Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iVWuoD_u0TzhUFnUfII3bFJ0Njo.roa
File:                     iVWuoD_u0TzhUFnUfII3bFJ0Njo.roa (raw, json)
Hash identifier:          hwufDlnz/g2EJFHiY7PTrX5GR9f4bSQgepD5grpaXVI=
Subject key identifier:   89:55:AE:A0:3F:EE:D1:3C:E1:50:59:D4:7C:82:37:6C:52:74:36:3A
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01856F67038FCF62A4B80C7F1811F4C4BD88
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iVWuoD_u0TzhUFnUfII3bFJ0Njo.roa
Signing time:             Sun 01 Jan 2023 22:15:00 +0000
ROA not before:           Sun 01 Jan 2023 22:15:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203639
IP address blocks:        194.87.204.0/24 maxlen: 24
                          194.87.208.0/24 maxlen: 24
                          194.87.231.0/24 maxlen: 24
                          195.133.15.0/24 maxlen: 24
                          195.58.38.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:67:03:8f:cf:62:a4:b8:0c:7f:18:11:f4:c4:bd:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan  1 22:15:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8955aea03feed13ce15059d47c82376c5274363a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:77:d9:c0:47:29:9e:48:38:40:05:8a:cb:c6:
                    10:44:20:79:8d:1f:62:36:55:07:15:89:65:36:c3:
                    13:75:3f:3b:80:77:25:25:1a:42:d0:c6:b3:2b:cd:
                    7b:f6:39:46:e2:e0:da:99:ac:87:0c:f2:d1:f4:e6:
                    4c:7a:6b:07:7e:ea:2a:10:6e:49:82:d3:e4:f5:10:
                    1a:e0:1f:a8:a9:6a:78:4d:a4:7a:61:c1:2f:5a:2a:
                    76:b6:73:9f:77:02:65:60:a5:3d:e5:86:3c:d2:3b:
                    cd:4f:21:99:12:a9:4f:3e:19:28:c8:e0:51:09:fa:
                    d9:80:fd:26:df:94:5f:5a:36:66:43:58:f5:c0:8a:
                    c8:7d:37:be:27:f8:e1:41:dc:66:99:22:21:0f:24:
                    4e:84:ff:ee:9d:f6:00:02:ee:50:c2:c7:20:ec:de:
                    c9:b4:18:e0:da:d4:56:c0:ac:5c:28:4b:da:b8:28:
                    b4:1d:7a:39:7e:37:7d:d9:fe:04:0a:fa:0d:15:98:
                    ae:2d:cb:b4:77:98:c0:23:99:f4:7d:8d:7f:6a:59:
                    69:44:72:dc:f5:2d:5c:9b:3b:e7:96:a6:d4:7b:1f:
                    eb:bb:0e:04:6f:17:a2:13:4a:17:e5:74:e9:b9:63:
                    15:ee:9d:a3:c1:39:7b:e5:a7:f0:10:4f:4f:fb:06:
                    76:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:55:AE:A0:3F:EE:D1:3C:E1:50:59:D4:7C:82:37:6C:52:74:36:3A
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iVWuoD_u0TzhUFnUfII3bFJ0Njo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.204.0/24
                  194.87.208.0/24
                  194.87.231.0/24
                  195.58.38.0/24
                  195.133.15.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:e7:23:5e:ed:64:df:e4:74:e1:92:3e:96:69:8d:35:3c:15:
         18:23:c7:bb:94:fd:b8:43:5f:b0:96:d5:30:a4:f6:2f:80:76:
         8f:98:49:67:9b:80:12:60:c2:41:06:6f:6c:bb:cc:88:f5:47:
         49:16:49:69:02:63:1f:3a:66:d4:67:dd:a2:d0:38:c3:58:f6:
         55:cf:e6:d1:b0:5c:9b:aa:54:c2:9d:70:39:0c:5f:36:9c:d1:
         da:64:e7:97:69:c3:9e:58:88:65:41:ae:f7:66:12:81:8d:4f:
         62:80:88:ee:47:45:17:41:19:b6:89:a8:3c:83:67:59:2d:46:
         13:5b:9b:87:d1:ae:6f:a9:61:e5:db:fb:fb:04:4b:f6:c8:d6:
         96:b8:e9:4d:4f:ad:6b:4e:68:ac:75:89:53:02:9f:c6:80:49:
         ab:5a:b6:5c:59:05:72:5a:95:75:14:d8:9e:ee:a1:90:8d:46:
         f3:ba:56:7d:57:0e:d3:81:de:0e:95:1a:55:a2:1b:8d:9e:19:
         25:9a:9d:b3:d5:2a:cc:fe:30:f8:31:cd:ce:93:28:b9:b6:82:
         ca:7a:d4:d1:80:eb:1f:3d:6f:e2:eb:be:0a:fc:cd:a5:5f:c5:
         c4:ea:5e:4f:d3:bd:73:52:39:2f:89:b3:bb:99:14:bb:e6:b3:
         44:ce:aa:3c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVvZwOPz2KkuAx/GBH0xL2IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTU1YWVhMDNmZWVkMTNjZTE1MDU5ZDQ3YzgyMzc2YzUyNzQzNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nfZwEcpnkg4QAWKy8YQRCB5jR9i
NlUHFYllNsMTdT87gHclJRpC0MazK8179jlG4uDamayHDPLR9OZMemsHfuoqEG5J
gtPk9RAa4B+oqWp4TaR6YcEvWip2tnOfdwJlYKU95YY80jvNTyGZEqlPPhkoyOBR
CfrZgP0m35RfWjZmQ1j1wIrIfTe+J/jhQdxmmSIhDyROhP/unfYAAu5Qwscg7N7J
tBjg2tRWwKxcKEvauCi0HXo5fjd92f4ECvoNFZiuLcu0d5jAI5n0fY1/allpRHLc
9S1cmzvnlqbUex/ruw4EbxeiE0oX5XTpuWMV7p2jwTl75afwEE9P+wZ2dwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIlVrqA/7tE84VBZ1HyCN2xSdDY6MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaVZXdW9EX3UwVHpoVUZuVWZJSTNiRkowTmpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwlfMAwQA
wlfQAwQAwlfnAwQAwzomAwQAw4UPMA0GCSqGSIb3DQEBCwUAA4IBAQCT5yNe7WTf
5HThkj6WaY01PBUYI8e7lP24Q1+wltUwpPYvgHaPmElnm4ASYMJBBm9su8yI9UdJ
FklpAmMfOmbUZ92i0DjDWPZVz+bRsFybqlTCnXA5DF82nNHaZOeXacOeWIhlQa73
ZhKBjU9igIjuR0UXQRm2iag8g2dZLUYTW5uH0a5vqWHl2/v7BEv2yNaWuOlNT61r
TmisdYlTAp/GgEmrWrZcWQVyWpV1FNie7qGQjUbzulZ9Vw7Tgd4OlRpVohuNnhkl
mp2z1SrM/jD4Mc3Okyi5toLKetTRgOsfPW/i674K/M2lX8XE6l5P071zUjkvibO7
mRS75rNEzqo8
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:03 2023 by rpki-client on console-ams.rpki-client.org