Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/8P0sJB8lRwDDKBR6yg-lVw95lYM.roa
File:                     8P0sJB8lRwDDKBR6yg-lVw95lYM.roa (raw, json)
Hash identifier:          oqMtGfHJ+Hob8WigMSwM1LuGI/1wX5r9AUUf3FYgx3I=
Subject key identifier:   F0:FD:2C:24:1F:25:47:00:C3:28:14:7A:CA:0F:A5:57:0F:79:95:83
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       018F44EC6FDB8EBCA2DC4E85B7856DA585E8
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/8P0sJB8lRwDDKBR6yg-lVw95lYM.roa
Signing time:             Sat 04 May 2024 18:44:56 +0000
ROA not before:           Sat 04 May 2024 18:44:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     205220
IP address blocks:        62.60.196.0/22 maxlen: 24
                          62.60.220.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 05 Jun 2024 12:21:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:44:ec:6f:db:8e:bc:a2:dc:4e:85:b7:85:6d:a5:85:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: May  4 18:44:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f0fd2c241f254700c328147aca0fa5570f799583
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:65:ef:41:65:c8:e0:a4:d8:b7:da:16:59:b0:
                    38:bd:16:1b:5f:99:e6:6c:c1:71:2e:96:72:39:93:
                    60:37:5b:33:63:ba:15:7c:6c:61:59:2a:b6:10:7e:
                    fc:a7:4f:98:3e:84:35:34:e5:84:3a:49:ac:94:24:
                    df:2f:f6:53:99:e5:48:93:36:28:88:92:d6:cc:0c:
                    4b:cc:66:f6:96:37:8b:1c:f1:0f:0f:b9:b2:2c:44:
                    57:d6:9f:08:80:ab:31:f1:e2:1e:0f:d0:f7:f2:12:
                    a0:09:61:69:f4:00:c7:db:b2:3a:9e:e0:f3:09:5e:
                    93:a8:b1:8b:67:33:d8:3a:0c:7c:da:d8:c6:65:f3:
                    cb:80:75:b6:f4:c8:5c:6a:b0:b3:a5:0c:65:0d:fc:
                    aa:28:29:88:f6:66:f4:b6:15:be:12:16:a3:1d:a3:
                    d9:7a:09:b3:21:ec:0f:09:ea:3c:ed:c8:6e:93:2f:
                    2d:f5:81:76:16:4f:d0:1b:56:78:fe:25:5a:10:9d:
                    6a:e9:73:2d:74:d3:9c:5a:94:59:04:37:03:54:3e:
                    c1:60:1d:42:46:df:c1:67:ae:ce:c2:e1:ae:4f:6f:
                    81:5a:39:53:c3:9a:b9:96:b3:f1:c3:3f:4e:e3:73:
                    0e:44:c9:d1:63:67:45:59:af:ea:60:78:ed:fe:93:
                    6b:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:FD:2C:24:1F:25:47:00:C3:28:14:7A:CA:0F:A5:57:0F:79:95:83
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/8P0sJB8lRwDDKBR6yg-lVw95lYM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.60.196.0/22
                  62.60.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         38:37:4b:c0:d4:e6:0a:30:5d:d2:34:f7:03:85:fd:a0:bd:08:
         4d:d4:6b:39:36:16:ab:5c:ee:71:c1:fd:a2:ee:f1:17:1a:5f:
         67:bd:93:12:9e:56:6d:55:cd:8c:06:7b:59:a7:fd:d3:43:35:
         27:1b:5a:f2:11:86:ba:e0:c7:26:12:b8:13:c2:63:30:3e:57:
         01:8d:b7:cc:99:83:84:60:ee:71:c2:7f:54:31:ec:64:e8:d7:
         f3:7b:08:fd:e5:0b:18:39:54:53:ed:82:ce:83:c1:3b:2f:de:
         9d:2b:61:9f:93:a2:ca:74:5a:5f:fd:72:82:b0:a5:a5:c2:d4:
         31:72:8c:5b:2c:be:88:0c:8e:00:1a:0e:ff:ba:6d:ac:79:45:
         f9:10:20:84:ca:09:1b:b6:9f:23:60:0d:15:b6:a5:2c:37:96:
         cd:f2:eb:a3:52:7e:e4:da:2d:d8:bb:b5:f1:3e:03:bd:3d:83:
         95:40:28:b4:a3:57:77:80:4f:15:8e:cc:f8:75:fc:8c:6f:1f:
         da:85:fe:31:55:e2:aa:cd:46:35:fd:9f:bd:da:c7:4a:68:ce:
         f8:ae:8e:1e:56:0a:ae:9a:96:21:fa:03:3b:0b:24:7b:25:ed:
         c6:d7:c9:98:ee:d1:64:ab:9e:cc:9c:2e:cc:be:62:d9:fc:1c:
         95:c5:a3:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY9E7G/bjryi3E6Ft4VtpYXoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwNTA0MTg0NDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGZkMmMyNDFmMjU0NzAwYzMyODE0N2FjYTBmYTU1NzBmNzk5NTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmXvQWXI4KTYt9oWWbA4vRYbX5nm
bMFxLpZyOZNgN1szY7oVfGxhWSq2EH78p0+YPoQ1NOWEOkmslCTfL/ZTmeVIkzYo
iJLWzAxLzGb2ljeLHPEPD7myLERX1p8IgKsx8eIeD9D38hKgCWFp9ADH27I6nuDz
CV6TqLGLZzPYOgx82tjGZfPLgHW29MhcarCzpQxlDfyqKCmI9mb0thW+EhajHaPZ
egmzIewPCeo87chuky8t9YF2Fk/QG1Z4/iVaEJ1q6XMtdNOcWpRZBDcDVD7BYB1C
Rt/BZ67OwuGuT2+BWjlTw5q5lrPxwz9O43MORMnRY2dFWa/qYHjt/pNrHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPD9LCQfJUcAwygUesoPpVcPeZWDMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvOFAwc0pCOGxSd0RES0JSNnlnLWxWdzk1bFlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCPjzEAwQC
PjzcMA0GCSqGSIb3DQEBCwUAA4IBAQA4N0vA1OYKMF3SNPcDhf2gvQhN1Gs5Nhar
XO5xwf2i7vEXGl9nvZMSnlZtVc2MBntZp/3TQzUnG1ryEYa64McmErgTwmMwPlcB
jbfMmYOEYO5xwn9UMexk6Nfzewj95QsYOVRT7YLOg8E7L96dK2Gfk6LKdFpf/XKC
sKWlwtQxcoxbLL6IDI4AGg7/um2seUX5ECCEygkbtp8jYA0VtqUsN5bN8uujUn7k
2i3Yu7XxPgO9PYOVQCi0o1d3gE8Vjsz4dfyMbx/ahf4xVeKqzUY1/Z+92sdKaM74
ro4eVgqumpYh+gM7CyR7Je3G18mY7tFkq57MnC7MvmLZ/ByVxaOz
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org