8:85:79:6B:0F:EC:A7:F4:E3
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RAtnAWYIseSRMTDYhXlrD-yn9OM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.135.38.0/24
                  212.192.1.0/24
                  212.193.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:6b:4f:9a:45:6e:f3:e6:64:ea:6e:3e:74:d4:1a:0e:1d:b2:
         44:16:c5:31:79:fb:47:72:c5:b6:fb:d2:7b:85:98:b9:f6:5a:
         1c:14:3e:6c:b2:2e:2a:b1:e4:08:1f:c5:ff:89:5f:6a:e8:99:
         1f:5a:41:d5:28:dd:0a:5f:9e:5f:fe:d9:fa:f6:b1:7d:9b:fc:
         ae:d2:f5:47:c6:87:2d:bf:82:4c:7a:61:13:6b:98:58:38:3e:
         60:95:12:e8:8a:29:18:04:ea:53:7c:24:70:82:b6:a9:64:92:
         43:b5:06:1e:8b:98:da:19:6d:e9:91:a5:4a:95:0b:77:fb:b3:
         9e:0e:9d:be:18:ec:87:f8:14:f8:8b:13:f2:4d:d8:57:85:5d:
         be:f9:f1:41:47:a5:cf:5a:e7:6c:bb:d7:76:5a:87:11:c8:dc:
         87:89:8b:4d:1d:8c:60:74:7a:ba:26:35:ab:64:c9:dd:f3:9b:
         36:70:03:d5:ed:e3:de:0a:77:be:72:30:1f:e8:1c:51:d6:3e:
         89:32:84:25:18:08:69:85:73:90:fd:f6:97:30:0b:18:4a:5a:
         8c:ad:24:a5:b9:93:7e:14:ca:75:30:eb:8b:94:17:97:6d:f8:
         af:b7:e6:05:63:a7:35:da:fc:d2:7a:35:91:f8:69:0d:eb:0d:
         1a:6b:84:17
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYuFip9DzwUo+J2FgLEjg6qwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDMxMTE0MjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDBiNjcwMTY2MDhiMWU0OTEzMTMwZDg4NTc5NmIwZmVjYTdmNGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIqgvV1JU74Ojq6D6aCBkOmfFsVW
yJYJ9l3TRMZnsSSuLKNmfWVhfpgni4SSIct5lmlX5DRZSXuhs/isz/oZSbYKPWX+
fpqaw+Zvt+Uwfns5MRx9qgP2guKDqjVLbcK5YQVjMkA2miIANtQFrsDgufdtrnBa
Eo24VTtOrcom71WKJojMrCWGa4ahBDHTQp72CJr8jgP57wNmHZmvyQhBPtcrJ12r
K43jU5CuVAlEgtIjCL5F72Xs7o6L5y4k7hmY3o4WQjaZvXJW5Z9qie74iKkCCK5f
PeEMsV44QYh+VZLMNbVc6uEHBo7NjuBA5wTWRvqQO084AkwLQD3h+wmvTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEQLZwFmCLHkkTEw2IV5aw/sp/TjMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUkF0bkFXWUlzZVNSTVREWWhYbHJELXluOU9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwocmAwQA
1MABAwQA1MEbMA0GCSqGSIb3DQEBCwUAA4IBAQAra0+aRW7z5mTqbj501BoOHbJE
FsUxeftHcsW2+9J7hZi59locFD5ssi4qseQIH8X/iV9q6JkfWkHVKN0KX55f/tn6
9rF9m/yu0vVHxoctv4JMemETa5hYOD5glRLoiikYBOpTfCRwgrapZJJDtQYei5ja
GW3pkaVKlQt3+7OeDp2+GOyH+BT4ixPyTdhXhV2++fFBR6XPWudsu9d2WocRyNyH
iYtNHYxgdHq6JjWrZMnd85s2cAPV7ePeCne+cjAf6BxR1j6JMoQlGAhphXOQ/faX
MAsYSlqMrSSluZN+FMp1MOuLlBeXbfivt+YFY6c12vzSejWR+GkN6w0aa4QX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:16 2024 by rpki-client on console-fra.rpki-client.org