Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UIm3rrIj3xDgmZpoaeytfbSfj00.roa
File:                     UIm3rrIj3xDgmZpoaeytfbSfj00.roa (raw, json)
Hash identifier:          m4LxIjcH6MBwCcAnV2gayvx2k8Iw7Cs/W69cM0K51LU=
Subject key identifier:   50:89:B7:AE:B2:23:DF:10:E0:99:9A:68:69:EC:AD:7D:B4:9F:8F:4D
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018B468D4B4720BF9AF1BEB8E9BA26CBEB08
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UIm3rrIj3xDgmZpoaeytfbSfj00.roa
Signing time:             Thu 19 Oct 2023 06:09:06 +0000
ROA not before:           Thu 19 Oct 2023 06:09:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205663
IP address blocks:        194.87.187.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:46:8d:4b:47:20:bf:9a:f1:be:b8:e9:ba:26:cb:eb:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Oct 19 06:09:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5089b7aeb223df10e0999a6869ecad7db49f8f4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:47:29:91:82:8e:30:6d:e2:d0:d1:85:4d:a1:
                    14:db:ad:ac:73:3e:c9:9e:fe:48:ee:c8:29:73:33:
                    21:59:28:4e:34:2d:b8:3b:e4:43:3a:bd:b7:8c:3e:
                    51:20:66:fd:2a:ff:8f:ed:1d:99:86:0c:51:85:8b:
                    d1:d6:04:4b:a8:43:6e:c2:13:a7:76:8e:d5:71:84:
                    cb:6c:db:cc:4b:5c:c0:77:9c:a0:aa:e4:82:8a:87:
                    16:06:f5:cb:e8:64:50:10:27:b4:cc:d3:84:a1:50:
                    e7:8e:69:4e:d0:69:0b:5c:10:20:38:cc:b1:05:aa:
                    5b:96:d6:9f:f2:98:aa:3a:c8:d4:b0:ee:54:9a:9a:
                    30:75:8a:a6:57:32:c3:71:35:08:fb:86:fe:90:4d:
                    a1:35:e9:d9:b8:b5:b5:4d:f1:4d:dc:5a:34:47:5b:
                    bc:8f:fa:c3:26:69:ab:0b:14:fa:7d:be:4a:f5:d9:
                    77:e6:5a:c2:05:1b:1b:a1:71:d3:31:4c:03:e4:90:
                    11:dc:98:fa:7a:95:e7:9e:a1:58:48:14:66:20:e1:
                    ad:3a:cf:33:30:d2:71:ef:b4:ef:f8:31:aa:15:0f:
                    c8:53:e0:a8:5c:19:d4:6f:ec:7a:83:2d:04:bf:5b:
                    f0:d2:7d:80:c6:33:a1:af:03:32:b5:8a:22:07:db:
                    56:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:89:B7:AE:B2:23:DF:10:E0:99:9A:68:69:EC:AD:7D:B4:9F:8F:4D
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UIm3rrIj3xDgmZpoaeytfbSfj00.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.187.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:00:61:74:33:bd:f4:b2:1f:d7:85:20:ee:39:8e:36:9b:36:
         9a:6d:7a:06:99:e8:17:c2:5c:b7:4b:bd:43:ba:e9:05:49:b0:
         e8:fa:34:7a:d9:5e:4d:a9:56:16:d6:d1:c3:5c:7d:38:7c:35:
         7f:d5:43:37:36:d7:fd:89:98:20:d7:e4:2c:f4:85:c8:5c:35:
         56:5c:bb:a9:94:f4:10:3d:ef:ff:24:a7:3b:82:2f:f5:17:0c:
         75:5f:44:e2:2b:32:89:30:95:47:04:e2:fb:5f:75:7a:13:fa:
         bf:bd:a2:60:2a:c0:d6:cc:19:9d:25:8b:f4:b3:2d:97:b1:ec:
         ef:40:da:6b:23:0c:45:2e:37:11:29:cd:23:cb:7e:fa:fc:57:
         41:93:7f:83:98:3c:b3:62:42:54:ff:94:09:24:d6:c1:5d:76:
         b4:51:af:a4:ce:b1:d6:ac:a2:5d:73:35:21:1c:ea:0a:d2:82:
         07:dc:94:09:9d:83:8a:68:21:00:35:cc:fd:91:5c:bd:24:71:
         d0:f1:4d:6a:ff:73:dc:4f:51:c1:e0:e1:7c:96:00:97:11:f7:
         14:af:4f:2a:80:5e:01:ec:a5:b2:fc:43:9b:cf:0a:cf:06:9e:
         7e:d5:66:a6:a3:ea:27:8f:3e:37:cd:c2:e2:be:9e:84:c8:e0:
         10:21:70:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtGjUtHIL+a8b646bomy+sIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDE5MDYwOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDg5YjdhZWIyMjNkZjEwZTA5OTlhNjg2OWVjYWQ3ZGI0OWY4ZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkcpkYKOMG3i0NGFTaEU262scz7J
nv5I7sgpczMhWShONC24O+RDOr23jD5RIGb9Kv+P7R2ZhgxRhYvR1gRLqENuwhOn
do7VcYTLbNvMS1zAd5ygquSCiocWBvXL6GRQECe0zNOEoVDnjmlO0GkLXBAgOMyx
Bapbltaf8piqOsjUsO5UmpowdYqmVzLDcTUI+4b+kE2hNenZuLW1TfFN3Fo0R1u8
j/rDJmmrCxT6fb5K9dl35lrCBRsboXHTMUwD5JAR3Jj6epXnnqFYSBRmIOGtOs8z
MNJx77Tv+DGqFQ/IU+CoXBnUb+x6gy0Ev1vw0n2AxjOhrwMytYoiB9tWZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFCJt66yI98Q4JmaaGnsrX20n49NMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVUltM3JySWozeERnbVpwb2FleXRmYlNmajAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwle7MA0G
CSqGSIb3DQEBCwUAA4IBAQAtAGF0M730sh/XhSDuOY42mzaabXoGmegXwly3S71D
uukFSbDo+jR62V5NqVYW1tHDXH04fDV/1UM3Ntf9iZgg1+Qs9IXIXDVWXLuplPQQ
Pe//JKc7gi/1Fwx1X0TiKzKJMJVHBOL7X3V6E/q/vaJgKsDWzBmdJYv0sy2Xsezv
QNprIwxFLjcRKc0jy376/FdBk3+DmDyzYkJU/5QJJNbBXXa0Ua+kzrHWrKJdczUh
HOoK0oIH3JQJnYOKaCEANcz9kVy9JHHQ8U1q/3PcT1HB4OF8lgCXEfcUr08qgF4B
7KWy/EObzwrPBp5+1Wamo+onjz43zcLivp6EyOAQIXDK
-----END CERTIFICATE-----
Generated at Thu Oct 26 16:57:00 2023 by rpki-client on console-ams.rpki-client.org