Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bFeLfRJ99G1jnEOHwotGYrA1y5w.roa
File:                     bFeLfRJ99G1jnEOHwotGYrA1y5w.roa (raw, json)
Hash identifier:          8U0q/x+579/6d0IUG7qV/iWbwZAIGbt+pU46YI8GwSQ=
Subject key identifier:   6C:57:8B:7D:12:7D:F4:6D:63:9C:43:87:C2:8B:46:62:B0:35:CB:9C
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01875734AC0E679F195093E5FC397F03C03F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bFeLfRJ99G1jnEOHwotGYrA1y5w.roa
Signing time:             Thu 06 Apr 2023 15:34:42 +0000
ROA not before:           Thu 06 Apr 2023 15:34:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     10010
IP address blocks:        194.87.225.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:57:34:ac:0e:67:9f:19:50:93:e5:fc:39:7f:03:c0:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Apr  6 15:34:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6c578b7d127df46d639c4387c28b4662b035cb9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:5d:63:82:fd:43:04:75:f6:52:b8:85:1b:3a:
                    a5:05:02:32:bc:34:4a:6d:5d:b7:12:48:64:82:10:
                    08:6f:13:01:18:43:d3:8d:66:4b:43:9b:8a:56:9a:
                    e6:ee:f1:c4:44:50:4e:69:1c:6f:a6:4c:fd:69:ca:
                    7d:bd:8d:0f:12:6d:f7:49:83:b4:06:7c:f1:5e:cb:
                    54:3e:3f:63:b6:ec:c1:cb:09:43:e1:64:a5:df:55:
                    c3:07:62:db:18:23:f7:e1:70:3a:e0:55:74:e0:73:
                    87:2e:af:9c:0d:d6:89:7f:a1:99:ee:58:04:26:e0:
                    8f:c6:6d:7e:26:32:ff:97:69:2d:74:5f:16:15:fa:
                    5b:72:42:0f:bf:02:98:60:23:ce:5b:b8:44:eb:01:
                    2c:19:22:7a:ff:ca:7c:7b:62:c5:76:71:62:32:8b:
                    47:7f:14:0b:03:60:b6:77:88:2a:8b:c7:42:3f:81:
                    68:19:aa:43:05:0c:72:1c:d5:05:39:15:97:45:13:
                    f6:8e:a6:3d:78:6f:e4:14:87:0c:e4:c1:86:1b:34:
                    6d:c5:e8:f5:bf:85:52:7f:bd:fb:ce:40:a0:12:61:
                    24:02:32:7b:d1:38:80:82:cb:bc:bb:54:99:ce:d2:
                    bc:40:10:8d:6e:bd:85:5b:0e:df:9d:0a:ec:36:e9:
                    e3:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:57:8B:7D:12:7D:F4:6D:63:9C:43:87:C2:8B:46:62:B0:35:CB:9C
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bFeLfRJ99G1jnEOHwotGYrA1y5w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.225.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:88:35:29:97:0f:10:29:57:cb:3f:20:00:34:45:72:ec:1e:
         0f:4f:04:09:7b:ba:7c:e3:a7:01:35:2d:c5:7f:11:b5:f9:51:
         61:79:0b:77:08:18:c0:53:28:3d:89:5c:37:9b:04:31:77:39:
         0e:5e:84:bc:d1:54:30:21:9c:bc:4b:44:00:a3:3a:da:8f:31:
         08:c1:20:f7:40:8f:7c:24:b8:89:26:82:fe:15:43:8d:0d:3a:
         f2:0e:98:40:32:47:69:6e:23:fd:18:98:48:b3:7d:3d:c3:7d:
         be:13:b2:8a:cd:67:f7:66:08:79:bf:f6:e4:4b:b4:f4:6b:1e:
         f0:d5:d7:aa:4b:70:8b:66:f8:c1:f5:e1:62:42:6a:f7:05:c2:
         03:3c:57:3e:7f:10:ce:21:f7:f0:eb:b8:f9:43:a0:0f:fc:0d:
         78:5d:9b:b7:02:a9:6f:14:90:db:e5:80:7d:64:5b:d9:48:89:
         7a:9f:cd:ed:cf:ce:ad:0d:5a:ad:a7:9b:4a:cb:d2:12:3e:01:
         f6:e5:1c:6a:b5:5e:6d:dc:46:f0:c3:b9:f4:7a:e7:c4:a5:13:
         e2:9e:99:1a:c6:2b:a7:c0:f3:b6:cd:13:da:f0:2b:35:44:69:
         96:d9:1a:de:08:31:29:fb:92:f9:19:57:d0:ac:ab:eb:c5:34:
         89:84:4e:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdXNKwOZ58ZUJPl/Dl/A8A/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA2MTUzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzU3OGI3ZDEyN2RmNDZkNjM5YzQzODdjMjhiNDY2MmIwMzVjYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnl1jgv1DBHX2UriFGzqlBQIyvDRK
bV23EkhkghAIbxMBGEPTjWZLQ5uKVprm7vHERFBOaRxvpkz9acp9vY0PEm33SYO0
BnzxXstUPj9jtuzBywlD4WSl31XDB2LbGCP34XA64FV04HOHLq+cDdaJf6GZ7lgE
JuCPxm1+JjL/l2ktdF8WFfpbckIPvwKYYCPOW7hE6wEsGSJ6/8p8e2LFdnFiMotH
fxQLA2C2d4gqi8dCP4FoGapDBQxyHNUFORWXRRP2jqY9eG/kFIcM5MGGGzRtxej1
v4VSf737zkCgEmEkAjJ70TiAgsu8u1SZztK8QBCNbr2FWw7fnQrsNunjBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGxXi30SffRtY5xDh8KLRmKwNcucMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYkZlTGZSSjk5RzFqbkVPSHdvdEdZckExeTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlfhMA0G
CSqGSIb3DQEBCwUAA4IBAQBCiDUplw8QKVfLPyAANEVy7B4PTwQJe7p846cBNS3F
fxG1+VFheQt3CBjAUyg9iVw3mwQxdzkOXoS80VQwIZy8S0QAozrajzEIwSD3QI98
JLiJJoL+FUONDTryDphAMkdpbiP9GJhIs309w32+E7KKzWf3Zgh5v/bkS7T0ax7w
1deqS3CLZvjB9eFiQmr3BcIDPFc+fxDOIffw67j5Q6AP/A14XZu3AqlvFJDb5YB9
ZFvZSIl6n83tz86tDVqtp5tKy9ISPgH25RxqtV5t3Ebww7n0eufEpRPinpkaxiun
wPO2zRPa8Cs1RGmW2RreCDEp+5L5GVfQrKvrxTSJhE4z
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:18 2024 by rpki-client on console-ams.rpki-client.org