Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_GHgmtnZb7oEYu7OUHbgfL0OSXo.roa
File:                     _GHgmtnZb7oEYu7OUHbgfL0OSXo.roa (raw, json)
Hash identifier:          hdYh1SEppdJ9/sgxm0vDF4L7JSaRs/d62IdIWUmioM0=
Subject key identifier:   FC:61:E0:9A:D9:D9:6F:BA:04:62:EE:CE:50:76:E0:7C:BD:0E:49:7A
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018ADB43C8F437FFA8F7E70EA5A196A86F2A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_GHgmtnZb7oEYu7OUHbgfL0OSXo.roa
Signing time:             Thu 28 Sep 2023 10:09:27 +0000
ROA not before:           Thu 28 Sep 2023 10:09:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400402
IP address blocks:        195.58.60.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:db:43:c8:f4:37:ff:a8:f7:e7:0e:a5:a1:96:a8:6f:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Sep 28 10:09:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fc61e09ad9d96fba0462eece5076e07cbd0e497a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:bd:20:bb:07:7f:d9:fb:2a:3f:b3:07:da:af:
                    af:7d:f7:a9:52:c3:43:79:6d:7d:fb:ad:23:3e:81:
                    83:e5:23:af:6d:1e:78:59:7d:fa:62:80:a9:b1:10:
                    d2:ef:ec:45:71:57:d8:e0:e5:ff:99:90:c9:01:d8:
                    ec:72:98:09:90:ef:05:5b:40:2c:0a:e1:91:9f:53:
                    16:d6:ce:3d:97:a5:71:48:c8:26:25:32:c8:1a:4d:
                    d2:d0:f5:62:2d:77:be:f4:69:13:d9:33:58:63:02:
                    4b:3a:a4:ae:8b:8c:3d:41:66:c8:b3:a9:92:8e:8d:
                    cc:e2:c5:67:1b:3b:97:9c:b7:9a:95:84:8c:96:fa:
                    99:b1:55:a3:77:7a:9f:f5:d9:b2:6a:c2:19:48:f5:
                    80:33:59:48:2c:1b:2e:dc:54:0a:47:ce:e2:ae:62:
                    2a:d2:ac:85:d5:dc:1a:db:fd:0c:35:63:c0:bd:84:
                    2e:4c:6c:a2:77:ba:8d:26:5a:65:e3:88:46:43:ef:
                    08:21:94:b7:47:00:fc:05:4e:d7:d5:f7:a0:a6:50:
                    78:8c:cb:8e:41:d4:a0:3b:d1:3b:f0:11:08:ec:d6:
                    98:b0:01:e4:19:fc:a1:2f:73:ab:3d:72:61:53:01:
                    58:5e:d7:9b:af:cc:db:26:8c:f4:21:a9:9a:90:70:
                    2d:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:61:E0:9A:D9:D9:6F:BA:04:62:EE:CE:50:76:E0:7C:BD:0E:49:7A
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_GHgmtnZb7oEYu7OUHbgfL0OSXo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.58.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:64:92:ef:cf:6d:20:77:d4:9a:e7:d4:15:af:a6:47:cd:1e:
         51:e4:dd:3b:e4:df:0d:5a:50:7a:a3:e0:38:8f:a5:d4:94:5a:
         59:66:09:04:c9:b9:91:fd:52:e3:07:d8:3b:06:cd:59:b2:93:
         e0:4d:25:ef:a7:11:26:d4:e8:69:9b:88:90:68:1a:cf:f8:8e:
         07:e2:9f:73:ef:61:a4:ff:2a:cc:1e:87:b2:94:bb:d7:e6:ed:
         bf:08:fd:a8:63:f1:ad:88:ca:02:7b:5a:5f:5e:a3:93:70:67:
         09:f7:8f:da:95:35:c3:8d:bc:c5:2c:24:31:8c:bc:bf:6f:bd:
         31:f3:8d:61:66:67:4c:a6:b1:1a:cc:6e:ad:b6:68:3a:cd:6f:
         fb:0a:17:1e:79:db:05:9f:a1:c3:91:ee:47:e1:ee:23:54:e0:
         09:2a:70:70:35:e7:76:b5:42:47:44:13:21:a0:8c:d8:57:eb:
         84:de:43:10:88:bc:9a:fd:90:df:7f:d9:a4:6c:a4:da:91:9d:
         db:9b:09:a8:9e:21:23:f6:ad:05:fc:70:3e:e3:6a:bc:39:50:
         07:54:88:02:97:6c:f7:b8:08:5e:5e:5e:0a:4c:f7:84:eb:ed:
         65:38:31:64:59:cf:f9:4e:8b:1f:13:f9:d7:30:58:c1:7f:f8:
         1f:b8:e9:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrbQ8j0N/+o9+cOpaGWqG8qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTI4MTAwOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzYxZTA5YWQ5ZDk2ZmJhMDQ2MmVlY2U1MDc2ZTA3Y2JkMGU0OTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArb0guwd/2fsqP7MH2q+vffepUsND
eW19+60jPoGD5SOvbR54WX36YoCpsRDS7+xFcVfY4OX/mZDJAdjscpgJkO8FW0As
CuGRn1MW1s49l6VxSMgmJTLIGk3S0PViLXe+9GkT2TNYYwJLOqSui4w9QWbIs6mS
jo3M4sVnGzuXnLealYSMlvqZsVWjd3qf9dmyasIZSPWAM1lILBsu3FQKR87irmIq
0qyF1dwa2/0MNWPAvYQuTGyid7qNJlpl44hGQ+8IIZS3RwD8BU7X1fegplB4jMuO
QdSgO9E78BEI7NaYsAHkGfyhL3OrPXJhUwFYXtebr8zbJoz0IamakHAt0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPxh4JrZ2W+6BGLuzlB24Hy9Dkl6MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvX0dIZ210blpiN29FWXU3T1VIYmdmTDBPU1hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzo8MA0G
CSqGSIb3DQEBCwUAA4IBAQAfZJLvz20gd9Sa59QVr6ZHzR5R5N075N8NWlB6o+A4
j6XUlFpZZgkEybmR/VLjB9g7Bs1ZspPgTSXvpxEm1Ohpm4iQaBrP+I4H4p9z72Gk
/yrMHoeylLvX5u2/CP2oY/GtiMoCe1pfXqOTcGcJ94/alTXDjbzFLCQxjLy/b70x
841hZmdMprEazG6ttmg6zW/7ChceedsFn6HDke5H4e4jVOAJKnBwNed2tUJHRBMh
oIzYV+uE3kMQiLya/ZDff9mkbKTakZ3bmwmoniEj9q0F/HA+42q8OVAHVIgCl2z3
uAheXl4KTPeE6+1lODFkWc/5TosfE/nXMFjBf/gfuOms
-----END CERTIFICATE-----
Generated at Thu Oct 12 13:53:23 2023 by rpki-client on console-ams.rpki-client.org