Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mE-t2UybLrjrkk_CZX4YP5hMpTI.roa
File:                     mE-t2UybLrjrkk_CZX4YP5hMpTI.roa (raw, json)
Hash identifier:          f8G0CLLnoNpxIcCMVfBpsb/aHae9thMR3d2/TtcKm8U=
Subject key identifier:   98:4F:AD:D9:4C:9B:2E:B8:EB:92:4F:C2:65:7E:18:3F:98:4C:A5:32
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       019198BF5A1CF89120CCB1900B84FA920AFE
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mE-t2UybLrjrkk_CZX4YP5hMpTI.roa
Signing time:             Wed 28 Aug 2024 11:29:22 +0000
ROA not before:           Wed 28 Aug 2024 11:29:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     12695
IP address blocks:        194.87.82.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 11 Sep 2024 10:25:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:98:bf:5a:1c:f8:91:20:cc:b1:90:0b:84:fa:92:0a:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Aug 28 11:29:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=984fadd94c9b2eb8eb924fc2657e183f984ca532
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:aa:fb:be:8a:2c:19:b3:0b:ae:e3:20:f5:02:
                    13:28:a3:39:96:e9:be:f6:a8:98:c5:d1:ff:fe:6d:
                    76:77:c7:6b:51:74:94:ea:7c:a9:ce:2b:81:92:46:
                    a5:0c:c2:d2:70:6a:a0:7e:8f:04:6c:9c:b8:b6:3c:
                    47:cb:0c:f5:c0:0f:a7:1d:29:db:1c:80:19:76:74:
                    75:68:cf:cc:4c:28:46:b8:10:eb:f8:d7:b3:ba:3f:
                    c4:41:8d:fb:d2:ad:81:94:4b:18:62:88:85:ce:6c:
                    c8:6a:50:c4:bc:92:ab:aa:6c:8f:2a:a8:b9:62:3d:
                    e4:73:68:ce:c3:b7:58:cd:e9:c9:c5:0d:4c:0a:c3:
                    e2:44:30:1c:cd:da:9e:08:77:1e:30:f3:5f:cf:70:
                    22:18:8c:a1:90:7b:20:a0:7f:34:bb:c9:a7:35:95:
                    ec:54:5c:23:4f:3c:ea:f9:c5:20:77:b0:70:da:b9:
                    80:d3:54:95:d6:9e:fc:c3:df:45:32:2e:5e:a2:45:
                    6e:a2:ae:85:85:93:6d:84:01:fb:9d:3f:8c:e1:a9:
                    d8:43:19:9b:0d:4c:62:33:4d:69:13:e8:f8:ff:6b:
                    4d:cb:48:9b:22:5a:cf:72:b8:96:3a:66:b8:32:94:
                    77:54:9a:99:48:c0:d0:ce:ff:dc:c4:9e:b6:1b:c8:
                    8a:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:4F:AD:D9:4C:9B:2E:B8:EB:92:4F:C2:65:7E:18:3F:98:4C:A5:32
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mE-t2UybLrjrkk_CZX4YP5hMpTI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.82.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:99:e0:00:99:ca:f5:e4:ff:12:f8:0e:ff:d4:e2:49:c0:b0:
         a1:d4:8a:fd:8a:d4:c3:c8:a3:65:3d:6e:c4:e5:a2:db:4a:35:
         f5:4e:24:48:4b:f7:5d:c4:c1:42:aa:03:c7:25:78:e7:74:ab:
         d1:0a:71:1c:4b:cc:8c:58:91:ca:ac:a6:b6:e2:22:fd:6a:ad:
         08:97:4b:db:a8:55:cf:a2:08:77:a3:e0:6a:60:72:22:a0:89:
         62:9c:73:cb:3c:42:e3:5f:28:47:95:aa:8c:d1:77:72:a2:ba:
         9d:95:45:f7:13:0d:7c:e9:4b:0d:90:a0:66:ea:e0:44:12:f5:
         21:e0:fe:38:eb:11:ca:0c:47:82:12:bd:54:71:b8:d7:a7:c4:
         ca:fc:10:49:ca:46:c4:90:7a:c6:84:13:a9:95:6b:e5:1f:69:
         a5:2d:1a:62:25:a0:80:1d:e5:0a:16:9b:39:24:f2:7f:30:cf:
         9d:9c:30:1c:5a:fd:4f:18:c2:2f:41:f5:71:bf:59:31:76:ae:
         70:f1:cf:31:94:e8:2e:cd:75:fa:6d:5e:d2:19:b6:30:d0:c1:
         8a:57:4b:87:65:2b:3f:2d:24:d6:53:fb:12:58:82:34:7a:8c:
         28:14:e9:e4:8c:e8:71:66:77:f8:b4:e6:96:d7:e1:ae:3a:5d:
         31:3d:fd:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGYv1oc+JEgzLGQC4T6kgr+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODI4MTEyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODRmYWRkOTRjOWIyZWI4ZWI5MjRmYzI2NTdlMTgzZjk4NGNhNTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Kr7voosGbMLruMg9QITKKM5lum+
9qiYxdH//m12d8drUXSU6nypziuBkkalDMLScGqgfo8EbJy4tjxHywz1wA+nHSnb
HIAZdnR1aM/MTChGuBDr+Nezuj/EQY370q2BlEsYYoiFzmzIalDEvJKrqmyPKqi5
Yj3kc2jOw7dYzenJxQ1MCsPiRDAczdqeCHceMPNfz3AiGIyhkHsgoH80u8mnNZXs
VFwjTzzq+cUgd7Bw2rmA01SV1p78w99FMi5eokVuoq6FhZNthAH7nT+M4anYQxmb
DUxiM01pE+j4/2tNy0ibIlrPcriWOma4MpR3VJqZSMDQzv/cxJ62G8iKuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJhPrdlMmy6465JPwmV+GD+YTKUyMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbUUtdDJVeWJMcmpya2tfQ1pYNFlQNWhNcFRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwldSMA0G
CSqGSIb3DQEBCwUAA4IBAQANmeAAmcr15P8S+A7/1OJJwLCh1Ir9itTDyKNlPW7E
5aLbSjX1TiRIS/ddxMFCqgPHJXjndKvRCnEcS8yMWJHKrKa24iL9aq0Il0vbqFXP
ogh3o+BqYHIioIlinHPLPELjXyhHlaqM0XdyorqdlUX3Ew186UsNkKBm6uBEEvUh
4P446xHKDEeCEr1UcbjXp8TK/BBJykbEkHrGhBOplWvlH2mlLRpiJaCAHeUKFps5
JPJ/MM+dnDAcWv1PGMIvQfVxv1kxdq5w8c8xlOguzXX6bV7SGbYw0MGKV0uHZSs/
LSTWU/sSWII0eowoFOnkjOhxZnf4tOaW1+GuOl0xPf2P
-----END CERTIFICATE-----
Generated at Wed Sep 11 13:24:06 2024 by rpki-client on console-ams.rpki-client.org