Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wPNyfChHBqy9Mt47WyaYSTfOH54.roa
File:                     wPNyfChHBqy9Mt47WyaYSTfOH54.roa (raw, json)
Hash identifier:          QmXJJzblFHj8s5wPvLtKJvZAF6DL9rxnny/hZnYQQMw=
Subject key identifier:   C0:F3:72:7C:28:47:06:AC:BD:32:DE:3B:5B:26:98:49:37:CE:1F:9E
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018CE8492F7AEF9B269BE8C2A3230A082FF0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wPNyfChHBqy9Mt47WyaYSTfOH54.roa
Signing time:             Mon 08 Jan 2024 08:55:59 +0000
ROA not before:           Mon 08 Jan 2024 08:55:59 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60707
IP address blocks:        194.87.67.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 04 Feb 2024 14:43:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:e8:49:2f:7a:ef:9b:26:9b:e8:c2:a3:23:0a:08:2f:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan  8 08:55:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c0f3727c284706acbd32de3b5b26984937ce1f9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:3d:bc:c3:5c:1f:ed:94:76:e3:91:db:f2:0b:
                    dc:1b:ab:21:1b:6d:9a:0c:c6:24:76:82:c2:78:85:
                    4d:74:29:3c:f2:1c:ae:a2:ee:29:c7:68:89:c3:f0:
                    cc:d3:5b:c6:45:9e:b0:33:6b:63:04:4c:9c:62:7a:
                    37:c8:3e:b2:db:5e:b2:ea:16:61:8b:f4:6a:bb:9e:
                    21:52:3b:cb:98:14:5d:b6:44:91:56:f7:4a:fb:8d:
                    7a:57:f8:4b:fa:6e:f6:ce:b7:48:8e:d4:f1:e4:e7:
                    92:84:9c:6a:4b:92:73:98:87:29:81:dd:67:21:6c:
                    cd:c1:d7:e4:ac:2c:75:76:df:c0:ed:75:43:9d:1b:
                    93:1b:dc:bc:3c:13:50:d4:87:d8:6d:53:bf:e8:40:
                    9c:ac:0e:7b:0d:67:40:18:97:ba:03:f8:e4:eb:b3:
                    e9:61:c3:b3:cd:c4:bc:cd:5c:86:a3:70:36:21:d9:
                    9f:02:84:1f:8a:97:b6:b4:f9:79:c5:c4:20:06:20:
                    36:f1:68:9e:34:d5:ff:9b:8e:b3:8d:ed:9b:ca:70:
                    df:0c:2b:b6:6a:f6:49:cc:be:3e:22:5d:d3:88:a1:
                    a0:33:a8:93:23:e2:93:77:47:4b:f8:a0:1d:d6:62:
                    e0:b2:13:de:0e:21:f8:fa:b1:18:96:48:ea:32:4c:
                    7a:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:F3:72:7C:28:47:06:AC:BD:32:DE:3B:5B:26:98:49:37:CE:1F:9E
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wPNyfChHBqy9Mt47WyaYSTfOH54.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:b8:24:b1:35:12:5e:e4:b2:29:a1:4a:51:c0:bd:c6:39:46:
         d1:e1:30:24:61:c7:9d:57:ca:cf:14:a8:e5:f0:09:89:98:0c:
         f5:88:2b:c1:f4:d1:d1:bd:2d:93:69:9b:0a:41:e5:fb:eb:84:
         00:1d:dd:c5:32:aa:11:9c:48:ac:8e:be:40:5e:42:b5:09:a6:
         40:56:e8:b6:ca:73:ce:7b:89:2a:9d:32:ac:b4:47:e2:68:ce:
         d1:50:51:71:ac:47:e3:04:6d:8d:d7:b3:e8:6b:9f:86:2c:75:
         3a:e7:4e:cd:7e:a0:ae:4b:b4:ae:3d:03:73:92:8e:de:6e:4d:
         b2:25:9b:5b:cf:13:8b:93:fd:a5:79:ab:c7:39:c5:4d:a5:39:
         f9:6f:c5:f7:17:f2:a6:9b:40:8e:54:98:c0:15:51:b9:85:ba:
         b8:f4:d7:e5:e8:ab:c6:19:a4:7b:98:36:d0:f5:34:b2:d3:dc:
         d3:25:7b:ca:89:5f:86:4f:f8:3f:63:73:1e:b7:a1:ee:f2:17:
         f1:5f:34:e0:e0:69:f3:e6:ce:47:38:31:d5:a0:f2:ff:4d:86:
         66:7b:0f:e6:1d:e1:95:75:55:09:10:4a:57:ac:c0:f8:bc:4b:
         cf:de:e9:4d:d0:46:19:1d:8a:65:9a:54:ce:01:3c:86:b3:0f:
         23:1f:40:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzoSS9675smm+jCoyMKCC/wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTA4MDg1NTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGYzNzI3YzI4NDcwNmFjYmQzMmRlM2I1YjI2OTg0OTM3Y2UxZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoD28w1wf7ZR245Hb8gvcG6shG22a
DMYkdoLCeIVNdCk88hyuou4px2iJw/DM01vGRZ6wM2tjBEycYno3yD6y216y6hZh
i/Rqu54hUjvLmBRdtkSRVvdK+416V/hL+m72zrdIjtTx5OeShJxqS5JzmIcpgd1n
IWzNwdfkrCx1dt/A7XVDnRuTG9y8PBNQ1IfYbVO/6ECcrA57DWdAGJe6A/jk67Pp
YcOzzcS8zVyGo3A2IdmfAoQfipe2tPl5xcQgBiA28WieNNX/m46zje2bynDfDCu2
avZJzL4+Il3TiKGgM6iTI+KTd0dL+KAd1mLgshPeDiH4+rEYlkjqMkx6OwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMDzcnwoRwasvTLeO1smmEk3zh+eMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvd1BOeWZDaEhCcXk5TXQ0N1d5YVlTVGZPSDU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwldDMA0G
CSqGSIb3DQEBCwUAA4IBAQBLuCSxNRJe5LIpoUpRwL3GOUbR4TAkYcedV8rPFKjl
8AmJmAz1iCvB9NHRvS2TaZsKQeX764QAHd3FMqoRnEisjr5AXkK1CaZAVui2ynPO
e4kqnTKstEfiaM7RUFFxrEfjBG2N17Poa5+GLHU6507NfqCuS7SuPQNzko7ebk2y
JZtbzxOLk/2leavHOcVNpTn5b8X3F/Kmm0COVJjAFVG5hbq49Nfl6KvGGaR7mDbQ
9TSy09zTJXvKiV+GT/g/Y3Met6Hu8hfxXzTg4Gnz5s5HODHVoPL/TYZmew/mHeGV
dVUJEEpXrMD4vEvP3ulN0EYZHYplmlTOATyGsw8jH0DN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:29 2024 by rpki-client on console-fra.rpki-client.org