Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/3-zPAVCWxvBEWHvBEY8kIXQa7VQ.roa
File:                     3-zPAVCWxvBEWHvBEY8kIXQa7VQ.roa (raw, json)
Hash identifier:          dNJ8RPWgQwYdazSBvTPOfCWUzyhQW7alm//9N8QVlbI=
Subject key identifier:   DF:EC:CF:01:50:96:C6:F0:44:58:7B:C1:11:8F:24:21:74:1A:ED:54
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       018894C275D01C072D80D6BAF59E968A1D04
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/3-zPAVCWxvBEWHvBEY8kIXQa7VQ.roa
Signing time:             Wed 07 Jun 2023 07:29:12 +0000
ROA not before:           Wed 07 Jun 2023 07:29:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15611
IP address blocks:        213.176.96.0/24 maxlen: 24
                          213.176.4.0/24 maxlen: 24
                          213.176.5.0/24 maxlen: 24
                          62.60.184.0/22 maxlen: 24
                          62.60.188.0/22 maxlen: 24
                          62.60.192.0/22 maxlen: 24
                          62.60.196.0/24 maxlen: 24
                          62.60.200.0/22 maxlen: 24
                          62.60.204.0/22 maxlen: 24
                          62.60.208.0/22 maxlen: 24
                          62.60.212.0/22 maxlen: 24
                          62.60.132.0/22 maxlen: 24
                          62.60.136.0/24 maxlen: 24
                          62.60.137.0/24 maxlen: 24
                          62.60.139.0/24 maxlen: 24
                          62.60.140.0/24 maxlen: 24
                          62.60.143.0/24 maxlen: 24
                          62.60.141.0/24 maxlen: 24
                          62.60.142.0/24 maxlen: 24
                          62.60.145.0/24 maxlen: 24
                          213.176.124.0/24 maxlen: 24
                          213.176.125.0/24 maxlen: 24
                          213.176.122.0/24 maxlen: 24
                          213.176.123.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 08 Jun 2023 06:39:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:94:c2:75:d0:1c:07:2d:80:d6:ba:f5:9e:96:8a:1d:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Jun  7 07:29:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dfeccf015096c6f044587bc1118f2421741aed54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:9e:28:af:2d:12:cc:5f:2d:f6:b2:53:ca:56:
                    3a:c8:ad:e0:6f:87:9c:1b:e5:76:aa:eb:c7:db:dd:
                    05:8c:a2:9d:db:4d:34:c8:8d:8c:cb:7f:fd:51:ef:
                    77:a4:d2:5f:fb:d2:65:5f:16:1f:73:4f:4f:91:55:
                    0b:54:1e:bb:99:37:7f:f2:24:06:9f:76:56:83:78:
                    c2:5c:ec:94:d1:0b:d2:90:44:9d:9c:95:cc:0f:a6:
                    42:6f:36:1d:bd:36:aa:92:1f:40:7f:4d:e5:f2:f0:
                    6b:07:b0:5b:5d:fc:0d:56:44:b3:24:92:3d:fc:77:
                    da:5e:40:d3:f5:77:56:1e:a7:df:48:f2:b9:97:87:
                    ea:70:6f:81:fe:8d:3c:c3:87:c2:fb:d5:92:14:f8:
                    08:70:7c:a7:59:8d:35:b1:9f:8e:f2:d0:70:00:3b:
                    9a:ad:10:b0:80:4a:76:aa:0a:dd:1b:86:98:e5:9d:
                    f5:25:3d:44:00:cb:e8:05:fd:e0:7e:fb:8e:6c:e4:
                    44:4f:54:42:b0:fc:ff:55:ee:c6:3b:51:1f:97:35:
                    eb:1b:15:5e:6f:a9:ef:37:6a:6b:47:f9:fa:14:30:
                    a9:f5:56:20:54:fc:d8:ec:3a:bd:e1:d5:a2:b5:53:
                    91:48:ad:b7:4b:d8:45:ec:81:53:dd:b7:c1:cd:c6:
                    b2:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:EC:CF:01:50:96:C6:F0:44:58:7B:C1:11:8F:24:21:74:1A:ED:54
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/3-zPAVCWxvBEWHvBEY8kIXQa7VQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.60.132.0-62.60.137.255
                  62.60.139.0-62.60.143.255
                  62.60.145.0/24
                  62.60.184.0-62.60.196.255
                  62.60.200.0-62.60.215.255
                  213.176.4.0/23
                  213.176.96.0/24
                  213.176.122.0-213.176.125.255

    Signature Algorithm: sha256WithRSAEncryption
         ba:ff:8d:3e:cd:0c:4f:72:7d:bb:f0:9e:85:cc:6e:a9:0d:32:
         5c:46:19:18:52:5c:35:13:36:fe:a6:28:c5:0a:28:9e:79:9e:
         d4:1b:12:11:cf:8a:4c:51:23:2f:b0:a0:ad:b3:47:9f:57:70:
         2a:5e:e2:5d:bd:15:c4:4a:73:ce:9e:a1:ff:26:ba:e3:81:3b:
         ab:ac:86:a8:af:1b:ed:ba:55:d9:e4:9a:e4:e5:46:67:2d:a8:
         ba:93:5e:5a:8b:fc:58:01:c0:64:e3:e8:4a:d8:91:14:af:af:
         49:b4:9c:a9:e5:e4:9e:a3:1a:89:12:4c:bf:bc:c0:12:d2:8b:
         3d:11:1a:e6:40:31:5c:35:e2:7c:61:ad:ea:36:41:c8:85:70:
         80:f4:49:f6:02:2c:85:5f:07:1f:76:78:89:ed:f2:48:af:9a:
         a0:38:97:11:fb:ee:81:3a:9a:98:d3:ef:4a:68:db:36:a8:ca:
         1e:4d:70:c9:25:a5:e4:3f:eb:9f:59:3c:f1:79:9e:1a:2b:33:
         aa:14:51:2e:cb:1f:96:a3:eb:eb:30:f9:27:8e:c3:d5:17:5c:
         46:b4:f3:48:53:65:3f:b8:aa:c0:5b:cb:a2:fe:11:a3:56:c1:
         d2:9e:d8:74:9a:80:34:5f:8e:fe:b5:fb:ea:3b:b4:2f:d3:af:
         d2:48:7e:44
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYiUwnXQHActgNa69Z6Wih0EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwNjA3MDcyOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmVjY2YwMTUwOTZjNmYwNDQ1ODdiYzExMThmMjQyMTc0MWFlZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgp4ory0SzF8t9rJTylY6yK3gb4ec
G+V2quvH290FjKKd2000yI2My3/9Ue93pNJf+9JlXxYfc09PkVULVB67mTd/8iQG
n3ZWg3jCXOyU0QvSkESdnJXMD6ZCbzYdvTaqkh9Af03l8vBrB7BbXfwNVkSzJJI9
/HfaXkDT9XdWHqffSPK5l4fqcG+B/o08w4fC+9WSFPgIcHynWY01sZ+O8tBwADua
rRCwgEp2qgrdG4aY5Z31JT1EAMvoBf3gfvuObORET1RCsPz/Ve7GO1EflzXrGxVe
b6nvN2prR/n6FDCp9VYgVPzY7Dq94dWitVORSK23S9hF7IFT3bfBzcay8wIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFN/szwFQlsbwRFh7wRGPJCF0Gu1UMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvMy16UEFWQ1d4dkJFV0h2QkVZOGtJWFFhN1ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYMAwDBAI+PIQD
BAE+PIgwDAMEAD48iwMEBD48gAMEAD48kTAMAwQDPjy4AwQAPjzEMAwDBAM+PMgD
BAM+PNADBAHVsAQDBADVsGAwDAMEAdWwegMEAdWwfDANBgkqhkiG9w0BAQsFAAOC
AQEAuv+NPs0MT3J9u/CehcxuqQ0yXEYZGFJcNRM2/qYoxQoonnme1BsSEc+KTFEj
L7CgrbNHn1dwKl7iXb0VxEpzzp6h/ya644E7q6yGqK8b7bpV2eSa5OVGZy2oupNe
Wov8WAHAZOPoStiRFK+vSbScqeXknqMaiRJMv7zAEtKLPREa5kAxXDXifGGt6jZB
yIVwgPRJ9gIshV8HH3Z4ie3ySK+aoDiXEfvugTqamNPvSmjbNqjKHk1wySWl5D/r
n1k88XmeGiszqhRRLssflqPr6zD5J47D1RdcRrTzSFNlP7iqwFvLov4Ro1bB0p7Y
dJqANF+O/rX76ju0L9Ov0kh+RA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org