Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/ywfAvfQCcyAS6oNjog4QtcWpxUs.roa
File:                     ywfAvfQCcyAS6oNjog4QtcWpxUs.roa (raw, json)
Hash identifier:          F8/EPnsMKdWqe8k2n7TFCpGA0lpAEvR5tVjcVzvWpww=
Subject key identifier:   CB:07:C0:BD:F4:02:73:20:12:EA:83:63:A2:0E:10:B5:C5:A9:C5:4B
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       018B23724F60865C434BFE8E0CEB441CEDB2
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/ywfAvfQCcyAS6oNjog4QtcWpxUs.roa
Signing time:             Thu 12 Oct 2023 10:32:55 +0000
ROA not before:           Thu 12 Oct 2023 10:32:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        62.60.216.0/22 maxlen: 24
                          62.60.220.0/22 maxlen: 24
                          62.60.180.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 16 Oct 2023 09:15:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:23:72:4f:60:86:5c:43:4b:fe:8e:0c:eb:44:1c:ed:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Oct 12 10:32:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cb07c0bdf402732012ea8363a20e10b5c5a9c54b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:29:dd:20:3f:d1:dd:61:19:f4:a3:e5:c5:a7:
                    3c:f3:30:52:51:90:58:02:3b:61:9e:09:69:29:15:
                    ea:e8:28:51:71:e3:ce:94:2c:55:32:de:39:2f:16:
                    a2:43:e6:e5:59:27:da:e9:ce:2a:10:d0:f2:9b:3d:
                    c6:ad:53:30:d4:b8:ac:8f:25:88:be:5f:0a:ed:6e:
                    51:6b:b6:fb:21:7b:b0:bb:33:8a:d4:dc:01:c9:41:
                    56:27:de:fd:10:00:d8:ab:88:cd:db:7d:29:45:a1:
                    2a:63:55:f1:f3:9f:c0:96:19:e6:a5:ea:68:59:3e:
                    9f:88:51:d2:ff:6c:94:4f:c5:d2:e4:5a:c2:72:be:
                    e0:a0:76:d1:b6:34:81:e7:d9:4b:e2:a7:82:89:d3:
                    c2:b1:6d:a1:da:63:3d:b0:a4:2a:ec:3b:c2:50:13:
                    e2:05:d5:ed:37:47:29:38:c8:ba:0d:f5:0b:e8:cd:
                    67:fb:2c:aa:ce:c8:e4:53:51:a5:03:40:81:41:d4:
                    50:9b:8c:5f:65:38:d6:5a:90:a0:f5:0f:2c:ba:5e:
                    0a:7c:c8:d7:8d:2d:72:ae:ff:af:5e:04:88:65:5d:
                    a1:7d:e8:3f:6c:ed:d4:e9:0f:cc:1b:dd:d9:50:f9:
                    df:20:3f:61:1c:2d:69:50:eb:64:a1:c2:b3:f0:43:
                    18:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:07:C0:BD:F4:02:73:20:12:EA:83:63:A2:0E:10:B5:C5:A9:C5:4B
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/ywfAvfQCcyAS6oNjog4QtcWpxUs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.60.180.0/22
                  62.60.216.0/21

    Signature Algorithm: sha256WithRSAEncryption
         8d:52:e6:3d:21:c2:5c:71:47:25:90:72:3a:fd:9d:24:f4:d4:
         d4:14:0d:f2:3e:45:58:33:5a:f5:29:c1:e3:e7:ab:99:d7:08:
         74:a7:14:99:65:9d:97:35:b5:c3:b7:d7:ba:47:e9:0d:b2:a5:
         d8:ce:19:bd:c6:a9:f1:bb:c2:89:17:5b:72:81:8d:8a:df:90:
         29:16:a8:f7:d5:f8:33:a4:53:9a:91:cd:95:2e:4f:50:68:76:
         e5:66:30:97:81:00:2a:3f:c2:c3:ff:2e:c1:ca:13:98:18:f3:
         6c:af:4e:66:95:02:d5:28:f6:d1:3a:43:23:ef:8b:63:09:a0:
         49:ee:2b:bb:6b:58:fd:55:fa:f2:51:d4:42:d2:e8:46:fe:aa:
         f0:4d:8e:6a:46:76:89:10:3c:7f:fa:cb:02:a0:87:9b:15:2b:
         48:fb:b6:15:2c:c9:80:3f:ab:d4:7c:8d:b2:c2:a4:07:d8:aa:
         f4:cd:9e:9e:1b:e5:ca:e5:cd:dd:01:e6:84:71:38:0e:00:c5:
         4a:02:1c:a7:fb:da:31:c5:8c:bc:31:cd:08:bb:5d:db:96:52:
         b6:c2:fe:46:ef:13:c6:61:ce:81:f5:0d:39:45:a9:ea:c1:55:
         dc:85:cb:fb:e6:85:aa:b8:b9:8b:b6:d0:f8:ed:04:65:5f:06:
         16:14:22:ce
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYsjck9ghlxDS/6ODOtEHO2yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMxMDEyMTAzMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjA3YzBiZGY0MDI3MzIwMTJlYTgzNjNhMjBlMTBiNWM1YTljNTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSndID/R3WEZ9KPlxac88zBSUZBY
AjthnglpKRXq6ChRcePOlCxVMt45LxaiQ+blWSfa6c4qENDymz3GrVMw1LisjyWI
vl8K7W5Ra7b7IXuwuzOK1NwByUFWJ979EADYq4jN230pRaEqY1Xx85/Alhnmpepo
WT6fiFHS/2yUT8XS5FrCcr7goHbRtjSB59lL4qeCidPCsW2h2mM9sKQq7DvCUBPi
BdXtN0cpOMi6DfUL6M1n+yyqzsjkU1GlA0CBQdRQm4xfZTjWWpCg9Q8sul4KfMjX
jS1yrv+vXgSIZV2hfeg/bO3U6Q/MG93ZUPnfID9hHC1pUOtkocKz8EMYUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMsHwL30AnMgEuqDY6IOELXFqcVLMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEveXdmQXZmUUNjeUFTNm9Oam9nNFF0Y1dweFVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCPjy0AwQD
PjzYMA0GCSqGSIb3DQEBCwUAA4IBAQCNUuY9IcJccUclkHI6/Z0k9NTUFA3yPkVY
M1r1KcHj56uZ1wh0pxSZZZ2XNbXDt9e6R+kNsqXYzhm9xqnxu8KJF1tygY2K35Ap
Fqj31fgzpFOakc2VLk9QaHblZjCXgQAqP8LD/y7ByhOYGPNsr05mlQLVKPbROkMj
74tjCaBJ7iu7a1j9VfryUdRC0uhG/qrwTY5qRnaJEDx/+ssCoIebFStI+7YVLMmA
P6vUfI2ywqQH2Kr0zZ6eG+XK5c3dAeaEcTgOAMVKAhyn+9oxxYy8Mc0Iu13bllK2
wv5G7xPGYc6B9Q05RanqwVXchcv75oWquLmLttD47QRlXwYWFCLO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:30 2024 by rpki-client on console-ams.rpki-client.org