Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/h7U5bSFK1K9eoq00IHyh5uYGhZ4.roa
File:                     h7U5bSFK1K9eoq00IHyh5uYGhZ4.roa (raw, json)
Hash identifier:          L8CpiIOug/H/pRDIhU0r6FpQP6Ceg+Dr0WEQ0+qN2Hs=
Subject key identifier:   87:B5:39:6D:21:4A:D4:AF:5E:A2:AD:34:20:7C:A1:E6:E6:06:85:9E
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01857B9D4877A905B0984A5AC19CB44C2FE6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/h7U5bSFK1K9eoq00IHyh5uYGhZ4.roa
Signing time:             Wed 04 Jan 2023 07:09:42 +0000
ROA not before:           Wed 04 Jan 2023 07:09:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207633
IP address blocks:        194.87.17.0/24 maxlen: 24
                          194.87.188.0/24 maxlen: 24
                          194.87.91.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 30 Jan 2023 14:18:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:7b:9d:48:77:a9:05:b0:98:4a:5a:c1:9c:b4:4c:2f:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan  4 07:09:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=87b5396d214ad4af5ea2ad34207ca1e6e606859e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:3a:b4:92:cb:29:a1:95:00:da:45:e3:8c:6d:
                    67:2c:54:22:83:ef:c2:d5:5c:38:3c:f5:2e:a1:fc:
                    77:9e:ce:d9:1a:48:3f:f9:b6:54:84:66:86:22:56:
                    30:3a:19:66:a7:53:d2:a0:75:2d:c7:47:9b:99:8e:
                    78:19:d7:f5:5b:51:43:45:53:3a:4f:9a:e9:f3:72:
                    9c:30:5b:d3:3d:91:aa:c1:e3:46:f7:23:bc:23:3a:
                    a7:e2:41:92:a0:e3:c6:bc:7a:8c:1b:0e:8a:58:66:
                    4f:c6:4f:03:1b:f7:ab:a9:49:9e:22:41:3f:d9:dc:
                    3f:24:66:6a:3a:00:26:ec:63:68:5d:fd:1f:2a:e2:
                    f7:d5:e5:80:68:24:cb:41:0c:3e:48:1a:32:77:d8:
                    4e:4b:23:88:c3:73:f9:eb:6d:c4:36:49:f8:fc:30:
                    94:99:0a:ba:8d:9b:c6:c6:62:38:f7:ed:33:c1:58:
                    58:cf:f3:bf:aa:97:76:f9:3c:8a:62:70:a3:18:b6:
                    31:e2:d4:98:0a:6d:0c:2a:8c:83:b2:9c:e4:2f:be:
                    a0:26:c3:fa:bb:20:90:f8:e6:1c:12:24:79:e1:ea:
                    75:f9:d6:d8:a7:06:26:00:4a:55:0b:26:0d:1a:12:
                    e9:4d:a4:41:c9:97:3b:7a:56:20:a0:75:0f:69:bc:
                    38:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:B5:39:6D:21:4A:D4:AF:5E:A2:AD:34:20:7C:A1:E6:E6:06:85:9E
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/h7U5bSFK1K9eoq00IHyh5uYGhZ4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.17.0/24
                  194.87.91.0/24
                  194.87.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:11:fa:8c:c9:ad:f3:04:dd:bb:fc:2a:8c:88:d1:3f:b3:7c:
         b3:af:5d:b0:a6:69:30:dc:22:2f:98:8c:ea:d0:9c:79:00:58:
         1f:ff:2a:0b:fb:ac:87:36:bc:8a:59:de:e9:94:3c:15:08:52:
         cf:35:1c:ea:b1:84:55:d7:26:27:c5:a3:ee:3e:2b:c6:7b:42:
         5c:66:fe:e5:11:5a:dd:00:c9:dd:26:bd:ef:64:8e:87:d0:57:
         e6:24:1f:d2:1a:01:dd:29:e4:05:d1:1f:07:52:c4:a7:b9:1c:
         c4:22:7b:29:2d:65:f5:35:20:9a:12:a2:52:d9:83:3c:bd:58:
         d0:93:1d:30:69:b3:a9:bb:54:e6:6a:b5:61:a6:87:73:24:61:
         37:e3:32:4b:61:36:9f:15:4d:44:89:65:37:f6:3c:da:c6:4d:
         59:ca:ac:02:9e:ce:56:0f:a6:12:17:9d:62:8b:0b:15:87:35:
         78:e1:fd:a0:b3:58:22:cd:c9:a7:66:95:a1:cf:2d:67:2e:e1:
         c7:43:d9:3f:22:57:56:a2:ee:f3:e3:f8:bd:2f:e0:bd:00:27:
         fe:3d:f1:35:96:18:98:52:d8:41:a5:14:8b:ba:81:18:a0:05:
         83:fb:30:5e:4e:6f:0d:cc:af:fc:e1:98:40:e3:de:5b:46:64:
         45:b9:3d:4b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYV7nUh3qQWwmEpawZy0TC/mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTA0MDcwOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2I1Mzk2ZDIxNGFkNGFmNWVhMmFkMzQyMDdjYTFlNmU2MDY4NTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDq0ksspoZUA2kXjjG1nLFQig+/C
1Vw4PPUuofx3ns7ZGkg/+bZUhGaGIlYwOhlmp1PSoHUtx0ebmY54Gdf1W1FDRVM6
T5rp83KcMFvTPZGqweNG9yO8Izqn4kGSoOPGvHqMGw6KWGZPxk8DG/erqUmeIkE/
2dw/JGZqOgAm7GNoXf0fKuL31eWAaCTLQQw+SBoyd9hOSyOIw3P5623ENkn4/DCU
mQq6jZvGxmI49+0zwVhYz/O/qpd2+TyKYnCjGLYx4tSYCm0MKoyDspzkL76gJsP6
uyCQ+OYcEiR54ep1+dbYpwYmAEpVCyYNGhLpTaRByZc7elYgoHUPabw44wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIe1OW0hStSvXqKtNCB8oebmBoWeMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaDdVNWJTRksxSzllb3EwMElIeWg1dVlHaFo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlcRAwQA
wldbAwQAwle8MA0GCSqGSIb3DQEBCwUAA4IBAQAOEfqMya3zBN27/CqMiNE/s3yz
r12wpmkw3CIvmIzq0Jx5AFgf/yoL+6yHNryKWd7plDwVCFLPNRzqsYRV1yYnxaPu
PivGe0JcZv7lEVrdAMndJr3vZI6H0FfmJB/SGgHdKeQF0R8HUsSnuRzEInspLWX1
NSCaEqJS2YM8vVjQkx0wabOpu1TmarVhpodzJGE34zJLYTafFU1EiWU39jzaxk1Z
yqwCns5WD6YSF51iiwsVhzV44f2gs1gizcmnZpWhzy1nLuHHQ9k/IldWou7z4/i9
L+C9ACf+PfE1lhiYUthBpRSLuoEYoAWD+zBeTm8NzK/84ZhA495bRmRFuT1L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:23 2024 by rpki-client on console-fra.rpki-client.org