Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Y6ZTiVPlME4cHRka9Xs4DlHvWkQ.roa
File:                     Y6ZTiVPlME4cHRka9Xs4DlHvWkQ.roa (raw, json)
Hash identifier:          gP9d1nhAibOYjCJoZ+eZSywEEOWF4mS+CboD86+O40Y=
Subject key identifier:   63:A6:53:89:53:E5:30:4E:1C:1D:19:1A:F5:7B:38:0E:51:EF:5A:44
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       018CCA29C8F771C66888571CF4E25569906D
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Y6ZTiVPlME4cHRka9Xs4DlHvWkQ.roa
Signing time:             Tue 02 Jan 2024 12:33:05 +0000
ROA not before:           Tue 02 Jan 2024 12:33:05 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     213200
IP address blocks:        62.60.224.0/20 maxlen: 24

Validation:               Failed, certificate revoked on Wed 03 Jan 2024 20:32:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:29:c8:f7:71:c6:68:88:57:1c:f4:e2:55:69:90:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Jan  2 12:33:05 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=63a6538953e5304e1c1d191af57b380e51ef5a44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:e2:5d:8d:8c:ad:18:ea:89:00:33:f2:48:78:
                    a1:49:e2:ae:c1:02:9f:a5:eb:72:a5:b4:2b:12:52:
                    c5:da:5c:46:fb:fb:0c:c7:60:dc:4d:c7:eb:fe:86:
                    20:4f:f5:e6:74:32:d7:5d:86:80:0a:8b:a6:a4:f2:
                    45:b0:22:cc:4c:f5:33:cb:cc:12:83:a0:a7:86:66:
                    1b:c0:06:12:cf:0b:e3:37:88:7c:7d:e8:46:fb:71:
                    a9:01:68:01:42:5c:be:40:f9:0b:d3:e9:48:95:55:
                    be:ee:e1:1f:2b:94:90:5b:ad:df:be:e4:23:fd:7d:
                    d8:68:24:f4:cd:52:3e:86:52:94:ed:38:c6:04:cc:
                    58:34:7d:da:5a:07:8f:38:b3:c9:f6:d3:b2:d7:e8:
                    6b:58:a3:50:d4:45:1e:6c:97:78:07:d7:50:1e:68:
                    6e:03:b6:89:d2:4c:46:9f:c8:2d:c0:cb:a1:26:3f:
                    97:17:67:3d:27:cf:bd:bb:81:1a:76:02:40:df:4e:
                    52:15:a2:65:43:23:a5:e5:cd:09:0e:70:b1:9c:20:
                    5c:f5:8b:3a:85:10:28:dc:42:ed:12:2b:26:ca:d6:
                    29:bf:2b:c3:14:94:c8:0f:32:89:10:fa:9b:66:ac:
                    be:a9:f6:1e:e3:73:b5:d3:61:8f:2a:e1:e4:bb:9c:
                    80:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:A6:53:89:53:E5:30:4E:1C:1D:19:1A:F5:7B:38:0E:51:EF:5A:44
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Y6ZTiVPlME4cHRka9Xs4DlHvWkQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.60.224.0/20

    Signature Algorithm: sha256WithRSAEncryption
         0e:47:52:81:f3:5d:28:6e:d0:e0:f2:e7:f9:44:6f:67:7c:c3:
         3e:e4:67:eb:c9:a8:0d:e2:68:74:a1:03:b3:7e:25:d5:7b:2b:
         f1:e1:f9:9d:04:5c:21:8c:27:a7:45:68:49:c2:61:ca:84:b4:
         82:cc:cf:07:a6:4f:78:78:6e:70:1a:ea:fb:c1:ff:9a:ee:c4:
         66:02:2c:55:57:a3:f1:6f:2d:59:69:15:96:bc:08:2c:e3:77:
         6c:61:44:69:1f:94:26:f3:40:f5:d6:f7:8f:b5:12:57:05:01:
         40:fe:77:81:63:a9:e3:09:df:06:05:9e:0f:6d:32:fe:4a:1f:
         0d:6b:de:d7:92:a1:62:08:2b:7d:79:5b:13:d5:bf:17:c6:3e:
         a9:d1:12:25:49:36:dc:2f:b4:41:3e:4f:3e:5a:96:26:d2:59:
         02:7d:ac:ea:32:03:03:53:12:3b:30:93:d8:d2:28:e0:ea:87:
         2f:61:46:4f:e2:9d:7c:0c:48:b8:c8:32:66:c1:d2:f9:f0:ce:
         a5:45:a8:00:33:9c:42:e5:29:b7:20:1e:b9:2b:de:ad:02:c2:
         30:52:ef:b4:6a:2f:84:85:11:bf:fa:64:1a:0b:e6:fd:10:80:
         c3:7d:c4:e8:7f:43:95:ee:17:4e:be:b8:ef:c8:9b:60:da:cb:
         d2:3c:4e:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKcj3ccZoiFcc9OJVaZBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwMTAyMTIzMzA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2E2NTM4OTUzZTUzMDRlMWMxZDE5MWFmNTdiMzgwZTUxZWY1YTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuJdjYytGOqJADPySHihSeKuwQKf
petypbQrElLF2lxG+/sMx2DcTcfr/oYgT/XmdDLXXYaACoumpPJFsCLMTPUzy8wS
g6CnhmYbwAYSzwvjN4h8fehG+3GpAWgBQly+QPkL0+lIlVW+7uEfK5SQW63fvuQj
/X3YaCT0zVI+hlKU7TjGBMxYNH3aWgePOLPJ9tOy1+hrWKNQ1EUebJd4B9dQHmhu
A7aJ0kxGn8gtwMuhJj+XF2c9J8+9u4EadgJA305SFaJlQyOl5c0JDnCxnCBc9Ys6
hRAo3ELtEismytYpvyvDFJTIDzKJEPqbZqy+qfYe43O102GPKuHku5yAHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGOmU4lT5TBOHB0ZGvV7OA5R71pEMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvWTZaVGlWUGxNRTRjSFJrYTlYczREbEh2V2tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEPjzgMA0G
CSqGSIb3DQEBCwUAA4IBAQAOR1KB810obtDg8uf5RG9nfMM+5GfryagN4mh0oQOz
fiXVeyvx4fmdBFwhjCenRWhJwmHKhLSCzM8Hpk94eG5wGur7wf+a7sRmAixVV6Px
by1ZaRWWvAgs43dsYURpH5Qm80D11vePtRJXBQFA/neBY6njCd8GBZ4PbTL+Sh8N
a97XkqFiCCt9eVsT1b8Xxj6p0RIlSTbcL7RBPk8+WpYm0lkCfazqMgMDUxI7MJPY
0ijg6ocvYUZP4p18DEi4yDJmwdL58M6lRagAM5xC5Sm3IB65K96tAsIwUu+0ai+E
hRG/+mQaC+b9EIDDfcTof0OV7hdOvrjvyJtg2svSPE5i
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org