Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/60QPfZpGTHnP_ndKaXD0p81kynw.roa
File:                     60QPfZpGTHnP_ndKaXD0p81kynw.roa (raw, json)
Hash identifier:          KQS1T5M+0zNE8meoivtcf68mJQZz+YrJZXtA5f4xrbk=
Subject key identifier:   EB:44:0F:7D:9A:46:4C:79:CF:FE:77:4A:69:70:F4:A7:CD:64:CA:7C
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       0187284A996ADD30A3651B7478819486A870
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/60QPfZpGTHnP_ndKaXD0p81kynw.roa
Signing time:             Tue 28 Mar 2023 12:56:30 +0000
ROA not before:           Tue 28 Mar 2023 12:56:30 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48678
IP address blocks:        94.156.11.0/24 maxlen: 24
                          37.221.120.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 12 Apr 2023 12:04:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:28:4a:99:6a:dd:30:a3:65:1b:74:78:81:94:86:a8:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Mar 28 12:56:30 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eb440f7d9a464c79cffe774a6970f4a7cd64ca7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:85:71:a2:4f:aa:da:c5:87:80:9b:12:75:47:
                    5e:0e:4e:ab:c5:04:c1:93:dc:1c:4b:84:eb:8c:29:
                    02:8b:c4:1f:7e:ca:2c:cc:70:b5:1d:e6:2d:b8:2e:
                    4d:36:6e:ef:9d:95:68:41:96:29:cc:d6:71:49:94:
                    bc:5a:44:2c:10:d8:59:39:27:61:34:3b:49:30:10:
                    ee:21:ea:85:2d:2a:1e:7a:84:a8:ed:69:00:5a:4b:
                    57:5e:9b:bf:b9:49:fe:4c:d9:33:54:d5:22:99:e8:
                    1a:16:0a:13:5e:db:a0:8e:15:e1:37:1d:10:c4:0d:
                    0d:02:c4:b0:40:1d:94:11:a1:e5:63:59:6f:88:f4:
                    11:9d:69:d4:0f:a2:0b:7a:90:03:0c:a8:1a:37:a1:
                    ab:d0:8f:6a:11:c8:40:21:d1:a0:a6:ff:a8:16:df:
                    97:97:ff:9e:25:f0:11:da:6d:f0:c4:1f:d6:3d:09:
                    99:59:30:80:44:7f:a6:ea:d2:3a:27:38:fd:ae:85:
                    46:e7:3e:d3:cb:2a:5b:f3:c4:eb:b6:33:98:c2:41:
                    26:39:2b:cc:c6:2f:98:07:72:46:0f:7f:5a:bc:22:
                    78:42:fd:8b:87:8e:e4:15:96:c3:c7:be:fe:bd:c0:
                    48:bc:e1:a6:86:05:4b:12:3c:1a:31:7f:94:56:29:
                    fc:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:44:0F:7D:9A:46:4C:79:CF:FE:77:4A:69:70:F4:A7:CD:64:CA:7C
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/60QPfZpGTHnP_ndKaXD0p81kynw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.221.120.0/22
                  94.156.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:44:5d:04:1a:82:ec:50:3d:3c:78:32:4f:83:4b:3f:23:64:
         53:01:c7:3a:63:71:89:54:d9:68:f5:9e:fa:75:d4:d7:77:7b:
         1c:0a:5a:4a:d8:ac:d2:22:a7:de:54:92:6e:15:91:bb:dc:86:
         a6:2c:0b:db:f5:6a:5d:cc:de:e9:c1:aa:5d:6b:b7:0f:b6:f7:
         5e:4d:bf:13:46:8d:84:32:80:39:81:18:4b:06:30:f0:e3:2c:
         28:6a:bd:43:ee:a2:59:f0:7b:29:e4:75:b1:d7:ed:55:e0:ac:
         bb:1d:74:d0:ee:73:bf:2a:c7:c9:99:79:34:1f:31:9e:6d:7c:
         01:58:9c:2e:c9:b7:d6:34:6e:e0:0d:4d:a7:a3:78:a5:7f:bb:
         3f:83:d7:07:57:1c:0f:2a:2f:77:f8:2e:c3:a9:e5:b3:9d:fd:
         45:68:ae:4d:e7:80:cf:77:52:59:d6:1d:5e:12:1c:2d:05:9a:
         99:b2:22:41:24:98:32:16:5e:d3:a6:0b:96:d2:f7:3c:65:ca:
         c2:d0:3d:53:77:7e:c7:cc:c9:1c:92:d7:59:69:9c:60:27:df:
         9f:ad:21:b6:c7:76:70:8e:12:43:8d:12:b4:2f:ff:df:9a:3f:
         4e:5d:5a:78:0b:62:b9:ab:ab:07:bc:21:9b:40:52:4c:aa:d6:
         8c:71:72:ed
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcoSplq3TCjZRt0eIGUhqhwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMzI4MTI1NjMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjQ0MGY3ZDlhNDY0Yzc5Y2ZmZTc3NGE2OTcwZjRhN2NkNjRjYTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYVxok+q2sWHgJsSdUdeDk6rxQTB
k9wcS4TrjCkCi8QffsoszHC1HeYtuC5NNm7vnZVoQZYpzNZxSZS8WkQsENhZOSdh
NDtJMBDuIeqFLSoeeoSo7WkAWktXXpu/uUn+TNkzVNUimegaFgoTXtugjhXhNx0Q
xA0NAsSwQB2UEaHlY1lviPQRnWnUD6ILepADDKgaN6Gr0I9qEchAIdGgpv+oFt+X
l/+eJfAR2m3wxB/WPQmZWTCARH+m6tI6Jzj9roVG5z7Tyypb88TrtjOYwkEmOSvM
xi+YB3JGD39avCJ4Qv2Lh47kFZbDx77+vcBIvOGmhgVLEjwaMX+UVin8QwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOtED32aRkx5z/53Smlw9KfNZMp8MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNjBRUGZacEdUSG5QX25kS2FYRDBwODFreW53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCJd14AwQA
XpwLMA0GCSqGSIb3DQEBCwUAA4IBAQAeRF0EGoLsUD08eDJPg0s/I2RTAcc6Y3GJ
VNlo9Z76ddTXd3scClpK2KzSIqfeVJJuFZG73IamLAvb9WpdzN7pwapda7cPtvde
Tb8TRo2EMoA5gRhLBjDw4ywoar1D7qJZ8Hsp5HWx1+1V4Ky7HXTQ7nO/KsfJmXk0
HzGebXwBWJwuybfWNG7gDU2no3ilf7s/g9cHVxwPKi93+C7DqeWznf1FaK5N54DP
d1JZ1h1eEhwtBZqZsiJBJJgyFl7TpguW0vc8ZcrC0D1Td37HzMkcktdZaZxgJ9+f
rSG2x3ZwjhJDjRK0L//fmj9OXVp4C2K5q6sHvCGbQFJMqtaMcXLt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:58 2024 by rpki-client on console-fra.rpki-client.org