Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/sweTKyfRSTMf2KpRqfKOS2KsxAk.roa
File:                     sweTKyfRSTMf2KpRqfKOS2KsxAk.roa (raw, json)
Hash identifier:          3T1CztBDTLuO9tlsmmNJ8iWfmyvIeGm+e6XaoKd/V30=
Subject key identifier:   B3:07:93:2B:27:D1:49:33:1F:D8:AA:51:A9:F2:8E:4B:62:AC:C4:09
Certificate issuer:       /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial:       018AB6DBDE99E8A8D83E69B82F4FAF576374
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/sweTKyfRSTMf2KpRqfKOS2KsxAk.roa
Signing time:             Thu 21 Sep 2023 08:29:37 +0000
ROA not before:           Thu 21 Sep 2023 08:29:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43519
IP address blocks:        213.248.254.0/24 maxlen: 24
                          2a01:618:400::/48 maxlen: 48
                          2a01:618:403::/48 maxlen: 48
                          2a01:618:401::/48 maxlen: 48
                          2a01:618:404::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 21 Sep 2023 10:58:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b6:db:de:99:e8:a8:d8:3e:69:b8:2f:4f:af:57:63:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
        Validity
            Not Before: Sep 21 08:29:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b307932b27d149331fd8aa51a9f28e4b62acc409
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:62:c2:95:0f:28:d7:a7:0c:c4:37:82:d0:01:
                    47:7c:fd:43:46:8e:74:ad:ea:9b:57:c2:a8:5d:fd:
                    44:1f:73:cf:1b:43:99:14:fd:5f:ba:ed:e2:c5:e5:
                    ea:b3:77:fb:04:14:19:f6:f1:b1:5f:a2:34:2e:47:
                    4c:72:f9:67:25:28:eb:af:f3:ab:c5:a2:de:a3:1b:
                    64:94:af:fd:ac:77:48:0e:7a:65:dc:1f:77:05:0e:
                    29:dc:06:6a:67:60:99:b8:4f:62:99:0b:98:40:e3:
                    5a:fd:4d:35:7f:5e:9a:d7:e5:50:ac:0e:9a:5c:8c:
                    94:08:fb:9f:df:22:9a:b3:09:22:42:05:e7:99:4e:
                    55:7e:87:5a:03:6b:ed:e2:a9:b9:93:02:3d:ca:ef:
                    b3:de:e8:c2:79:78:34:54:0a:55:94:e4:e2:f1:f7:
                    98:64:cc:fe:48:2e:48:6e:dd:cc:12:4a:eb:84:25:
                    65:c8:b7:ae:83:7b:22:56:a8:69:08:f2:94:99:f5:
                    61:0c:0d:67:a5:aa:00:c5:c4:78:c5:36:68:f3:70:
                    33:c6:45:d1:42:c8:c4:71:69:9f:97:b6:3f:85:16:
                    c7:8e:14:25:46:76:26:22:47:f2:d1:87:db:4d:3b:
                    fe:10:eb:95:6f:e3:95:97:08:9a:92:30:7f:e0:0f:
                    ce:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:07:93:2B:27:D1:49:33:1F:D8:AA:51:A9:F2:8E:4B:62:AC:C4:09
            X509v3 Authority Key Identifier:
                keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/sweTKyfRSTMf2KpRqfKOS2KsxAk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.248.254.0/24
                IPv6:
                  2a01:618:400::/47
                  2a01:618:403::-2a01:618:404:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         5d:25:3d:8c:cb:f5:45:65:cf:60:bb:f0:04:0b:bb:55:b1:a5:
         51:eb:73:14:82:45:f8:72:c8:af:3d:c3:cd:72:84:ba:9c:32:
         e8:9d:98:d3:8b:6d:a2:d0:e2:c7:11:6c:79:34:ce:0b:11:38:
         a9:e3:a9:18:fa:35:7c:4b:2e:0e:ba:44:a9:ef:fe:b1:e1:ea:
         c0:93:9e:10:0b:6e:8d:f8:aa:82:9d:8c:ad:05:86:e3:ec:06:
         52:fa:46:11:6e:eb:a4:4c:2e:23:bd:4c:26:0f:23:8b:3a:d3:
         41:32:31:70:2a:89:e6:ac:75:ee:41:ab:f9:ad:13:cd:c1:fe:
         b9:9d:97:07:48:d2:59:e9:42:8a:18:39:57:d2:94:f9:95:1c:
         f6:4d:0a:ba:f5:e4:06:fb:a6:65:87:05:2f:36:67:18:9f:fb:
         8c:9a:eb:3b:be:a7:6f:35:c4:3d:4a:cc:c3:92:e1:b9:2b:07:
         16:b1:9a:fd:61:ee:6f:fc:ee:93:93:3f:27:75:84:f3:4a:e1:
         b3:f8:dc:69:d8:8c:c6:f0:ad:d5:58:02:e3:14:95:6f:8a:6c:
         80:52:5b:48:c8:ea:a3:e8:06:98:37:eb:dd:ab:87:ff:58:fc:
         02:dc:cf:61:b0:fe:b8:ac:69:9c:61:cf:0c:c0:41:21:fb:01:
         c7:2f:a4:0d
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYq2296Z6KjYPmm4L0+vV2N0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjMwOTIxMDgyOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzA3OTMyYjI3ZDE0OTMzMWZkOGFhNTFhOWYyOGU0YjYyYWNjNDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2LClQ8o16cMxDeC0AFHfP1DRo50
reqbV8KoXf1EH3PPG0OZFP1fuu3ixeXqs3f7BBQZ9vGxX6I0LkdMcvlnJSjrr/Or
xaLeoxtklK/9rHdIDnpl3B93BQ4p3AZqZ2CZuE9imQuYQONa/U01f16a1+VQrA6a
XIyUCPuf3yKaswkiQgXnmU5VfodaA2vt4qm5kwI9yu+z3ujCeXg0VApVlOTi8feY
ZMz+SC5Ibt3MEkrrhCVlyLeug3siVqhpCPKUmfVhDA1npaoAxcR4xTZo83AzxkXR
QsjEcWmfl7Y/hRbHjhQlRnYmIkfy0YfbTTv+EOuVb+OVlwiakjB/4A/OEwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFLMHkysn0UkzH9iqUanyjktirMQJMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvc3dlVEt5ZlJTVE1mMktwUnFmS09TMktzeEFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAMBAIAATAGAwQA1fj+MCME
AgACMB0DBwEqAQYYBAAwEgMHACoBBhgEAwMHACoBBhgEBDANBgkqhkiG9w0BAQsF
AAOCAQEAXSU9jMv1RWXPYLvwBAu7VbGlUetzFIJF+HLIrz3DzXKEupwy6J2Y04tt
otDixxFseTTOCxE4qeOpGPo1fEsuDrpEqe/+seHqwJOeEAtujfiqgp2MrQWG4+wG
UvpGEW7rpEwuI71MJg8jizrTQTIxcCqJ5qx17kGr+a0TzcH+uZ2XB0jSWelCihg5
V9KU+ZUc9k0KuvXkBvumZYcFLzZnGJ/7jJrrO76nbzXEPUrMw5LhuSsHFrGa/WHu
b/zuk5M/J3WE80rhs/jcadiMxvCt1VgC4xSVb4psgFJbSMjqo+gGmDfr3auH/1j8
AtzPYbD+uKxpnGHPDMBBIfsBxy+kDQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:02 2024 by rpki-client on console-ams.rpki-client.org