Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/qydYiGu9oHzJtCDfw31J8sPqqIQ.roa
File:                     qydYiGu9oHzJtCDfw31J8sPqqIQ.roa (raw, json)
Hash identifier:          us7E4mlQt9a1XERCpQZNS+MhmnzNwnVLybQxIQm7CfE=
Subject key identifier:   AB:27:58:88:6B:BD:A0:7C:C9:B4:20:DF:C3:7D:49:F2:C3:EA:A8:84
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       018B08FFCDD24CB3E5C8C7DE4E93769BFBCD
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/qydYiGu9oHzJtCDfw31J8sPqqIQ.roa
Signing time:             Sat 07 Oct 2023 07:17:43 +0000
ROA not before:           Sat 07 Oct 2023 07:17:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15611
IP address blocks:        213.176.96.0/24 maxlen: 24
                          213.176.4.0/24 maxlen: 24
                          213.176.5.0/24 maxlen: 24
                          62.60.168.0/21 maxlen: 24
                          62.60.132.0/22 maxlen: 24
                          62.60.136.0/24 maxlen: 24
                          62.60.137.0/24 maxlen: 24
                          62.60.139.0/24 maxlen: 24
                          62.60.140.0/24 maxlen: 24
                          62.60.141.0/24 maxlen: 24
                          62.60.142.0/24 maxlen: 24
                          62.60.145.0/24 maxlen: 24
                          62.60.147.0/24 maxlen: 24
                          62.60.148.0/22 maxlen: 24
                          213.176.124.0/24 maxlen: 24
                          213.176.125.0/24 maxlen: 24
                          213.176.122.0/24 maxlen: 24
                          213.176.123.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 11 Oct 2023 06:10:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:08:ff:cd:d2:4c:b3:e5:c8:c7:de:4e:93:76:9b:fb:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Oct  7 07:17:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ab2758886bbda07cc9b420dfc37d49f2c3eaa884
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:bb:02:9c:57:70:63:ad:12:88:fa:f0:d8:53:
                    e2:93:09:67:6f:31:68:3d:da:d4:e8:d7:8f:38:fc:
                    2c:a9:ed:ad:08:95:f6:ef:51:76:6c:92:c4:d3:66:
                    b5:6b:98:fd:0d:d0:5d:f8:7e:d8:ee:4b:9a:0b:a0:
                    8e:d4:44:7a:d1:bc:50:30:a3:fc:12:f7:ca:12:c4:
                    8b:0a:8b:af:d5:7d:d4:28:bc:80:f8:4c:4f:2a:10:
                    ea:98:7b:da:5e:25:70:32:98:a0:7d:1a:2d:19:70:
                    57:9c:6f:f0:7f:29:03:2e:e3:f8:98:b7:3a:ee:b1:
                    ae:b8:9d:a6:15:c2:42:4a:90:5d:d7:c5:ce:44:87:
                    2e:47:f3:40:d3:01:dc:ee:16:a9:1c:e1:f0:04:af:
                    ce:82:e0:29:e3:32:c3:8d:43:dc:9c:4a:03:c4:e3:
                    39:38:3d:96:bb:76:af:e4:24:eb:aa:4c:a5:dd:a2:
                    bc:3d:f7:5d:a9:14:c1:7e:b3:8c:6d:bf:c9:c4:1f:
                    5b:6c:20:b8:79:ad:92:e5:55:f8:63:4b:78:02:49:
                    98:02:ce:08:76:61:c8:64:6a:c3:1a:6a:43:ab:72:
                    6a:1d:69:2d:5b:4f:e7:d5:b0:99:07:ad:ab:e8:26:
                    e4:16:30:c0:4d:2c:97:58:80:33:d7:34:7a:d2:b7:
                    0d:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:27:58:88:6B:BD:A0:7C:C9:B4:20:DF:C3:7D:49:F2:C3:EA:A8:84
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/qydYiGu9oHzJtCDfw31J8sPqqIQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.60.132.0-62.60.137.255
                  62.60.139.0-62.60.142.255
                  62.60.145.0/24
                  62.60.147.0-62.60.151.255
                  62.60.168.0/21
                  213.176.4.0/23
                  213.176.96.0/24
                  213.176.122.0-213.176.125.255

    Signature Algorithm: sha256WithRSAEncryption
         1f:f2:3b:e6:92:d0:11:dd:c2:10:f9:d9:9e:3f:59:1a:03:75:
         a5:18:e5:28:5d:e6:dd:0f:15:40:4f:90:10:89:00:be:40:be:
         91:be:22:7c:1d:93:03:24:f2:57:0e:e8:cb:26:33:8d:f5:17:
         3e:05:e3:9d:4c:ee:ce:ae:90:d3:e7:a2:93:26:9b:96:3d:7f:
         5b:60:21:1c:3e:a3:6b:8e:87:62:ea:28:81:2a:bc:a6:19:29:
         1c:2c:1b:56:2e:4a:1d:d6:71:3a:48:f3:0a:c3:98:73:55:52:
         ea:ab:47:0d:c4:c2:36:53:88:11:32:c6:fb:87:78:3c:19:f0:
         73:a2:12:f7:b4:06:8b:65:da:a6:f8:e2:8a:08:79:e0:3e:97:
         f0:b5:14:93:31:f8:8a:64:c5:46:b4:4d:38:62:92:64:ed:7d:
         44:62:59:dd:a5:1d:7a:71:b2:a4:53:57:77:9a:71:fa:a8:fb:
         bf:99:40:98:2e:33:3c:d2:4c:ee:a2:fd:5e:69:e8:d1:0f:d7:
         e3:be:a5:a3:1c:b4:6a:bd:84:94:2c:0c:c3:bc:db:46:f8:fd:
         e9:6a:ae:f3:08:8a:f0:1f:64:d6:97:93:27:42:9e:59:39:f1:
         a7:60:e2:69:b5:e9:4b:a8:cf:20:61:98:02:6c:7c:5c:31:fe:
         c7:2e:ed:89
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYsI/83STLPlyMfeTpN2m/vNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMxMDA3MDcxNzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjI3NTg4ODZiYmRhMDdjYzliNDIwZGZjMzdkNDlmMmMzZWFhODg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrsCnFdwY60SiPrw2FPikwlnbzFo
PdrU6NePOPwsqe2tCJX271F2bJLE02a1a5j9DdBd+H7Y7kuaC6CO1ER60bxQMKP8
EvfKEsSLCouv1X3UKLyA+ExPKhDqmHvaXiVwMpigfRotGXBXnG/wfykDLuP4mLc6
7rGuuJ2mFcJCSpBd18XORIcuR/NA0wHc7hapHOHwBK/OguAp4zLDjUPcnEoDxOM5
OD2Wu3av5CTrqkyl3aK8PfddqRTBfrOMbb/JxB9bbCC4ea2S5VX4Y0t4AkmYAs4I
dmHIZGrDGmpDq3JqHWktW0/n1bCZB62r6CbkFjDATSyXWIAz1zR60rcNYQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFKsnWIhrvaB8ybQg38N9SfLD6qiEMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvcXlkWWlHdTlvSHpKdENEZnczMUo4c1BxcUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQMAwDBAI+PIQD
BAE+PIgwDAMEAD48iwMEAD48jgMEAD48kTAMAwQAPjyTAwQDPjyQAwQDPjyoAwQB
1bAEAwQA1bBgMAwDBAHVsHoDBAHVsHwwDQYJKoZIhvcNAQELBQADggEBAB/yO+aS
0BHdwhD52Z4/WRoDdaUY5Shd5t0PFUBPkBCJAL5AvpG+InwdkwMk8lcO6MsmM431
Fz4F451M7s6ukNPnopMmm5Y9f1tgIRw+o2uOh2LqKIEqvKYZKRwsG1YuSh3WcTpI
8wrDmHNVUuqrRw3EwjZTiBEyxvuHeDwZ8HOiEve0Botl2qb44ooIeeA+l/C1FJMx
+IpkxUa0TThikmTtfURiWd2lHXpxsqRTV3eacfqo+7+ZQJguMzzSTO6i/V5p6NEP
1+O+paMctGq9hJQsDMO820b4/elqrvMIivAfZNaXkydCnlk58adg4mm16UuozyBh
mAJsfFwx/scu7Yk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org