Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/424b94-e702-4b22-ae2e-0890520b8846/1/nsL22nMZT5U3_P55MyctrQOUeZo.roa
File:                     nsL22nMZT5U3_P55MyctrQOUeZo.roa (raw, json)
Hash identifier:          kZdlUdHJCysbeLR+/F5lny6VVhv4tBmz6RRMFqtjWWg=
Subject key identifier:   9E:C2:F6:DA:73:19:4F:95:37:FC:FE:79:33:27:2D:AD:03:94:79:9A
Certificate issuer:       /CN=68bd39d793125c684dff272f88622bac432180f0
Certificate serial:       01856F9DBB8F9CACCFFCE12B7B317BE0CF43
Authority key identifier: 68:BD:39:D7:93:12:5C:68:4D:FF:27:2F:88:62:2B:AC:43:21:80:F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aL0515MSXGhN_ycviGIrrEMhgPA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/424b94-e702-4b22-ae2e-0890520b8846/1/nsL22nMZT5U3_P55MyctrQOUeZo.roa
Signing time:             Sun 01 Jan 2023 23:14:46 +0000
ROA not before:           Sun 01 Jan 2023 23:14:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197650
IP address blocks:        62.102.152.0/21 maxlen: 21
                          185.30.112.0/24 maxlen: 24
                          185.30.113.0/24 maxlen: 24
                          185.30.114.0/24 maxlen: 24
                          185.30.115.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:9d:bb:8f:9c:ac:cf:fc:e1:2b:7b:31:7b:e0:cf:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68bd39d793125c684dff272f88622bac432180f0
        Validity
            Not Before: Jan  1 23:14:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9ec2f6da73194f9537fcfe7933272dad0394799a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:5a:80:64:0d:ef:8a:80:ba:92:08:a5:ea:75:
                    51:12:d2:ba:4b:59:bf:bf:34:34:c4:46:64:43:b7:
                    4b:ac:a7:66:ba:d0:00:09:ff:08:a1:74:7a:e0:42:
                    24:59:17:43:12:c1:c0:17:49:92:5b:a6:d4:25:27:
                    2b:90:4d:0c:e3:82:13:75:2e:c0:8b:36:da:a2:02:
                    ba:17:df:b8:25:f4:0c:84:1b:4e:77:bf:df:33:b6:
                    0b:f2:92:a2:10:d0:2b:b2:43:48:7b:e4:4c:0f:28:
                    4c:1b:ed:25:7c:b8:48:0f:9d:cb:0d:b5:f5:da:7b:
                    7f:f5:c4:b1:7a:a4:97:7f:fc:51:c2:81:84:98:06:
                    66:08:a2:f9:4a:72:5c:af:44:25:fc:32:19:ab:fc:
                    5f:56:dd:33:84:77:70:4e:77:21:ab:20:09:4b:94:
                    4b:85:f7:ed:1a:03:df:44:34:29:a1:23:64:e9:b4:
                    c8:1a:ed:64:36:d8:55:d1:e3:5b:ce:88:a7:f4:ff:
                    25:95:1a:3f:c2:03:db:21:db:31:da:f2:ea:90:0f:
                    7c:19:2d:d0:94:3b:17:ff:21:e7:a9:1c:9b:4c:8c:
                    94:19:ab:7b:e3:db:12:05:63:20:26:03:0c:52:fa:
                    a3:70:2d:89:62:3a:3f:96:f0:b7:60:23:df:b6:de:
                    51:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:C2:F6:DA:73:19:4F:95:37:FC:FE:79:33:27:2D:AD:03:94:79:9A
            X509v3 Authority Key Identifier:
                keyid:68:BD:39:D7:93:12:5C:68:4D:FF:27:2F:88:62:2B:AC:43:21:80:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aL0515MSXGhN_ycviGIrrEMhgPA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/424b94-e702-4b22-ae2e-0890520b8846/1/nsL22nMZT5U3_P55MyctrQOUeZo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/424b94-e702-4b22-ae2e-0890520b8846/1/aL0515MSXGhN_ycviGIrrEMhgPA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.102.152.0/21
                  185.30.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         63:a8:09:39:32:60:6d:7b:8a:52:b8:df:77:87:da:9b:cc:cf:
         2e:c4:17:09:7e:b0:50:e6:01:e9:2c:5c:7a:99:d9:5b:e3:63:
         a9:02:8d:19:b0:45:a2:cc:b6:33:5f:a9:95:10:ad:4d:04:02:
         61:2d:42:34:62:13:a2:8c:33:0b:3b:40:9c:d5:d9:d6:6e:9e:
         e3:10:69:1a:e3:5c:9c:ec:94:7c:07:81:9e:f0:66:8b:f6:0f:
         41:d5:1f:c7:32:44:77:63:5f:8f:fc:2f:30:51:9d:4f:b8:f4:
         b7:22:42:13:11:1e:e2:33:36:de:f4:7e:36:50:e1:42:8d:bb:
         39:96:e0:c1:a6:36:d7:ef:8e:55:89:3f:e6:6e:39:77:a1:83:
         fe:19:c3:08:a2:5c:f8:d9:34:01:2d:bd:8d:e7:0d:86:a9:d0:
         e4:df:ef:f9:f5:9e:8c:61:0e:1d:2e:c4:39:16:3f:78:57:1f:
         c3:f5:92:bb:39:72:b2:23:78:31:29:4a:fe:70:40:ee:7f:4d:
         71:e3:a3:72:39:ee:7d:0c:6e:67:b8:d4:62:15:3a:f2:db:be:
         de:7d:9e:ff:f0:00:ce:ff:18:c6:e9:4a:70:12:dd:66:cc:39:
         bf:d9:aa:c9:19:65:99:77:01:82:e7:12:e1:18:94:5e:97:fc:
         1a:c2:ce:5c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvnbuPnKzP/OErezF74M9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YmQzOWQ3OTMxMjVjNjg0ZGZmMjcyZjg4NjIyYmFjNDMy
MTgwZjAwHhcNMjMwMTAxMjMxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWMyZjZkYTczMTk0Zjk1MzdmY2ZlNzkzMzI3MmRhZDAzOTQ3OTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFqAZA3vioC6kgil6nVREtK6S1m/
vzQ0xEZkQ7dLrKdmutAACf8IoXR64EIkWRdDEsHAF0mSW6bUJScrkE0M44ITdS7A
izbaogK6F9+4JfQMhBtOd7/fM7YL8pKiENArskNIe+RMDyhMG+0lfLhID53LDbX1
2nt/9cSxeqSXf/xRwoGEmAZmCKL5SnJcr0Ql/DIZq/xfVt0zhHdwTnchqyAJS5RL
hfftGgPfRDQpoSNk6bTIGu1kNthV0eNbzoin9P8llRo/wgPbIdsx2vLqkA98GS3Q
lDsX/yHnqRybTIyUGat749sSBWMgJgMMUvqjcC2JYjo/lvC3YCPftt5RZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ7C9tpzGU+VN/z+eTMnLa0DlHmaMB8GA1UdIwQY
MBaAFGi9OdeTElxoTf8nL4hiK6xDIYDwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUwwNTE1TVNYR2hOX3ljdmlHSXJyRU1oZ1BBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80MjRiOTQtZTcwMi00YjIyLWFlMmUt
MDg5MDUyMGI4ODQ2LzEvbnNMMjJuTVpUNVUzX1A1NU15Y3RyUU9VZVpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80MjRiOTQtZTcwMi00YjIyLWFlMmUtMDg5MDUyMGI4ODQ2
LzEvYUwwNTE1TVNYR2hOX3ljdmlHSXJyRU1oZ1BBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDPmaYAwQC
uR5wMA0GCSqGSIb3DQEBCwUAA4IBAQBjqAk5MmBte4pSuN93h9qbzM8uxBcJfrBQ
5gHpLFx6mdlb42OpAo0ZsEWizLYzX6mVEK1NBAJhLUI0YhOijDMLO0Cc1dnWbp7j
EGka41yc7JR8B4Ge8GaL9g9B1R/HMkR3Y1+P/C8wUZ1PuPS3IkITER7iMzbe9H42
UOFCjbs5luDBpjbX745ViT/mbjl3oYP+GcMIolz42TQBLb2N5w2GqdDk3+/59Z6M
YQ4dLsQ5Fj94Vx/D9ZK7OXKyI3gxKUr+cEDuf01x46NyOe59DG5nuNRiFTry277e
fZ7/8ADO/xjG6UpwEt1mzDm/2arJGWWZdwGC5xLhGJRel/waws5c
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:10 2024 by rpki-client on console-ams.rpki-client.org