Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/cMtvOsKpxtA-CupuG6-xfk69uC0.roa
File:                     cMtvOsKpxtA-CupuG6-xfk69uC0.roa (raw, json)
Hash identifier:          knNRHO6Ov1EucwDu0bCnMrX/KH2OceqPRFdXnj/wZJQ=
Subject key identifier:   70:CB:6F:3A:C2:A9:C6:D0:3E:0A:EA:6E:1B:AF:B1:7E:4E:BD:B8:2D
Certificate issuer:       /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial:       018C03FB2BB400D00231A544C9C200EA0014
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/cMtvOsKpxtA-CupuG6-xfk69uC0.roa
Signing time:             Sat 25 Nov 2023 00:57:21 +0000
ROA not before:           Sat 25 Nov 2023 00:57:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     398395
IP address blocks:        62.204.37.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:03:fb:2b:b4:00:d0:02:31:a5:44:c9:c2:00:ea:00:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
        Validity
            Not Before: Nov 25 00:57:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=70cb6f3ac2a9c6d03e0aea6e1bafb17e4ebdb82d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:6e:e6:ba:33:cf:93:7d:82:a0:6a:e6:3e:b9:
                    da:48:59:ec:06:49:f1:bf:05:93:0e:cc:e0:af:89:
                    59:37:3c:a2:31:3e:6d:83:bc:82:69:06:c3:eb:67:
                    95:ee:cd:83:83:b3:48:40:57:bd:5f:d5:44:d2:74:
                    e9:a2:1e:3f:3f:a1:ac:2b:bd:8d:42:c7:14:b2:78:
                    1b:c7:1c:6d:7c:10:79:c1:17:3c:71:92:a9:95:9e:
                    ef:c0:fe:71:c7:07:a0:3e:83:87:16:ca:29:49:1d:
                    b1:4b:64:64:b6:63:4d:49:38:83:de:a6:13:5d:ab:
                    16:77:47:79:42:54:1f:98:b5:8e:3a:19:c5:fe:7a:
                    f7:28:f2:05:c2:c0:cd:00:d9:c1:36:d0:63:87:98:
                    ed:f9:c9:12:90:e4:23:d6:6c:c3:9c:14:62:fa:ec:
                    55:ed:67:6e:21:e5:25:95:78:99:9c:31:da:d5:10:
                    41:2d:ed:55:bc:e0:a4:b5:f2:cd:48:2f:95:36:24:
                    6f:c4:11:ec:24:39:67:a2:c5:72:d1:e3:c0:8a:8a:
                    09:78:9d:4c:8f:52:84:4c:d4:70:44:3a:72:d4:a3:
                    83:20:88:48:e2:97:07:35:f2:32:b5:da:b7:6e:d0:
                    9d:7a:6a:66:0e:4c:f8:eb:04:95:cf:c8:af:3b:de:
                    06:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:CB:6F:3A:C2:A9:C6:D0:3E:0A:EA:6E:1B:AF:B1:7E:4E:BD:B8:2D
            X509v3 Authority Key Identifier:
                keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/cMtvOsKpxtA-CupuG6-xfk69uC0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.204.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:d0:8d:2d:dc:b6:8a:0d:f8:ff:72:08:48:2e:e6:a9:b5:43:
         25:4e:54:44:ae:e6:78:dc:ce:98:ba:37:5e:f5:ba:3f:e3:85:
         b4:4f:e3:dc:3a:3b:ca:f0:dc:51:1e:e1:07:7e:81:34:e7:21:
         25:59:48:c7:23:95:43:56:52:7d:82:ec:ae:0f:81:b3:4f:05:
         61:9b:e3:e7:f5:dc:96:65:eb:51:4e:1e:74:33:a7:65:a0:ab:
         ce:d7:6b:35:c8:c8:53:72:a2:d3:c6:3b:78:b9:b1:c2:5e:a5:
         ed:5a:76:65:db:10:34:0b:ca:b7:b2:8b:22:ee:c3:0b:ee:98:
         48:ee:35:62:0d:1a:90:e8:e7:e1:71:5c:c3:21:70:0f:c3:cc:
         3f:6c:df:a4:bb:e6:7f:c7:75:9a:53:0d:41:22:1c:60:e5:e4:
         dd:35:57:34:a7:3b:f4:bd:84:b3:42:e9:5b:54:dd:20:f5:d6:
         3a:75:c0:a4:73:ec:b1:06:07:a2:ca:50:15:3d:0c:08:d9:c6:
         2f:48:a1:d6:af:ca:2d:93:72:56:70:5d:d9:d0:dd:f4:06:bb:
         17:b8:58:9b:15:0b:11:7e:b9:43:fd:f5:75:de:12:69:90:83:
         93:65:09:7c:c0:88:e1:d2:20:6b:05:8f:c0:36:0d:71:1c:91:
         a0:6e:3d:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwD+yu0ANACMaVEycIA6gAUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjMxMTI1MDA1NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGNiNmYzYWMyYTljNmQwM2UwYWVhNmUxYmFmYjE3ZTRlYmRiODJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhm7mujPPk32CoGrmPrnaSFnsBknx
vwWTDszgr4lZNzyiMT5tg7yCaQbD62eV7s2Dg7NIQFe9X9VE0nTpoh4/P6GsK72N
QscUsngbxxxtfBB5wRc8cZKplZ7vwP5xxwegPoOHFsopSR2xS2RktmNNSTiD3qYT
XasWd0d5QlQfmLWOOhnF/nr3KPIFwsDNANnBNtBjh5jt+ckSkOQj1mzDnBRi+uxV
7WduIeUllXiZnDHa1RBBLe1VvOCktfLNSC+VNiRvxBHsJDlnosVy0ePAiooJeJ1M
j1KETNRwRDpy1KODIIhI4pcHNfIytdq3btCdempmDkz46wSVz8ivO94GCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHDLbzrCqcbQPgrqbhuvsX5OvbgtMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvY010dk9zS3B4dEEtQ3VwdUc2LXhmazY5dUMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPswlMA0G
CSqGSIb3DQEBCwUAA4IBAQAg0I0t3LaKDfj/cghILuaptUMlTlREruZ43M6Yujde
9bo/44W0T+PcOjvK8NxRHuEHfoE05yElWUjHI5VDVlJ9guyuD4GzTwVhm+Pn9dyW
ZetRTh50M6dloKvO12s1yMhTcqLTxjt4ubHCXqXtWnZl2xA0C8q3sosi7sML7phI
7jViDRqQ6OfhcVzDIXAPw8w/bN+ku+Z/x3WaUw1BIhxg5eTdNVc0pzv0vYSzQulb
VN0g9dY6dcCkc+yxBgeiylAVPQwI2cYvSKHWr8otk3JWcF3Z0N30BrsXuFibFQsR
frlD/fV13hJpkIOTZQl8wIjh0iBrBY/ANg1xHJGgbj1o
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:58 2024 by rpki-client on console-ams.rpki-client.org