Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/qJneuOBOJI1rfMhZ4lh4htVMsHs.roa
File:                     qJneuOBOJI1rfMhZ4lh4htVMsHs.roa (raw, json)
Hash identifier:          lLJCmwt0W+jcFO9fMQZNY5kofHplYZMg/A/kiETvDmA=
Subject key identifier:   A8:99:DE:B8:E0:4E:24:8D:6B:7C:C8:59:E2:58:78:86:D5:4C:B0:7B
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       018BADF2DE2ABD8243C3019CC2214783E5D2
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/qJneuOBOJI1rfMhZ4lh4htVMsHs.roa
Signing time:             Wed 08 Nov 2023 08:00:56 +0000
ROA not before:           Wed 08 Nov 2023 08:00:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205220
IP address blocks:        62.60.146.0/23 maxlen: 24
                          213.176.2.0/23 maxlen: 24
                          213.176.6.0/24 maxlen: 24
                          62.60.196.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 12 Dec 2023 08:09:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:ad:f2:de:2a:bd:82:43:c3:01:9c:c2:21:47:83:e5:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Nov  8 08:00:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a899deb8e04e248d6b7cc859e2587886d54cb07b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:c4:42:0f:ea:22:ed:01:8f:c5:b0:8b:37:9b:
                    19:07:7a:53:6e:fd:62:e3:b6:11:63:6d:64:36:cb:
                    1a:06:c3:a7:72:3c:c2:6d:ea:9a:81:77:c6:f8:c4:
                    14:66:4d:c9:d5:90:0c:3e:9b:b9:7a:6b:90:d8:b1:
                    cf:ab:57:bd:12:6c:3b:92:3c:b5:7b:7c:c9:82:95:
                    47:06:6f:1a:fa:6a:d7:28:6e:bc:41:ef:8a:74:c3:
                    3f:02:af:56:0d:02:35:d4:54:fd:f9:07:ed:f5:e0:
                    1f:b3:6c:4e:1b:e2:91:1d:71:5d:89:7b:80:f6:1e:
                    37:34:05:c5:26:a9:ee:46:21:2e:74:fe:bd:67:4b:
                    47:df:be:d6:de:11:b0:ba:e4:50:08:36:88:ad:ba:
                    4e:19:2d:ae:32:52:50:86:b9:a2:b0:b3:0c:2b:53:
                    ef:eb:42:6f:66:93:4a:c1:10:de:6e:77:3c:6e:5b:
                    f4:ac:83:af:2d:89:7b:28:46:4c:8a:9d:46:ca:3e:
                    e1:a2:af:e5:ac:64:72:a9:89:ec:74:e6:84:0b:4f:
                    79:11:87:1d:f4:79:32:79:c1:5e:37:ec:89:03:e6:
                    1d:1d:cd:43:cf:e7:22:00:b0:14:77:b4:b4:a6:4f:
                    11:71:b9:de:53:51:62:d2:7f:8b:14:15:1b:80:31:
                    f1:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:99:DE:B8:E0:4E:24:8D:6B:7C:C8:59:E2:58:78:86:D5:4C:B0:7B
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/qJneuOBOJI1rfMhZ4lh4htVMsHs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.60.146.0/23
                  62.60.196.0/22
                  213.176.2.0/23
                  213.176.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:57:be:6f:99:c3:1e:f9:da:ee:5f:2c:2e:1c:f3:10:64:dd:
         01:ad:0e:94:8a:6b:c4:a7:ae:3a:57:32:57:f4:68:ac:94:77:
         f9:16:67:38:67:6b:f0:7a:c0:04:d7:07:46:7b:41:90:06:4c:
         d7:a8:3d:2d:6b:09:7d:67:48:64:f3:68:e9:0a:00:8e:fe:1e:
         3d:5c:ef:e8:9b:81:57:35:48:21:5f:d1:22:02:6d:bd:da:f5:
         64:d0:20:fd:b5:a4:b1:d2:f3:74:b1:77:03:2b:43:dd:aa:92:
         2a:26:4d:40:24:b6:1c:15:1b:fd:b4:e0:23:11:9c:51:cb:1f:
         df:97:61:35:35:40:2f:1e:e9:36:5c:7f:84:8a:cc:29:3b:4f:
         d7:75:06:c2:14:a2:d5:77:8a:19:9a:df:a0:b9:dd:61:86:93:
         85:06:27:27:45:27:13:5b:6d:31:e9:52:da:f2:18:b2:c3:f6:
         93:aa:25:26:b8:c9:6d:80:3a:e9:af:b8:36:db:cf:10:22:fd:
         41:d7:1e:5e:e6:1d:56:7b:88:11:9d:39:5b:94:d5:41:08:ad:
         08:bd:a3:02:d9:41:5e:0f:3f:45:4b:63:76:ff:12:6c:fd:1a:
         b4:ed:7b:d3:aa:75:ad:7c:4b:1d:37:96:52:5e:19:d5:04:aa:
         3c:2f:cc:74
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYut8t4qvYJDwwGcwiFHg+XSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMxMTA4MDgwMDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODk5ZGViOGUwNGUyNDhkNmI3Y2M4NTllMjU4Nzg4NmQ1NGNiMDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsRCD+oi7QGPxbCLN5sZB3pTbv1i
47YRY21kNssaBsOncjzCbeqagXfG+MQUZk3J1ZAMPpu5emuQ2LHPq1e9Emw7kjy1
e3zJgpVHBm8a+mrXKG68Qe+KdMM/Aq9WDQI11FT9+Qft9eAfs2xOG+KRHXFdiXuA
9h43NAXFJqnuRiEudP69Z0tH377W3hGwuuRQCDaIrbpOGS2uMlJQhrmisLMMK1Pv
60JvZpNKwRDebnc8blv0rIOvLYl7KEZMip1Gyj7hoq/lrGRyqYnsdOaEC095EYcd
9HkyecFeN+yJA+YdHc1Dz+ciALAUd7S0pk8RcbneU1Fi0n+LFBUbgDHxLQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKiZ3rjgTiSNa3zIWeJYeIbVTLB7MB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvcUpuZXVPQk9KSTFyZk1oWjRsaDRodFZNc0hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBPjySAwQC
PjzEAwQB1bACAwQA1bAGMA0GCSqGSIb3DQEBCwUAA4IBAQA3V75vmcMe+druXywu
HPMQZN0BrQ6UimvEp646VzJX9GislHf5Fmc4Z2vwesAE1wdGe0GQBkzXqD0tawl9
Z0hk82jpCgCO/h49XO/om4FXNUghX9EiAm292vVk0CD9taSx0vN0sXcDK0PdqpIq
Jk1AJLYcFRv9tOAjEZxRyx/fl2E1NUAvHuk2XH+EiswpO0/XdQbCFKLVd4oZmt+g
ud1hhpOFBicnRScTW20x6VLa8hiyw/aTqiUmuMltgDrpr7g2288QIv1B1x5e5h1W
e4gRnTlblNVBCK0IvaMC2UFeDz9FS2N2/xJs/Rq07XvTqnWtfEsdN5ZSXhnVBKo8
L8x0
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:30 2024 by rpki-client on console-ams.rpki-client.org