Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TkRaFH6huB9QKdv50AXNOh498Lw.roa
File:                     TkRaFH6huB9QKdv50AXNOh498Lw.roa (raw, json)
Hash identifier:          sJmNIKsehS2ltgRZh7YXyLte7WUs63O+9NdPV0kSlrU=
Subject key identifier:   4E:44:5A:14:7E:A1:B8:1F:50:29:DB:F9:D0:05:CD:3A:1E:3D:F0:BC
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018A051A4F119B22ECC8A395486EB3F0CDE7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TkRaFH6huB9QKdv50AXNOh498Lw.roa
Signing time:             Thu 17 Aug 2023 20:05:24 +0000
ROA not before:           Thu 17 Aug 2023 20:05:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200239
IP address blocks:        194.87.86.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:05:1a:4f:11:9b:22:ec:c8:a3:95:48:6e:b3:f0:cd:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Aug 17 20:05:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4e445a147ea1b81f5029dbf9d005cd3a1e3df0bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:2d:2b:7d:d8:3e:08:00:31:85:0a:f2:96:71:
                    5a:9a:2d:bd:61:58:86:b3:cb:d9:eb:28:e6:32:3e:
                    21:d2:b9:09:e7:30:69:76:6b:13:df:da:13:18:ff:
                    77:ef:13:5c:9d:a9:27:90:03:2c:c5:ba:b6:17:6f:
                    35:27:98:77:53:38:f4:35:02:97:4b:29:e9:03:5b:
                    ab:6f:d3:5f:57:90:ca:b8:23:ee:80:94:dd:d1:f4:
                    d7:df:21:f5:02:4a:aa:fd:99:e7:8b:39:44:56:22:
                    9f:c8:6b:f3:4d:58:4d:bb:61:d6:9f:28:be:c3:bd:
                    21:69:ea:76:41:f7:ac:78:33:67:0f:b2:70:74:ee:
                    4d:d2:08:58:3d:7f:9b:79:26:27:66:cc:ba:54:4e:
                    d0:ea:b0:6b:ac:50:56:9a:8e:a0:75:fc:05:0d:54:
                    aa:6a:da:52:44:6e:91:b4:c3:0d:9e:93:f0:48:12:
                    1c:93:d3:03:35:27:f7:0b:b3:3a:dc:aa:6c:b8:50:
                    fa:1b:61:e4:9d:4e:af:75:bc:c5:f4:cc:03:c6:47:
                    84:73:07:f4:0f:2d:4e:51:c9:97:82:c0:11:e0:21:
                    28:db:ac:4e:5c:75:c0:16:3d:6e:c0:12:2c:7f:42:
                    07:fb:81:39:64:be:1e:64:22:b4:b0:de:03:d0:bd:
                    95:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:44:5A:14:7E:A1:B8:1F:50:29:DB:F9:D0:05:CD:3A:1E:3D:F0:BC
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TkRaFH6huB9QKdv50AXNOh498Lw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.86.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:ff:41:7a:88:fd:04:14:f7:0e:82:41:18:e4:3e:45:c8:04:
         5f:12:94:9a:a7:a3:c3:30:3c:1c:f2:94:27:70:f7:6a:ae:bc:
         d2:de:00:13:0b:e6:c6:0d:8c:6b:2c:e3:13:49:5e:b1:1d:6c:
         98:14:92:cd:f7:82:76:e9:94:68:81:92:89:ed:a1:48:aa:bc:
         4c:65:5d:5e:88:57:45:76:23:1e:93:b6:1c:4e:6d:af:ce:98:
         a2:67:d0:ec:0d:02:1a:5b:51:4e:09:19:c1:60:8a:f1:8b:42:
         64:64:91:82:19:7b:07:a5:4e:cf:2a:60:9c:e9:32:5c:a6:aa:
         39:ca:f1:25:8b:d8:70:f9:ec:ff:d2:d8:45:05:de:75:0c:44:
         10:45:3f:58:ff:d4:9e:6c:6c:d8:ca:62:b4:91:28:c0:20:21:
         a2:e8:3b:99:bf:71:2b:42:b2:8f:0b:7a:c3:3c:29:19:f1:ec:
         3d:fd:0a:f2:20:ea:63:84:28:0f:01:86:9c:ba:43:34:41:ae:
         b7:76:7d:df:49:5c:fa:ed:89:34:4d:4e:58:06:57:4b:a8:22:
         e2:62:11:b0:13:e0:f7:e8:3a:09:65:06:38:24:68:e4:0d:72:
         6a:04:57:e1:ca:de:cb:e2:e1:69:40:60:82:be:ef:73:f0:33:
         80:ac:99:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoFGk8RmyLsyKOVSG6z8M3nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODE3MjAwNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTQ0NWExNDdlYTFiODFmNTAyOWRiZjlkMDA1Y2QzYTFlM2RmMGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsi0rfdg+CAAxhQrylnFami29YViG
s8vZ6yjmMj4h0rkJ5zBpdmsT39oTGP937xNcnaknkAMsxbq2F281J5h3Uzj0NQKX
SynpA1urb9NfV5DKuCPugJTd0fTX3yH1Akqq/ZnnizlEViKfyGvzTVhNu2HWnyi+
w70haep2QfeseDNnD7JwdO5N0ghYPX+beSYnZsy6VE7Q6rBrrFBWmo6gdfwFDVSq
atpSRG6RtMMNnpPwSBIck9MDNSf3C7M63KpsuFD6G2HknU6vdbzF9MwDxkeEcwf0
Dy1OUcmXgsAR4CEo26xOXHXAFj1uwBIsf0IH+4E5ZL4eZCK0sN4D0L2VqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE5EWhR+obgfUCnb+dAFzToePfC8MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVGtSYUZINmh1QjlRS2R2NTBBWE5PaDQ5OEx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwldWMA0G
CSqGSIb3DQEBCwUAA4IBAQA+/0F6iP0EFPcOgkEY5D5FyARfEpSap6PDMDwc8pQn
cPdqrrzS3gATC+bGDYxrLOMTSV6xHWyYFJLN94J26ZRogZKJ7aFIqrxMZV1eiFdF
diMek7YcTm2vzpiiZ9DsDQIaW1FOCRnBYIrxi0JkZJGCGXsHpU7PKmCc6TJcpqo5
yvEli9hw+ez/0thFBd51DEQQRT9Y/9SebGzYymK0kSjAICGi6DuZv3ErQrKPC3rD
PCkZ8ew9/QryIOpjhCgPAYacukM0Qa63dn3fSVz67Yk0TU5YBldLqCLiYhGwE+D3
6DoJZQY4JGjkDXJqBFfhyt7L4uFpQGCCvu9z8DOArJm7
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:18 2024 by rpki-client on console-ams.rpki-client.org