Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Dl2n9mCYqn1SI5gGHDwcCc5wvAQ.roa
File:                     Dl2n9mCYqn1SI5gGHDwcCc5wvAQ.roa (raw, json)
Hash identifier:          eqoeD+D7vnJXxdr1FfJWLw0rrD5PDez96fCegi1HXX4=
Subject key identifier:   0E:5D:A7:F6:60:98:AA:7D:52:23:98:06:1C:3C:1C:09:CE:70:BC:04
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       018C1A94DA092EEB0CE30E3D454AABF538BD
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Dl2n9mCYqn1SI5gGHDwcCc5wvAQ.roa
Signing time:             Wed 29 Nov 2023 10:16:51 +0000
ROA not before:           Wed 29 Nov 2023 10:16:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44947
IP address blocks:        62.60.216.0/22 maxlen: 24
                          213.176.64.0/22 maxlen: 24
                          62.60.156.0/22 maxlen: 24
                          62.60.188.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 12 Dec 2023 08:09:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:1a:94:da:09:2e:eb:0c:e3:0e:3d:45:4a:ab:f5:38:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Nov 29 10:16:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0e5da7f66098aa7d522398061c3c1c09ce70bc04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:fb:e4:78:58:ec:30:c1:15:cf:be:10:f7:91:
                    50:3b:15:d6:a8:6b:63:95:0a:12:bc:17:04:62:1a:
                    f5:04:58:8a:75:31:91:76:01:dc:07:70:57:be:17:
                    75:d6:71:ba:5b:c6:9f:d7:3c:a4:8a:55:fd:20:24:
                    32:fb:37:c5:7b:8d:32:bc:78:cb:93:4c:5b:77:80:
                    1d:4f:09:ea:c9:f3:33:3a:32:81:51:88:e6:19:eb:
                    69:5f:bd:92:92:24:2f:18:fa:82:50:2e:38:ba:b3:
                    72:c7:bf:21:22:7a:03:39:9e:52:ed:91:8d:d0:05:
                    cb:d9:2a:a7:a1:50:66:c6:4e:99:a2:ab:48:5d:d9:
                    13:72:ea:be:af:fe:5a:5e:8e:3e:59:26:5e:60:b8:
                    58:40:ca:10:5f:aa:93:e3:69:be:1c:24:57:a2:fe:
                    0c:92:5b:b6:ea:8a:c3:8a:8e:05:2b:fa:ec:bd:79:
                    ad:ad:5e:1d:66:fa:08:1c:1c:1f:24:f3:28:9d:94:
                    c1:e5:2d:a2:df:db:d1:85:09:d7:e6:63:11:1f:eb:
                    d4:d7:51:f5:25:37:d3:a1:6c:30:e5:b0:e2:44:67:
                    6e:e9:fc:67:5d:27:27:79:f7:9e:52:fb:16:08:be:
                    dd:ad:ed:88:36:fd:61:57:7c:10:63:f6:94:0a:61:
                    90:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:5D:A7:F6:60:98:AA:7D:52:23:98:06:1C:3C:1C:09:CE:70:BC:04
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Dl2n9mCYqn1SI5gGHDwcCc5wvAQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.60.156.0/22
                  62.60.188.0/22
                  62.60.216.0/22
                  213.176.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         49:ae:47:47:42:79:cc:68:d3:1d:d5:50:b3:78:22:dd:a2:84:
         41:a2:ef:6a:9e:2d:39:0f:92:e1:51:f1:7d:7d:82:ea:47:b2:
         d5:f4:a3:24:18:16:ec:06:46:0f:ea:1a:c2:50:21:3e:bf:4a:
         22:9a:4b:4f:e5:6c:01:b6:88:37:fe:8a:bc:57:eb:93:26:fa:
         f5:ff:aa:72:6b:69:55:a9:09:e0:6d:3c:ae:d0:6a:e1:5a:01:
         30:7c:c3:a4:5d:f6:a7:ba:7c:6a:5b:3d:85:40:84:2e:49:38:
         e3:3e:a0:33:c6:ce:04:97:32:da:21:ee:e3:8d:10:3f:bb:5e:
         58:41:f9:21:6c:d2:61:8c:16:5b:df:ec:df:24:27:4e:42:5e:
         51:f4:c7:2a:43:f6:35:73:2b:6e:2b:ce:38:d6:89:70:fe:20:
         ac:45:2a:fa:3a:32:02:3b:2e:9d:45:bc:ee:02:e2:49:4f:6a:
         08:e8:37:9d:6b:2c:b3:55:83:32:cb:da:96:1d:48:21:95:f9:
         85:4c:d1:62:f8:bd:ba:50:7e:6b:5b:62:6f:cd:9d:16:4d:94:
         59:dd:0c:8b:4a:c9:e0:c4:7b:e5:e4:70:d5:31:48:4e:f7:c1:
         21:38:4c:de:76:76:69:45:13:fd:a1:d1:04:2b:a1:81:6c:5a:
         27:9e:65:b4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYwalNoJLusM4w49RUqr9Ti9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMxMTI5MTAxNjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTVkYTdmNjYwOThhYTdkNTIyMzk4MDYxYzNjMWMwOWNlNzBiYzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/vkeFjsMMEVz74Q95FQOxXWqGtj
lQoSvBcEYhr1BFiKdTGRdgHcB3BXvhd11nG6W8af1zykilX9ICQy+zfFe40yvHjL
k0xbd4AdTwnqyfMzOjKBUYjmGetpX72SkiQvGPqCUC44urNyx78hInoDOZ5S7ZGN
0AXL2SqnoVBmxk6ZoqtIXdkTcuq+r/5aXo4+WSZeYLhYQMoQX6qT42m+HCRXov4M
klu26orDio4FK/rsvXmtrV4dZvoIHBwfJPMonZTB5S2i39vRhQnX5mMRH+vU11H1
JTfToWww5bDiRGdu6fxnXScnefeeUvsWCL7dre2INv1hV3wQY/aUCmGQ0QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA5dp/ZgmKp9UiOYBhw8HAnOcLwEMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvRGwybjltQ1lxbjFTSTVnR0hEd2NDYzV3dkFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCPjycAwQC
Pjy8AwQCPjzYAwQC1bBAMA0GCSqGSIb3DQEBCwUAA4IBAQBJrkdHQnnMaNMd1VCz
eCLdooRBou9qni05D5LhUfF9fYLqR7LV9KMkGBbsBkYP6hrCUCE+v0oimktP5WwB
tog3/oq8V+uTJvr1/6pya2lVqQngbTyu0GrhWgEwfMOkXfanunxqWz2FQIQuSTjj
PqAzxs4ElzLaIe7jjRA/u15YQfkhbNJhjBZb3+zfJCdOQl5R9McqQ/Y1cytuK844
1olw/iCsRSr6OjICOy6dRbzuAuJJT2oI6DedayyzVYMyy9qWHUghlfmFTNFi+L26
UH5rW2JvzZ0WTZRZ3QyLSsngxHvl5HDVMUhO98EhOEzednZpRRP9odEEK6GBbFon
nmW0
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org