Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gyfvwaRP3nVDjLB3Jo_sXZmffuM.roa
File:                     gyfvwaRP3nVDjLB3Jo_sXZmffuM.roa (raw, json)
Hash identifier:          63UiGT/ofHNl1edraK2brHXBgijJ1BAERdk03fMXSIc=
Subject key identifier:   83:27:EF:C1:A4:4F:DE:75:43:8C:B0:77:26:8F:EC:5D:99:9F:7E:E3
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0186BBB891BC2E25A5612D2ADEF662EFC44E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gyfvwaRP3nVDjLB3Jo_sXZmffuM.roa
Signing time:             Tue 07 Mar 2023 10:58:00 +0000
ROA not before:           Tue 07 Mar 2023 10:58:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     38337
IP address blocks:        194.58.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 11 Apr 2023 11:44:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:bb:b8:91:bc:2e:25:a5:61:2d:2a:de:f6:62:ef:c4:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Mar  7 10:58:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8327efc1a44fde75438cb077268fec5d999f7ee3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:08:07:89:f2:ff:cb:2b:39:a0:10:da:34:57:
                    80:d7:9b:0f:ea:61:6e:89:89:b7:9b:1d:b7:47:23:
                    f8:5b:d8:5b:df:ab:19:6a:48:05:6d:9a:98:31:f2:
                    4f:e4:0a:71:db:23:be:bc:3e:ab:7b:67:37:8d:e1:
                    c7:49:47:28:b5:ab:58:24:0b:d5:82:0a:c6:de:f3:
                    cb:84:fd:cf:32:79:0d:be:9f:78:aa:41:59:5f:84:
                    9e:d9:b8:ec:d1:20:09:cc:19:fb:5b:c6:17:a5:2a:
                    a3:67:2e:2f:d8:87:08:c0:42:a3:61:be:17:a3:47:
                    59:1c:47:b0:f0:29:23:9e:b5:3d:c5:05:3f:70:35:
                    30:29:36:95:9d:88:8a:44:92:c2:6c:ac:a4:22:08:
                    24:21:69:5b:8f:72:39:6c:6b:67:a9:75:a4:66:6d:
                    96:9b:e9:d3:5d:5e:3f:cc:85:e4:ba:e4:f7:6b:1a:
                    6e:2d:d6:f5:98:5a:a0:3b:65:f7:d3:ef:ea:40:d8:
                    82:41:99:f7:b5:30:63:1c:a3:5b:6d:0a:c2:f7:f3:
                    4f:b9:46:46:03:9e:28:da:31:7b:90:78:ba:84:37:
                    1a:e0:39:32:10:40:96:18:0c:1d:af:85:6e:9c:e2:
                    0f:6e:18:c8:f9:f8:5f:05:71:04:07:95:67:3f:98:
                    82:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:27:EF:C1:A4:4F:DE:75:43:8C:B0:77:26:8F:EC:5D:99:9F:7E:E3
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/gyfvwaRP3nVDjLB3Jo_sXZmffuM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.58.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:c6:7f:af:84:e7:1b:81:43:f3:a1:4e:3b:14:38:c9:73:54:
         36:9b:83:ce:90:bc:5d:7d:d2:6f:ae:5b:70:32:a6:ca:4b:c5:
         e6:8f:c0:10:09:84:87:2a:ad:d9:d1:41:ea:3c:68:74:b2:a6:
         4e:5f:35:87:ba:28:bd:ae:d3:ae:90:9c:10:7c:11:3c:ab:ea:
         2c:c3:82:89:52:6d:a2:68:d4:21:20:30:30:90:5b:9b:9b:93:
         8b:c6:f0:61:77:e6:cf:e3:cc:5e:70:f6:2a:56:06:03:54:0e:
         bf:c9:a1:f0:ac:39:8b:19:d9:73:0d:e9:d7:00:49:ef:65:7b:
         fd:b7:b9:07:3e:c4:33:a1:49:90:ee:9b:2c:07:36:ad:c0:cd:
         5f:95:5f:dc:62:6d:dd:6a:f1:da:7a:1c:63:f3:b6:de:59:16:
         9e:94:ab:12:99:62:a6:32:25:08:ec:dc:60:ab:a5:60:2d:02:
         cf:05:37:99:50:4b:22:a3:a1:aa:a3:f4:92:1e:3a:a7:47:5f:
         13:36:df:c7:37:fc:0d:96:a7:a2:eb:b3:e4:b9:be:43:93:21:
         88:dc:a4:66:6d:91:4d:d7:78:47:b1:31:09:61:83:00:c8:28:
         99:a5:04:e5:0b:21:42:69:aa:d4:3a:5c:af:67:28:26:2e:2d:
         bf:d6:b8:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa7uJG8LiWlYS0q3vZi78ROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzA3MTA1ODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzI3ZWZjMWE0NGZkZTc1NDM4Y2IwNzcyNjhmZWM1ZDk5OWY3ZWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAgHifL/yys5oBDaNFeA15sP6mFu
iYm3mx23RyP4W9hb36sZakgFbZqYMfJP5Apx2yO+vD6re2c3jeHHSUcotatYJAvV
ggrG3vPLhP3PMnkNvp94qkFZX4Se2bjs0SAJzBn7W8YXpSqjZy4v2IcIwEKjYb4X
o0dZHEew8CkjnrU9xQU/cDUwKTaVnYiKRJLCbKykIggkIWlbj3I5bGtnqXWkZm2W
m+nTXV4/zIXkuuT3axpuLdb1mFqgO2X30+/qQNiCQZn3tTBjHKNbbQrC9/NPuUZG
A54o2jF7kHi6hDca4DkyEECWGAwdr4VunOIPbhjI+fhfBXEEB5VnP5iCFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIMn78GkT951Q4ywdyaP7F2Zn37jMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZ3lmdndhUlAzblZEakxCM0pvX3NYWm1mZnVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjoqMA0G
CSqGSIb3DQEBCwUAA4IBAQAdxn+vhOcbgUPzoU47FDjJc1Q2m4POkLxdfdJvrltw
MqbKS8Xmj8AQCYSHKq3Z0UHqPGh0sqZOXzWHuii9rtOukJwQfBE8q+osw4KJUm2i
aNQhIDAwkFubm5OLxvBhd+bP48xecPYqVgYDVA6/yaHwrDmLGdlzDenXAEnvZXv9
t7kHPsQzoUmQ7pssBzatwM1flV/cYm3davHaehxj87beWRaelKsSmWKmMiUI7Nxg
q6VgLQLPBTeZUEsio6Gqo/SSHjqnR18TNt/HN/wNlqei67Pkub5DkyGI3KRmbZFN
13hHsTEJYYMAyCiZpQTlCyFCaarUOlyvZygmLi2/1rgi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:23 2024 by rpki-client on console-fra.rpki-client.org