Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vIex2qai6WRWhaXbFkhKc21g5Dk.roa
File:                     vIex2qai6WRWhaXbFkhKc21g5Dk.roa (raw, json)
Hash identifier:          5q420/tQhQsKgO4c4yxMV09a4mJNfO4V4LRD6xvU10U=
Subject key identifier:   BC:87:B1:DA:A6:A2:E9:64:56:85:A5:DB:16:48:4A:73:6D:60:E4:39
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018ACAD5171A07F3D44EB2FC61678E116C28
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vIex2qai6WRWhaXbFkhKc21g5Dk.roa
Signing time:             Mon 25 Sep 2023 05:34:37 +0000
ROA not before:           Mon 25 Sep 2023 05:34:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     46573
IP address blocks:        212.192.208.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 08 Dec 2023 08:25:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:ca:d5:17:1a:07:f3:d4:4e:b2:fc:61:67:8e:11:6c:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Sep 25 05:34:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bc87b1daa6a2e9645685a5db16484a736d60e439
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:af:63:f7:17:8a:c1:d2:69:fb:5f:38:13:b9:
                    1a:e1:0e:0e:45:c7:c6:13:83:2c:82:a1:76:40:57:
                    85:55:e9:e0:6c:08:78:2a:66:fe:f3:df:d8:f4:3a:
                    bb:95:5d:bb:3c:07:5d:45:d9:71:a8:ef:eb:bd:66:
                    6a:34:e3:d9:b7:08:15:a0:93:69:b9:ef:ed:89:05:
                    ac:09:d3:b3:ce:6b:61:09:bc:49:60:70:ca:f8:eb:
                    01:e3:82:c7:ab:40:14:5a:6b:43:c0:b2:c1:b9:c1:
                    e8:3a:0d:4b:ac:e0:e2:6c:f9:6d:96:02:a2:94:39:
                    cf:ee:3d:8c:17:bc:20:31:e4:8c:8c:08:f2:c6:dc:
                    5b:e2:f3:a8:b2:26:d3:64:42:51:94:66:cd:8a:86:
                    4d:98:95:c5:b5:eb:5e:14:eb:14:22:04:15:f3:e9:
                    74:55:26:4e:07:91:75:4d:37:f5:41:0a:30:72:fc:
                    58:f5:64:70:b2:29:20:34:5f:ac:1a:ea:0a:b4:7e:
                    0a:58:38:b8:8d:84:88:34:83:c4:49:7c:b2:11:3c:
                    59:2b:18:5c:00:fd:2b:0d:97:42:09:f3:3f:55:e0:
                    fb:7e:db:88:35:79:af:2c:84:f9:b2:4e:5b:e4:1e:
                    14:19:d0:60:ea:36:c5:28:d2:26:33:4d:6b:64:39:
                    47:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:87:B1:DA:A6:A2:E9:64:56:85:A5:DB:16:48:4A:73:6D:60:E4:39
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vIex2qai6WRWhaXbFkhKc21g5Dk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.192.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:d5:8e:32:ee:42:d8:1d:4f:f0:8e:2d:e9:bf:a6:76:cc:14:
         7f:bd:13:06:2b:fa:22:b5:e7:c1:1e:11:1e:32:e4:bd:2f:86:
         21:03:76:8e:7c:36:b7:4d:21:7a:52:4e:85:4d:37:8e:8c:28:
         5f:ac:ed:73:23:68:7d:ec:5d:fe:55:46:a8:00:b8:d3:f5:79:
         17:b8:84:7a:ae:e3:e3:9a:4d:11:78:f2:d6:d5:a4:8f:a5:b6:
         99:ca:10:28:4f:9a:4e:77:e6:6c:ac:ec:28:62:97:b3:c9:b2:
         fe:fb:f1:e9:44:cf:47:07:ac:2b:41:77:16:a5:93:1f:90:35:
         01:e7:1f:53:99:09:3c:e7:79:7a:21:0c:f0:d5:af:8a:39:8a:
         52:1b:63:b9:bf:b3:6f:f1:e7:1f:a9:6d:a7:56:1f:09:2c:e7:
         21:ae:ce:1b:1a:84:10:56:3e:5a:a6:33:98:37:6a:4b:3d:09:
         d8:75:f9:ff:12:0d:5d:58:1f:0d:fe:fd:be:37:a1:df:ab:82:
         a2:57:56:8c:1f:2e:6b:8d:91:83:72:1d:da:e4:44:c2:c6:a0:
         63:1f:2a:02:9b:48:ae:6a:3c:6c:f1:51:bf:07:92:82:16:3c:
         db:b5:db:d9:65:3e:1f:f2:d8:7e:4a:6c:86:d7:b7:9a:22:6d:
         b8:5c:04:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrK1RcaB/PUTrL8YWeOEWwoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTI1MDUzNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzg3YjFkYWE2YTJlOTY0NTY4NWE1ZGIxNjQ4NGE3MzZkNjBlNDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApK9j9xeKwdJp+184E7ka4Q4ORcfG
E4MsgqF2QFeFVengbAh4Kmb+89/Y9Dq7lV27PAddRdlxqO/rvWZqNOPZtwgVoJNp
ue/tiQWsCdOzzmthCbxJYHDK+OsB44LHq0AUWmtDwLLBucHoOg1LrODibPltlgKi
lDnP7j2MF7wgMeSMjAjyxtxb4vOosibTZEJRlGbNioZNmJXFteteFOsUIgQV8+l0
VSZOB5F1TTf1QQowcvxY9WRwsikgNF+sGuoKtH4KWDi4jYSINIPESXyyETxZKxhc
AP0rDZdCCfM/VeD7ftuINXmvLIT5sk5b5B4UGdBg6jbFKNImM01rZDlHHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLyHsdqmoulkVoWl2xZISnNtYOQ5MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdklleDJxYWk2V1JXaGFYYkZraEtjMjFnNURrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1MDQMA0G
CSqGSIb3DQEBCwUAA4IBAQBv1Y4y7kLYHU/wji3pv6Z2zBR/vRMGK/oitefBHhEe
MuS9L4YhA3aOfDa3TSF6Uk6FTTeOjChfrO1zI2h97F3+VUaoALjT9XkXuIR6ruPj
mk0RePLW1aSPpbaZyhAoT5pOd+ZsrOwoYpezybL++/HpRM9HB6wrQXcWpZMfkDUB
5x9TmQk853l6IQzw1a+KOYpSG2O5v7Nv8ecfqW2nVh8JLOchrs4bGoQQVj5apjOY
N2pLPQnYdfn/Eg1dWB8N/v2+N6Hfq4KiV1aMHy5rjZGDch3a5ETCxqBjHyoCm0iu
ajxs8VG/B5KCFjzbtdvZZT4f8th+SmyG17eaIm24XAR/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:50 2024 by rpki-client on console-ams.rpki-client.org