Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hNCrSlLP0kVk9YMswnFzrRW8nXI.roa
File:                     hNCrSlLP0kVk9YMswnFzrRW8nXI.roa (raw, json)
Hash identifier:          JrWZrghYDWiIzH7y2ZDG34Yg7p3jL9uq3Hg0Jyu2T7s=
Subject key identifier:   84:D0:AB:4A:52:CF:D2:45:64:F5:83:2C:C2:71:73:AD:15:BC:9D:72
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01882F4E820E04C26AD89D33A528A3015DA3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hNCrSlLP0kVk9YMswnFzrRW8nXI.roa
Signing time:             Thu 18 May 2023 14:40:54 +0000
ROA not before:           Thu 18 May 2023 14:40:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200385
IP address blocks:        62.76.235.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:2f:4e:82:0e:04:c2:6a:d8:9d:33:a5:28:a3:01:5d:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: May 18 14:40:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=84d0ab4a52cfd24564f5832cc27173ad15bc9d72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:ba:79:d1:07:bb:4f:40:d2:85:c3:68:e3:0c:
                    51:13:8c:d4:a9:d4:18:b8:7f:46:f1:16:94:9a:3f:
                    46:2a:93:34:ce:63:da:c0:f6:ce:d7:3b:04:ce:a3:
                    f2:53:5a:a7:cd:6b:28:c4:92:2a:b0:72:d2:f5:b5:
                    6f:ed:20:5e:db:a2:d9:7a:61:a0:8e:af:18:a3:0b:
                    00:25:81:41:4f:29:ce:96:bc:b6:45:bd:0c:6a:77:
                    6e:84:3a:06:51:11:c8:1b:f5:5b:a7:4a:77:cb:1e:
                    b4:ab:b0:fb:4a:9a:68:c3:9b:30:5a:57:95:88:e3:
                    4f:6d:31:b1:7b:36:05:e7:27:18:af:b5:28:c6:e9:
                    dd:a4:12:08:a8:b0:b6:85:79:b8:06:07:99:dc:19:
                    ae:84:17:1c:a7:56:70:4a:84:d8:de:d1:7d:da:ba:
                    e0:2f:43:0e:e7:36:1b:f2:91:60:ac:e9:85:fe:00:
                    33:e7:fb:6b:d3:66:b6:3e:ab:f6:dd:44:73:d3:93:
                    36:ca:a8:c5:a5:a2:77:fa:1c:c6:2d:1b:c4:e1:c7:
                    ab:b3:e7:27:e8:2b:b6:6b:3c:fe:b6:9c:71:88:4a:
                    5b:ee:95:9b:2b:45:d1:ea:6a:30:10:ff:4c:5b:34:
                    80:d7:8c:bc:1c:46:38:e6:58:ff:3a:53:42:34:94:
                    bc:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:D0:AB:4A:52:CF:D2:45:64:F5:83:2C:C2:71:73:AD:15:BC:9D:72
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hNCrSlLP0kVk9YMswnFzrRW8nXI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:91:33:fe:64:61:fe:93:25:1d:97:24:2d:59:ab:b5:c8:f5:
         9c:34:71:dd:a5:e9:ad:6d:f9:48:f9:38:6e:d3:2f:c6:bf:95:
         6b:a7:d2:a1:29:d3:39:ef:c1:f6:bf:94:36:c7:79:fe:51:ad:
         60:96:fc:7c:77:f1:ff:25:a2:fc:ea:01:5e:da:2a:2c:c9:5b:
         b1:cf:0c:e6:af:a5:ee:ec:cc:ec:7d:a8:95:87:1b:55:0d:ce:
         4d:27:a1:32:be:2d:21:c9:8b:16:fc:b8:35:96:c9:e5:33:6d:
         b7:6d:19:97:f8:4d:5f:db:84:9c:46:a7:3b:38:56:64:db:3f:
         76:13:5b:81:13:92:45:31:86:2d:9a:24:db:47:59:f2:74:e4:
         91:cf:55:dc:f2:f9:d4:f8:65:28:af:bf:da:c6:dd:4c:9c:03:
         dc:10:9c:a6:72:2a:39:c9:e4:8f:f5:f7:2f:70:82:d9:bc:03:
         b2:f3:09:af:ad:ed:94:ba:a3:8a:23:0c:65:3d:ef:22:f9:a8:
         97:d6:df:06:cb:5b:8d:d3:1b:67:1c:f4:ee:49:7d:d8:03:16:
         68:ae:b6:a4:ae:6d:9f:cc:d1:e4:bc:c1:d8:9a:7c:13:92:33:
         73:2b:15:16:bd:dc:51:f9:6e:2a:c0:f8:f4:97:15:e9:6e:3e:
         9a:b9:99:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgvToIOBMJq2J0zpSijAV2jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTE4MTQ0MDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGQwYWI0YTUyY2ZkMjQ1NjRmNTgzMmNjMjcxNzNhZDE1YmM5ZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Lp50Qe7T0DShcNo4wxRE4zUqdQY
uH9G8RaUmj9GKpM0zmPawPbO1zsEzqPyU1qnzWsoxJIqsHLS9bVv7SBe26LZemGg
jq8YowsAJYFBTynOlry2Rb0ManduhDoGURHIG/Vbp0p3yx60q7D7Sppow5swWleV
iONPbTGxezYF5ycYr7UoxundpBIIqLC2hXm4BgeZ3BmuhBccp1ZwSoTY3tF92rrg
L0MO5zYb8pFgrOmF/gAz5/tr02a2Pqv23URz05M2yqjFpaJ3+hzGLRvE4cers+cn
6Cu2azz+tpxxiEpb7pWbK0XR6mowEP9MWzSA14y8HEY45lj/OlNCNJS8tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFITQq0pSz9JFZPWDLMJxc60VvJ1yMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaE5DclNsTFAwa1ZrOVlNc3duRnpyUlc4blhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkzrMA0G
CSqGSIb3DQEBCwUAA4IBAQA3kTP+ZGH+kyUdlyQtWau1yPWcNHHdpemtbflI+Thu
0y/Gv5Vrp9KhKdM578H2v5Q2x3n+Ua1glvx8d/H/JaL86gFe2iosyVuxzwzmr6Xu
7MzsfaiVhxtVDc5NJ6Eyvi0hyYsW/Lg1lsnlM223bRmX+E1f24ScRqc7OFZk2z92
E1uBE5JFMYYtmiTbR1nydOSRz1Xc8vnU+GUor7/axt1MnAPcEJymcio5yeSP9fcv
cILZvAOy8wmvre2UuqOKIwxlPe8i+aiX1t8Gy1uN0xtnHPTuSX3YAxZorrakrm2f
zNHkvMHYmnwTkjNzKxUWvdxR+W4qwPj0lxXpbj6auZll
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:03 2023 by rpki-client on console-ams.rpki-client.org