Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/k0tB-yvH-UdgkBzupA6YNmwYZoQ.roa
File:                     k0tB-yvH-UdgkBzupA6YNmwYZoQ.roa (raw, json)
Hash identifier:          tHJxz9PLZos2D+3Nf4gObn3b6i7u1eiWp4iiylvQG6o=
Subject key identifier:   93:4B:41:FB:2B:C7:F9:47:60:90:1C:EE:A4:0E:98:36:6C:18:66:84
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018C3B2FC36C408D4CCB49BC9B6CC7E96009
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/k0tB-yvH-UdgkBzupA6YNmwYZoQ.roa
Signing time:             Tue 05 Dec 2023 18:13:55 +0000
ROA not before:           Tue 05 Dec 2023 18:13:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200482
IP address blocks:        212.193.13.0/24 maxlen: 24
                          194.87.208.0/24 maxlen: 24
                          195.133.81.0/24 maxlen: 24
                          193.124.202.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:3b:2f:c3:6c:40:8d:4c:cb:49:bc:9b:6c:c7:e9:60:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Dec  5 18:13:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=934b41fb2bc7f94760901ceea40e98366c186684
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:c1:fd:9c:8a:03:25:ee:84:bb:12:34:dc:8c:
                    0d:91:aa:b7:09:c5:f7:d5:e4:08:46:72:7a:9e:40:
                    4e:22:1f:3d:c6:de:d8:8c:d6:d2:f5:06:b1:53:7e:
                    b6:6b:01:04:44:5a:88:a3:8d:92:eb:c3:66:1d:66:
                    d8:d4:41:5c:3d:78:1d:2e:a5:72:92:47:fc:48:9e:
                    70:0d:78:3e:63:26:e1:b3:12:e5:82:e9:c9:1f:b9:
                    7e:5f:20:62:b8:d2:04:68:5d:ff:58:1d:33:e1:76:
                    c6:94:09:55:86:7d:ab:eb:0f:fb:d8:7d:b3:fd:53:
                    7f:c2:03:6e:69:de:67:5a:68:ae:13:b5:32:08:84:
                    69:82:24:22:08:27:71:87:31:09:2f:08:a8:d3:a8:
                    63:ea:f8:95:fa:a9:65:7a:8f:fb:6b:31:fb:80:3e:
                    1e:d5:31:e4:da:d0:14:14:5a:02:8b:5e:77:ed:1a:
                    27:64:24:73:2c:92:3d:10:a5:ec:dc:09:f8:41:f0:
                    e2:b8:71:28:5f:99:c5:3c:39:47:99:8a:18:0c:32:
                    be:00:0e:69:8b:fa:b9:c7:18:15:85:4d:61:25:de:
                    5c:92:42:8d:5f:83:1a:6b:e8:ec:a1:7f:38:e2:04:
                    3a:64:6a:f7:fe:f3:d1:3f:27:e0:e8:bc:b8:d7:ed:
                    21:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:4B:41:FB:2B:C7:F9:47:60:90:1C:EE:A4:0E:98:36:6C:18:66:84
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/k0tB-yvH-UdgkBzupA6YNmwYZoQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.202.0/24
                  194.87.208.0/24
                  195.133.81.0/24
                  212.193.13.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:8e:72:09:a4:f4:14:55:dc:2b:e3:e7:0d:1e:2a:c9:e2:4c:
         bd:3e:f3:36:fb:46:c0:36:25:5d:31:be:d0:ae:70:d5:59:c1:
         56:73:fe:2c:d0:63:36:07:9e:fe:49:f1:aa:3c:3b:c3:5e:a5:
         f4:fb:29:a6:0d:9f:3a:9a:b1:41:70:d0:aa:3b:83:52:b0:7c:
         a7:99:6c:91:9a:ec:45:54:5e:ed:fa:e2:45:d4:89:22:bf:2e:
         51:97:f3:68:a7:d6:98:39:67:da:ac:8b:05:eb:9d:a0:b5:28:
         23:8f:94:aa:e1:c9:04:30:58:3c:e3:f4:73:57:75:4d:68:4e:
         d7:05:c3:3e:61:69:0c:0d:5c:50:6b:ca:f4:37:16:ee:78:a7:
         e0:67:e3:12:9f:63:1c:b0:e6:55:18:2a:63:ea:c9:be:5a:97:
         ea:4b:bf:a6:1d:33:62:ac:9a:d3:42:55:a0:3d:d8:d2:c7:8a:
         dc:1a:4c:a7:cd:69:c7:d6:1d:1d:8e:38:23:25:c5:b5:7c:d0:
         05:56:72:45:2a:bb:85:a3:e9:35:0c:06:ba:f7:e1:69:66:e7:
         53:ef:ab:08:d7:2e:1f:29:84:d0:25:22:e4:a1:81:5b:af:2c:
         48:bc:8c:b6:dc:c9:04:b4:34:be:45:93:fd:8b:40:a6:12:6a:
         05:00:01:6f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYw7L8NsQI1My0m8m2zH6WAJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjA1MTgxMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzRiNDFmYjJiYzdmOTQ3NjA5MDFjZWVhNDBlOTgzNjZjMTg2Njg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcH9nIoDJe6EuxI03IwNkaq3CcX3
1eQIRnJ6nkBOIh89xt7YjNbS9QaxU362awEERFqIo42S68NmHWbY1EFcPXgdLqVy
kkf8SJ5wDXg+YybhsxLlgunJH7l+XyBiuNIEaF3/WB0z4XbGlAlVhn2r6w/72H2z
/VN/wgNuad5nWmiuE7UyCIRpgiQiCCdxhzEJLwio06hj6viV+qlleo/7azH7gD4e
1THk2tAUFFoCi1537RonZCRzLJI9EKXs3An4QfDiuHEoX5nFPDlHmYoYDDK+AA5p
i/q5xxgVhU1hJd5ckkKNX4Maa+jsoX844gQ6ZGr3/vPRPyfg6Ly41+0hmQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJNLQfsrx/lHYJAc7qQOmDZsGGaEMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvazB0Qi15dkgtVWRna0J6dXBBNllObXdZWm9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXzKAwQA
wlfQAwQAw4VRAwQA1MENMA0GCSqGSIb3DQEBCwUAA4IBAQA5jnIJpPQUVdwr4+cN
HirJ4ky9PvM2+0bANiVdMb7QrnDVWcFWc/4s0GM2B57+SfGqPDvDXqX0+ymmDZ86
mrFBcNCqO4NSsHynmWyRmuxFVF7t+uJF1Ikivy5Rl/Nop9aYOWfarIsF652gtSgj
j5Sq4ckEMFg84/RzV3VNaE7XBcM+YWkMDVxQa8r0NxbueKfgZ+MSn2McsOZVGCpj
6sm+WpfqS7+mHTNirJrTQlWgPdjSx4rcGkynzWnH1h0djjgjJcW1fNAFVnJFKruF
o+k1DAa69+FpZudT76sI1y4fKYTQJSLkoYFbryxIvIy23MkEtDS+RZP9i0CmEmoF
AAFv
-----END CERTIFICATE-----
Generated at Sat Dec 16 05:41:08 2023 by rpki-client on console-fra.rpki-client.org