Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/60e8fa-ec5c-4594-9ec4-be7a1a001ccf/1/TMhNkyFAER1sv4HERqtnqLoy8pI.roa
File:                     TMhNkyFAER1sv4HERqtnqLoy8pI.roa (raw, json)
Hash identifier:          g/tvyOEQZJ+yqyCz+JhH4dtQijt/TFhezA/fXbbHwnM=
Subject key identifier:   4C:C8:4D:93:21:40:11:1D:6C:BF:81:C4:46:AB:67:A8:BA:32:F2:92
Certificate issuer:       /CN=845c2379efed10056cf865d52c32e1e1eba8c140
Certificate serial:       01924D58F75354403D436C9A5513D2F2C656
Authority key identifier: 84:5C:23:79:EF:ED:10:05:6C:F8:65:D5:2C:32:E1:E1:EB:A8:C1:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hFwjee_tEAVs-GXVLDLh4euowUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/60e8fa-ec5c-4594-9ec4-be7a1a001ccf/1/TMhNkyFAER1sv4HERqtnqLoy8pI.roa
Signing time:             Wed 02 Oct 2024 13:08:48 +0000
ROA not before:           Wed 02 Oct 2024 13:08:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     1299
IP address blocks:        62.77.196.0/22 maxlen: 24
                          62.77.240.0/23 maxlen: 24
                          62.77.248.0/21 maxlen: 24
                          62.165.192.0/18 maxlen: 24
                          77.234.64.0/19 maxlen: 24
                          2a01:368::/29 maxlen: 48
                          2a01:368::/32 maxlen: 48

Validation:               Failed, certificate revoked on Wed 02 Oct 2024 18:48:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:4d:58:f7:53:54:40:3d:43:6c:9a:55:13:d2:f2:c6:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=845c2379efed10056cf865d52c32e1e1eba8c140
        Validity
            Not Before: Oct  2 13:08:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4cc84d932140111d6cbf81c446ab67a8ba32f292
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:3c:1d:41:22:de:e2:c3:43:10:fc:3d:0d:ba:
                    49:eb:d7:ff:a2:f5:30:ba:fd:af:cc:df:f3:dc:cb:
                    f0:35:8d:62:e2:63:3e:32:85:55:8b:21:d8:20:98:
                    22:06:9c:31:fd:b8:e7:ee:fd:56:29:38:71:96:cf:
                    09:84:81:64:11:4b:51:7e:64:e4:84:3c:72:1b:93:
                    e7:ab:08:70:e2:7a:81:bc:f5:44:83:50:4d:d8:ed:
                    ad:b0:68:8b:fe:5c:3f:20:c3:4c:df:7b:bc:82:26:
                    9b:39:33:b2:60:20:d3:7f:02:f9:52:c0:bd:b5:ab:
                    c5:0c:40:0e:8b:df:38:52:b6:88:bc:73:75:ba:3f:
                    a5:e5:0a:a9:b5:8d:1a:c9:f1:39:2b:cc:88:3b:43:
                    12:9c:84:8b:c7:73:e5:1c:08:fd:d7:f7:3e:61:d4:
                    62:63:d8:ea:d7:46:43:4e:65:58:2a:27:2c:2f:c2:
                    4b:0d:3a:ee:b5:9f:39:8a:7f:01:c1:a1:75:91:34:
                    7e:9a:27:4f:db:b8:61:7e:eb:ce:76:a5:0f:cc:3a:
                    31:ec:9a:84:13:61:b3:dc:cd:86:78:58:80:89:d2:
                    9c:a6:a3:e7:15:65:a0:9f:6c:c4:cb:a6:30:fe:cd:
                    25:1c:1c:9e:32:bf:8a:5e:09:bb:ea:48:e8:c4:a3:
                    49:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:C8:4D:93:21:40:11:1D:6C:BF:81:C4:46:AB:67:A8:BA:32:F2:92
            X509v3 Authority Key Identifier:
                keyid:84:5C:23:79:EF:ED:10:05:6C:F8:65:D5:2C:32:E1:E1:EB:A8:C1:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFwjee_tEAVs-GXVLDLh4euowUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/60e8fa-ec5c-4594-9ec4-be7a1a001ccf/1/TMhNkyFAER1sv4HERqtnqLoy8pI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/60e8fa-ec5c-4594-9ec4-be7a1a001ccf/1/hFwjee_tEAVs-GXVLDLh4euowUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.77.196.0/22
                  62.77.240.0/23
                  62.77.248.0/21
                  62.165.192.0/18
                  77.234.64.0/19
                IPv6:
                  2a01:368::/29

    Signature Algorithm: sha256WithRSAEncryption
         32:9d:ed:c6:e5:ae:ee:4c:9a:fd:74:23:5a:04:09:09:e4:d4:
         c0:d5:d7:19:58:45:2f:da:a9:f0:d6:a3:68:44:7c:79:04:00:
         13:72:31:9e:47:81:31:05:a7:fd:75:bb:1f:af:c1:b3:0c:19:
         6e:d3:e6:59:5a:66:90:16:fb:48:92:a2:fe:54:c4:9d:95:6c:
         8c:a6:71:39:74:b4:8f:8b:39:32:84:fd:c7:39:6b:d8:25:06:
         4b:08:82:1e:20:d2:29:cb:67:28:8a:77:c5:55:87:78:d9:90:
         fe:fd:4b:ac:67:44:93:b5:72:2f:6a:1d:a7:a0:5c:1d:5a:6d:
         2e:58:37:00:8f:3f:3d:8e:74:1b:2d:32:05:60:16:e6:bc:f1:
         f2:29:a0:3f:43:08:9a:a0:6b:69:c7:b8:28:b4:ec:df:8d:57:
         9e:19:8f:d7:77:cd:72:37:7b:94:68:be:9f:46:36:11:d1:50:
         40:68:8a:2c:6a:99:79:33:3d:0b:f1:2e:3a:91:43:60:81:82:
         32:8d:4b:86:a6:c5:6e:55:f8:9d:b2:0a:83:e6:3e:ac:f4:5d:
         b4:b8:15:b2:66:6c:3c:10:6c:66:13:b3:3a:cd:fc:63:8f:16:
         56:4e:e9:46:88:03:50:e8:8f:14:93:6b:71:3e:54:d3:70:d4:
         94:18:c9:f1
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZJNWPdTVEA9Q2yaVRPS8sZWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NWMyMzc5ZWZlZDEwMDU2Y2Y4NjVkNTJjMzJlMWUxZWJh
OGMxNDAwHhcNMjQxMDAyMTMwODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2M4NGQ5MzIxNDAxMTFkNmNiZjgxYzQ0NmFiNjdhOGJhMzJmMjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzwdQSLe4sNDEPw9DbpJ69f/ovUw
uv2vzN/z3MvwNY1i4mM+MoVViyHYIJgiBpwx/bjn7v1WKThxls8JhIFkEUtRfmTk
hDxyG5Pnqwhw4nqBvPVEg1BN2O2tsGiL/lw/IMNM33u8giabOTOyYCDTfwL5UsC9
tavFDEAOi984UraIvHN1uj+l5QqptY0ayfE5K8yIO0MSnISLx3PlHAj91/c+YdRi
Y9jq10ZDTmVYKicsL8JLDTrutZ85in8BwaF1kTR+midP27hhfuvOdqUPzDox7JqE
E2Gz3M2GeFiAidKcpqPnFWWgn2zEy6Yw/s0lHByeMr+KXgm76kjoxKNJ3wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFEzITZMhQBEdbL+BxEarZ6i6MvKSMB8GA1UdIwQY
MBaAFIRcI3nv7RAFbPhl1Swy4eHrqMFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZ3amVlX3RFQVZzLUdYVkxETGg0ZXVvd1VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MGU4ZmEtZWM1Yy00NTk0LTllYzQt
YmU3YTFhMDAxY2NmLzEvVE1oTmt5RkFFUjFzdjRIRVJxdG5xTG95OHBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82MGU4ZmEtZWM1Yy00NTk0LTllYzQtYmU3YTFhMDAxY2Nm
LzEvaEZ3amVlX3RFQVZzLUdYVkxETGg0ZXVvd1VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCPk3EAwQB
Pk3wAwQDPk34AwQGPqXAAwQFTepAMA0EAgACMAcDBQMqAQNoMA0GCSqGSIb3DQEB
CwUAA4IBAQAyne3G5a7uTJr9dCNaBAkJ5NTA1dcZWEUv2qnw1qNoRHx5BAATcjGe
R4ExBaf9dbsfr8GzDBlu0+ZZWmaQFvtIkqL+VMSdlWyMpnE5dLSPizkyhP3HOWvY
JQZLCIIeINIpy2coinfFVYd42ZD+/UusZ0STtXIvah2noFwdWm0uWDcAjz89jnQb
LTIFYBbmvPHyKaA/QwiaoGtpx7gotOzfjVeeGY/Xd81yN3uUaL6fRjYR0VBAaIos
apl5Mz0L8S46kUNggYIyjUuGpsVuVfidsgqD5j6s9F20uBWyZmw8EGxmE7M6zfxj
jxZWTulGiANQ6I8Uk2txPlTTcNSUGMnx
-----END CERTIFICATE-----
Generated at Wed Oct 2 21:50:15 2024 by rpki-client on console-ams.rpki-client.org