Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/87i9QBjLFJvSokIY1L7CZ56WCks.roa
File:                     87i9QBjLFJvSokIY1L7CZ56WCks.roa (raw, json)
Hash identifier:          StDhoHg2zbYTzd69+TaYZadH+maB4lzA24Aocv6u8gA=
Subject key identifier:   F3:B8:BD:40:18:CB:14:9B:D2:A2:42:18:D4:BE:C2:67:9E:96:0A:4B
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       018899BB0A7E7CE1ABA0E132EBBE0D6A11B4
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/87i9QBjLFJvSokIY1L7CZ56WCks.roa
Signing time:             Thu 08 Jun 2023 06:39:11 +0000
ROA not before:           Thu 08 Jun 2023 06:39:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15611
IP address blocks:        213.176.96.0/24 maxlen: 24
                          213.176.4.0/24 maxlen: 24
                          213.176.5.0/24 maxlen: 24
                          62.60.184.0/22 maxlen: 24
                          62.60.188.0/22 maxlen: 24
                          62.60.192.0/22 maxlen: 24
                          62.60.196.0/24 maxlen: 24
                          62.60.132.0/22 maxlen: 24
                          62.60.136.0/24 maxlen: 24
                          62.60.137.0/24 maxlen: 24
                          62.60.139.0/24 maxlen: 24
                          62.60.140.0/24 maxlen: 24
                          62.60.143.0/24 maxlen: 24
                          62.60.141.0/24 maxlen: 24
                          62.60.142.0/24 maxlen: 24
                          62.60.145.0/24 maxlen: 24
                          213.176.124.0/24 maxlen: 24
                          213.176.125.0/24 maxlen: 24
                          213.176.122.0/24 maxlen: 24
                          213.176.123.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 10 Jun 2023 10:29:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:99:bb:0a:7e:7c:e1:ab:a0:e1:32:eb:be:0d:6a:11:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Jun  8 06:39:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f3b8bd4018cb149bd2a24218d4bec2679e960a4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:5d:8a:ce:d2:c9:b0:58:ec:74:ab:88:13:7f:
                    68:01:08:65:cb:73:f9:ca:6b:1a:f7:c6:d0:dc:f2:
                    cf:98:f4:29:dc:27:85:85:30:37:4a:b1:cd:25:d2:
                    04:a1:67:7b:4d:e8:40:cf:09:51:6d:4d:6a:4c:e7:
                    7c:ee:8d:81:64:83:73:f5:d6:4b:1a:fd:b4:f3:65:
                    e4:fb:13:7b:91:52:b1:3b:35:a3:cc:b5:85:bf:94:
                    b7:54:c9:ab:d9:59:e8:bf:7c:7c:ab:3c:de:4a:53:
                    25:de:7b:b4:16:88:a1:f5:f6:14:04:e1:1c:79:61:
                    e9:14:22:67:a8:4b:d5:93:62:98:61:63:dc:a3:9a:
                    49:bd:05:12:e5:7f:31:e7:d3:42:ca:c4:12:85:75:
                    39:6a:e3:55:15:bb:65:05:d0:dc:ed:f3:bc:41:a1:
                    7b:1a:92:dc:ec:ad:49:47:7f:83:1b:5d:2a:ce:f3:
                    44:03:a7:5d:27:53:42:d0:3d:54:c4:56:90:60:a6:
                    59:80:fd:95:17:d6:7d:e7:80:8b:96:de:45:0e:05:
                    16:14:d6:0c:f4:c4:42:f9:5d:df:4a:93:5d:c9:2f:
                    1f:18:3f:c0:a1:aa:ed:5a:f3:57:78:00:2e:1b:fd:
                    83:32:6b:58:c8:29:3f:81:ee:f5:06:c8:0e:3e:e5:
                    6b:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:B8:BD:40:18:CB:14:9B:D2:A2:42:18:D4:BE:C2:67:9E:96:0A:4B
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/87i9QBjLFJvSokIY1L7CZ56WCks.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.60.132.0-62.60.137.255
                  62.60.139.0-62.60.143.255
                  62.60.145.0/24
                  62.60.184.0-62.60.196.255
                  213.176.4.0/23
                  213.176.96.0/24
                  213.176.122.0-213.176.125.255

    Signature Algorithm: sha256WithRSAEncryption
         9a:a1:72:a4:7c:97:9c:5e:f8:0b:2c:21:60:60:4d:04:4a:89:
         1d:82:a7:25:fa:b1:df:cc:0a:9c:8c:c5:58:7c:4b:65:8a:62:
         7a:28:68:44:58:16:19:81:2b:41:71:25:23:03:ef:c9:11:f3:
         9f:1e:3d:a4:f5:98:f5:be:b9:e3:dc:4f:fe:45:11:fb:30:cf:
         f7:fb:0d:ba:0a:30:7f:11:6c:88:10:93:39:33:0f:4b:16:25:
         8a:a3:d7:56:3c:76:0a:35:79:e8:fd:f2:89:c3:89:57:45:6d:
         cd:7d:88:a6:96:50:1c:9e:d9:4a:99:fd:77:60:ef:4a:4e:62:
         df:dc:e2:cf:c7:df:ff:5b:a3:57:3e:d6:a4:48:fa:3c:1f:14:
         0f:bf:12:94:b8:12:17:62:7d:02:a0:4d:42:71:33:1c:9b:a1:
         81:8e:9a:91:f3:c3:19:6f:4d:e0:85:83:2f:9b:7b:bc:6a:9b:
         d5:23:d1:d3:34:be:c6:c4:89:ce:b6:c3:43:95:8c:4d:da:d4:
         4b:c2:3e:6e:c7:90:22:ef:4d:ea:2e:d3:40:f6:52:ba:13:46:
         51:2c:02:9f:b4:df:ec:eb:46:8e:0e:31:f4:3b:43:19:5a:e0:
         0c:45:da:5e:3e:80:d9:7a:be:23:e9:cf:1a:7c:b8:33:11:0f:
         74:81:49:c0
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYiZuwp+fOGroOEy674NahG0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwNjA4MDYzOTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2I4YmQ0MDE4Y2IxNDliZDJhMjQyMThkNGJlYzI2NzllOTYwYTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsV2KztLJsFjsdKuIE39oAQhly3P5
ymsa98bQ3PLPmPQp3CeFhTA3SrHNJdIEoWd7TehAzwlRbU1qTOd87o2BZINz9dZL
Gv2082Xk+xN7kVKxOzWjzLWFv5S3VMmr2Vnov3x8qzzeSlMl3nu0Foih9fYUBOEc
eWHpFCJnqEvVk2KYYWPco5pJvQUS5X8x59NCysQShXU5auNVFbtlBdDc7fO8QaF7
GpLc7K1JR3+DG10qzvNEA6ddJ1NC0D1UxFaQYKZZgP2VF9Z954CLlt5FDgUWFNYM
9MRC+V3fSpNdyS8fGD/AoartWvNXeAAuG/2DMmtYyCk/ge71BsgOPuVriQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFPO4vUAYyxSb0qJCGNS+wmeelgpLMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvODdpOVFCakxGSnZTb2tJWTFMN0NaNTZXQ2tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKMAwDBAI+PIQD
BAE+PIgwDAMEAD48iwMEBD48gAMEAD48kTAMAwQDPjy4AwQAPjzEAwQB1bAEAwQA
1bBgMAwDBAHVsHoDBAHVsHwwDQYJKoZIhvcNAQELBQADggEBAJqhcqR8l5xe+Ass
IWBgTQRKiR2CpyX6sd/MCpyMxVh8S2WKYnooaERYFhmBK0FxJSMD78kR858ePaT1
mPW+uePcT/5FEfswz/f7DboKMH8RbIgQkzkzD0sWJYqj11Y8dgo1eej98onDiVdF
bc19iKaWUBye2UqZ/Xdg70pOYt/c4s/H3/9bo1c+1qRI+jwfFA+/EpS4EhdifQKg
TUJxMxyboYGOmpHzwxlvTeCFgy+be7xqm9Uj0dM0vsbEic62w0OVjE3a1EvCPm7H
kCLvTeou00D2UroTRlEsAp+03+zrRo4OMfQ7Qxla4AxF2l4+gNl6viPpzxp8uDMR
D3SBScA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org