Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SfJtXHrsOgkCCSyH_P8MXNbDF1o.roa
File:                     SfJtXHrsOgkCCSyH_P8MXNbDF1o.roa (raw, json)
Hash identifier:          EZhfUlucSJQKyM/Kk1bYVrJQ906sWCJgwOg3pCCMlx8=
Subject key identifier:   49:F2:6D:5C:7A:EC:3A:09:02:09:2C:87:FC:FF:0C:5C:D6:C3:17:5A
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01876FE8035E50CF169E06178BD963FED399
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SfJtXHrsOgkCCSyH_P8MXNbDF1o.roa
Signing time:             Tue 11 Apr 2023 10:41:28 +0000
ROA not before:           Tue 11 Apr 2023 10:41:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     23740
IP address blocks:        212.192.28.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:6f:e8:03:5e:50:cf:16:9e:06:17:8b:d9:63:fe:d3:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Apr 11 10:41:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=49f26d5c7aec3a0902092c87fcff0c5cd6c3175a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:4b:68:1e:f0:7c:fd:eb:3b:2c:45:6b:6f:d4:
                    55:0f:13:a2:8b:59:69:08:61:9e:29:aa:db:52:10:
                    2e:06:70:c9:51:3d:be:6b:7f:96:c0:43:bc:52:af:
                    2f:b9:3b:67:c4:57:a6:4c:0f:1f:91:a2:a3:bd:4f:
                    3f:11:84:65:20:11:80:d3:3e:93:62:6c:7b:11:99:
                    3a:5f:8a:b4:06:08:49:0a:03:07:67:0d:2b:3e:49:
                    7e:b9:cd:ca:99:1b:ea:c5:77:02:02:02:8f:9e:70:
                    64:9a:78:2a:f5:01:ab:ea:1e:c1:c8:d8:be:cf:fe:
                    62:cb:5a:ff:33:65:88:ad:cc:f1:9d:51:21:06:33:
                    b7:06:e1:8b:a6:3f:7b:69:37:17:c2:6a:c0:c2:77:
                    28:18:3e:6f:09:25:72:10:dc:60:76:d8:c7:f9:fc:
                    b4:d2:3f:ea:80:c2:78:09:35:6e:8f:e6:b3:8b:94:
                    70:83:24:eb:83:12:7a:05:c6:46:f3:35:44:c2:02:
                    42:07:81:90:81:f2:07:ea:a3:0b:78:a1:81:f4:ea:
                    b6:28:1a:14:a3:1c:18:b5:b9:84:51:11:c3:5a:64:
                    10:68:29:0d:b9:e5:72:5f:b7:ad:a4:63:2e:2c:e8:
                    7c:47:46:a5:fe:8f:c6:bf:78:2a:8e:ca:05:60:e4:
                    6b:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:F2:6D:5C:7A:EC:3A:09:02:09:2C:87:FC:FF:0C:5C:D6:C3:17:5A
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SfJtXHrsOgkCCSyH_P8MXNbDF1o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.192.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:fd:d5:ad:9a:ac:99:df:47:43:d1:07:27:00:a6:f3:1e:fb:
         66:29:47:c9:46:85:be:50:bf:67:71:16:f5:15:7a:be:a4:37:
         ea:4b:e4:50:a7:92:5f:3d:4c:f2:87:28:c1:43:35:16:12:cc:
         d9:f0:91:44:c0:81:8f:07:c4:6a:b9:cf:4d:ac:a7:4e:4d:20:
         d2:9b:80:4e:06:26:98:69:07:7d:2e:74:72:4b:ab:84:70:21:
         09:c7:34:27:5e:2a:14:f5:dc:2e:ec:b8:50:02:21:64:b3:bc:
         50:62:67:ce:df:e5:1b:d7:d0:7b:e4:05:82:a5:38:a2:a6:04:
         a3:f2:ff:54:9f:88:4e:78:3e:32:8f:24:05:df:0c:52:c3:f7:
         e5:1b:86:7e:32:cf:95:94:8d:3c:88:7f:12:b4:6f:24:35:d2:
         f4:00:56:fd:c4:8e:62:1e:03:95:e3:e7:51:e0:ce:82:ee:15:
         5d:27:19:75:50:10:12:0e:f2:3d:fc:53:d9:9b:41:fc:94:87:
         4b:e1:3d:ae:a7:2c:29:a3:ef:10:e9:7c:79:95:10:0c:b5:74:
         1e:03:36:dd:42:34:2d:7e:de:f7:87:cb:a5:ae:7c:85:79:4d:
         1b:b6:3a:e8:9f:ea:bc:04:06:e0:5f:24:72:0f:15:a8:18:7a:
         83:ae:85:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdv6ANeUM8WngYXi9lj/tOZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDExMTA0MTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWYyNmQ1YzdhZWMzYTA5MDIwOTJjODdmY2ZmMGM1Y2Q2YzMxNzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUtoHvB8/es7LEVrb9RVDxOii1lp
CGGeKarbUhAuBnDJUT2+a3+WwEO8Uq8vuTtnxFemTA8fkaKjvU8/EYRlIBGA0z6T
Ymx7EZk6X4q0BghJCgMHZw0rPkl+uc3KmRvqxXcCAgKPnnBkmngq9QGr6h7ByNi+
z/5iy1r/M2WIrczxnVEhBjO3BuGLpj97aTcXwmrAwncoGD5vCSVyENxgdtjH+fy0
0j/qgMJ4CTVuj+azi5RwgyTrgxJ6BcZG8zVEwgJCB4GQgfIH6qMLeKGB9Oq2KBoU
oxwYtbmEURHDWmQQaCkNueVyX7etpGMuLOh8R0al/o/Gv3gqjsoFYORr6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEnybVx67DoJAgksh/z/DFzWwxdaMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU2ZKdFhIcnNPZ2tDQ1N5SF9QOE1YTmJERjFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1MAcMA0G
CSqGSIb3DQEBCwUAA4IBAQCF/dWtmqyZ30dD0QcnAKbzHvtmKUfJRoW+UL9ncRb1
FXq+pDfqS+RQp5JfPUzyhyjBQzUWEszZ8JFEwIGPB8Rquc9NrKdOTSDSm4BOBiaY
aQd9LnRyS6uEcCEJxzQnXioU9dwu7LhQAiFks7xQYmfO3+Ub19B75AWCpTiipgSj
8v9Un4hOeD4yjyQF3wxSw/flG4Z+Ms+VlI08iH8StG8kNdL0AFb9xI5iHgOV4+dR
4M6C7hVdJxl1UBASDvI9/FPZm0H8lIdL4T2upywpo+8Q6Xx5lRAMtXQeAzbdQjQt
ft73h8ulrnyFeU0btjron+q8BAbgXyRyDxWoGHqDroUZ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:58 2023 by rpki-client on console-ams.rpki-client.org