Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/i4PugU0fYeAZ0IeN2kKGvKPbyhE.roa
File:                     i4PugU0fYeAZ0IeN2kKGvKPbyhE.roa (raw, json)
Hash identifier:          4MOlEQ7ux6xML739n8aUAwJEakvwMHWQR4+Bfiy6zNs=
Subject key identifier:   8B:83:EE:81:4D:1F:61:E0:19:D0:87:8D:DA:42:86:BC:A3:DB:CA:11
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018B138460DBFC6D1BAD4A9F848046BC1210
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/i4PugU0fYeAZ0IeN2kKGvKPbyhE.roa
Signing time:             Mon 09 Oct 2023 08:18:44 +0000
ROA not before:           Mon 09 Oct 2023 08:18:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400377
IP address blocks:        194.135.105.0/24 maxlen: 24
                          194.87.52.0/24 maxlen: 24
                          195.133.41.0/24 maxlen: 24
                          195.133.60.0/24 maxlen: 24
                          194.87.87.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:13:84:60:db:fc:6d:1b:ad:4a:9f:84:80:46:bc:12:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Oct  9 08:18:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8b83ee814d1f61e019d0878dda4286bca3dbca11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:1c:3d:ff:aa:e1:2c:15:fe:0c:8c:08:9e:3a:
                    d3:98:14:e5:01:51:44:f4:c7:df:a5:92:32:be:f6:
                    91:a6:20:0b:25:6d:78:de:47:70:d3:1a:33:72:2c:
                    b6:fd:f9:8b:84:e2:ac:cb:72:90:19:3d:fc:7c:aa:
                    2c:b7:72:52:08:fb:e5:d2:52:04:62:34:54:0a:95:
                    28:c5:a2:4e:53:a0:33:3a:ba:ae:fd:d9:70:ca:81:
                    0f:96:af:23:13:3c:42:c4:e9:3a:a9:85:1d:d8:f4:
                    57:45:0c:c1:3e:4d:da:7f:8b:c7:7b:8e:5d:45:af:
                    2e:12:23:80:f9:f0:88:5d:24:34:5c:70:5e:c3:52:
                    c1:79:ea:1c:30:fa:a5:ca:d6:51:13:ff:e3:3b:9e:
                    c4:c7:b2:bb:e3:02:3d:87:37:0a:96:67:fa:02:21:
                    78:70:6b:a6:6b:3c:ce:1a:08:f4:88:9d:64:2a:8c:
                    b3:d1:39:25:33:d0:4b:d8:fd:72:83:96:b1:87:8b:
                    29:24:fd:27:ea:b9:aa:a6:12:ff:98:11:bc:6a:89:
                    f3:95:b6:36:57:10:a6:de:c3:52:97:27:04:62:49:
                    73:84:d1:12:1b:7c:4d:c3:8d:27:0f:36:91:c5:d5:
                    16:b2:d0:e2:98:2e:01:25:c0:91:1f:9b:bf:0e:15:
                    a9:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:83:EE:81:4D:1F:61:E0:19:D0:87:8D:DA:42:86:BC:A3:DB:CA:11
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/i4PugU0fYeAZ0IeN2kKGvKPbyhE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.52.0/24
                  194.87.87.0/24
                  194.135.105.0/24
                  195.133.41.0/24
                  195.133.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:08:e7:d9:52:ce:60:10:b6:27:00:2f:12:d8:fe:d4:49:4d:
         7d:d9:67:9c:54:33:52:fd:46:9e:e1:11:98:70:11:9e:d4:64:
         83:60:d6:91:1c:da:75:0b:6e:17:ed:51:ad:a0:7f:a6:01:22:
         76:46:db:48:e2:62:fe:50:20:89:9c:47:85:aa:65:3b:55:0b:
         31:a9:a4:66:79:38:7d:58:25:a8:23:83:5a:bd:a3:ac:fc:43:
         d8:d0:c8:df:48:86:81:6c:74:8b:02:35:e4:89:ee:d0:ba:cf:
         44:38:ea:17:17:0e:9d:9f:c1:2f:de:f5:5d:e3:dd:6c:02:0b:
         c2:28:de:ab:3a:30:64:42:18:c3:eb:e9:e2:69:08:33:33:e5:
         fe:50:c1:99:f8:26:45:96:93:5a:ef:9f:aa:ad:86:d4:c5:90:
         e3:67:0c:2d:30:5d:b2:90:64:c9:55:5c:28:22:fa:b3:ea:3f:
         ff:81:d9:54:04:e3:25:c4:be:cc:5c:70:b4:8b:e8:60:11:a1:
         d8:3b:af:dc:14:74:75:59:90:2c:29:a6:ca:1c:75:b6:8b:ba:
         2e:46:65:d0:b1:c9:bc:ca:ca:e2:81:4c:cf:0d:ae:71:09:38:
         e3:4a:59:da:b9:d9:bd:c5:58:e5:99:cf:31:62:07:76:0f:1f:
         a2:a4:24:91
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYsThGDb/G0brUqfhIBGvBIQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDA5MDgxODQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjgzZWU4MTRkMWY2MWUwMTlkMDg3OGRkYTQyODZiY2EzZGJjYTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhw9/6rhLBX+DIwInjrTmBTlAVFE
9MffpZIyvvaRpiALJW143kdw0xozciy2/fmLhOKsy3KQGT38fKost3JSCPvl0lIE
YjRUCpUoxaJOU6AzOrqu/dlwyoEPlq8jEzxCxOk6qYUd2PRXRQzBPk3af4vHe45d
Ra8uEiOA+fCIXSQ0XHBew1LBeeocMPqlytZRE//jO57Ex7K74wI9hzcKlmf6AiF4
cGumazzOGgj0iJ1kKoyz0TklM9BL2P1yg5axh4spJP0n6rmqphL/mBG8aonzlbY2
VxCm3sNSlycEYklzhNESG3xNw40nDzaRxdUWstDimC4BJcCRH5u/DhWpJwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIuD7oFNH2HgGdCHjdpChryj28oRMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaTRQdWdVMGZZZUFaMEllTjJrS0d2S1BieWhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwlc0AwQA
wldXAwQAwodpAwQAw4UpAwQAw4U8MA0GCSqGSIb3DQEBCwUAA4IBAQBMCOfZUs5g
ELYnAC8S2P7USU192WecVDNS/Uae4RGYcBGe1GSDYNaRHNp1C24X7VGtoH+mASJ2
RttI4mL+UCCJnEeFqmU7VQsxqaRmeTh9WCWoI4NavaOs/EPY0MjfSIaBbHSLAjXk
ie7Qus9EOOoXFw6dn8Ev3vVd491sAgvCKN6rOjBkQhjD6+niaQgzM+X+UMGZ+CZF
lpNa75+qrYbUxZDjZwwtMF2ykGTJVVwoIvqz6j//gdlUBOMlxL7MXHC0i+hgEaHY
O6/cFHR1WZAsKabKHHW2i7ouRmXQscm8ysrigUzPDa5xCTjjSlnaudm9xVjlmc8x
Ygd2Dx+ipCSR
-----END CERTIFICATE-----
Generated at Mon Oct 9 10:44:38 2023 by rpki-client on console-ams.rpki-client.org