Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/NX4oZnlCELR5uKDh5Kx2mYsQmxA.roa
File:                     NX4oZnlCELR5uKDh5Kx2mYsQmxA.roa (raw, json)
Hash identifier:          CThHXeaAAGLxFNptff0tfCSGySwRoCKNwvZHPGRz1Y8=
Subject key identifier:   35:7E:28:66:79:42:10:B4:79:B8:A0:E1:E4:AC:76:99:8B:10:9B:10
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       018EF644C640188DD5FA209B4D71ED6C3995
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/NX4oZnlCELR5uKDh5Kx2mYsQmxA.roa
Signing time:             Fri 19 Apr 2024 12:11:25 +0000
ROA not before:           Fri 19 Apr 2024 12:11:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44947
IP address blocks:        62.60.224.0/19 maxlen: 24
                          213.176.64.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 Apr 2024 11:50:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:f6:44:c6:40:18:8d:d5:fa:20:9b:4d:71:ed:6c:39:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Apr 19 12:11:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=357e2866794210b479b8a0e1e4ac76998b109b10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:ec:56:4a:66:94:60:fe:cb:23:6d:12:7a:b9:
                    af:a5:fb:92:23:bc:83:e2:fe:8d:a3:b1:53:23:4e:
                    d6:fe:4b:48:86:04:cd:29:94:8b:80:bf:07:52:e3:
                    28:72:a6:a2:95:cf:e9:f1:ec:1a:a7:dc:33:71:2b:
                    81:ad:ae:e4:28:8a:38:8b:b1:9b:3e:3c:27:88:01:
                    28:3c:80:47:ca:99:7a:c1:53:7e:1b:4f:6e:eb:7e:
                    cf:2e:3b:06:6a:cf:ee:e1:09:7a:8f:a7:04:6d:e6:
                    6d:e5:79:9d:07:ee:e6:7a:69:1b:40:c7:c1:1b:ea:
                    4d:65:70:f1:83:01:e6:8e:f9:37:15:3d:80:f5:f4:
                    a8:46:72:e0:4f:2b:a8:e8:85:51:ad:1c:22:c6:e0:
                    96:e0:55:27:a8:7f:b9:b2:3a:44:a7:71:d0:ee:c9:
                    17:19:47:73:68:cd:5b:6b:da:ca:29:9b:34:82:f1:
                    27:96:8f:f5:c8:a9:e8:af:ff:1c:ef:9a:ac:c0:11:
                    e7:7a:60:b1:17:bc:6e:4a:35:b4:37:06:88:5a:87:
                    3f:f6:6e:a7:a2:7d:ef:77:e3:41:21:0e:f1:b1:92:
                    5c:46:40:36:6f:e9:4c:77:95:87:79:16:36:b4:0d:
                    3b:76:87:cd:80:e9:67:ab:e5:39:96:de:ac:13:6a:
                    70:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:7E:28:66:79:42:10:B4:79:B8:A0:E1:E4:AC:76:99:8B:10:9B:10
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/NX4oZnlCELR5uKDh5Kx2mYsQmxA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.60.224.0/19
                  213.176.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ad:87:00:5f:f4:00:a5:ea:5e:23:32:35:c4:77:4d:45:77:11:
         55:f6:82:51:a8:cc:26:30:a6:5b:67:24:2d:79:77:0b:b6:8c:
         30:d5:65:34:b7:c3:13:4c:7d:3e:f1:a4:07:fd:03:64:02:53:
         3d:85:04:b5:34:10:7d:b8:81:03:a8:9c:ae:aa:21:dc:4b:4e:
         24:2a:f6:68:7c:d2:bd:17:f6:9e:45:95:27:5b:24:86:5c:4a:
         5b:e2:9f:c6:56:ba:7d:49:98:f6:d1:6d:71:f4:c1:0d:56:d1:
         f7:b2:f3:74:e5:ba:58:1a:0a:4d:06:68:c1:73:d4:a6:aa:d1:
         21:0b:be:15:16:69:a3:1f:5d:54:92:10:25:bf:c5:9f:05:e6:
         16:ca:cc:98:ed:56:5f:7b:51:a1:35:19:fa:9c:dc:2b:b7:55:
         e0:ff:3c:f0:a4:3f:d4:d9:c9:58:8b:1a:90:e0:d3:8b:a8:c3:
         9e:9c:9b:2a:15:ed:a2:55:68:83:32:98:45:0a:32:bf:f6:6d:
         f6:98:67:22:00:c7:9a:48:af:1e:f8:5d:9a:61:f0:a5:b3:3d:
         8a:f3:e0:c0:fc:6b:d0:54:b3:e5:00:c8:85:3b:57:37:ee:b0:
         99:36:03:91:2f:17:a4:14:80:bd:95:02:7f:64:bb:ff:ee:c4:
         b2:25:96:47
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY72RMZAGI3V+iCbTXHtbDmVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwNDE5MTIxMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTdlMjg2Njc5NDIxMGI0NzliOGEwZTFlNGFjNzY5OThiMTA5YjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuxWSmaUYP7LI20SermvpfuSI7yD
4v6No7FTI07W/ktIhgTNKZSLgL8HUuMocqailc/p8ewap9wzcSuBra7kKIo4i7Gb
PjwniAEoPIBHypl6wVN+G09u637PLjsGas/u4Ql6j6cEbeZt5XmdB+7memkbQMfB
G+pNZXDxgwHmjvk3FT2A9fSoRnLgTyuo6IVRrRwixuCW4FUnqH+5sjpEp3HQ7skX
GUdzaM1ba9rKKZs0gvEnlo/1yKnor/8c75qswBHnemCxF7xuSjW0NwaIWoc/9m6n
on3vd+NBIQ7xsZJcRkA2b+lMd5WHeRY2tA07dofNgOlnq+U5lt6sE2pwcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDV+KGZ5QhC0ebig4eSsdpmLEJsQMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvTlg0b1pubENFTFI1dUtEaDVLeDJtWXNRbXhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFPjzgAwQC
1bBAMA0GCSqGSIb3DQEBCwUAA4IBAQCthwBf9ACl6l4jMjXEd01FdxFV9oJRqMwm
MKZbZyQteXcLtoww1WU0t8MTTH0+8aQH/QNkAlM9hQS1NBB9uIEDqJyuqiHcS04k
KvZofNK9F/aeRZUnWySGXEpb4p/GVrp9SZj20W1x9MENVtH3svN05bpYGgpNBmjB
c9SmqtEhC74VFmmjH11UkhAlv8WfBeYWysyY7VZfe1GhNRn6nNwrt1Xg/zzwpD/U
2clYixqQ4NOLqMOenJsqFe2iVWiDMphFCjK/9m32mGciAMeaSK8e+F2aYfClsz2K
8+DA/GvQVLPlAMiFO1c37rCZNgORLxekFIC9lQJ/ZLv/7sSyJZZH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org