Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vK8bTTaJu4D8LOl6mExEMG861Fs.roa
File:                     vK8bTTaJu4D8LOl6mExEMG861Fs.roa (raw, json)
Hash identifier:          UTipGwrPqOQ56WkYqB0mXiTlso/9yUBUSee0qLDZFUQ=
Subject key identifier:   BC:AF:1B:4D:36:89:BB:80:FC:2C:E9:7A:98:4C:44:30:6F:3A:D4:5B
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018847DB2AD5ED163F88B9F341FBF456AD29
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vK8bTTaJu4D8LOl6mExEMG861Fs.roa
Signing time:             Tue 23 May 2023 09:05:25 +0000
ROA not before:           Tue 23 May 2023 09:05:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7411
IP address blocks:        194.58.155.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 02 Jun 2023 19:22:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:47:db:2a:d5:ed:16:3f:88:b9:f3:41:fb:f4:56:ad:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: May 23 09:05:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bcaf1b4d3689bb80fc2ce97a984c44306f3ad45b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:22:eb:95:d1:9c:f5:ca:ff:1e:1f:29:35:13:
                    82:57:f6:d0:21:1c:2a:86:2d:5a:ee:23:0d:08:09:
                    bb:51:46:98:79:9c:38:9c:f7:11:30:8e:67:41:b7:
                    72:51:1a:b7:a9:08:cc:f9:4f:61:83:8a:f5:5c:f0:
                    99:25:fc:fe:a7:a0:22:c0:bb:5c:fa:8c:95:70:09:
                    d8:b5:70:b1:d3:09:85:a2:19:ab:87:61:02:ac:0f:
                    d3:eb:d2:7c:df:d9:74:e9:bb:90:67:0a:2b:c6:ea:
                    58:e3:4a:93:f4:c4:9f:20:43:16:00:06:18:a8:95:
                    a7:19:57:52:92:a5:ed:57:f5:89:c2:58:0c:69:83:
                    dd:79:c4:dc:4f:84:e8:d2:cf:9e:13:ac:3c:ed:45:
                    e7:af:0f:30:58:eb:5b:09:eb:90:fa:64:d1:88:ab:
                    92:9b:d1:61:6c:32:e0:a3:5d:1a:e7:a5:48:9a:38:
                    4d:53:53:1b:cb:a1:26:8f:69:27:af:10:77:7f:bf:
                    1a:82:bc:41:e6:12:56:f0:a3:d5:ef:ea:aa:f1:f7:
                    97:9b:4f:f5:83:c4:c9:2d:0e:77:fe:d1:c4:0a:ab:
                    c8:6b:22:c2:9d:34:eb:ca:3e:86:c6:df:7f:90:35:
                    0f:a7:89:aa:27:8d:38:ea:c6:f9:da:79:2b:a0:e9:
                    bd:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:AF:1B:4D:36:89:BB:80:FC:2C:E9:7A:98:4C:44:30:6F:3A:D4:5B
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vK8bTTaJu4D8LOl6mExEMG861Fs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.58.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:e5:5f:a6:0a:46:b7:25:de:d0:1b:04:58:fa:61:98:a4:07:
         9f:53:54:0c:a6:c9:c3:d7:42:96:04:ea:55:9a:ab:20:8a:99:
         02:bd:69:d0:fc:8d:58:a4:eb:7e:e5:2c:c1:70:6c:0e:28:ea:
         04:ce:9e:83:37:8f:ed:29:9c:a3:88:01:55:72:06:a9:aa:23:
         0f:2b:9e:d0:ba:17:b4:85:06:8e:21:8e:04:90:d9:8f:3f:95:
         01:1b:b7:f9:f8:ec:e1:d3:26:39:2c:6c:84:8e:29:2e:57:98:
         60:2a:55:30:a3:16:80:79:ea:6b:19:5b:fd:fa:1a:a2:c2:f6:
         92:d1:19:2c:a5:e6:34:c5:9c:e5:fd:10:e1:b7:ec:e7:53:ec:
         82:3d:39:ad:6b:39:af:5a:0b:9a:23:a8:5f:ca:f9:9d:02:37:
         20:3c:c6:81:52:07:fe:5a:84:ca:03:42:5e:ce:36:66:e3:2e:
         3d:52:62:b6:d2:79:11:46:bf:a3:1e:05:36:04:85:25:ec:42:
         77:37:e0:e3:f8:fd:5b:90:28:63:4f:6f:e6:3f:39:d3:e7:92:
         1e:c7:4b:85:c6:65:cb:44:0f:77:c6:38:a2:f5:88:e3:d8:9f:
         27:41:4e:3e:d9:65:99:d1:6c:c8:e7:24:32:3f:56:9c:53:de:
         87:be:1b:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhH2yrV7RY/iLnzQfv0Vq0pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTIzMDkwNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2FmMWI0ZDM2ODliYjgwZmMyY2U5N2E5ODRjNDQzMDZmM2FkNDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyLrldGc9cr/Hh8pNROCV/bQIRwq
hi1a7iMNCAm7UUaYeZw4nPcRMI5nQbdyURq3qQjM+U9hg4r1XPCZJfz+p6AiwLtc
+oyVcAnYtXCx0wmFohmrh2ECrA/T69J839l06buQZworxupY40qT9MSfIEMWAAYY
qJWnGVdSkqXtV/WJwlgMaYPdecTcT4To0s+eE6w87UXnrw8wWOtbCeuQ+mTRiKuS
m9FhbDLgo10a56VImjhNU1Mby6Emj2knrxB3f78agrxB5hJW8KPV7+qq8feXm0/1
g8TJLQ53/tHECqvIayLCnTTryj6Gxt9/kDUPp4mqJ4046sb52nkroOm9EQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLyvG002ibuA/CzpephMRDBvOtRbMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdks4YlRUYUp1NEQ4TE9sNm1FeEVNRzg2MUZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjqbMA0G
CSqGSIb3DQEBCwUAA4IBAQBE5V+mCka3Jd7QGwRY+mGYpAefU1QMpsnD10KWBOpV
mqsgipkCvWnQ/I1YpOt+5SzBcGwOKOoEzp6DN4/tKZyjiAFVcgapqiMPK57Quhe0
hQaOIY4EkNmPP5UBG7f5+Ozh0yY5LGyEjikuV5hgKlUwoxaAeeprGVv9+hqiwvaS
0RkspeY0xZzl/RDht+znU+yCPTmtazmvWguaI6hfyvmdAjcgPMaBUgf+WoTKA0Je
zjZm4y49UmK20nkRRr+jHgU2BIUl7EJ3N+Dj+P1bkChjT2/mPznT55Iex0uFxmXL
RA93xjii9Yjj2J8nQU4+2WWZ0WzI5yQyP1acU96Hvhvh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:50 2024 by rpki-client on console-ams.rpki-client.org