Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/wPf15FrsBu8rxNMjaawGAfWu8ns.roa
File:                     wPf15FrsBu8rxNMjaawGAfWu8ns.roa (raw, json)
Hash identifier:          KErWyOMzjnrFJzJ/qcSvhe2SLYAMNlO6/8JZ9ii5TTo=
Subject key identifier:   C0:F7:F5:E4:5A:EC:06:EF:2B:C4:D3:23:69:AC:06:01:F5:AE:F2:7B
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       01856ED4B73E3481C049A5305860539D0F7B
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/wPf15FrsBu8rxNMjaawGAfWu8ns.roa
Signing time:             Sun 01 Jan 2023 19:35:12 +0000
ROA not before:           Sun 01 Jan 2023 19:35:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        194.15.96.0/22 maxlen: 24
                          188.209.128.0/22 maxlen: 24
                          188.209.132.0/22 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:b7:3e:34:81:c0:49:a5:30:58:60:53:9d:0f:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Jan  1 19:35:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c0f7f5e45aec06ef2bc4d32369ac0601f5aef27b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:87:2f:ae:5e:62:9c:97:29:9e:ad:f7:e5:57:
                    e8:54:76:8a:35:65:7c:c2:aa:cd:97:80:7a:95:39:
                    be:d7:fc:1e:e9:fa:f6:9e:5e:85:76:63:ff:89:92:
                    de:f8:26:6c:06:00:da:1c:1b:59:a0:80:61:27:d7:
                    08:b9:1b:90:cb:d2:23:eb:f0:7b:d2:e5:41:16:9e:
                    66:a9:08:c8:d7:92:67:73:68:93:1e:ea:40:06:01:
                    3a:7d:87:bd:7f:3a:4b:f3:a1:28:d6:dc:ac:01:98:
                    7b:c8:84:0c:4f:43:5c:bf:5d:72:35:e3:43:f9:3e:
                    af:3a:a6:36:8c:c3:38:b0:be:88:bc:6b:ca:b7:ac:
                    ad:71:8c:88:7e:83:c7:60:04:4d:ad:a4:2a:1c:10:
                    44:b3:8b:ae:42:ae:ea:59:03:a4:eb:51:6c:fd:15:
                    fe:34:1c:4a:23:cc:cf:41:6a:a4:a9:cd:2a:ab:e6:
                    27:1c:c8:ea:d2:9a:9d:24:44:fb:91:e1:7d:8b:67:
                    50:b3:1d:e0:05:39:7b:c5:21:7a:0b:71:0f:7d:94:
                    3a:ec:9c:af:d9:5d:36:f5:55:82:5f:45:51:77:0c:
                    a8:00:0e:84:c7:04:bb:bc:de:be:2d:d8:2b:13:a7:
                    3e:b1:a4:87:51:93:5b:9c:5e:d2:1a:09:d9:19:4c:
                    3b:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:F7:F5:E4:5A:EC:06:EF:2B:C4:D3:23:69:AC:06:01:F5:AE:F2:7B
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/wPf15FrsBu8rxNMjaawGAfWu8ns.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.209.128.0/21
                  194.15.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         83:70:0c:ab:71:18:78:3c:c1:68:33:4a:d9:ef:89:94:d5:5c:
         28:0c:dc:8e:12:95:f4:e5:c6:3d:c2:37:39:46:32:59:c0:4e:
         f6:5b:90:7e:2b:57:60:03:ff:cf:26:02:25:b4:d2:26:5f:7e:
         3d:52:c3:f4:22:30:92:d3:72:5d:c5:16:8a:08:d0:f0:a4:f8:
         62:1e:13:e3:97:c5:f5:8e:98:c8:1b:92:72:db:e5:22:32:e5:
         e5:87:ef:23:38:f6:15:5d:66:5d:31:88:8c:0e:4b:bc:61:28:
         5e:9b:60:1c:6f:93:5b:d5:a4:ed:ef:bf:57:5d:25:63:cb:d0:
         76:ce:fe:5a:d3:9e:76:ed:69:dd:d5:2b:3e:b0:2d:6e:1c:69:
         81:e9:03:3c:58:c7:42:54:a2:0a:ce:70:48:ca:90:16:37:ac:
         fd:f3:11:d0:b1:83:5d:7e:29:b3:3c:03:81:f6:f4:cd:12:c7:
         eb:0b:75:a7:3f:47:81:d9:28:d1:5e:86:ae:89:48:0b:91:88:
         91:9f:98:be:67:d6:cc:45:a5:8c:f7:7c:2c:ad:b8:c2:7f:43:
         3b:29:b4:b7:9e:ca:a7:ad:15:3d:85:d2:31:ba:a0:3e:81:d3:
         b2:a2:9d:1e:6b:c8:26:02:11:4c:e1:9d:2b:d1:9b:37:f3:3f:
         8d:78:6c:1c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVu1Lc+NIHASaUwWGBTnQ97MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwMTAxMTkzNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGY3ZjVlNDVhZWMwNmVmMmJjNGQzMjM2OWFjMDYwMWY1YWVmMjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIcvrl5inJcpnq335VfoVHaKNWV8
wqrNl4B6lTm+1/we6fr2nl6FdmP/iZLe+CZsBgDaHBtZoIBhJ9cIuRuQy9Ij6/B7
0uVBFp5mqQjI15Jnc2iTHupABgE6fYe9fzpL86Eo1tysAZh7yIQMT0Ncv11yNeND
+T6vOqY2jMM4sL6IvGvKt6ytcYyIfoPHYARNraQqHBBEs4uuQq7qWQOk61Fs/RX+
NBxKI8zPQWqkqc0qq+YnHMjq0pqdJET7keF9i2dQsx3gBTl7xSF6C3EPfZQ67Jyv
2V029VWCX0VRdwyoAA6ExwS7vN6+LdgrE6c+saSHUZNbnF7SGgnZGUw7rwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMD39eRa7AbvK8TTI2msBgH1rvJ7MB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvd1BmMTVGcnNCdThyeE5NamFhd0dBZld1OG5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDvNGAAwQC
wg9gMA0GCSqGSIb3DQEBCwUAA4IBAQCDcAyrcRh4PMFoM0rZ74mU1VwoDNyOEpX0
5cY9wjc5RjJZwE72W5B+K1dgA//PJgIltNImX349UsP0IjCS03JdxRaKCNDwpPhi
HhPjl8X1jpjIG5Jy2+UiMuXlh+8jOPYVXWZdMYiMDku8YShem2Acb5Nb1aTt779X
XSVjy9B2zv5a05527Wnd1Ss+sC1uHGmB6QM8WMdCVKIKznBIypAWN6z98xHQsYNd
fimzPAOB9vTNEsfrC3WnP0eB2SjRXoauiUgLkYiRn5i+Z9bMRaWM93wsrbjCf0M7
KbS3nsqnrRU9hdIxuqA+gdOyop0ea8gmAhFM4Z0r0Zs38z+NeGwc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:14 2023 by rpki-client on console-fra.rpki-client.org