Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gcJ6Ha1w0DZtRaAOa9YJ-mmadwA.roa
File:                     gcJ6Ha1w0DZtRaAOa9YJ-mmadwA.roa (raw, json)
Hash identifier:          UCLUvDKZbJXrM+EF5+qFn8Kqba32QqoMKrY7fW8e8+k=
Subject key identifier:   81:C2:7A:1D:AD:70:D0:36:6D:45:A0:0E:6B:D6:09:FA:69:9A:77:00
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018A17912E80BAD2F6425E637E6BFA4D94F1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gcJ6Ha1w0DZtRaAOa9YJ-mmadwA.roa
Signing time:             Mon 21 Aug 2023 10:08:25 +0000
ROA not before:           Mon 21 Aug 2023 10:08:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21082
IP address blocks:        193.124.4.0/24 maxlen: 24
                          195.133.78.0/24 maxlen: 24
                          194.135.105.0/24 maxlen: 24
                          194.87.2.0/24 maxlen: 24
                          195.133.79.0/24 maxlen: 24
                          194.87.20.0/24 maxlen: 24
                          194.87.44.0/24 maxlen: 24
                          195.58.34.0/24 maxlen: 24
                          195.133.35.0/24 maxlen: 24
                          195.58.58.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:17:91:2e:80:ba:d2:f6:42:5e:63:7e:6b:fa:4d:94:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Aug 21 10:08:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=81c27a1dad70d0366d45a00e6bd609fa699a7700
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:06:5f:1c:58:22:6a:07:41:5a:1b:d5:20:54:
                    ce:19:d0:d7:3c:fb:cd:60:65:ae:cf:8f:4c:dd:06:
                    5f:d9:82:3c:4d:6f:88:36:a5:9d:66:55:a4:b2:97:
                    43:3f:87:31:c2:ce:f2:b8:5c:1b:c4:ff:8b:90:b3:
                    f9:b8:66:0c:1a:fd:b6:c0:d9:ca:16:70:17:17:cb:
                    72:09:68:0a:fb:a4:bf:39:c0:3e:ac:1a:7a:29:3c:
                    5f:7a:e4:c2:a0:79:c3:09:90:f2:70:64:bd:50:b7:
                    3e:9f:5a:67:06:97:2d:1a:31:c8:79:02:5c:13:69:
                    f2:cc:20:1a:27:28:2f:7d:e7:ba:91:bf:b7:ca:6d:
                    e6:47:b8:48:cc:4a:03:8a:fa:b1:0b:a5:02:75:19:
                    2d:b3:f6:f2:e0:81:fb:29:e0:85:0f:fb:a2:44:e1:
                    70:46:2e:2b:ad:cf:7d:91:02:42:67:63:27:88:7c:
                    6a:47:c3:fb:bc:55:89:5e:56:49:a1:d6:89:dd:a6:
                    f8:62:92:65:88:66:8a:7b:1d:36:3c:3f:3a:dd:9c:
                    8a:9f:73:c0:a5:9a:9a:b6:b3:80:b6:4e:60:17:6d:
                    66:a7:c6:27:38:04:49:cd:c2:b9:f3:f8:dd:a5:cd:
                    16:40:dc:17:60:c9:2e:21:e0:e7:69:7f:1e:62:6f:
                    ce:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:C2:7A:1D:AD:70:D0:36:6D:45:A0:0E:6B:D6:09:FA:69:9A:77:00
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gcJ6Ha1w0DZtRaAOa9YJ-mmadwA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.4.0/24
                  194.87.2.0/24
                  194.87.20.0/24
                  194.87.44.0/24
                  194.135.105.0/24
                  195.58.34.0/24
                  195.58.58.0/24
                  195.133.35.0/24
                  195.133.78.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1f:eb:a8:da:52:be:c2:f7:5d:db:b0:ad:aa:1e:35:bc:f6:ff:
         37:8d:02:20:66:c1:e2:67:ff:1d:12:82:94:40:43:82:0e:a3:
         bb:d4:e2:2a:f2:af:52:8b:df:5c:d0:ae:ab:65:d7:a0:9c:1c:
         62:1e:19:c8:04:56:3e:65:d8:ac:c7:ac:8f:ea:08:46:e8:89:
         18:2a:9e:ba:cc:c5:1a:ea:30:fb:ec:fc:4e:b4:38:6f:ab:ba:
         a1:25:d1:38:aa:f7:bd:5c:f4:bc:50:86:8b:e9:eb:db:0c:57:
         73:ff:40:80:51:e0:3d:b3:bb:dd:f4:5c:d5:83:b6:af:2e:15:
         93:1e:b0:72:b2:74:31:bd:be:58:0b:60:ec:55:7e:ce:5e:30:
         ac:9f:f2:3d:5b:5e:8b:80:2b:00:1b:0e:ae:c1:67:a6:df:3c:
         1b:df:d1:5c:ea:4a:42:c0:cc:0c:f7:3c:e1:3d:85:67:48:1b:
         dd:02:91:a0:75:65:87:13:e9:06:83:1f:94:d8:43:e9:05:d8:
         1e:c0:a8:5f:8d:28:18:24:55:e4:f7:f7:26:aa:5b:ba:ca:6e:
         33:ab:e8:87:23:40:93:0b:9e:fe:2e:52:1b:67:a1:01:b5:8e:
         8c:51:e5:03:8e:28:7b:1a:ea:e1:1b:ba:ff:53:6c:ea:91:2b:
         a3:69:6a:e9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYoXkS6AutL2Ql5jfmv6TZTxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODIxMTAwODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWMyN2ExZGFkNzBkMDM2NmQ0NWEwMGU2YmQ2MDlmYTY5OWE3NzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQZfHFgiagdBWhvVIFTOGdDXPPvN
YGWuz49M3QZf2YI8TW+INqWdZlWkspdDP4cxws7yuFwbxP+LkLP5uGYMGv22wNnK
FnAXF8tyCWgK+6S/OcA+rBp6KTxfeuTCoHnDCZDycGS9ULc+n1pnBpctGjHIeQJc
E2nyzCAaJygvfee6kb+3ym3mR7hIzEoDivqxC6UCdRkts/by4IH7KeCFD/uiROFw
Ri4rrc99kQJCZ2MniHxqR8P7vFWJXlZJodaJ3ab4YpJliGaKex02PD863ZyKn3PA
pZqatrOAtk5gF21mp8YnOARJzcK58/jdpc0WQNwXYMkuIeDnaX8eYm/OdwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFIHCeh2tcNA2bUWgDmvWCfppmncAMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZ2NKNkhhMXcwRFp0UmFBT2E5WUotbW1hZHdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwXwEAwQA
wlcCAwQAwlcUAwQAwlcsAwQAwodpAwQAwzoiAwQAwzo6AwQAw4UjAwQBw4VOMA0G
CSqGSIb3DQEBCwUAA4IBAQAf66jaUr7C913bsK2qHjW89v83jQIgZsHiZ/8dEoKU
QEOCDqO71OIq8q9Si99c0K6rZdegnBxiHhnIBFY+Zdisx6yP6ghG6IkYKp66zMUa
6jD77PxOtDhvq7qhJdE4qve9XPS8UIaL6evbDFdz/0CAUeA9s7vd9FzVg7avLhWT
HrBysnQxvb5YC2DsVX7OXjCsn/I9W16LgCsAGw6uwWem3zwb39Fc6kpCwMwM9zzh
PYVnSBvdApGgdWWHE+kGgx+U2EPpBdgewKhfjSgYJFXk9/cmqlu6ym4zq+iHI0CT
C57+LlIbZ6EBtY6MUeUDjih7GurhG7r/U2zqkSujaWrp
-----END CERTIFICATE-----
Generated at Thu Aug 24 14:02:15 2023 by rpki-client on console-ams.rpki-client.org