Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uqP7vsj3DjvIlNA3PLfOQq0yR2k.roa
File:                     uqP7vsj3DjvIlNA3PLfOQq0yR2k.roa (raw, json)
Hash identifier:          rAWn0YLqFBbEaMi9feklfjQd0OLpKnHaEP30jgVoY/g=
Subject key identifier:   BA:A3:FB:BE:C8:F7:0E:3B:C8:94:D0:37:3C:B7:CE:42:AD:32:47:69
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018BF57C8A0AD9BDF1BDB74FF9C0B43E7723
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uqP7vsj3DjvIlNA3PLfOQq0yR2k.roa
Signing time:             Wed 22 Nov 2023 05:24:21 +0000
ROA not before:           Wed 22 Nov 2023 05:24:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15731
IP address blocks:        194.87.1.0/24 maxlen: 24
                          193.124.16.0/24 maxlen: 24
                          194.87.11.0/24 maxlen: 24
                          194.87.12.0/24 maxlen: 24
                          194.87.21.0/24 maxlen: 24
                          194.87.18.0/24 maxlen: 24
                          194.87.30.0/24 maxlen: 24
                          212.192.214.0/24 maxlen: 24
                          195.58.35.0/24 maxlen: 24
                          194.58.47.0/24 maxlen: 24
                          195.58.58.0/23 maxlen: 23
                          195.58.62.0/23 maxlen: 23
                          194.87.104.0/24 maxlen: 24
                          194.87.108.0/24 maxlen: 24
                          194.87.114.0/24 maxlen: 24
                          194.87.114.0/23 maxlen: 23
                          194.87.122.0/24 maxlen: 24
                          194.87.124.0/24 maxlen: 24
                          193.124.133.0/24 maxlen: 24
                          194.87.131.0/24 maxlen: 24
                          195.133.0.0/24 maxlen: 24
                          194.87.134.0/23 maxlen: 23
                          194.87.56.0/24 maxlen: 24
                          193.124.80.0/24 maxlen: 24
                          194.87.83.0/24 maxlen: 24
                          194.87.200.0/24 maxlen: 24
                          195.133.73.0/24 maxlen: 24
                          195.133.84.0/23 maxlen: 23
                          192.124.178.0/24 maxlen: 24
                          194.87.168.0/24 maxlen: 24
                          194.87.179.0/24 maxlen: 24
                          192.124.189.0/24 maxlen: 24
                          195.133.40.0/23 maxlen: 23
                          193.124.200.0/24 maxlen: 24
                          195.133.194.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 22 Nov 2023 08:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:f5:7c:8a:0a:d9:bd:f1:bd:b7:4f:f9:c0:b4:3e:77:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Nov 22 05:24:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=baa3fbbec8f70e3bc894d0373cb7ce42ad324769
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:97:98:22:c7:ff:bf:ee:30:ea:70:0a:4c:c3:
                    43:61:3e:ab:e2:a5:ea:1c:f7:84:29:b5:19:3a:1b:
                    d2:21:0a:d7:37:84:34:0d:77:b9:9a:77:7f:2b:bf:
                    20:77:88:2c:1b:50:06:3c:54:a3:e0:c2:06:be:0d:
                    ff:c3:60:38:8a:e9:3b:6c:ea:72:6e:d3:91:db:1a:
                    3b:be:b6:d7:0f:10:fa:c7:91:6a:cc:30:a8:d5:f2:
                    0a:3c:31:43:f2:00:4d:69:9e:a7:62:eb:26:69:55:
                    fe:e4:5d:4b:93:b8:03:df:38:79:67:03:d6:fe:91:
                    46:1f:a6:d2:f5:74:15:b5:2b:73:b6:05:8c:9d:78:
                    d1:fd:39:e9:5e:25:b5:79:04:db:25:cd:1f:de:ad:
                    f7:91:98:d5:b3:1e:dd:08:c8:95:b9:09:f7:4a:71:
                    85:2e:bf:8c:6b:91:17:b1:81:1a:eb:90:90:ab:d2:
                    19:ed:44:ef:f9:9d:54:8e:f8:16:2c:bc:5e:9e:d7:
                    d4:c7:24:0e:d3:85:c2:1f:a9:5c:6a:15:12:37:a4:
                    30:ca:6d:3b:fb:86:c8:48:fb:88:d8:52:eb:3f:22:
                    0a:03:cd:04:46:05:31:ac:5e:a8:cc:61:37:6a:a4:
                    8f:5b:9c:ee:55:de:1e:64:f6:cf:5b:7e:23:04:12:
                    b8:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:A3:FB:BE:C8:F7:0E:3B:C8:94:D0:37:3C:B7:CE:42:AD:32:47:69
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uqP7vsj3DjvIlNA3PLfOQq0yR2k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.124.178.0/24
                  192.124.189.0/24
                  193.124.16.0/24
                  193.124.80.0/24
                  193.124.133.0/24
                  193.124.200.0/24
                  194.58.47.0/24
                  194.87.1.0/24
                  194.87.11.0-194.87.12.255
                  194.87.18.0/24
                  194.87.21.0/24
                  194.87.30.0/24
                  194.87.56.0/24
                  194.87.83.0/24
                  194.87.104.0/24
                  194.87.108.0/24
                  194.87.114.0/23
                  194.87.122.0/24
                  194.87.124.0/24
                  194.87.131.0/24
                  194.87.134.0/23
                  194.87.168.0/24
                  194.87.179.0/24
                  194.87.200.0/24
                  195.58.35.0/24
                  195.58.58.0/23
                  195.58.62.0/23
                  195.133.0.0/24
                  195.133.40.0/23
                  195.133.73.0/24
                  195.133.84.0/23
                  195.133.194.0/24
                  212.192.214.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:b6:9e:35:dd:45:34:06:86:b4:76:fe:7a:bc:4b:ab:05:56:
         b2:3b:e3:58:4b:63:5d:8d:ec:fb:90:21:21:91:a8:44:f5:b3:
         29:d7:b4:c9:af:18:15:57:1f:6a:43:94:2c:ac:e6:79:d3:74:
         8f:86:5d:81:ab:99:35:77:16:13:31:11:7c:22:5b:d5:34:d4:
         6b:ea:f6:28:60:35:85:1f:58:f8:e1:cd:a6:d7:c4:2f:69:82:
         fd:41:34:a2:ee:90:a9:52:c1:38:9a:95:33:13:d6:04:ab:05:
         0f:06:50:03:e0:10:d2:b5:c8:02:92:f5:27:b3:58:a6:27:dc:
         eb:91:2d:a1:73:26:b4:7c:86:ba:9f:b5:23:fc:1c:b9:06:ac:
         07:4e:32:71:e3:f5:c5:f1:2d:ec:cd:60:36:79:10:b6:c2:9b:
         e7:54:92:af:d7:b6:7c:f4:57:60:cb:b4:04:39:5c:54:7b:44:
         ce:f6:d3:6a:19:3a:c1:0e:b2:0a:8d:54:f3:c5:d7:18:3f:3b:
         95:ab:3f:fc:68:63:03:72:f1:17:a2:f7:53:8c:bb:5b:6d:74:
         56:c1:e2:a8:d4:a4:bf:eb:b9:cf:a5:f0:02:3f:02:2e:d0:94:
         4d:63:4d:91:a0:5d:ec:f4:ea:e6:be:49:32:a2:95:79:e4:96:
         c9:86:16:00
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAYv1fIoK2b3xvbdP+cC0PncjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTIyMDUyNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWEzZmJiZWM4ZjcwZTNiYzg5NGQwMzczY2I3Y2U0MmFkMzI0NzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpeYIsf/v+4w6nAKTMNDYT6r4qXq
HPeEKbUZOhvSIQrXN4Q0DXe5mnd/K78gd4gsG1AGPFSj4MIGvg3/w2A4iuk7bOpy
btOR2xo7vrbXDxD6x5FqzDCo1fIKPDFD8gBNaZ6nYusmaVX+5F1Lk7gD3zh5ZwPW
/pFGH6bS9XQVtStztgWMnXjR/TnpXiW1eQTbJc0f3q33kZjVsx7dCMiVuQn3SnGF
Lr+Ma5EXsYEa65CQq9IZ7UTv+Z1UjvgWLLxentfUxyQO04XCH6lcahUSN6Qwym07
+4bISPuI2FLrPyIKA80ERgUxrF6ozGE3aqSPW5zuVd4eZPbPW34jBBK4VwIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFLqj+77I9w47yJTQNzy3zkKtMkdpMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdXFQN3ZzajNEanZJbE5BM1BMZk9RcTB5UjJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DCB1QQCAAEwgc4DBADA
fLIDBADAfL0DBADBfBADBADBfFADBADBfIUDBADBfMgDBADCOi8DBADCVwEwDAME
AMJXCwMEAMJXDAMEAMJXEgMEAMJXFQMEAMJXHgMEAMJXOAMEAMJXUwMEAMJXaAME
AMJXbAMEAcJXcgMEAMJXegMEAMJXfAMEAMJXgwMEAcJXhgMEAMJXqAMEAMJXswME
AMJXyAMEAMM6IwMEAcM6OgMEAcM6PgMEAMOFAAMEAcOFKAMEAMOFSQMEAcOFVAME
AMOFwgMEANTA1jANBgkqhkiG9w0BAQsFAAOCAQEAR7aeNd1FNAaGtHb+erxLqwVW
sjvjWEtjXY3s+5AhIZGoRPWzKde0ya8YFVcfakOULKzmedN0j4ZdgauZNXcWEzER
fCJb1TTUa+r2KGA1hR9Y+OHNptfEL2mC/UE0ou6QqVLBOJqVMxPWBKsFDwZQA+AQ
0rXIApL1J7NYpifc65EtoXMmtHyGup+1I/wcuQasB04yceP1xfEt7M1gNnkQtsKb
51SSr9e2fPRXYMu0BDlcVHtEzvbTahk6wQ6yCo1U88XXGD87las//GhjA3LxF6L3
U4y7W210VsHiqNSkv+u5z6XwAj8CLtCUTWNNkaBd7PTq5r5JMqKVeeSWyYYWAA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:29 2024 by rpki-client on console-fra.rpki-client.org