Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/URkUnnZH0uHzD3Fc8940iYqOSNQ.roa
File:                     URkUnnZH0uHzD3Fc8940iYqOSNQ.roa (raw, json)
Hash identifier:          DBhrY2lf++kaNSAzcQ1/tUf33O4AP60wzQQemnivA1U=
Subject key identifier:   51:19:14:9E:76:47:D2:E1:F3:0F:71:5C:F3:DE:34:89:8A:8E:48:D4
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       018D16467A8B5246C0AA5BA0B1FDD056976D
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/URkUnnZH0uHzD3Fc8940iYqOSNQ.roa
Signing time:             Wed 17 Jan 2024 07:15:34 +0000
ROA not before:           Wed 17 Jan 2024 07:15:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204765
IP address blocks:        62.60.224.0/19 maxlen: 24

Validation:               Failed, certificate revoked on Wed 21 Feb 2024 18:27:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:16:46:7a:8b:52:46:c0:aa:5b:a0:b1:fd:d0:56:97:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Jan 17 07:15:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5119149e7647d2e1f30f715cf3de34898a8e48d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:54:96:e1:76:0a:94:20:e2:48:03:6d:fc:d3:
                    84:8c:63:2d:64:2d:fa:c3:e8:5b:80:1d:8a:bc:7a:
                    56:13:bf:aa:e4:06:ea:d3:f1:7e:95:a7:44:31:71:
                    ca:cf:14:93:12:1c:d9:bf:2c:b4:87:60:e7:30:66:
                    33:c6:7b:c4:da:8c:d6:1a:df:80:b4:f6:35:7a:57:
                    37:ba:44:83:ca:f9:08:a0:dc:e3:5e:53:59:6f:a9:
                    b7:86:5f:3c:86:2b:d2:e3:5d:76:ba:e0:f2:4c:77:
                    d5:0f:b7:64:86:df:ae:b4:e7:9b:23:03:64:c2:1d:
                    90:10:8b:86:cc:2e:8c:c5:21:17:ab:5e:1f:81:8b:
                    31:a9:3f:01:0c:54:67:84:66:ed:29:38:7e:dc:63:
                    26:5f:97:42:e7:3a:7b:ff:57:82:9f:64:db:5c:e6:
                    ed:43:e0:49:00:be:7d:1d:dc:e6:a7:1d:a9:60:c2:
                    a7:12:35:ae:3f:eb:1f:df:28:83:21:77:ae:60:28:
                    af:4b:8c:78:e6:28:2a:12:03:9a:17:8f:f2:b3:d2:
                    16:6c:2c:ba:75:11:c0:a4:e3:b2:8e:ed:62:b1:1f:
                    79:66:7a:8b:f6:7b:ba:d3:e7:06:53:38:99:eb:50:
                    75:a0:5f:75:68:42:aa:89:bc:e6:d6:97:8c:3d:08:
                    75:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:19:14:9E:76:47:D2:E1:F3:0F:71:5C:F3:DE:34:89:8A:8E:48:D4
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/URkUnnZH0uHzD3Fc8940iYqOSNQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.60.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         6c:07:1c:83:c5:39:ae:df:63:24:57:b7:bb:d5:d4:fe:da:96:
         26:eb:e4:51:d3:29:f9:83:22:99:a0:36:d4:12:ff:e4:7d:29:
         3b:1b:fe:d6:1b:d2:e2:cc:c2:55:0b:d5:2d:cb:2a:07:41:56:
         55:49:c6:dd:84:ff:ae:29:ce:76:7b:7b:b7:30:eb:10:5e:e9:
         4c:2b:3d:15:1a:36:79:9a:8b:7e:85:a2:9b:8b:bc:39:84:2e:
         f0:d7:d3:ad:45:3f:c4:39:c2:a5:e7:3b:7b:1f:21:c4:28:92:
         0a:6e:d2:30:57:46:6a:49:ff:23:8e:1f:8d:58:e7:f4:da:b3:
         d3:08:60:ad:0c:95:cf:54:cc:31:e7:bf:80:65:a6:b8:92:6f:
         32:ef:45:72:a1:05:29:bd:e1:c7:25:fb:b1:62:99:77:db:7b:
         5b:cc:c1:f7:8e:6e:cb:fe:c2:0c:a7:0d:72:f7:13:2d:c4:b0:
         f1:e5:7c:50:a5:d0:d9:a4:79:a4:71:17:32:58:c4:22:93:9a:
         ea:a0:fd:7f:2a:5f:2d:bb:08:61:f4:b0:29:b2:c5:ce:f2:60:
         2c:04:bd:34:74:05:98:91:fa:dd:b6:1c:5e:db:d8:38:5e:8d:
         eb:f6:28:b4:63:ba:b4:71:ab:00:b3:c1:90:65:95:32:f2:5e:
         37:b5:00:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0WRnqLUkbAqlugsf3QVpdtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwMTE3MDcxNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTE5MTQ5ZTc2NDdkMmUxZjMwZjcxNWNmM2RlMzQ4OThhOGU0OGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFSW4XYKlCDiSANt/NOEjGMtZC36
w+hbgB2KvHpWE7+q5Abq0/F+ladEMXHKzxSTEhzZvyy0h2DnMGYzxnvE2ozWGt+A
tPY1elc3ukSDyvkIoNzjXlNZb6m3hl88hivS4112uuDyTHfVD7dkht+utOebIwNk
wh2QEIuGzC6MxSEXq14fgYsxqT8BDFRnhGbtKTh+3GMmX5dC5zp7/1eCn2TbXObt
Q+BJAL59Hdzmpx2pYMKnEjWuP+sf3yiDIXeuYCivS4x45igqEgOaF4/ys9IWbCy6
dRHApOOyju1isR95ZnqL9nu60+cGUziZ61B1oF91aEKqibzm1peMPQh1OwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFEZFJ52R9Lh8w9xXPPeNImKjkjUMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvVVJrVW5uWkgwdUh6RDNGYzg5NDBpWXFPU05RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFPjzgMA0G
CSqGSIb3DQEBCwUAA4IBAQBsBxyDxTmu32MkV7e71dT+2pYm6+RR0yn5gyKZoDbU
Ev/kfSk7G/7WG9LizMJVC9UtyyoHQVZVScbdhP+uKc52e3u3MOsQXulMKz0VGjZ5
mot+haKbi7w5hC7w19OtRT/EOcKl5zt7HyHEKJIKbtIwV0ZqSf8jjh+NWOf02rPT
CGCtDJXPVMwx57+AZaa4km8y70VyoQUpveHHJfuxYpl323tbzMH3jm7L/sIMpw1y
9xMtxLDx5XxQpdDZpHmkcRcyWMQik5rqoP1/Kl8tuwhh9LApssXO8mAsBL00dAWY
kfrdthxe29g4Xo3r9ii0Y7q0casAs8GQZZUy8l43tQAU
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org