Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Wf2hVYon88pM0lShsKGv2_1oYZ8.roa
File:                     Wf2hVYon88pM0lShsKGv2_1oYZ8.roa (raw, json)
Hash identifier:          2TAJ8GqAm7rIO4Bxkv/alyowaM6KMCkUDvTXQTvAnoU=
Subject key identifier:   59:FD:A1:55:8A:27:F3:CA:4C:D2:54:A1:B0:A1:AF:DB:FD:68:61:9F
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018B0A10A1A5DC9E0E6ECF609967DA765156
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Wf2hVYon88pM0lShsKGv2_1oYZ8.roa
Signing time:             Sat 07 Oct 2023 12:15:44 +0000
ROA not before:           Sat 07 Oct 2023 12:15:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     142430
IP address blocks:        195.133.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 07 Oct 2023 12:34:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:0a:10:a1:a5:dc:9e:0e:6e:cf:60:99:67:da:76:51:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Oct  7 12:15:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=59fda1558a27f3ca4cd254a1b0a1afdbfd68619f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:10:10:4b:dc:52:73:7a:6b:08:9f:15:47:57:
                    77:22:3b:33:4f:8e:84:5e:b0:17:59:42:d0:62:26:
                    c7:a0:c8:cc:b1:ce:55:38:20:e6:ae:df:35:11:c2:
                    d6:3a:b6:4b:70:b2:e7:b3:33:c9:24:f2:79:65:c5:
                    15:71:86:3a:44:9f:46:2c:bd:e7:ae:5f:76:d4:91:
                    f9:23:aa:6b:d5:b9:00:63:c8:24:a1:ef:7e:2f:17:
                    b3:20:c6:6a:3b:5c:40:d8:49:d8:9c:ce:b3:c6:e7:
                    a6:41:09:d7:01:ea:15:c9:f9:ee:a7:3d:9f:d4:6c:
                    03:ae:c9:03:e4:6d:3b:33:66:cc:e0:7c:8b:c9:23:
                    5a:c7:12:f1:5e:27:3b:78:f0:94:28:1d:78:10:92:
                    a3:1c:85:66:4f:59:b6:ef:3f:3c:fb:e6:73:cb:14:
                    d7:89:38:3c:d4:58:46:d7:38:8e:9a:04:8c:3e:a8:
                    0d:1c:87:5c:d9:be:b7:72:de:fb:19:c9:03:e3:66:
                    ee:95:4b:21:53:6d:0a:27:ea:f5:8c:63:eb:1e:ca:
                    f7:72:25:d4:79:9a:ef:3d:a1:33:a9:6d:0f:d6:6f:
                    96:20:80:03:9b:05:ad:62:00:70:6e:f4:7f:00:f1:
                    e6:77:9b:ed:4c:95:68:10:81:3e:a1:f5:82:b3:73:
                    b9:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:FD:A1:55:8A:27:F3:CA:4C:D2:54:A1:B0:A1:AF:DB:FD:68:61:9F
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Wf2hVYon88pM0lShsKGv2_1oYZ8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.133.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:de:17:e9:18:27:1c:b8:90:80:3c:ef:3c:c0:1f:3c:62:4a:
         97:51:fc:8a:37:5d:fc:54:14:6f:5c:27:4f:73:47:f1:4e:ab:
         ca:06:c0:77:b9:7f:60:81:87:dc:04:5e:92:e0:99:be:52:f5:
         09:8d:60:54:3a:6f:38:ff:b4:e9:1d:b9:54:ad:01:8a:40:94:
         d6:d4:dd:75:93:60:01:06:d4:85:ef:e7:7a:21:9b:f7:c4:c1:
         8e:96:cd:3c:22:92:2e:30:1c:20:43:21:e7:7d:33:ce:db:b6:
         f1:3b:00:94:9f:cb:9a:6a:74:23:08:63:4c:f5:9c:9d:9e:bb:
         a3:e5:c0:17:a7:34:33:40:7b:2e:ae:51:94:52:80:82:ab:01:
         c9:c0:56:b7:1c:5c:9e:f2:1c:77:f4:3a:6e:36:cd:6c:f8:0b:
         1a:e1:89:8d:c7:48:04:33:ef:9d:ec:24:93:1a:20:04:58:56:
         91:72:91:b6:55:78:fd:9f:25:96:be:bb:17:ba:f7:8d:4d:9a:
         8c:37:2a:b7:e9:7d:1a:e7:b2:f6:88:0e:6d:ba:db:3c:5a:2e:
         6e:06:55:51:28:a0:0c:9d:f7:c1:c3:65:1c:02:ad:80:c9:a6:
         67:40:52:9f:70:fe:a0:6d:bb:1d:99:f1:6b:a6:bb:d7:f9:a4:
         92:34:48:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsKEKGl3J4Obs9gmWfadlFWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDA3MTIxNTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWZkYTE1NThhMjdmM2NhNGNkMjU0YTFiMGExYWZkYmZkNjg2MTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBAQS9xSc3prCJ8VR1d3IjszT46E
XrAXWULQYibHoMjMsc5VOCDmrt81EcLWOrZLcLLnszPJJPJ5ZcUVcYY6RJ9GLL3n
rl921JH5I6pr1bkAY8gkoe9+LxezIMZqO1xA2EnYnM6zxuemQQnXAeoVyfnupz2f
1GwDrskD5G07M2bM4HyLySNaxxLxXic7ePCUKB14EJKjHIVmT1m27z88++ZzyxTX
iTg81FhG1ziOmgSMPqgNHIdc2b63ct77GckD42bulUshU20KJ+r1jGPrHsr3ciXU
eZrvPaEzqW0P1m+WIIADmwWtYgBwbvR/APHmd5vtTJVoEIE+ofWCs3O5IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFn9oVWKJ/PKTNJUobChr9v9aGGfMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvV2YyaFZZb244OHBNMGxTaHNLR3YyXzFvWVo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4U/MA0G
CSqGSIb3DQEBCwUAA4IBAQA13hfpGCccuJCAPO88wB88YkqXUfyKN138VBRvXCdP
c0fxTqvKBsB3uX9ggYfcBF6S4Jm+UvUJjWBUOm84/7TpHblUrQGKQJTW1N11k2AB
BtSF7+d6IZv3xMGOls08IpIuMBwgQyHnfTPO27bxOwCUn8uaanQjCGNM9Zydnruj
5cAXpzQzQHsurlGUUoCCqwHJwFa3HFye8hx39DpuNs1s+Asa4YmNx0gEM++d7CST
GiAEWFaRcpG2VXj9nyWWvrsXuveNTZqMNyq36X0a57L2iA5tuts8Wi5uBlVRKKAM
nffBw2UcAq2AyaZnQFKfcP6gbbsdmfFrprvX+aSSNEi6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:18 2024 by rpki-client on console-fra.rpki-client.org