Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/9o4YZnBkIaex6fhSYqYscLgTd7Q.roa
File:                     9o4YZnBkIaex6fhSYqYscLgTd7Q.roa (raw, json)
Hash identifier:          yYZ1hIIidET8rYbMHMAlznfFeduveX4xZOHr49yZPfw=
Subject key identifier:   F6:8E:18:66:70:64:21:A7:B1:E9:F8:52:62:A6:2C:70:B8:13:77:B4
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       018DEF55B6AFAACB92B24CD3643D5F4A6B0D
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/9o4YZnBkIaex6fhSYqYscLgTd7Q.roa
Signing time:             Wed 28 Feb 2024 10:49:48 +0000
ROA not before:           Wed 28 Feb 2024 10:49:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16589
IP address blocks:        62.60.184.0/22 maxlen: 24
                          62.60.192.0/22 maxlen: 24
                          213.176.126.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Wed 17 Apr 2024 06:45:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:ef:55:b6:af:aa:cb:92:b2:4c:d3:64:3d:5f:4a:6b:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Feb 28 10:49:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f68e1866706421a7b1e9f85262a62c70b81377b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:aa:49:18:52:f2:c8:b4:80:11:04:94:88:a4:
                    10:c4:74:83:25:74:e9:44:b5:27:30:e4:df:a2:e9:
                    6d:e3:2c:d7:d8:42:29:6b:52:6e:6a:4c:ef:b2:09:
                    20:88:57:8f:c8:19:a9:11:c1:56:c0:8a:64:de:9b:
                    19:2b:a5:df:cd:fc:b2:60:c2:aa:51:5b:65:38:ce:
                    49:3c:68:d1:5f:80:3f:eb:0d:89:16:82:a0:68:96:
                    43:9f:89:f6:d5:e9:4d:a5:95:d5:9b:3f:0c:f7:db:
                    52:1c:f7:1b:a7:7f:49:52:33:5a:03:cd:03:df:b7:
                    ee:0f:3a:44:9f:65:a0:27:9b:e6:dc:85:61:cd:ac:
                    6b:1f:00:cd:aa:ec:49:8d:87:98:ef:95:67:82:c6:
                    34:59:9a:2b:af:c2:87:07:72:84:84:1e:ae:e4:20:
                    e8:29:1a:13:5b:db:8f:02:27:21:a1:d6:bb:5a:15:
                    3d:27:0e:eb:96:40:aa:c1:ab:c8:b0:c6:44:ed:14:
                    5e:ef:b8:f8:93:b2:06:1a:2b:cc:ee:22:07:21:e5:
                    4f:5b:be:b1:a4:f8:15:08:be:90:69:33:6c:10:52:
                    b8:ca:67:87:57:5a:ae:d7:b8:49:ae:e3:df:ff:ca:
                    6f:cc:90:6b:a4:e3:33:5b:79:3f:11:54:0f:69:d0:
                    ee:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:8E:18:66:70:64:21:A7:B1:E9:F8:52:62:A6:2C:70:B8:13:77:B4
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/9o4YZnBkIaex6fhSYqYscLgTd7Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.60.184.0/22
                  62.60.192.0/22
                  213.176.126.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7d:34:37:00:0f:0f:22:06:74:04:c4:4f:68:56:b0:ae:a1:4a:
         4b:d3:70:d2:20:0d:d9:c0:27:cf:79:46:ce:27:25:a1:22:02:
         aa:68:5b:7d:76:f3:6e:a1:2a:5a:6c:7a:6b:68:04:8e:2f:10:
         ee:46:88:e0:18:58:1b:3f:70:1d:30:09:b4:1d:1a:bf:22:f7:
         3d:c8:d6:1f:4e:1f:09:fd:9e:50:5e:f0:72:67:55:c5:80:ff:
         9a:4b:c0:15:21:1f:17:0f:a2:0f:27:9c:49:87:de:4e:d4:d8:
         da:76:2f:fa:30:6b:29:f0:83:5e:62:7f:6c:8f:45:93:7f:ee:
         a4:93:fb:5a:90:82:a1:69:f0:84:b4:dd:3a:27:a3:9c:3a:e1:
         50:c3:78:76:8c:a6:59:5f:3f:2c:03:a5:8c:78:ff:cd:4e:14:
         53:34:9c:97:11:dc:ba:7e:bd:45:5f:6f:03:18:92:54:31:c2:
         c5:e4:ad:5d:e0:b5:72:f7:bd:82:5b:9d:04:0a:4a:61:94:f4:
         db:de:25:de:99:7b:5c:f3:2e:0c:57:f9:3e:eb:69:2d:f7:dc:
         64:9e:d8:77:46:ad:eb:22:80:0a:ea:bc:e0:80:f9:df:56:c1:
         6d:de:d3:66:5d:09:ae:be:cc:18:27:96:7a:47:54:f7:b8:32:
         1e:df:8e:61
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3vVbavqsuSskzTZD1fSmsNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwMjI4MTA0OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjhlMTg2NjcwNjQyMWE3YjFlOWY4NTI2MmE2MmM3MGI4MTM3N2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKpJGFLyyLSAEQSUiKQQxHSDJXTp
RLUnMOTfoult4yzX2EIpa1JuakzvsgkgiFePyBmpEcFWwIpk3psZK6XfzfyyYMKq
UVtlOM5JPGjRX4A/6w2JFoKgaJZDn4n21elNpZXVmz8M99tSHPcbp39JUjNaA80D
37fuDzpEn2WgJ5vm3IVhzaxrHwDNquxJjYeY75VngsY0WZorr8KHB3KEhB6u5CDo
KRoTW9uPAichoda7WhU9Jw7rlkCqwavIsMZE7RRe77j4k7IGGivM7iIHIeVPW76x
pPgVCL6QaTNsEFK4ymeHV1qu17hJruPf/8pvzJBrpOMzW3k/EVQPadDu6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPaOGGZwZCGnsen4UmKmLHC4E3e0MB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvOW80WVpuQmtJYWV4NmZoU1lxWXNjTGdUZDdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCPjy4AwQC
PjzAAwQB1bB+MA0GCSqGSIb3DQEBCwUAA4IBAQB9NDcADw8iBnQExE9oVrCuoUpL
03DSIA3ZwCfPeUbOJyWhIgKqaFt9dvNuoSpabHpraASOLxDuRojgGFgbP3AdMAm0
HRq/Ivc9yNYfTh8J/Z5QXvByZ1XFgP+aS8AVIR8XD6IPJ5xJh95O1Njadi/6MGsp
8INeYn9sj0WTf+6kk/takIKhafCEtN06J6OcOuFQw3h2jKZZXz8sA6WMeP/NThRT
NJyXEdy6fr1FX28DGJJUMcLF5K1d4LVy972CW50ECkphlPTb3iXemXtc8y4MV/k+
62kt99xknth3Rq3rIoAK6rzggPnfVsFt3tNmXQmuvswYJ5Z6R1T3uDIe345h
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org