Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kPMGPJGW5jqeiSlsKDf-e5v2v6s.roa
File:                     kPMGPJGW5jqeiSlsKDf-e5v2v6s.roa (raw, json)
Hash identifier:          hmcWMswdxtg8jGbgIPe7HOH62+G+F7oaPeNTAt0pT/g=
Subject key identifier:   90:F3:06:3C:91:96:E6:3A:9E:89:29:6C:28:37:FE:7B:9B:F6:BF:AB
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018CCA2A7144DA244203D7E36011971CC6AB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kPMGPJGW5jqeiSlsKDf-e5v2v6s.roa
Signing time:             Tue 02 Jan 2024 12:33:48 +0000
ROA not before:           Tue 02 Jan 2024 12:33:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     21769
IP address blocks:        194.87.22.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 02 Feb 2024 14:11:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:71:44:da:24:42:03:d7:e3:60:11:97:1c:c6:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan  2 12:33:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=90f3063c9196e63a9e89296c2837fe7b9bf6bfab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:95:d4:be:c5:5f:e2:d8:e9:69:8b:18:f2:84:
                    df:4c:61:54:f0:76:a8:7e:b0:23:fb:3d:72:7d:ff:
                    87:24:2a:81:3b:1b:9b:d3:c6:14:27:e9:1e:94:a5:
                    04:de:93:af:8b:9d:a6:0e:4b:b0:95:08:07:da:7b:
                    a0:c1:f5:d3:24:a3:8f:e6:60:c4:ea:bf:e6:df:76:
                    bb:0d:59:cf:4e:70:9f:50:42:52:b5:80:38:6c:d0:
                    80:3a:b8:d5:c1:bb:12:f6:d2:6e:4c:75:5c:c9:be:
                    ac:33:da:42:82:f3:44:66:36:bc:54:a0:65:74:7c:
                    c6:22:8b:f4:88:35:6d:d0:e6:df:83:a1:b2:42:d6:
                    5d:fc:7c:df:c3:3a:2e:b9:22:c1:ce:58:55:45:a8:
                    01:32:05:12:23:e5:a7:10:cc:fe:b0:37:d8:68:50:
                    b7:46:6d:60:e9:d7:2e:b1:d4:89:57:89:6a:00:ca:
                    e1:38:6b:ff:1d:ff:28:0f:cb:a7:44:f2:7b:36:de:
                    6c:a3:97:b1:80:dc:41:b9:95:8d:10:e6:da:99:4c:
                    e7:86:b2:da:ed:06:5b:59:c6:db:99:47:64:45:1d:
                    cb:d1:cc:4d:77:37:35:85:18:db:74:b1:11:d0:e2:
                    9a:b8:58:08:bf:c4:53:99:4b:d0:df:ff:95:31:c7:
                    d1:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:F3:06:3C:91:96:E6:3A:9E:89:29:6C:28:37:FE:7B:9B:F6:BF:AB
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kPMGPJGW5jqeiSlsKDf-e5v2v6s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:88:c8:7d:39:3f:15:6e:93:b3:84:95:8a:44:07:78:f4:1b:
         17:b1:9b:90:03:13:b2:0e:bd:f8:cb:d4:7b:ea:28:cf:d8:09:
         5a:fd:6f:54:96:55:b3:a1:e0:83:9d:6c:9e:ee:80:3c:e1:cc:
         da:7c:0a:3b:6c:05:0e:b5:dc:58:ec:da:70:25:48:84:9a:15:
         28:ed:52:29:db:fd:82:ff:99:85:e6:b2:4c:57:3f:7d:05:1a:
         82:57:7e:4a:35:f2:46:f1:6e:66:7d:b5:df:32:69:3e:48:21:
         84:7b:7d:7e:a0:4f:36:5e:1f:fc:3f:f1:b6:12:a2:aa:92:43:
         7f:76:fb:88:ca:21:11:04:18:99:b1:99:d2:07:54:d6:ab:98:
         06:05:23:bd:b0:c7:20:c3:79:63:f3:0e:76:89:74:59:06:a1:
         a1:32:1f:99:82:2e:ed:60:05:9d:7e:d7:1f:af:e7:c0:ee:3e:
         68:ae:8a:e7:34:77:96:75:8b:40:51:64:2f:ba:fd:dc:f7:5a:
         2f:93:41:6b:69:ab:4f:b1:ec:bf:17:57:f0:99:7b:8e:25:22:
         32:cf:ee:0e:57:e3:fc:b2:04:49:ce:93:f8:99:ea:24:56:a2:
         62:dd:0a:c5:10:e7:f5:6a:c3:14:7a:e1:cd:97:cc:38:7a:c4:
         bb:b2:9f:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKnFE2iRCA9fjYBGXHMarMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGYzMDYzYzkxOTZlNjNhOWU4OTI5NmMyODM3ZmU3YjliZjZiZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZXUvsVf4tjpaYsY8oTfTGFU8Hao
frAj+z1yff+HJCqBOxub08YUJ+kelKUE3pOvi52mDkuwlQgH2nugwfXTJKOP5mDE
6r/m33a7DVnPTnCfUEJStYA4bNCAOrjVwbsS9tJuTHVcyb6sM9pCgvNEZja8VKBl
dHzGIov0iDVt0Obfg6GyQtZd/HzfwzouuSLBzlhVRagBMgUSI+WnEMz+sDfYaFC3
Rm1g6dcusdSJV4lqAMrhOGv/Hf8oD8unRPJ7Nt5so5exgNxBuZWNEObamUznhrLa
7QZbWcbbmUdkRR3L0cxNdzc1hRjbdLER0OKauFgIv8RTmUvQ3/+VMcfRIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJDzBjyRluY6nokpbCg3/nub9r+rMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEva1BNR1BKR1c1anFlaVNsc0tEZi1lNXYydjZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlcWMA0G
CSqGSIb3DQEBCwUAA4IBAQBciMh9OT8VbpOzhJWKRAd49BsXsZuQAxOyDr34y9R7
6ijP2Ala/W9UllWzoeCDnWye7oA84czafAo7bAUOtdxY7NpwJUiEmhUo7VIp2/2C
/5mF5rJMVz99BRqCV35KNfJG8W5mfbXfMmk+SCGEe31+oE82Xh/8P/G2EqKqkkN/
dvuIyiERBBiZsZnSB1TWq5gGBSO9sMcgw3lj8w52iXRZBqGhMh+Zgi7tYAWdftcf
r+fA7j5orornNHeWdYtAUWQvuv3c91ovk0FraatPsey/F1fwmXuOJSIyz+4OV+P8
sgRJzpP4meokVqJi3QrFEOf1asMUeuHNl8w4esS7sp/T
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:44 2024 by rpki-client on console-ams.rpki-client.org