Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/dhZUXWtMMrCQUXKzmffdXoKwLfQ.roa
File:                     dhZUXWtMMrCQUXKzmffdXoKwLfQ.roa (raw, json)
Hash identifier:          3GRn6L8iv0o/Q4X2ZARlRgxfjSUOUSmVS/9SPJrggdo=
Subject key identifier:   76:16:54:5D:6B:4C:32:B0:90:51:72:B3:99:F7:DD:5E:82:B0:2D:F4
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       018CE6ED1E100A33D96517BC084920A43807
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/dhZUXWtMMrCQUXKzmffdXoKwLfQ.roa
Signing time:             Mon 08 Jan 2024 02:35:48 +0000
ROA not before:           Mon 08 Jan 2024 02:35:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44947
IP address blocks:        62.60.216.0/22 maxlen: 24
                          213.176.64.0/22 maxlen: 24
                          62.60.146.0/23 maxlen: 24
                          62.60.156.0/22 maxlen: 24
                          213.176.120.0/23 maxlen: 24
                          62.60.184.0/22 maxlen: 24
                          62.60.192.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 21 Feb 2024 06:22:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:e6:ed:1e:10:0a:33:d9:65:17:bc:08:49:20:a4:38:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Jan  8 02:35:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7616545d6b4c32b0905172b399f7dd5e82b02df4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:7e:68:4e:af:7f:4c:bd:ea:5a:64:ad:7a:6a:
                    cf:11:0e:fd:4c:56:1b:e7:79:00:56:22:e6:d3:9a:
                    1a:e7:11:68:2c:1c:20:19:0a:53:c0:d5:ae:d3:12:
                    d9:29:44:aa:9b:7b:f1:63:c8:f9:27:b5:6b:6e:4a:
                    d4:07:7f:9a:16:b3:ef:8c:8a:1e:b6:d1:b8:c9:6c:
                    54:93:f4:40:5a:5f:18:a6:20:f7:28:c8:45:ad:09:
                    51:12:29:db:9b:ab:61:fe:96:b4:e3:b4:5b:a5:0d:
                    43:fc:b4:4f:d2:0e:04:c7:13:7d:ae:64:8c:a2:d5:
                    de:00:6e:60:06:6f:09:d7:8d:7c:aa:88:72:74:3f:
                    86:6b:19:fd:8e:68:f7:01:57:bf:1d:2a:eb:b3:7f:
                    cb:9a:cc:23:29:ae:af:18:e5:0f:ca:65:bb:84:a5:
                    d8:d7:78:7f:c8:43:1d:10:e1:d4:2a:ef:c9:9f:66:
                    90:35:9d:69:98:85:3b:c4:cc:4d:49:ba:76:d2:3c:
                    31:9d:24:32:68:12:12:f6:ff:20:6c:e6:f2:a3:49:
                    8f:63:1b:7b:fb:a1:e7:92:53:54:83:64:04:b6:c7:
                    8c:43:dd:66:ac:ca:f0:8f:22:9c:1e:29:7e:ed:d3:
                    54:93:aa:2d:1b:29:f0:2a:1e:1d:99:01:66:92:a8:
                    1f:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:16:54:5D:6B:4C:32:B0:90:51:72:B3:99:F7:DD:5E:82:B0:2D:F4
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/dhZUXWtMMrCQUXKzmffdXoKwLfQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.60.146.0/23
                  62.60.156.0/22
                  62.60.184.0/22
                  62.60.192.0/22
                  62.60.216.0/22
                  213.176.64.0/22
                  213.176.120.0/23

    Signature Algorithm: sha256WithRSAEncryption
         09:4e:fb:df:6d:72:f2:78:97:40:6e:08:3b:c6:c6:e7:f7:21:
         17:f2:02:cb:c6:e7:bb:e8:24:e8:5d:90:25:ed:50:3e:95:75:
         b6:2f:34:79:44:e2:3e:28:65:a0:23:13:7f:18:da:9f:b4:b1:
         7f:42:53:9b:ec:08:0c:a4:de:1f:e8:2c:f8:25:8f:63:d2:27:
         c6:c9:b9:1a:6a:30:6a:6c:f3:de:58:1e:e9:78:09:69:be:3b:
         4a:fe:bc:f9:a2:51:24:87:c2:48:ac:bb:52:89:49:1c:88:58:
         ed:35:fd:9e:da:38:fb:ef:c2:94:0c:45:d5:12:52:f6:c6:95:
         b0:13:4b:49:c7:07:ab:c0:40:ae:dc:af:16:1c:49:35:d8:e1:
         7d:4d:d8:3a:9a:96:09:15:70:39:87:17:a2:6f:45:1d:c4:a9:
         c8:bf:6e:4a:42:50:f5:2a:81:60:a8:db:1b:b1:7d:ab:f0:81:
         53:f9:c5:a9:54:77:d6:8b:c8:ad:ae:8a:fd:fa:55:c5:d3:a1:
         a3:b8:98:0f:a8:fe:a3:aa:1a:13:35:d1:fd:45:38:9f:c5:ef:
         69:42:2f:cf:dc:0d:c4:ed:81:9d:97:7f:71:2f:02:33:0a:71:
         64:71:87:e1:8a:ee:1b:f1:26:36:e3:0f:d2:52:e6:91:40:25:
         eb:94:a3:8e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzm7R4QCjPZZRe8CEkgpDgHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwMTA4MDIzNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjE2NTQ1ZDZiNGMzMmIwOTA1MTcyYjM5OWY3ZGQ1ZTgyYjAyZGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3n5oTq9/TL3qWmStemrPEQ79TFYb
53kAViLm05oa5xFoLBwgGQpTwNWu0xLZKUSqm3vxY8j5J7VrbkrUB3+aFrPvjIoe
ttG4yWxUk/RAWl8YpiD3KMhFrQlREinbm6th/pa047RbpQ1D/LRP0g4ExxN9rmSM
otXeAG5gBm8J1418qohydD+Gaxn9jmj3AVe/HSrrs3/LmswjKa6vGOUPymW7hKXY
13h/yEMdEOHUKu/Jn2aQNZ1pmIU7xMxNSbp20jwxnSQyaBIS9v8gbObyo0mPYxt7
+6HnklNUg2QEtseMQ91mrMrwjyKcHil+7dNUk6otGynwKh4dmQFmkqgfTwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHYWVF1rTDKwkFFys5n33V6CsC30MB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvZGhaVVhXdE1NckNRVVhLem1mZmRYb0t3TGZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBPjySAwQC
PjycAwQCPjy4AwQCPjzAAwQCPjzYAwQC1bBAAwQB1bB4MA0GCSqGSIb3DQEBCwUA
A4IBAQAJTvvfbXLyeJdAbgg7xsbn9yEX8gLLxue76CToXZAl7VA+lXW2LzR5ROI+
KGWgIxN/GNqftLF/QlOb7AgMpN4f6Cz4JY9j0ifGybkaajBqbPPeWB7peAlpvjtK
/rz5olEkh8JIrLtSiUkciFjtNf2e2jj778KUDEXVElL2xpWwE0tJxwerwECu3K8W
HEk12OF9Tdg6mpYJFXA5hxeib0UdxKnIv25KQlD1KoFgqNsbsX2r8IFT+cWpVHfW
i8itror9+lXF06GjuJgPqP6jqhoTNdH9RTifxe9pQi/P3A3E7YGdl39xLwIzCnFk
cYfhiu4b8SY24w/SUuaRQCXrlKOO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org