Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xpq9CdkwuoxO3MzMkfyVrF-MDu0.roa
File:                     xpq9CdkwuoxO3MzMkfyVrF-MDu0.roa (raw, json)
Hash identifier:          DtQfz+Sb/mzV+vniSy7sYKgiMHFC+5G5ypWBxPDzc7I=
Subject key identifier:   C6:9A:BD:09:D9:30:BA:8C:4E:DC:CC:CC:91:FC:95:AC:5F:8C:0E:ED
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018CB1D46E78833C1CE0D0C32CFF7B0EBE73
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xpq9CdkwuoxO3MzMkfyVrF-MDu0.roa
Signing time:             Thu 28 Dec 2023 19:08:58 +0000
ROA not before:           Thu 28 Dec 2023 19:08:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212027
IP address blocks:        212.192.213.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:b1:d4:6e:78:83:3c:1c:e0:d0:c3:2c:ff:7b:0e:be:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Dec 28 19:08:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c69abd09d930ba8c4edccccc91fc95ac5f8c0eed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:c7:ff:ea:3b:7f:be:dc:28:77:0c:25:ec:b4:
                    4a:05:81:2d:d1:14:48:ea:bf:b8:7a:08:bd:95:c2:
                    aa:4f:d9:dc:47:4f:3c:ae:8b:86:00:bc:80:6a:6d:
                    c0:91:d6:f0:c2:e8:83:14:a6:39:dc:44:50:ce:16:
                    61:30:0d:58:ec:52:5d:56:47:57:30:42:75:bb:fb:
                    64:77:2f:66:25:98:b6:54:9d:eb:63:2f:9a:24:b0:
                    06:32:76:df:2b:fe:1a:ea:21:51:c4:be:9e:09:24:
                    db:ff:84:9d:2b:b3:d5:24:ad:76:c8:e4:6d:b7:9a:
                    fb:e5:1e:7a:e4:59:d6:e7:77:af:07:5d:44:cc:18:
                    15:c2:05:b5:8e:0c:f5:78:f7:63:1b:63:2e:ac:e4:
                    64:73:9e:86:76:21:ff:f6:9a:c1:46:c3:64:25:0c:
                    44:f4:2f:18:2f:87:cd:b7:8d:b2:8b:01:39:2f:8c:
                    f2:35:46:e8:f8:6e:9a:86:89:e0:0b:02:3b:7e:07:
                    88:67:93:64:48:bb:ed:7e:54:3e:4c:fe:a2:4f:82:
                    3f:a1:01:38:7f:2c:11:39:a0:32:62:f6:80:03:d0:
                    c2:c1:f6:65:7a:96:23:a3:51:f8:d6:74:8a:49:b4:
                    7a:0b:05:1e:b4:a6:de:00:69:9b:33:44:a2:57:60:
                    82:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:9A:BD:09:D9:30:BA:8C:4E:DC:CC:CC:91:FC:95:AC:5F:8C:0E:ED
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xpq9CdkwuoxO3MzMkfyVrF-MDu0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.192.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:47:2d:5c:4d:83:b3:f1:17:99:69:05:1e:50:5a:8d:f1:b8:
         bd:3f:85:99:cb:55:f5:10:68:78:a2:62:0e:f3:1b:2a:6a:28:
         6a:ff:20:e1:c3:5a:0f:cd:9f:ee:5c:17:61:41:eb:39:00:79:
         49:f2:ba:23:97:54:c2:04:99:c3:c2:17:50:48:a3:bb:d3:35:
         70:83:1d:c8:ec:9b:55:ce:70:ef:a4:22:6e:5b:40:f8:91:73:
         ff:1e:4c:a3:7a:0a:2c:f3:a6:a0:7f:8d:f0:49:d0:ff:61:cc:
         83:05:19:f4:34:6b:e6:f0:07:4a:2a:14:46:fc:c9:8f:8c:d1:
         4a:03:15:fe:54:02:f2:59:0c:cc:b5:50:19:24:04:4f:9f:8b:
         ab:a1:26:5f:03:57:76:ec:cd:06:79:26:38:12:90:c9:37:e1:
         76:28:77:a5:86:5f:d7:3a:32:fa:d2:3e:93:1e:68:24:e9:c2:
         b7:02:5d:7d:2c:58:77:9c:1c:a6:90:72:4c:6a:c7:a1:7c:4c:
         20:5b:64:9d:ed:da:6f:3c:82:9e:e6:aa:98:58:30:31:a5:7d:
         f0:0a:5a:5e:59:ec:8a:1b:84:15:54:a7:2b:04:f6:76:5b:37:
         59:37:b2:8a:3e:35:aa:69:47:ad:5e:b9:1d:59:6d:b3:93:65:
         b5:c8:d3:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyx1G54gzwc4NDDLP97Dr5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjI4MTkwODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjlhYmQwOWQ5MzBiYThjNGVkY2NjY2M5MWZjOTVhYzVmOGMwZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsf/6jt/vtwodwwl7LRKBYEt0RRI
6r+4egi9lcKqT9ncR088rouGALyAam3AkdbwwuiDFKY53ERQzhZhMA1Y7FJdVkdX
MEJ1u/tkdy9mJZi2VJ3rYy+aJLAGMnbfK/4a6iFRxL6eCSTb/4SdK7PVJK12yORt
t5r75R565FnW53evB11EzBgVwgW1jgz1ePdjG2MurORkc56GdiH/9prBRsNkJQxE
9C8YL4fNt42yiwE5L4zyNUbo+G6ahongCwI7fgeIZ5NkSLvtflQ+TP6iT4I/oQE4
fywROaAyYvaAA9DCwfZlepYjo1H41nSKSbR6CwUetKbeAGmbM0SiV2CCMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMaavQnZMLqMTtzMzJH8laxfjA7tMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveHBxOUNka3d1b3hPM016TWtmeVZyRi1NRHUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1MDVMA0G
CSqGSIb3DQEBCwUAA4IBAQAhRy1cTYOz8ReZaQUeUFqN8bi9P4WZy1X1EGh4omIO
8xsqaihq/yDhw1oPzZ/uXBdhQes5AHlJ8rojl1TCBJnDwhdQSKO70zVwgx3I7JtV
znDvpCJuW0D4kXP/Hkyjegos86agf43wSdD/YcyDBRn0NGvm8AdKKhRG/MmPjNFK
AxX+VALyWQzMtVAZJARPn4uroSZfA1d27M0GeSY4EpDJN+F2KHelhl/XOjL60j6T
Hmgk6cK3Al19LFh3nBymkHJMasehfEwgW2Sd7dpvPIKe5qqYWDAxpX3wClpeWeyK
G4QVVKcrBPZ2WzdZN7KKPjWqaUetXrkdWW2zk2W1yNNT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:30 2024 by rpki-client on console-fra.rpki-client.org