Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fPOWXo30FlEzFOmJXE2WyKIZ-do.roa
File:                     fPOWXo30FlEzFOmJXE2WyKIZ-do.roa (raw, json)
Hash identifier:          Ldv4UKOieo3FNq4QsMenm8qpkUp0zAg4vCJbOw6lDLo=
Subject key identifier:   7C:F3:96:5E:8D:F4:16:51:33:14:E9:89:5C:4D:96:C8:A2:19:F9:DA
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018A4B124B67703C1D18631280B73006EC25
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fPOWXo30FlEzFOmJXE2WyKIZ-do.roa
Signing time:             Thu 31 Aug 2023 10:10:04 +0000
ROA not before:           Thu 31 Aug 2023 10:10:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49999
IP address blocks:        194.87.136.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 13 Sep 2023 11:14:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:4b:12:4b:67:70:3c:1d:18:63:12:80:b7:30:06:ec:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Aug 31 10:10:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7cf3965e8df416513314e9895c4d96c8a219f9da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:ed:4e:45:f4:72:a7:f2:80:fc:9d:88:18:4e:
                    52:55:ae:75:4e:4a:4c:70:5b:8a:b3:7d:90:15:8a:
                    6b:a4:39:68:49:24:d0:08:94:94:b4:07:d7:46:30:
                    4d:b9:6f:76:4b:28:38:d1:83:1f:e2:a4:e6:73:39:
                    bb:11:0c:32:63:9e:17:4d:7b:f5:73:49:45:bb:c8:
                    62:eb:1c:ce:66:ee:cc:12:97:2a:c2:cc:f2:f2:de:
                    c0:f7:3f:bc:77:66:a1:75:98:55:fd:27:41:c9:b8:
                    a3:f8:f6:32:ce:f5:dd:3d:37:45:c1:c8:a8:18:33:
                    4f:94:da:1e:a5:0c:71:a1:fb:08:00:80:3f:90:48:
                    bd:c2:64:b4:27:17:bd:75:39:e6:95:6e:d7:1e:12:
                    63:2f:2c:34:a4:eb:20:8a:83:b0:87:b9:cf:25:82:
                    75:60:d9:a5:0a:43:02:54:bb:8d:54:ee:ac:79:25:
                    5f:fb:ae:0d:fe:1d:cb:95:b4:56:1e:5f:cc:49:a9:
                    f7:ac:35:78:ba:12:dc:31:05:eb:2b:28:e1:fc:29:
                    16:7c:15:27:8e:b8:cb:8c:61:c6:58:9b:b7:ac:9f:
                    34:04:b0:a3:85:dd:ad:e8:df:26:1e:b6:a8:d4:f9:
                    06:8a:8b:7a:3c:e4:a6:3c:8b:8e:66:36:c4:07:74:
                    03:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:F3:96:5E:8D:F4:16:51:33:14:E9:89:5C:4D:96:C8:A2:19:F9:DA
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fPOWXo30FlEzFOmJXE2WyKIZ-do.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:b2:44:f8:4e:ef:45:e6:51:76:2f:60:64:2d:18:dc:f5:d2:
         a1:e1:c9:04:81:03:87:d0:26:23:a5:fb:1e:58:6d:09:c4:5d:
         dc:71:e4:2f:1c:49:20:53:5f:ad:a4:f4:de:56:ca:3f:38:16:
         40:7b:10:74:e8:9d:6d:cf:30:dd:8a:88:47:51:05:9b:c8:4c:
         a7:e0:7f:b0:eb:03:6c:30:37:7b:0d:f6:5b:7e:8c:39:a9:84:
         ce:e1:19:06:fc:96:b0:83:80:37:58:2e:0b:8a:49:b1:57:39:
         16:14:db:ba:e2:76:77:e8:cc:5d:6b:f1:21:eb:ab:3b:4b:85:
         25:a4:cd:72:13:ab:bc:2e:f8:38:7f:df:7d:e6:8f:06:c1:73:
         8e:ff:4f:5b:ce:eb:c1:85:41:2c:9c:3d:4b:5a:33:09:72:14:
         87:8e:b0:73:34:74:9a:f8:06:75:66:ab:e6:fb:3a:8f:b1:37:
         3b:7a:35:bd:00:52:a4:cc:f9:d2:ea:01:36:55:dd:4d:23:d7:
         56:ea:2f:07:7d:56:a2:87:43:24:44:55:4c:ed:54:35:60:f7:
         fe:90:43:31:8e:54:44:df:b9:75:0a:2a:32:d7:d5:4d:d0:8f:
         0b:64:7b:72:9b:bf:da:24:61:5c:5b:a6:d9:93:1b:b8:a8:cf:
         66:5a:d3:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpLEktncDwdGGMSgLcwBuwlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODMxMTAxMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2YzOTY1ZThkZjQxNjUxMzMxNGU5ODk1YzRkOTZjOGEyMTlmOWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoe1ORfRyp/KA/J2IGE5SVa51TkpM
cFuKs32QFYprpDloSSTQCJSUtAfXRjBNuW92Syg40YMf4qTmczm7EQwyY54XTXv1
c0lFu8hi6xzOZu7MEpcqwszy8t7A9z+8d2ahdZhV/SdBybij+PYyzvXdPTdFwcio
GDNPlNoepQxxofsIAIA/kEi9wmS0Jxe9dTnmlW7XHhJjLyw0pOsgioOwh7nPJYJ1
YNmlCkMCVLuNVO6seSVf+64N/h3LlbRWHl/MSan3rDV4uhLcMQXrKyjh/CkWfBUn
jrjLjGHGWJu3rJ80BLCjhd2t6N8mHrao1PkGiot6POSmPIuOZjbEB3QD8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHzzll6N9BZRMxTpiVxNlsiiGfnaMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZlBPV1hvMzBGbEV6Rk9tSlhFMld5S0laLWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwleIMA0G
CSqGSIb3DQEBCwUAA4IBAQAPskT4Tu9F5lF2L2BkLRjc9dKh4ckEgQOH0CYjpfse
WG0JxF3cceQvHEkgU1+tpPTeVso/OBZAexB06J1tzzDdiohHUQWbyEyn4H+w6wNs
MDd7DfZbfow5qYTO4RkG/Jawg4A3WC4LikmxVzkWFNu64nZ36Mxda/Eh66s7S4Ul
pM1yE6u8Lvg4f9995o8GwXOO/09bzuvBhUEsnD1LWjMJchSHjrBzNHSa+AZ1Zqvm
+zqPsTc7ejW9AFKkzPnS6gE2Vd1NI9dW6i8HfVaih0MkRFVM7VQ1YPf+kEMxjlRE
37l1Cioy19VN0I8LZHtym7/aJGFcW6bZkxu4qM9mWtNn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:23 2024 by rpki-client on console-fra.rpki-client.org