Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/f73ICPI_8gR6MdktrIvvSwIx-MI.roa
File:                     f73ICPI_8gR6MdktrIvvSwIx-MI.roa (raw, json)
Hash identifier:          XQiojQ3PcmbQbyLmrOi8s/rscLjZGoowN1Gs2AhZxFg=
Subject key identifier:   7F:BD:C8:08:F2:3F:F2:04:7A:31:D9:2D:AC:8B:EF:4B:02:31:F8:C2
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018C5E07EB21BEBD0D0D5D90765441233650
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/f73ICPI_8gR6MdktrIvvSwIx-MI.roa
Signing time:             Tue 12 Dec 2023 12:37:06 +0000
ROA not before:           Tue 12 Dec 2023 12:37:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     40676
IP address blocks:        195.133.2.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:5e:07:eb:21:be:bd:0d:0d:5d:90:76:54:41:23:36:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Dec 12 12:37:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7fbdc808f23ff2047a31d92dac8bef4b0231f8c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:43:63:03:4a:ec:01:86:7d:e7:fe:c2:b9:5a:
                    4b:f7:b9:66:77:aa:e1:ed:f9:2b:56:b2:99:10:5a:
                    4a:d6:e0:48:1b:2b:37:5c:c8:f1:d3:74:b2:9f:50:
                    6a:38:75:c4:ec:5b:52:30:f1:fe:f9:8a:ff:2c:a3:
                    5f:4e:53:95:fd:76:9f:c4:2e:b3:25:e4:ef:7f:fe:
                    41:2e:0c:80:e4:71:ac:d9:32:3c:af:48:71:bf:45:
                    e9:7d:95:41:86:8d:49:2c:41:3f:5e:02:b9:83:ce:
                    16:82:a7:e5:9f:5d:08:28:b9:bf:87:43:cd:68:93:
                    28:ae:52:80:95:c0:20:c3:d2:7e:bb:c2:e3:91:de:
                    eb:16:c6:2a:0b:bb:1d:e4:c6:f9:44:4b:04:5e:93:
                    6e:19:1b:bb:b0:65:4b:cd:5f:bf:33:6e:9c:c4:23:
                    28:3c:01:29:b8:71:94:80:74:0f:53:c5:e3:98:89:
                    f3:cd:23:41:6a:36:49:97:7c:38:c7:a8:54:00:8e:
                    71:70:3a:c2:2f:42:fb:c4:e7:c0:ee:be:e6:9a:cb:
                    e9:d9:94:54:d0:a2:0a:d0:37:4e:78:9a:44:04:51:
                    60:ff:37:0d:5b:2c:70:4a:4c:47:5d:2c:b1:10:ee:
                    b4:97:45:87:38:cd:ce:15:e2:27:e5:f3:53:d7:6f:
                    43:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:BD:C8:08:F2:3F:F2:04:7A:31:D9:2D:AC:8B:EF:4B:02:31:F8:C2
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/f73ICPI_8gR6MdktrIvvSwIx-MI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.133.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:21:74:59:dd:4b:36:c4:8f:87:da:c4:86:25:fb:37:ad:08:
         50:9c:47:e5:7b:92:6d:26:fa:01:a9:0f:f6:e7:cb:7a:54:5e:
         63:a6:92:49:9f:87:4a:59:a3:68:e0:57:51:bd:bd:e7:ef:bb:
         0b:c5:51:c1:ff:a2:13:16:d7:1f:c3:d1:8b:ae:21:86:9f:6d:
         8a:d8:90:32:e0:6b:0e:0f:58:ba:5b:4f:ff:44:81:2e:69:cd:
         27:96:a5:48:f9:ab:b2:d3:ca:3d:c1:82:5c:77:b2:8f:e0:b2:
         ed:2a:88:85:4f:06:db:c8:e7:51:ef:26:74:18:5f:f1:dc:40:
         73:cf:ee:22:54:2d:67:fd:89:fe:f6:60:58:47:ce:62:ac:73:
         01:d8:a4:10:35:35:15:e9:3f:26:f9:c5:5e:f5:c8:13:0c:bb:
         b1:9b:00:87:62:96:8f:0f:a7:28:b8:3f:13:ee:3a:64:c2:cd:
         3f:98:b4:23:8c:f4:f3:0c:83:4d:28:34:29:27:84:3b:18:59:
         78:7f:4f:fb:a3:71:16:47:10:92:e2:50:81:4f:f4:1f:a6:b5:
         47:f1:7b:78:a3:28:f2:28:fc:0c:61:4c:ed:36:e8:4b:e7:0d:
         63:f1:ba:ff:90:0d:9d:dc:de:7b:76:3c:84:9b:75:14:9e:f4:
         48:e6:47:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxeB+shvr0NDV2QdlRBIzZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjEyMTIzNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmJkYzgwOGYyM2ZmMjA0N2EzMWQ5MmRhYzhiZWY0YjAyMzFmOGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0NjA0rsAYZ95/7CuVpL97lmd6rh
7fkrVrKZEFpK1uBIGys3XMjx03Syn1BqOHXE7FtSMPH++Yr/LKNfTlOV/XafxC6z
JeTvf/5BLgyA5HGs2TI8r0hxv0XpfZVBho1JLEE/XgK5g84Wgqfln10IKLm/h0PN
aJMorlKAlcAgw9J+u8Ljkd7rFsYqC7sd5Mb5REsEXpNuGRu7sGVLzV+/M26cxCMo
PAEpuHGUgHQPU8XjmInzzSNBajZJl3w4x6hUAI5xcDrCL0L7xOfA7r7mmsvp2ZRU
0KIK0DdOeJpEBFFg/zcNWyxwSkxHXSyxEO60l0WHOM3OFeIn5fNT129DSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH+9yAjyP/IEejHZLayL70sCMfjCMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZjczSUNQSV84Z1I2TWRrdHJJdnZTd0l4LU1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4UCMA0G
CSqGSIb3DQEBCwUAA4IBAQB+IXRZ3Us2xI+H2sSGJfs3rQhQnEfle5JtJvoBqQ/2
58t6VF5jppJJn4dKWaNo4FdRvb3n77sLxVHB/6ITFtcfw9GLriGGn22K2JAy4GsO
D1i6W0//RIEuac0nlqVI+auy08o9wYJcd7KP4LLtKoiFTwbbyOdR7yZ0GF/x3EBz
z+4iVC1n/Yn+9mBYR85irHMB2KQQNTUV6T8m+cVe9cgTDLuxmwCHYpaPD6couD8T
7jpkws0/mLQjjPTzDINNKDQpJ4Q7GFl4f0/7o3EWRxCS4lCBT/QfprVH8Xt4oyjy
KPwMYUztNuhL5w1j8br/kA2d3N57djyEm3UUnvRI5kco
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:07:55 2023 by rpki-client on console-ams.rpki-client.org