Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/otwU04Y3ZAMIF0HMEvjpKe9Oq7I.roa
File:                     otwU04Y3ZAMIF0HMEvjpKe9Oq7I.roa (raw, json)
Hash identifier:          lTmSMu/o8h4lNYwQZwYl3IvSYJ1nsT52BGWAcnI72B0=
Subject key identifier:   A2:DC:14:D3:86:37:64:03:08:17:41:CC:12:F8:E9:29:EF:4E:AB:B2
Certificate issuer:       /CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Certificate serial:       0187FC8F680D5DBDCA5035952DEECA65C864
Authority key identifier: 60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/otwU04Y3ZAMIF0HMEvjpKe9Oq7I.roa
Signing time:             Mon 08 May 2023 18:11:09 +0000
ROA not before:           Mon 08 May 2023 18:11:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        192.35.206.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:fc:8f:68:0d:5d:bd:ca:50:35:95:2d:ee:ca:65:c8:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
        Validity
            Not Before: May  8 18:11:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a2dc14d386376403081741cc12f8e929ef4eabb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:ff:91:4a:d0:d7:a4:bf:bd:85:b7:23:ed:63:
                    81:b7:24:fb:33:d1:13:1e:ad:19:b9:ab:97:6b:fb:
                    7e:cc:dc:ee:78:bf:54:b3:e7:7b:84:fc:ff:97:dd:
                    6d:2f:3c:62:d6:44:ed:6b:64:71:b1:c4:96:50:df:
                    be:94:67:67:67:c1:db:ef:8b:07:f3:a8:83:54:e8:
                    5c:0b:72:81:93:6e:7f:b8:0b:b4:c7:d0:a3:ef:2a:
                    68:42:80:66:1d:bb:2b:e3:43:5d:83:af:1a:70:de:
                    29:63:5d:a2:3d:0a:10:eb:c7:5b:e8:eb:f1:05:98:
                    bf:3c:7f:ba:58:8f:58:80:3d:07:6b:2f:8c:3d:47:
                    f7:fc:ff:6f:5a:f4:7e:77:0c:15:ed:ca:8c:27:ca:
                    7b:94:20:07:19:7c:9e:d9:19:1b:a8:05:a5:a4:ce:
                    ed:f1:c9:37:cd:7c:12:c5:46:f7:2e:ce:48:6d:f9:
                    4f:e0:02:b9:8e:24:d9:5f:39:65:03:50:4a:7f:c5:
                    d9:46:5a:ce:35:63:4b:61:eb:44:9d:90:41:52:0b:
                    da:4e:c0:72:5e:90:3d:0d:f6:e5:3e:46:b1:5b:86:
                    5e:43:58:55:b9:3c:19:12:5d:47:58:4e:3b:7d:a6:
                    07:b2:8e:32:ad:bb:24:40:7a:e6:92:8f:0b:47:a7:
                    d2:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:DC:14:D3:86:37:64:03:08:17:41:CC:12:F8:E9:29:EF:4E:AB:B2
            X509v3 Authority Key Identifier:
                keyid:60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/otwU04Y3ZAMIF0HMEvjpKe9Oq7I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.35.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:e1:81:c9:90:08:3c:de:b9:a7:a4:27:bc:12:b2:b7:0b:72:
         f6:c4:fc:b4:12:5d:c0:44:d4:fd:bb:41:78:09:de:0a:ef:2d:
         c9:3d:10:d3:d7:17:b7:8e:ff:39:5c:88:68:7c:41:f9:11:95:
         c5:97:ac:87:22:38:b0:60:95:cb:ba:75:1f:d7:a7:bc:34:69:
         4d:3f:35:ac:68:2a:e3:99:53:33:a4:27:b3:80:57:8d:d1:29:
         f1:17:29:8a:47:e2:e5:61:cd:e0:81:02:ef:85:71:a3:a4:27:
         84:59:de:17:8e:d9:06:37:ce:9a:f9:a7:d2:23:ba:65:81:80:
         98:44:e0:b4:92:6e:2b:af:c1:78:da:c8:0f:80:f3:bd:4f:74:
         c4:53:53:be:d9:f3:29:db:d9:89:92:72:0d:4b:ea:b2:69:5a:
         12:25:dd:35:1d:48:5a:27:89:d0:e1:e6:46:88:71:2d:a6:52:
         0d:cf:b9:1e:74:38:4f:5f:a7:53:ae:65:0f:d9:aa:c4:32:1d:
         67:2f:57:a5:e1:dc:af:59:a8:6a:27:e2:c2:85:3e:c8:9b:7e:
         19:2b:e4:4e:f6:fe:b6:19:6b:e1:c7:ac:58:27:8b:7e:63:9e:
         a4:41:5f:e4:b5:96:b8:b5:0a:11:90:64:12:d4:ff:cc:72:84:
         2d:29:21:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYf8j2gNXb3KUDWVLe7KZchkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTk4ZDNjOWQ4YmRjOWMxZGZmOGUzMTk0MjQ0MTJiNmNk
YzFkZDMwHhcNMjMwNTA4MTgxMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmRjMTRkMzg2Mzc2NDAzMDgxNzQxY2MxMmY4ZTkyOWVmNGVhYmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/+RStDXpL+9hbcj7WOBtyT7M9ET
Hq0ZuauXa/t+zNzueL9Us+d7hPz/l91tLzxi1kTta2RxscSWUN++lGdnZ8Hb74sH
86iDVOhcC3KBk25/uAu0x9Cj7ypoQoBmHbsr40Ndg68acN4pY12iPQoQ68db6Ovx
BZi/PH+6WI9YgD0Hay+MPUf3/P9vWvR+dwwV7cqMJ8p7lCAHGXye2RkbqAWlpM7t
8ck3zXwSxUb3Ls5IbflP4AK5jiTZXzllA1BKf8XZRlrONWNLYetEnZBBUgvaTsBy
XpA9DfblPkaxW4ZeQ1hVuTwZEl1HWE47faYHso4yrbskQHrmko8LR6fSRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKLcFNOGN2QDCBdBzBL46SnvTquyMB8GA1UdIwQY
MBaAFGCZjTydi9ycHf+OMZQkQSts3B3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWIt
MGVhNGQ1MzFiNzkzLzEvb3R3VTA0WTNaQU1JRjBITUV2anBLZTlPcTdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWItMGVhNGQ1MzFiNzkz
LzEvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwCPOMA0G
CSqGSIb3DQEBCwUAA4IBAQAC4YHJkAg83rmnpCe8ErK3C3L2xPy0El3ARNT9u0F4
Cd4K7y3JPRDT1xe3jv85XIhofEH5EZXFl6yHIjiwYJXLunUf16e8NGlNPzWsaCrj
mVMzpCezgFeN0SnxFymKR+LlYc3ggQLvhXGjpCeEWd4XjtkGN86a+afSI7plgYCY
ROC0km4rr8F42sgPgPO9T3TEU1O+2fMp29mJknINS+qyaVoSJd01HUhaJ4nQ4eZG
iHEtplINz7kedDhPX6dTrmUP2arEMh1nL1el4dyvWahqJ+LChT7Im34ZK+RO9v62
GWvhx6xYJ4t+Y56kQV/ktZa4tQoRkGQS1P/McoQtKSEw
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:00 2023 by rpki-client on console-fra.rpki-client.org