Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/ia0RZaQatKc_YAmJFp62c2XzRx0.roa
File:                     ia0RZaQatKc_YAmJFp62c2XzRx0.roa (raw, json)
Hash identifier:          tuSg/wIG9RqHd3U7BKsOTzHeg0zRq5xPklbMOwXrUuc=
Subject key identifier:   89:AD:11:65:A4:1A:B4:A7:3F:60:09:89:16:9E:B6:73:65:F3:47:1D
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       01893A1B89E75373991E03C8829BD2A1921B
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/ia0RZaQatKc_YAmJFp62c2XzRx0.roa
Signing time:             Sun 09 Jul 2023 10:03:50 +0000
ROA not before:           Sun 09 Jul 2023 10:03:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     53356
IP address blocks:        62.60.216.0/22 maxlen: 24
                          213.176.2.0/23 maxlen: 24
                          213.176.6.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 07 Aug 2023 16:56:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:3a:1b:89:e7:53:73:99:1e:03:c8:82:9b:d2:a1:92:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Jul  9 10:03:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=89ad1165a41ab4a73f600989169eb67365f3471d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:4b:a0:f7:87:d4:01:b2:99:9e:d2:00:74:90:
                    25:dc:32:12:82:eb:86:8c:1c:60:fc:25:f0:06:d1:
                    ea:b7:43:e5:2d:d4:fc:d5:d5:6e:d9:25:ce:08:11:
                    c0:1a:f5:9a:5f:76:ac:68:bf:94:28:ff:ff:d9:a2:
                    db:d4:d5:cc:87:28:e8:96:21:94:e8:c8:ad:4a:c7:
                    37:fd:01:9c:35:a8:4b:7b:0f:fe:d4:be:29:4f:bb:
                    52:79:ed:6b:84:0b:de:1a:9e:2f:d9:46:de:17:5e:
                    49:eb:f1:d9:db:9f:61:f2:70:91:24:61:d8:a7:bf:
                    38:87:d0:5b:f8:f0:2e:93:36:36:2c:b4:00:12:3e:
                    f8:97:0d:b8:65:54:8b:00:54:f8:46:9a:22:5e:8d:
                    4c:3c:46:ca:5c:6b:e8:59:1e:07:5d:37:ef:1c:a2:
                    b3:f8:63:04:16:3b:d8:bd:60:f2:f9:87:73:3e:ed:
                    a9:a8:f8:e8:de:bf:bc:97:79:83:a2:02:7a:c2:e6:
                    2e:70:c5:25:16:45:a6:a3:12:5d:5a:ca:a7:f6:6a:
                    53:a4:36:a1:7b:52:ab:93:68:77:ed:ca:9a:71:85:
                    ea:4c:66:1c:59:86:5a:00:f0:28:ca:c7:56:6c:f9:
                    78:61:45:32:0a:91:53:48:94:c0:b4:10:55:c5:de:
                    ca:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:AD:11:65:A4:1A:B4:A7:3F:60:09:89:16:9E:B6:73:65:F3:47:1D
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/ia0RZaQatKc_YAmJFp62c2XzRx0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.60.216.0/22
                  213.176.2.0/23
                  213.176.6.0/23

    Signature Algorithm: sha256WithRSAEncryption
         10:74:61:a0:4c:9e:0a:94:a7:77:58:9f:9f:3f:f9:be:9b:98:
         d2:ad:68:42:3b:a5:3d:5b:34:1b:df:d6:9e:0b:1e:53:c3:97:
         8e:38:39:84:37:b2:4a:ee:8d:c5:e2:c8:86:29:f2:e0:a3:ae:
         a0:64:f6:44:ef:73:09:0d:2f:03:99:c6:b7:21:dc:57:44:17:
         f7:fb:da:5c:18:1c:3f:00:f1:ab:84:fe:81:b5:29:1c:d5:b5:
         82:42:5b:17:d7:7a:56:ca:5e:ef:b4:78:2b:5d:78:fd:ba:c4:
         d7:42:ce:7c:04:77:42:da:5b:cd:8c:90:37:8b:b2:d1:2f:0d:
         b0:2e:2b:1b:9c:cf:59:92:60:78:bb:91:1f:12:61:97:d4:ee:
         c5:88:d2:71:ce:5a:7e:b2:a6:f4:6e:1e:ec:34:03:ae:9b:ce:
         35:32:12:e5:51:f9:d0:7c:02:90:29:9b:f5:81:d3:e3:54:4a:
         4e:93:e1:4b:84:9e:d8:23:79:85:6a:44:a0:be:1f:1a:03:69:
         39:d3:46:ef:57:d3:b1:15:92:e2:e1:9e:72:68:af:10:b8:f9:
         d9:53:e1:ff:82:45:c5:74:20:3a:fa:82:e2:85:bd:85:ad:15:
         79:a5:bb:ac:5d:fd:62:2f:c7:be:85:75:b1:2a:c8:4c:e4:7a:
         32:92:a7:8b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYk6G4nnU3OZHgPIgpvSoZIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwNzA5MTAwMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWFkMTE2NWE0MWFiNGE3M2Y2MDA5ODkxNjllYjY3MzY1ZjM0NzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20ug94fUAbKZntIAdJAl3DISguuG
jBxg/CXwBtHqt0PlLdT81dVu2SXOCBHAGvWaX3asaL+UKP//2aLb1NXMhyjoliGU
6MitSsc3/QGcNahLew/+1L4pT7tSee1rhAveGp4v2UbeF15J6/HZ259h8nCRJGHY
p784h9Bb+PAukzY2LLQAEj74lw24ZVSLAFT4RpoiXo1MPEbKXGvoWR4HXTfvHKKz
+GMEFjvYvWDy+YdzPu2pqPjo3r+8l3mDogJ6wuYucMUlFkWmoxJdWsqn9mpTpDah
e1Krk2h37cqacYXqTGYcWYZaAPAoysdWbPl4YUUyCpFTSJTAtBBVxd7KjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFImtEWWkGrSnP2AJiRaetnNl80cdMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvaWEwUlphUWF0S2NfWUFtSkZwNjJjMlh6UngwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCPjzYAwQB
1bACAwQB1bAGMA0GCSqGSIb3DQEBCwUAA4IBAQAQdGGgTJ4KlKd3WJ+fP/m+m5jS
rWhCO6U9WzQb39aeCx5Tw5eOODmEN7JK7o3F4siGKfLgo66gZPZE73MJDS8Dmca3
IdxXRBf3+9pcGBw/APGrhP6BtSkc1bWCQlsX13pWyl7vtHgrXXj9usTXQs58BHdC
2lvNjJA3i7LRLw2wLisbnM9ZkmB4u5EfEmGX1O7FiNJxzlp+sqb0bh7sNAOum841
MhLlUfnQfAKQKZv1gdPjVEpOk+FLhJ7YI3mFakSgvh8aA2k500bvV9OxFZLi4Z5y
aK8QuPnZU+H/gkXFdCA6+oLihb2FrRV5pbusXf1iL8e+hXWxKshM5HoykqeL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org