Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xQdGwJ6fCae7gHim_mZyIKjv-GQ.roa
File:                     xQdGwJ6fCae7gHim_mZyIKjv-GQ.roa (raw, json)
Hash identifier:          a1dQkj1QTFqYqJ9UhD2Z0Gjfg5aDRngOgIr/VtVaKBo=
Subject key identifier:   C5:07:46:C0:9E:9F:09:A7:BB:80:78:A6:FE:66:72:20:A8:EF:F8:64
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018CCA2A74DD9920D7A6C5E3A3BA78642FEA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xQdGwJ6fCae7gHim_mZyIKjv-GQ.roa
Signing time:             Tue 02 Jan 2024 12:33:49 +0000
ROA not before:           Tue 02 Jan 2024 12:33:49 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44547
IP address blocks:        62.76.230.0/24 maxlen: 24
                          212.192.5.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 05 Feb 2024 13:53:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:74:dd:99:20:d7:a6:c5:e3:a3:ba:78:64:2f:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan  2 12:33:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c50746c09e9f09a7bb8078a6fe667220a8eff864
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:29:ef:93:82:23:1e:2b:0d:09:20:66:2f:14:
                    2c:6d:74:b3:9d:ac:e1:7b:f6:71:21:ac:99:34:03:
                    86:20:cc:3d:24:c1:12:b9:16:fb:49:fe:60:59:42:
                    9f:df:ca:43:e0:f3:df:ac:fd:ce:3e:d7:12:fe:3a:
                    1f:f3:56:28:f4:ae:d3:ea:8f:c7:f5:b1:8c:a2:f0:
                    7d:9a:fa:51:2c:95:15:ad:0d:7e:8f:07:6b:90:f5:
                    00:0b:30:5e:33:7a:e0:e9:da:fa:3c:fe:65:57:62:
                    07:cc:c8:7b:4f:10:56:c4:7c:54:7f:09:a3:65:14:
                    85:77:f7:9e:bb:dc:e8:37:c4:e4:ea:32:71:fb:ef:
                    88:22:c3:78:1e:4d:1c:44:30:f4:8d:17:f6:be:e1:
                    80:c8:5a:49:16:17:a7:0e:2f:b2:9c:71:0f:e6:64:
                    ef:d4:41:e9:d2:62:a3:c9:a1:db:6d:f5:2c:fb:c2:
                    31:03:1d:51:65:ee:46:87:72:9e:30:e2:31:07:9b:
                    cb:a7:ed:3d:6d:25:f6:26:d1:cd:77:3f:59:cf:c1:
                    07:f9:a5:2f:91:0b:79:83:b1:08:29:37:9c:3b:0b:
                    7b:00:47:ea:19:24:ee:bf:30:b3:22:a5:3c:e6:47:
                    7a:b9:3f:6c:ab:3d:e4:99:72:59:39:2c:fb:ad:58:
                    73:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:07:46:C0:9E:9F:09:A7:BB:80:78:A6:FE:66:72:20:A8:EF:F8:64
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xQdGwJ6fCae7gHim_mZyIKjv-GQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.230.0/24
                  212.192.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:2a:45:5c:1d:b0:f2:16:95:c4:a8:0e:eb:0d:9c:c3:d3:9c:
         4f:53:35:8f:f6:ec:b8:ff:63:c6:e9:4a:b2:77:52:f7:17:41:
         e8:b9:3c:13:21:3a:11:35:c4:c6:97:06:61:36:ea:d7:74:de:
         0d:9a:fe:c5:31:98:79:b7:cb:b8:bc:64:73:35:12:07:05:4f:
         b7:d7:86:31:ad:f6:36:5b:01:f5:13:a0:5c:9b:5a:99:2a:d3:
         e6:4b:fe:25:bc:ee:4e:31:ad:64:e5:83:c8:da:76:d7:65:9c:
         64:70:d7:86:5e:8e:9f:8e:4d:ee:6c:1b:01:4d:52:d9:98:68:
         5d:32:de:fe:33:59:84:da:20:40:10:ff:6e:19:2c:15:47:f5:
         1f:8b:69:b5:60:ac:e3:37:85:d9:3a:1f:6b:80:89:c4:aa:93:
         4f:61:56:93:1c:db:4a:df:ce:cc:10:56:8f:70:7c:77:cf:78:
         f1:f2:70:b3:bc:c0:fb:0a:52:a8:b0:6c:d7:91:0e:88:7d:24:
         3f:b6:72:99:7d:cc:21:6c:6b:ad:5e:43:51:6b:58:ad:63:eb:
         d7:c6:00:bf:0d:1b:93:4e:26:9a:f4:7c:7c:e1:75:27:bb:56:
         25:90:9f:b3:6b:ba:5d:ce:82:a5:cf:d2:aa:40:83:e7:8b:18:
         7c:cd:bf:73
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKnTdmSDXpsXjo7p4ZC/qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTA3NDZjMDllOWYwOWE3YmI4MDc4YTZmZTY2NzIyMGE4ZWZmODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSnvk4IjHisNCSBmLxQsbXSznazh
e/ZxIayZNAOGIMw9JMESuRb7Sf5gWUKf38pD4PPfrP3OPtcS/jof81Yo9K7T6o/H
9bGMovB9mvpRLJUVrQ1+jwdrkPUACzBeM3rg6dr6PP5lV2IHzMh7TxBWxHxUfwmj
ZRSFd/eeu9zoN8Tk6jJx+++IIsN4Hk0cRDD0jRf2vuGAyFpJFhenDi+ynHEP5mTv
1EHp0mKjyaHbbfUs+8IxAx1RZe5Gh3KeMOIxB5vLp+09bSX2JtHNdz9Zz8EH+aUv
kQt5g7EIKTecOwt7AEfqGSTuvzCzIqU85kd6uT9sqz3kmXJZOSz7rVhzawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMUHRsCenwmnu4B4pv5mciCo7/hkMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveFFkR3dKNmZDYWU3Z0hpbV9tWnlJS2p2LUdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPkzmAwQA
1MAFMA0GCSqGSIb3DQEBCwUAA4IBAQAzKkVcHbDyFpXEqA7rDZzD05xPUzWP9uy4
/2PG6Uqyd1L3F0HouTwTIToRNcTGlwZhNurXdN4Nmv7FMZh5t8u4vGRzNRIHBU+3
14YxrfY2WwH1E6Bcm1qZKtPmS/4lvO5OMa1k5YPI2nbXZZxkcNeGXo6fjk3ubBsB
TVLZmGhdMt7+M1mE2iBAEP9uGSwVR/Ufi2m1YKzjN4XZOh9rgInEqpNPYVaTHNtK
387MEFaPcHx3z3jx8nCzvMD7ClKosGzXkQ6IfSQ/tnKZfcwhbGutXkNRa1itY+vX
xgC/DRuTTiaa9Hx84XUnu1YlkJ+za7pdzoKlz9KqQIPnixh8zb9z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:30 2024 by rpki-client on console-fra.rpki-client.org