Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Bjr5ZO5B4Es-E2acTF0BWYJTE70.roa
File:                     Bjr5ZO5B4Es-E2acTF0BWYJTE70.roa (raw, json)
Hash identifier:          jEZ9XeOw/EuktNhHjVirBeD0YylZXblaWDxK/rtZfQA=
Subject key identifier:   06:3A:F9:64:EE:41:E0:4B:3E:13:66:9C:4C:5D:01:59:82:53:13:BD
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       0186ACF2DAD631248E641E13DEB6844BAE53
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Bjr5ZO5B4Es-E2acTF0BWYJTE70.roa
Signing time:             Sat 04 Mar 2023 14:07:22 +0000
ROA not before:           Sat 04 Mar 2023 14:07:22 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15611
IP address blocks:        213.176.96.0/24 maxlen: 24
                          213.176.4.0/24 maxlen: 24
                          213.176.5.0/24 maxlen: 24
                          62.60.128.0/21 maxlen: 24
                          62.60.136.0/24 maxlen: 24
                          62.60.137.0/24 maxlen: 24
                          62.60.139.0/24 maxlen: 24
                          62.60.140.0/24 maxlen: 24
                          62.60.143.0/24 maxlen: 24
                          62.60.141.0/24 maxlen: 24
                          62.60.142.0/24 maxlen: 24
                          62.60.145.0/24 maxlen: 24
                          62.60.152.0/22 maxlen: 24
                          62.60.146.0/24 maxlen: 24
                          213.176.124.0/24 maxlen: 24
                          213.176.125.0/24 maxlen: 24
                          213.176.122.0/24 maxlen: 24
                          213.176.123.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 13 Mar 2023 16:55:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:ac:f2:da:d6:31:24:8e:64:1e:13:de:b6:84:4b:ae:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Mar  4 14:07:22 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=063af964ee41e04b3e13669c4c5d0159825313bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:32:5c:79:14:0a:1d:33:11:6c:51:ef:74:ba:
                    93:4f:d9:18:16:51:ea:b7:70:b6:da:37:d0:7e:8d:
                    b6:7e:01:05:9c:cb:13:61:2d:e4:2f:2f:7a:68:d4:
                    9f:02:2e:1c:65:d7:84:1a:5c:bc:8b:57:56:5b:2b:
                    54:1d:2f:eb:72:fc:d7:02:a5:cf:ae:d3:d9:66:fe:
                    f0:09:60:e7:98:82:27:6f:18:65:ef:e4:01:0e:3e:
                    97:99:b9:b9:e0:f5:f5:67:c0:b8:a1:d4:07:d0:d5:
                    30:fb:24:8f:a8:66:4c:82:57:9b:1b:3f:f5:c1:e3:
                    93:9f:d4:1b:70:ab:0c:de:ef:0a:33:13:6b:55:8e:
                    c4:27:88:72:34:24:a2:28:4b:b1:ec:26:67:45:26:
                    3e:aa:16:e8:4e:cd:ac:ba:55:28:b4:03:5b:a4:70:
                    f8:11:2a:36:1c:17:39:9c:7f:31:c0:63:f0:b8:15:
                    55:c6:f1:db:be:04:ce:a3:47:70:d1:8a:88:f4:0c:
                    39:e0:78:1f:10:45:96:f2:db:66:58:7c:5f:7a:87:
                    c1:f9:f8:b3:63:ee:8a:79:69:0e:40:ea:b7:7c:aa:
                    2a:2f:e2:d3:74:d3:13:70:af:da:b7:81:ce:91:11:
                    76:c4:28:5a:e2:ce:0b:d6:20:8e:82:46:54:9c:27:
                    ef:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:3A:F9:64:EE:41:E0:4B:3E:13:66:9C:4C:5D:01:59:82:53:13:BD
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Bjr5ZO5B4Es-E2acTF0BWYJTE70.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.60.128.0-62.60.137.255
                  62.60.139.0-62.60.143.255
                  62.60.145.0-62.60.146.255
                  62.60.152.0/22
                  213.176.4.0/23
                  213.176.96.0/24
                  213.176.122.0-213.176.125.255

    Signature Algorithm: sha256WithRSAEncryption
         8a:a9:8c:ef:e4:80:d6:ea:1e:9f:b8:91:25:f7:ab:95:40:66:
         89:c8:1c:dd:1c:85:85:b7:3a:74:b1:7e:3b:bc:3f:f7:c0:04:
         33:21:2f:27:2e:e9:97:82:d7:ab:ae:c1:f2:9a:5f:dd:5c:a8:
         a3:de:68:d9:12:b6:3c:31:8a:d5:78:72:47:82:0f:2b:83:c3:
         c6:4a:31:a4:21:fe:f2:b9:6d:90:1d:4b:05:97:5a:38:28:ca:
         7c:b6:db:4c:f0:a2:39:2e:4c:8d:7f:35:8a:83:4e:14:89:c0:
         1f:ee:bb:d6:91:a7:79:c5:4c:81:2c:e9:ec:7e:05:5b:2d:b7:
         b1:db:f6:c0:d5:79:0c:ef:89:e6:d8:79:ce:e0:fa:36:02:20:
         91:ea:fb:4c:db:cb:ec:cf:01:a5:32:3f:60:e6:3d:fc:40:c8:
         3e:c6:13:7b:3f:85:51:e9:19:05:e0:f9:ae:36:29:ce:2b:4c:
         45:14:54:59:81:f6:91:52:71:6c:70:95:83:d4:b0:3f:fc:02:
         49:2b:4c:de:7d:97:84:f2:8f:ef:52:71:88:b7:dd:15:a4:39:
         77:fa:62:f3:1d:55:2f:2e:f3:3c:fe:a7:6b:94:c7:50:13:a5:
         0e:c0:8c:0e:13:80:a0:92:82:7c:ac:2a:0b:b8:cf:bd:b7:88:
         6d:85:d2:e3
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYas8trWMSSOZB4T3raES65TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwMzA0MTQwNzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjNhZjk2NGVlNDFlMDRiM2UxMzY2OWM0YzVkMDE1OTgyNTMxM2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTJceRQKHTMRbFHvdLqTT9kYFlHq
t3C22jfQfo22fgEFnMsTYS3kLy96aNSfAi4cZdeEGly8i1dWWytUHS/rcvzXAqXP
rtPZZv7wCWDnmIInbxhl7+QBDj6Xmbm54PX1Z8C4odQH0NUw+ySPqGZMglebGz/1
weOTn9QbcKsM3u8KMxNrVY7EJ4hyNCSiKEux7CZnRSY+qhboTs2sulUotANbpHD4
ESo2HBc5nH8xwGPwuBVVxvHbvgTOo0dw0YqI9Aw54HgfEEWW8ttmWHxfeofB+fiz
Y+6KeWkOQOq3fKoqL+LTdNMTcK/at4HOkRF2xCha4s4L1iCOgkZUnCfvZwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFAY6+WTuQeBLPhNmnExdAVmCUxO9MB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvQmpyNVpPNUI0RXMtRTJhY1RGMEJXWUpURTcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKMAwDBAc+PIAD
BAE+PIgwDAMEAD48iwMEBD48gDAMAwQAPjyRAwQAPjySAwQCPjyYAwQB1bAEAwQA
1bBgMAwDBAHVsHoDBAHVsHwwDQYJKoZIhvcNAQELBQADggEBAIqpjO/kgNbqHp+4
kSX3q5VAZonIHN0chYW3OnSxfju8P/fABDMhLycu6ZeC16uuwfKaX91cqKPeaNkS
tjwxitV4ckeCDyuDw8ZKMaQh/vK5bZAdSwWXWjgoyny220zwojkuTI1/NYqDThSJ
wB/uu9aRp3nFTIEs6ex+BVstt7Hb9sDVeQzviebYec7g+jYCIJHq+0zby+zPAaUy
P2DmPfxAyD7GE3s/hVHpGQXg+a42Kc4rTEUUVFmB9pFScWxwlYPUsD/8AkkrTN59
l4Tyj+9ScYi33RWkOXf6YvMdVS8u8zz+p2uUx1ATpQ7AjA4TgKCSgnysKgu4z723
iG2F0uM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org