Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fzrkQwpW6I9-ZPA0Bgk17FM5oSI.roa
File:                     fzrkQwpW6I9-ZPA0Bgk17FM5oSI.roa (raw, json)
Hash identifier:          HsGCb85uVL1JHj4nu0l41QmYfYkL5LU6AYLSh5UWV0k=
Subject key identifier:   7F:3A:E4:43:0A:56:E8:8F:7E:64:F0:34:06:09:35:EC:53:39:A1:22
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01857DA0B2DDFF318F73BA779E8B132149D1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fzrkQwpW6I9-ZPA0Bgk17FM5oSI.roa
Signing time:             Wed 04 Jan 2023 16:32:41 +0000
ROA not before:           Wed 04 Jan 2023 16:32:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     138687
IP address blocks:        194.58.155.0/24 maxlen: 24
                          194.58.154.0/24 maxlen: 24
                          194.87.180.0/24 maxlen: 24
                          195.58.61.0/24 maxlen: 24
                          194.58.61.0/24 maxlen: 24
                          193.124.94.0/24 maxlen: 24
                          194.87.191.0/24 maxlen: 24
                          212.193.5.0/24 maxlen: 24
                          212.193.9.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:7d:a0:b2:dd:ff:31:8f:73:ba:77:9e:8b:13:21:49:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan  4 16:32:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7f3ae4430a56e88f7e64f034060935ec5339a122
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:9c:bc:b9:4e:93:d6:99:13:06:5b:fa:24:1a:
                    c6:3c:43:54:b2:58:df:de:b3:d5:90:5b:30:62:82:
                    ef:81:cd:97:4d:3a:96:e9:89:72:58:b5:1b:c1:25:
                    89:23:e0:5f:b8:42:b2:4d:b9:44:bc:47:c1:57:a4:
                    2f:71:81:ba:a7:bb:2e:e8:e2:bc:d0:f9:66:c9:8e:
                    51:bf:da:0d:4f:85:03:57:aa:e5:8a:1a:15:f6:7f:
                    19:ca:bc:a1:55:24:c2:ef:94:6e:d1:99:c7:61:f7:
                    93:84:5f:a2:64:f0:64:e8:8f:57:9b:b8:b0:7c:6c:
                    d1:8c:de:ee:9a:0e:1b:b5:db:f6:30:5a:a7:d1:dd:
                    50:c5:fb:1d:a5:98:56:b9:71:cf:47:97:25:0c:2f:
                    d8:9b:a4:fc:6f:a0:f3:b6:c2:8c:ce:0b:e5:79:4f:
                    aa:2c:14:d1:2d:29:d2:97:dc:b0:f6:6f:71:fc:88:
                    bf:5b:4a:d2:21:5d:ac:0e:7c:7c:2a:dc:a4:e4:35:
                    f3:4f:fa:c3:d4:a5:ec:db:46:6c:62:d9:7a:cc:ca:
                    e4:cb:73:21:70:30:0e:f6:25:c7:72:e2:e0:3b:7a:
                    f3:63:c4:92:e3:a6:9f:b3:96:1e:62:9a:fe:5d:de:
                    80:c1:e5:22:2f:69:8c:df:0f:99:9b:fc:8e:52:c6:
                    50:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:3A:E4:43:0A:56:E8:8F:7E:64:F0:34:06:09:35:EC:53:39:A1:22
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fzrkQwpW6I9-ZPA0Bgk17FM5oSI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.94.0/24
                  194.58.61.0/24
                  194.58.154.0/23
                  194.87.180.0/24
                  194.87.191.0/24
                  195.58.61.0/24
                  212.193.5.0/24
                  212.193.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:aa:9c:e7:06:b6:c8:5f:32:c4:5b:ce:d1:2b:c2:2c:5b:d1:
         cd:c9:9b:71:58:29:5d:5a:aa:33:e9:35:30:61:59:70:92:f5:
         ce:fb:4a:df:60:55:ac:01:57:83:f3:d7:5d:5b:f5:f9:21:e6:
         74:7a:8b:2c:11:e3:17:f7:38:6c:a6:e8:22:2a:33:ac:dc:97:
         aa:f8:02:ea:52:95:f3:de:40:0b:68:bc:12:37:cb:5b:cf:66:
         ae:38:c9:f1:b5:31:45:c3:9a:9e:7e:8c:ae:db:5d:9e:b1:85:
         b8:89:10:4b:86:fc:ad:1d:f8:da:62:78:50:7c:4f:de:cb:83:
         ca:f9:39:a0:ea:26:cb:d2:53:20:ea:f3:ae:5c:8d:ee:0e:54:
         d7:ef:f3:c4:ae:2d:65:0a:e4:e7:a3:f9:40:37:47:9f:be:4b:
         f6:8c:ba:d0:6f:c5:ef:3f:8a:48:bb:b2:35:89:7b:fc:3d:39:
         58:3d:01:e5:94:ce:46:a5:8f:77:12:b9:06:3a:6a:25:f3:e7:
         9c:86:88:ec:4c:f7:91:3c:aa:cd:58:14:20:69:04:7f:f2:26:
         a7:35:10:2f:78:bf:af:6d:9f:bd:ce:ea:45:70:59:01:92:40:
         84:67:6c:ae:84:22:c3:68:9f:ed:54:05:3e:fc:17:ec:86:1d:
         c1:00:c3:69
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYV9oLLd/zGPc7p3nosTIUnRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTA0MTYzMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjNhZTQ0MzBhNTZlODhmN2U2NGYwMzQwNjA5MzVlYzUzMzlhMTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5y8uU6T1pkTBlv6JBrGPENUsljf
3rPVkFswYoLvgc2XTTqW6YlyWLUbwSWJI+BfuEKyTblEvEfBV6QvcYG6p7su6OK8
0PlmyY5Rv9oNT4UDV6rlihoV9n8ZyryhVSTC75Ru0ZnHYfeThF+iZPBk6I9Xm7iw
fGzRjN7umg4btdv2MFqn0d1QxfsdpZhWuXHPR5clDC/Ym6T8b6DztsKMzgvleU+q
LBTRLSnSl9yw9m9x/Ii/W0rSIV2sDnx8Ktyk5DXzT/rD1KXs20ZsYtl6zMrky3Mh
cDAO9iXHcuLgO3rzY8SS46afs5YeYpr+Xd6AweUiL2mM3w+Zm/yOUsZQGQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFH865EMKVuiPfmTwNAYJNexTOaEiMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZnpya1F3cFc2STktWlBBMEJnazE3Rk01b1NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAwXxeAwQA
wjo9AwQBwjqaAwQAwle0AwQAwle/AwQAwzo9AwQA1MEFAwQA1MEJMA0GCSqGSIb3
DQEBCwUAA4IBAQBvqpznBrbIXzLEW87RK8IsW9HNyZtxWCldWqoz6TUwYVlwkvXO
+0rfYFWsAVeD89ddW/X5IeZ0eossEeMX9zhspugiKjOs3Jeq+ALqUpXz3kALaLwS
N8tbz2auOMnxtTFFw5qefoyu212esYW4iRBLhvytHfjaYnhQfE/ey4PK+Tmg6ibL
0lMg6vOuXI3uDlTX7/PEri1lCuTno/lAN0efvkv2jLrQb8XvP4pIu7I1iXv8PTlY
PQHllM5GpY93ErkGOmol8+echojsTPeRPKrNWBQgaQR/8ianNRAveL+vbZ+9zupF
cFkBkkCEZ2yuhCLDaJ/tVAU+/Bfshh3BAMNp
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:03 2023 by rpki-client on console-ams.rpki-client.org