Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SQI2HHcvIbeF3hef26ZQ6Cy-H1w.roa
File:                     SQI2HHcvIbeF3hef26ZQ6Cy-H1w.roa (raw, json)
Hash identifier:          OgDKpuBv0vE8v8BQ/PRkN+et5lxF5C3chF4IZppnkVQ=
Subject key identifier:   49:02:36:1C:77:2F:21:B7:85:DE:17:9F:DB:A6:50:E8:2C:BE:1F:5C
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018B62C7B16801CC2C5D5BFE4D573256D701
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SQI2HHcvIbeF3hef26ZQ6Cy-H1w.roa
Signing time:             Tue 24 Oct 2023 17:42:16 +0000
ROA not before:           Tue 24 Oct 2023 17:42:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205633
IP address blocks:        194.135.18.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:62:c7:b1:68:01:cc:2c:5d:5b:fe:4d:57:32:56:d7:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Oct 24 17:42:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4902361c772f21b785de179fdba650e82cbe1f5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:06:47:7a:8e:fb:2b:88:5e:c7:c2:2a:35:ca:
                    6f:8b:f8:af:72:94:3c:23:83:be:ec:ed:e5:e3:83:
                    8c:2a:f3:79:56:7a:0f:44:fd:e7:0a:98:3b:a9:36:
                    54:a8:93:26:70:d7:b1:a4:2d:5e:ff:b5:68:15:34:
                    0e:c9:91:11:00:30:c6:08:29:6b:12:d6:01:55:e5:
                    32:86:11:e1:51:c2:32:be:52:65:18:e6:1c:91:8b:
                    f2:e6:d9:7b:eb:fb:be:23:0d:e4:b0:57:59:c1:a4:
                    0b:75:c0:bf:ac:6f:80:b0:36:34:48:16:a8:ff:c5:
                    03:bb:6a:dd:7f:04:1c:01:42:4c:33:ca:1e:2d:96:
                    0d:21:22:65:9c:40:b5:b0:f2:3a:55:a2:5e:a0:bf:
                    6d:78:03:4f:8b:ff:ff:a0:49:8d:24:a5:61:74:cc:
                    d2:82:ae:f0:03:c4:83:f9:d6:15:e7:3a:f3:46:cc:
                    08:e1:d2:60:a2:ec:8e:10:fa:2c:76:72:6a:20:39:
                    80:98:d3:7a:cd:f4:f7:60:82:3e:29:4c:1a:59:d1:
                    2f:b4:6c:d9:87:a1:69:67:a2:e6:c6:11:48:77:06:
                    c6:87:ac:54:17:27:75:51:b0:9d:a8:b5:4a:c1:a2:
                    7f:0f:18:97:0c:71:ab:9e:46:b5:28:11:02:61:62:
                    5d:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:02:36:1C:77:2F:21:B7:85:DE:17:9F:DB:A6:50:E8:2C:BE:1F:5C
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SQI2HHcvIbeF3hef26ZQ6Cy-H1w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.135.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:2f:46:56:5e:fa:86:98:0c:b0:d0:09:48:1c:92:fa:d0:11:
         74:92:aa:7b:13:4c:80:8a:f7:fa:35:22:0d:d9:2e:1d:de:7b:
         e0:3c:18:cc:21:1f:a8:a0:96:11:f7:60:6f:2a:65:2a:93:dd:
         86:12:c1:23:43:83:f8:45:eb:1b:07:63:29:3a:3e:e7:67:00:
         53:11:0f:06:d8:e3:0d:a5:c9:45:61:ff:ea:02:e4:0f:53:0b:
         db:5c:5a:22:94:bf:8e:8a:85:64:0a:b6:43:9d:51:75:97:3f:
         e8:53:4d:2a:22:ef:a5:bd:d6:7a:85:02:9f:42:37:6f:7e:0c:
         fd:28:5d:62:80:47:b7:85:ff:da:07:de:3e:3b:e9:fd:2b:df:
         12:d2:4b:00:90:20:28:1f:b1:f3:86:9b:24:d6:d6:cb:03:50:
         9e:31:b6:89:91:9c:3f:65:fc:cf:db:a2:ac:a1:1f:12:32:22:
         95:90:6b:81:b6:3f:3e:be:95:32:16:b6:0d:c7:f3:a6:4c:b9:
         c9:c5:dc:a0:e8:76:16:47:c6:2f:29:9f:b0:af:df:18:b5:35:
         30:a3:6f:00:9d:7c:c2:d6:f7:27:f6:a5:7e:aa:3b:56:18:e8:
         30:77:9c:cb:b8:71:10:f5:28:c5:9e:cd:1e:e6:84:be:2c:77:
         fd:73:69:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtix7FoAcwsXVv+TVcyVtcBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDI0MTc0MjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTAyMzYxYzc3MmYyMWI3ODVkZTE3OWZkYmE2NTBlODJjYmUxZjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gZHeo77K4hex8IqNcpvi/ivcpQ8
I4O+7O3l44OMKvN5VnoPRP3nCpg7qTZUqJMmcNexpC1e/7VoFTQOyZERADDGCClr
EtYBVeUyhhHhUcIyvlJlGOYckYvy5tl76/u+Iw3ksFdZwaQLdcC/rG+AsDY0SBao
/8UDu2rdfwQcAUJMM8oeLZYNISJlnEC1sPI6VaJeoL9teANPi///oEmNJKVhdMzS
gq7wA8SD+dYV5zrzRswI4dJgouyOEPosdnJqIDmAmNN6zfT3YII+KUwaWdEvtGzZ
h6FpZ6LmxhFIdwbGh6xUFyd1UbCdqLVKwaJ/DxiXDHGrnka1KBECYWJdYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEkCNhx3LyG3hd4Xn9umUOgsvh9cMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU1FJMkhIY3ZJYmVGM2hlZjI2WlE2Q3ktSDF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwocSMA0G
CSqGSIb3DQEBCwUAA4IBAQBZL0ZWXvqGmAyw0AlIHJL60BF0kqp7E0yAivf6NSIN
2S4d3nvgPBjMIR+ooJYR92BvKmUqk92GEsEjQ4P4ResbB2MpOj7nZwBTEQ8G2OMN
pclFYf/qAuQPUwvbXFoilL+OioVkCrZDnVF1lz/oU00qIu+lvdZ6hQKfQjdvfgz9
KF1igEe3hf/aB94+O+n9K98S0ksAkCAoH7Hzhpsk1tbLA1CeMbaJkZw/ZfzP26Ks
oR8SMiKVkGuBtj8+vpUyFrYNx/OmTLnJxdyg6HYWR8YvKZ+wr98YtTUwo28AnXzC
1vcn9qV+qjtWGOgwd5zLuHEQ9SjFns0e5oS+LHf9c2lO
-----END CERTIFICATE-----
Generated at Thu Oct 26 16:57:00 2023 by rpki-client on console-ams.rpki-client.org