Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/2OBhLuFhnYy-4UzrI_-O1Fgcc_4.roa
File:                     2OBhLuFhnYy-4UzrI_-O1Fgcc_4.roa (raw, json)
Hash identifier:          vQFq1mnWZdpFTY5ieO4duSwdE2mfM61ErHOsyF3OiNQ=
Subject key identifier:   D8:E0:61:2E:E1:61:9D:8C:BE:E1:4C:EB:23:FF:8E:D4:58:1C:73:FE
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       0189BA3982F80EA214643F5E65BC403CE8F8
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/2OBhLuFhnYy-4UzrI_-O1Fgcc_4.roa
Signing time:             Thu 03 Aug 2023 07:07:58 +0000
ROA not before:           Thu 03 Aug 2023 07:07:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205220
IP address blocks:        62.60.146.0/23 maxlen: 24
                          213.176.2.0/23 maxlen: 24
                          213.176.120.0/23 maxlen: 24
                          213.176.126.0/23 maxlen: 24
                          62.60.192.0/22 maxlen: 24
                          62.60.196.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sun 13 Aug 2023 16:19:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:ba:39:82:f8:0e:a2:14:64:3f:5e:65:bc:40:3c:e8:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Aug  3 07:07:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d8e0612ee1619d8cbee14ceb23ff8ed4581c73fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:6a:77:71:bf:d0:0a:9e:51:f6:69:d5:33:95:
                    2c:9c:02:e0:7d:0c:e7:c2:a8:ca:b4:33:41:ce:d6:
                    6d:72:8d:46:d6:31:2f:a1:be:c7:36:70:31:5b:14:
                    5b:0e:37:93:f7:05:76:64:94:43:56:06:79:20:5a:
                    09:fd:68:49:76:bc:30:64:a5:ff:54:4a:31:fa:b9:
                    57:d4:e5:62:9b:98:e7:47:78:77:93:68:0d:5f:b0:
                    fb:56:c8:9e:1c:89:df:82:bc:33:96:64:74:c7:b6:
                    fd:d5:a4:9f:96:7e:35:fb:4e:3c:72:4d:d8:55:ee:
                    f1:81:24:1b:84:f0:ef:2a:c5:35:33:7d:d1:c7:e4:
                    a7:03:b3:72:fd:53:9e:7d:ae:2d:01:a6:91:c7:de:
                    f4:5b:8c:8d:8c:1b:7f:2e:5d:4b:3d:de:60:9c:a1:
                    4e:1e:88:ce:0c:51:dd:70:19:6f:7d:c7:1e:95:2a:
                    ec:71:bd:f2:81:43:f6:ad:da:86:92:7e:20:c3:67:
                    4d:77:66:8c:c8:f3:8f:7c:75:6c:d6:69:ee:f2:7c:
                    95:2c:e5:f9:6e:3c:55:3c:90:93:08:ac:a8:88:3b:
                    50:72:76:f0:50:58:a2:1c:3d:36:dd:f1:71:d8:5d:
                    07:5a:c7:62:33:a9:96:d8:c7:22:62:91:4d:8d:e9:
                    02:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:E0:61:2E:E1:61:9D:8C:BE:E1:4C:EB:23:FF:8E:D4:58:1C:73:FE
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/2OBhLuFhnYy-4UzrI_-O1Fgcc_4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.60.146.0/23
                  62.60.192.0/21
                  213.176.2.0/23
                  213.176.120.0/23
                  213.176.126.0/23

    Signature Algorithm: sha256WithRSAEncryption
         04:07:d2:c8:fe:50:96:a5:66:6f:e9:a4:c2:e0:c9:48:4c:6f:
         22:e6:6e:3f:d2:85:67:74:ad:bc:ae:96:c6:b5:42:40:9a:91:
         75:22:8e:44:bf:16:fc:23:26:23:49:9c:dc:58:27:8c:3c:cd:
         27:7b:a7:3a:1f:b7:7f:76:b1:ff:4c:41:e7:b5:6a:f0:dc:08:
         85:06:dc:81:52:56:3a:60:af:cd:f7:d6:ed:f6:7c:4c:a0:c4:
         63:29:cb:9d:2c:64:7f:0a:f9:d4:8f:cc:6e:a9:a3:85:26:61:
         6c:4d:b7:84:1e:1e:4b:83:5d:46:8c:6a:fc:a9:b2:1f:59:2a:
         a0:f4:d4:88:db:4d:fd:fb:ff:f5:93:ed:80:54:8d:74:87:50:
         de:3c:f6:03:4a:b0:6d:ba:be:01:3c:cf:3e:e1:3d:ec:03:6c:
         1b:3f:27:05:2f:ff:84:93:18:0d:a1:bf:5a:64:90:3a:ae:eb:
         5d:08:c7:df:a7:40:fa:26:58:a5:17:5e:cc:1c:f0:66:0c:41:
         6d:39:ac:29:51:c7:29:5a:27:28:bb:e6:be:c0:01:98:40:e8:
         b7:bc:8c:d6:ad:38:39:a4:1d:84:57:39:54:38:a5:0e:ba:71:
         cb:fc:69:72:2c:76:ec:b2:46:24:ca:2d:82:16:ad:a7:46:22:
         52:a7:db:7c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYm6OYL4DqIUZD9eZbxAPOj4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwODAzMDcwNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGUwNjEyZWUxNjE5ZDhjYmVlMTRjZWIyM2ZmOGVkNDU4MWM3M2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGp3cb/QCp5R9mnVM5UsnALgfQzn
wqjKtDNBztZtco1G1jEvob7HNnAxWxRbDjeT9wV2ZJRDVgZ5IFoJ/WhJdrwwZKX/
VEox+rlX1OVim5jnR3h3k2gNX7D7VsieHInfgrwzlmR0x7b91aSfln41+048ck3Y
Ve7xgSQbhPDvKsU1M33Rx+SnA7Ny/VOefa4tAaaRx970W4yNjBt/Ll1LPd5gnKFO
HojODFHdcBlvfccelSrscb3ygUP2rdqGkn4gw2dNd2aMyPOPfHVs1mnu8nyVLOX5
bjxVPJCTCKyoiDtQcnbwUFiiHD023fFx2F0HWsdiM6mW2MciYpFNjekCkQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNjgYS7hYZ2MvuFM6yP/jtRYHHP+MB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvMk9CaEx1RmhuWXktNFV6cklfLU8xRmdjY180LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBPjySAwQD
PjzAAwQB1bACAwQB1bB4AwQB1bB+MA0GCSqGSIb3DQEBCwUAA4IBAQAEB9LI/lCW
pWZv6aTC4MlITG8i5m4/0oVndK28rpbGtUJAmpF1Io5Evxb8IyYjSZzcWCeMPM0n
e6c6H7d/drH/TEHntWrw3AiFBtyBUlY6YK/N99bt9nxMoMRjKcudLGR/CvnUj8xu
qaOFJmFsTbeEHh5Lg11GjGr8qbIfWSqg9NSI2039+//1k+2AVI10h1DePPYDSrBt
ur4BPM8+4T3sA2wbPycFL/+EkxgNob9aZJA6rutdCMffp0D6JlilF17MHPBmDEFt
OawpUccpWicou+a+wAGYQOi3vIzWrTg5pB2EVzlUOKUOunHL/GlyLHbsskYkyi2C
Fq2nRiJSp9t8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org