Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/5b1319-b987-4f94-b326-5769019fefb8/1/_cg2Tc2xwT0qzjBvbgB7dQH0kR0.roa
File:                     _cg2Tc2xwT0qzjBvbgB7dQH0kR0.roa (raw, json)
Hash identifier:          2jXdvEhkZ6sn2UyknxxmMGB8l0cjYCVcVNZxr6ReprU=
Subject key identifier:   FD:C8:36:4D:CD:B1:C1:3D:2A:CE:30:6F:6E:00:7B:75:01:F4:91:1D
Certificate issuer:       /CN=81b14fae44dfa0e3349167433c924c9645739861
Certificate serial:       01856CE5E7D6DB7C7F23886AB24E58B21314
Authority key identifier: 81:B1:4F:AE:44:DF:A0:E3:34:91:67:43:3C:92:4C:96:45:73:98:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gbFPrkTfoOM0kWdDPJJMlkVzmGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/5b1319-b987-4f94-b326-5769019fefb8/1/_cg2Tc2xwT0qzjBvbgB7dQH0kR0.roa
Signing time:             Sun 01 Jan 2023 10:34:44 +0000
ROA not before:           Sun 01 Jan 2023 10:34:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35297
IP address blocks:        62.68.74.0/24 maxlen: 24
                          2a12:c480::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e5:e7:d6:db:7c:7f:23:88:6a:b2:4e:58:b2:13:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81b14fae44dfa0e3349167433c924c9645739861
        Validity
            Not Before: Jan  1 10:34:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fdc8364dcdb1c13d2ace306f6e007b7501f4911d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:4d:10:e8:a2:c5:e0:93:4c:fc:d6:8b:e2:37:
                    d5:5e:77:63:f7:4c:e7:42:b3:e3:77:b3:7d:3f:22:
                    3c:2b:48:9c:c0:16:b6:88:be:14:d5:86:37:ca:45:
                    d6:65:ea:e0:9c:82:4f:8b:73:d7:e4:59:27:31:e1:
                    98:1d:ef:ae:fd:d4:f6:a8:c2:47:95:b9:bf:eb:83:
                    0d:dc:f4:46:95:6a:8a:14:79:5f:94:35:d1:3b:f5:
                    de:82:fb:0b:10:9f:40:e2:ce:e0:4a:30:ed:5c:f4:
                    7f:f7:3f:58:e5:4c:c9:ad:58:76:01:1f:87:b1:96:
                    bf:50:49:c8:62:19:fe:a8:15:5c:6a:cb:b2:eb:73:
                    ce:75:be:80:93:8f:56:42:ee:e4:08:98:50:7b:a3:
                    a4:79:7f:e7:40:34:9d:36:80:33:4a:93:ee:0e:68:
                    66:50:d1:af:09:9b:49:9e:52:5e:f6:de:7f:02:40:
                    65:d5:9f:7b:b1:4d:59:7b:05:a2:5e:c9:85:e4:b8:
                    8c:45:e6:30:34:6b:e5:8d:31:ef:d0:e5:1f:3b:4d:
                    09:f3:ec:e8:c8:14:33:e1:06:92:36:c4:0c:79:bf:
                    fc:cb:22:c8:df:4d:13:64:43:fb:fe:ca:b0:ac:24:
                    c1:82:bb:0c:f0:26:39:c7:2d:2e:34:77:a5:6d:3a:
                    7a:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:C8:36:4D:CD:B1:C1:3D:2A:CE:30:6F:6E:00:7B:75:01:F4:91:1D
            X509v3 Authority Key Identifier:
                keyid:81:B1:4F:AE:44:DF:A0:E3:34:91:67:43:3C:92:4C:96:45:73:98:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gbFPrkTfoOM0kWdDPJJMlkVzmGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/5b1319-b987-4f94-b326-5769019fefb8/1/_cg2Tc2xwT0qzjBvbgB7dQH0kR0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/5b1319-b987-4f94-b326-5769019fefb8/1/gbFPrkTfoOM0kWdDPJJMlkVzmGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.68.74.0/24
                IPv6:
                  2a12:c480::/29

    Signature Algorithm: sha256WithRSAEncryption
         3d:d5:ab:87:6c:11:a9:92:8c:ae:f6:78:e2:d7:9e:97:79:54:
         63:bf:0b:65:2f:35:88:91:db:0a:28:fa:46:be:d8:ae:13:3c:
         ca:61:78:31:7e:1a:5f:1f:3e:f1:b0:40:da:26:bd:cf:f5:d2:
         60:3e:9e:bf:53:3d:15:10:67:93:ad:5e:91:26:bb:08:97:1d:
         96:1b:77:68:6c:d3:79:9b:b6:64:fe:9b:46:ff:c0:5c:f9:0c:
         a3:35:35:d4:e9:d0:8b:1e:b1:06:68:84:1f:fd:df:f4:2e:aa:
         90:37:b5:e4:57:fc:1d:63:54:22:53:65:83:04:03:61:4c:de:
         ab:b1:59:8f:c0:7d:39:f2:bb:2c:d9:8e:6b:56:08:45:7f:89:
         f6:41:24:4a:d8:22:50:e3:a8:4a:8b:b5:0f:82:0a:d1:bc:75:
         5c:06:cc:d1:61:97:41:f5:92:68:fe:40:00:99:85:09:5e:80:
         69:ae:56:a5:af:30:0b:8d:70:74:6a:a8:f4:07:52:5d:d5:a5:
         ea:5e:35:b4:79:e5:ac:4f:58:43:00:c5:23:c4:57:94:8d:19:
         58:38:14:ef:72:d4:7b:53:5a:a2:b5:b0:3c:cd:cc:33:b9:7e:
         51:82:01:c3:ec:08:5b:57:23:54:40:dd:31:f6:4c:1a:16:4b:
         3d:f5:cc:15
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVs5efW23x/I4hqsk5YshMUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYjE0ZmFlNDRkZmEwZTMzNDkxNjc0MzNjOTI0Yzk2NDU3
Mzk4NjEwHhcNMjMwMTAxMTAzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGM4MzY0ZGNkYjFjMTNkMmFjZTMwNmY2ZTAwN2I3NTAxZjQ5MTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0U0Q6KLF4JNM/NaL4jfVXndj90zn
QrPjd7N9PyI8K0icwBa2iL4U1YY3ykXWZergnIJPi3PX5FknMeGYHe+u/dT2qMJH
lbm/64MN3PRGlWqKFHlflDXRO/XegvsLEJ9A4s7gSjDtXPR/9z9Y5UzJrVh2AR+H
sZa/UEnIYhn+qBVcasuy63POdb6Ak49WQu7kCJhQe6OkeX/nQDSdNoAzSpPuDmhm
UNGvCZtJnlJe9t5/AkBl1Z97sU1ZewWiXsmF5LiMReYwNGvljTHv0OUfO00J8+zo
yBQz4QaSNsQMeb/8yyLI300TZEP7/sqwrCTBgrsM8CY5xy0uNHelbTp6dQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP3INk3NscE9Ks4wb24Ae3UB9JEdMB8GA1UdIwQY
MBaAFIGxT65E36DjNJFnQzySTJZFc5hhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2JGUHJrVGZvT00wa1dkRFBKSk1sa1Z6bUdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy81YjEzMTktYjk4Ny00Zjk0LWIzMjYt
NTc2OTAxOWZlZmI4LzEvX2NnMlRjMnh3VDBxempCdmJnQjdkUUgwa1IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy81YjEzMTktYjk4Ny00Zjk0LWIzMjYtNTc2OTAxOWZlZmI4
LzEvZ2JGUHJrVGZvT00wa1dkRFBKSk1sa1Z6bUdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAPkRKMA0E
AgACMAcDBQMqEsSAMA0GCSqGSIb3DQEBCwUAA4IBAQA91auHbBGpkoyu9nji156X
eVRjvwtlLzWIkdsKKPpGvtiuEzzKYXgxfhpfHz7xsEDaJr3P9dJgPp6/Uz0VEGeT
rV6RJrsIlx2WG3dobNN5m7Zk/ptG/8Bc+QyjNTXU6dCLHrEGaIQf/d/0LqqQN7Xk
V/wdY1QiU2WDBANhTN6rsVmPwH058rss2Y5rVghFf4n2QSRK2CJQ46hKi7UPggrR
vHVcBszRYZdB9ZJo/kAAmYUJXoBprlalrzALjXB0aqj0B1Jd1aXqXjW0eeWsT1hD
AMUjxFeUjRlYOBTvctR7U1qitbA8zcwzuX5RggHD7AhbVyNUQN0x9kwaFks99cwV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:29 2024 by rpki-client on console-ams.rpki-client.org