Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/caqm1FGP0DYNRQ9c33gBfq0PQR8.roa
File:                     caqm1FGP0DYNRQ9c33gBfq0PQR8.roa (raw, json)
Hash identifier:          sU4KEzkRZ2V1ijEhQLZ44xUEPHWIH2PJqCQdAeHHqUc=
Subject key identifier:   71:AA:A6:D4:51:8F:D0:36:0D:45:0F:5C:DF:78:01:7E:AD:0F:41:1F
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018586CB3A041BB287EA61D19B7CCC7D03BF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/caqm1FGP0DYNRQ9c33gBfq0PQR8.roa
Signing time:             Fri 06 Jan 2023 11:15:43 +0000
ROA not before:           Fri 06 Jan 2023 11:15:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15731
IP address blocks:        193.124.3.0/24 maxlen: 24
                          193.124.4.0/24 maxlen: 24
                          193.124.9.0/24 maxlen: 24
                          194.87.1.0/24 maxlen: 24
                          194.87.7.0/24 maxlen: 24
                          193.124.44.0/24 maxlen: 24
                          194.87.27.0/24 maxlen: 24
                          194.87.38.0/24 maxlen: 24
                          195.58.36.0/24 maxlen: 24
                          195.58.35.0/24 maxlen: 24
                          195.58.50.0/24 maxlen: 24
                          195.58.56.0/24 maxlen: 24
                          194.58.58.0/24 maxlen: 24
                          194.87.114.0/24 maxlen: 24
                          194.87.115.0/24 maxlen: 24
                          194.87.130.0/24 maxlen: 24
                          194.87.131.0/24 maxlen: 24
                          195.133.0.0/24 maxlen: 24
                          194.87.42.0/24 maxlen: 24
                          194.87.73.0/24 maxlen: 24
                          194.87.202.0/24 maxlen: 24
                          194.135.18.0/24 maxlen: 24
                          194.135.23.0/24 maxlen: 24
                          195.133.30.0/24 maxlen: 24
                          194.87.166.0/24 maxlen: 24
                          194.87.168.0/24 maxlen: 24
                          195.133.35.0/24 maxlen: 24
                          194.87.179.0/24 maxlen: 24
                          212.192.31.0/24 maxlen: 24
                          194.87.178.0/24 maxlen: 24
                          194.87.182.0/24 maxlen: 24
                          194.87.187.0/24 maxlen: 24
                          195.133.195.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:86:cb:3a:04:1b:b2:87:ea:61:d1:9b:7c:cc:7d:03:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan  6 11:15:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=71aaa6d4518fd0360d450f5cdf78017ead0f411f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:a5:86:6f:e6:0f:b8:6a:55:47:ee:8d:6e:e4:
                    cd:90:2e:55:4c:c6:75:4f:8a:ac:57:2f:36:a2:e6:
                    8b:01:19:09:bc:1c:9f:f7:ba:a1:bb:af:49:22:6f:
                    e9:07:12:41:52:51:3f:83:74:6c:39:c2:33:21:a2:
                    aa:7c:89:f8:5a:84:1f:6f:7e:58:c2:5a:76:b9:36:
                    55:ff:77:1a:ba:8f:96:4a:db:57:57:ec:b8:8b:4f:
                    d1:b6:28:d2:86:85:ac:09:1c:ea:37:dc:4a:4d:5f:
                    eb:63:b2:db:60:0e:84:22:2e:02:58:1b:66:3a:a1:
                    ca:7c:fb:85:c3:58:6f:62:ce:1e:f5:51:1a:41:f0:
                    14:bd:97:12:5b:f0:2d:93:28:45:ee:99:15:ad:a2:
                    73:d4:5a:67:c4:33:39:3b:cb:60:51:eb:b9:1d:07:
                    52:34:19:bb:29:f6:62:7c:40:98:b0:ff:4a:07:30:
                    e9:f3:9a:0d:8c:1a:43:0c:4a:38:bd:c1:37:46:b8:
                    98:ab:dd:46:47:e8:1a:fd:e2:a9:c8:26:54:10:03:
                    23:46:a0:63:24:e9:29:70:9e:6e:bc:0f:9c:ae:8a:
                    d4:5e:f7:07:bf:eb:5c:c7:81:6a:b3:c4:ee:0b:d0:
                    eb:30:11:b1:be:52:57:c3:04:f0:cc:76:08:12:c7:
                    5b:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:AA:A6:D4:51:8F:D0:36:0D:45:0F:5C:DF:78:01:7E:AD:0F:41:1F
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/caqm1FGP0DYNRQ9c33gBfq0PQR8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.3.0-193.124.4.255
                  193.124.9.0/24
                  193.124.44.0/24
                  194.58.58.0/24
                  194.87.1.0/24
                  194.87.7.0/24
                  194.87.27.0/24
                  194.87.38.0/24
                  194.87.42.0/24
                  194.87.73.0/24
                  194.87.114.0/23
                  194.87.130.0/23
                  194.87.166.0/24
                  194.87.168.0/24
                  194.87.178.0/23
                  194.87.182.0/24
                  194.87.187.0/24
                  194.87.202.0/24
                  194.135.18.0/24
                  194.135.23.0/24
                  195.58.35.0-195.58.36.255
                  195.58.50.0/24
                  195.58.56.0/24
                  195.133.0.0/24
                  195.133.30.0/24
                  195.133.35.0/24
                  195.133.195.0/24
                  212.192.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:9e:b2:6e:75:5b:f8:c1:ff:54:24:3f:ef:3d:4f:1d:3d:8e:
         a9:94:a4:b2:25:d5:3b:10:9c:af:6a:44:7f:77:4c:a8:1e:84:
         89:2e:a4:37:ee:55:fd:09:1c:9d:42:d9:46:58:b5:69:0a:bf:
         97:fd:85:64:4d:f6:2d:0a:d1:22:23:e8:f5:3a:91:2f:85:f0:
         e0:63:65:99:79:fb:dc:c6:f0:7e:96:23:8c:4c:fe:1e:32:ba:
         72:3d:d3:94:cf:54:7a:14:be:ab:cd:37:15:e2:ed:a9:27:5f:
         28:a5:b2:21:d5:33:5f:1c:3d:6e:b9:07:d8:c5:9d:aa:3d:e9:
         a5:f4:6c:bd:48:be:c4:23:a9:cf:6a:ab:76:a7:d1:61:80:f2:
         be:b2:65:cf:2d:b8:e1:94:1f:10:7b:a9:23:3d:2a:0b:c0:e7:
         2b:41:0c:c3:6a:d2:df:4b:b3:8a:74:ad:7a:a1:a6:22:4a:bb:
         a7:19:b0:91:a3:80:98:f0:39:9b:43:5b:c8:b3:b0:ec:47:88:
         82:b6:32:bb:1e:45:cc:32:7f:a2:dd:ff:54:90:22:24:00:b9:
         0a:43:63:46:08:db:6d:cc:a8:22:16:e5:a8:50:5c:f3:45:c7:
         fa:e7:81:91:80:1c:0c:6e:d2:2e:84:15:8d:e8:6c:f0:f9:ed:
         94:a8:0e:5d
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAYWGyzoEG7KH6mHRm3zMfQO/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTA2MTExNTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWFhYTZkNDUxOGZkMDM2MGQ0NTBmNWNkZjc4MDE3ZWFkMGY0MTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaWGb+YPuGpVR+6NbuTNkC5VTMZ1
T4qsVy82ouaLARkJvByf97qhu69JIm/pBxJBUlE/g3RsOcIzIaKqfIn4WoQfb35Y
wlp2uTZV/3cauo+WSttXV+y4i0/RtijShoWsCRzqN9xKTV/rY7LbYA6EIi4CWBtm
OqHKfPuFw1hvYs4e9VEaQfAUvZcSW/AtkyhF7pkVraJz1FpnxDM5O8tgUeu5HQdS
NBm7KfZifECYsP9KBzDp85oNjBpDDEo4vcE3RriYq91GR+ga/eKpyCZUEAMjRqBj
JOkpcJ5uvA+crorUXvcHv+tcx4Fqs8TuC9DrMBGxvlJXwwTwzHYIEsdbUwIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFHGqptRRj9A2DUUPXN94AX6tD0EfMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvY2FxbTFGR1AwRFlOUlE5YzMzZ0JmcTBQUVI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgwDAME
AMF8AwMEAMF8BAMEAMF8CQMEAMF8LAMEAMI6OgMEAMJXAQMEAMJXBwMEAMJXGwME
AMJXJgMEAMJXKgMEAMJXSQMEAcJXcgMEAcJXggMEAMJXpgMEAMJXqAMEAcJXsgME
AMJXtgMEAMJXuwMEAMJXygMEAMKHEgMEAMKHFzAMAwQAwzojAwQAwzokAwQAwzoy
AwQAwzo4AwQAw4UAAwQAw4UeAwQAw4UjAwQAw4XDAwQA1MAfMA0GCSqGSIb3DQEB
CwUAA4IBAQBZnrJudVv4wf9UJD/vPU8dPY6plKSyJdU7EJyvakR/d0yoHoSJLqQ3
7lX9CRydQtlGWLVpCr+X/YVkTfYtCtEiI+j1OpEvhfDgY2WZefvcxvB+liOMTP4e
MrpyPdOUz1R6FL6rzTcV4u2pJ18opbIh1TNfHD1uuQfYxZ2qPeml9Gy9SL7EI6nP
aqt2p9FhgPK+smXPLbjhlB8Qe6kjPSoLwOcrQQzDatLfS7OKdK16oaYiSrunGbCR
o4CY8DmbQ1vIs7DsR4iCtjK7HkXMMn+i3f9UkCIkALkKQ2NGCNttzKgiFuWoUFzz
Rcf654GRgBwMbtIuhBWN6Gzw+e2UqA5d
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:02 2023 by rpki-client on console-ams.rpki-client.org