Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/I5bRMSYxpVRW6pKLhTnXDQKzWwA.roa
File:                     I5bRMSYxpVRW6pKLhTnXDQKzWwA.roa (raw, json)
Hash identifier:          84xGDgQ3cBsqFVngHv9z7NeDQQiAFaVLWv3BvF0vmX0=
Subject key identifier:   23:96:D1:31:26:31:A5:54:56:EA:92:8B:85:39:D7:0D:02:B3:5B:00
Certificate issuer:       /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial:       018C5D5479C4BEFF7CCE79A6E4CCD6BA38BF
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/I5bRMSYxpVRW6pKLhTnXDQKzWwA.roa
Signing time:             Tue 12 Dec 2023 09:21:06 +0000
ROA not before:           Tue 12 Dec 2023 09:21:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211332
IP address blocks:        62.3.26.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:5d:54:79:c4:be:ff:7c:ce:79:a6:e4:cc:d6:ba:38:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
        Validity
            Not Before: Dec 12 09:21:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2396d1312631a55456ea928b8539d70d02b35b00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:53:be:6a:53:8c:fb:d1:3b:bb:00:bc:2b:5b:
                    e3:b8:7f:4a:8d:b0:fc:d2:70:03:ff:7b:3d:6c:aa:
                    35:0e:72:fd:ee:5c:ab:18:fd:ab:a5:96:d0:70:37:
                    3a:da:b6:42:b0:97:2e:c4:a8:e4:0c:dd:35:03:86:
                    14:33:a6:14:52:7d:fc:df:49:50:48:c8:3e:0e:7a:
                    4f:1f:ab:e2:67:31:9a:ce:d3:d1:02:85:80:95:b1:
                    22:62:e1:09:46:71:9f:37:23:46:ae:c0:89:44:9c:
                    70:03:72:b5:07:05:2e:67:72:91:4e:17:b1:b0:79:
                    bd:f6:5e:b4:08:4c:c4:f1:ba:9e:bd:13:52:91:12:
                    b1:fc:5b:13:0e:bd:74:b6:3a:ec:bf:58:b2:91:ea:
                    26:38:c0:e7:d1:13:c0:a3:21:3a:96:08:f0:f9:e2:
                    2f:94:7d:50:f5:c1:a6:a3:19:7e:cd:d7:5d:f6:5a:
                    3c:44:e2:db:f9:95:7c:cd:d1:ac:25:0d:03:58:d5:
                    85:93:dd:1d:b5:b5:44:48:33:74:a1:b0:2a:01:f9:
                    cd:4a:ed:52:90:63:35:90:e7:13:24:21:e4:4d:ca:
                    51:a1:77:90:8c:a7:0a:88:78:cc:2a:2c:34:b6:6e:
                    5b:08:ed:15:a0:ae:f2:58:09:ef:af:b4:4c:9b:d9:
                    01:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:96:D1:31:26:31:A5:54:56:EA:92:8B:85:39:D7:0D:02:B3:5B:00
            X509v3 Authority Key Identifier:
                keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/I5bRMSYxpVRW6pKLhTnXDQKzWwA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.3.26.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:73:ed:09:ed:16:68:b0:43:88:b5:43:9c:3b:c1:1b:a6:cd:
         30:61:82:e1:a7:cc:b0:02:ec:2e:e3:26:6e:5c:85:fb:49:7a:
         91:8b:7f:6f:56:c9:58:46:fe:3b:d6:6d:25:e6:d1:08:25:9c:
         a3:f6:6b:39:1f:c3:54:e6:af:c6:1c:6d:0e:cf:ed:e8:d1:21:
         d7:fb:78:67:26:52:69:96:a0:09:c0:bb:99:24:9c:d4:12:9f:
         88:1a:c9:ea:b0:09:d7:97:6e:44:8d:66:49:ce:11:3d:da:ec:
         10:b8:02:d5:c5:95:e7:60:de:e4:c6:a1:89:74:a0:84:f9:95:
         48:58:e9:51:9e:ed:1c:10:b2:78:03:84:2d:22:ca:da:20:d8:
         a8:5c:6e:17:54:bf:ce:47:8d:35:b8:3a:8c:6a:e8:78:57:d4:
         4a:cb:64:22:f2:e9:a9:a9:88:28:41:17:20:fe:af:60:c2:27:
         c1:76:a1:c8:55:26:70:43:be:a5:33:33:0b:a7:0b:1a:24:c1:
         9d:b3:64:13:6a:6c:ca:91:16:31:18:33:1d:9c:4b:e5:43:3f:
         9d:83:0c:ff:a3:a0:5d:07:fa:ae:97:e1:7a:01:88:b2:8f:bf:
         0b:d7:55:f3:41:58:db:dd:80:b3:8f:41:e3:55:da:25:e8:39:
         ab:1f:21:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxdVHnEvv98znmm5MzWuji/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjMxMjEyMDkyMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzk2ZDEzMTI2MzFhNTU0NTZlYTkyOGI4NTM5ZDcwZDAyYjM1YjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVO+alOM+9E7uwC8K1vjuH9KjbD8
0nAD/3s9bKo1DnL97lyrGP2rpZbQcDc62rZCsJcuxKjkDN01A4YUM6YUUn3830lQ
SMg+DnpPH6viZzGaztPRAoWAlbEiYuEJRnGfNyNGrsCJRJxwA3K1BwUuZ3KRThex
sHm99l60CEzE8bqevRNSkRKx/FsTDr10tjrsv1iykeomOMDn0RPAoyE6lgjw+eIv
lH1Q9cGmoxl+zddd9lo8ROLb+ZV8zdGsJQ0DWNWFk90dtbVESDN0obAqAfnNSu1S
kGM1kOcTJCHkTcpRoXeQjKcKiHjMKiw0tm5bCO0VoK7yWAnvr7RMm9kBTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCOW0TEmMaVUVuqSi4U51w0Cs1sAMB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvSTViUk1TWXhwVlJXNnBLTGhUblhEUUt6V3dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPgMaMA0G
CSqGSIb3DQEBCwUAA4IBAQCdc+0J7RZosEOItUOcO8Ebps0wYYLhp8ywAuwu4yZu
XIX7SXqRi39vVslYRv471m0l5tEIJZyj9ms5H8NU5q/GHG0Oz+3o0SHX+3hnJlJp
lqAJwLuZJJzUEp+IGsnqsAnXl25EjWZJzhE92uwQuALVxZXnYN7kxqGJdKCE+ZVI
WOlRnu0cELJ4A4QtIsraINioXG4XVL/OR401uDqMauh4V9RKy2Qi8umpqYgoQRcg
/q9gwifBdqHIVSZwQ76lMzMLpwsaJMGds2QTamzKkRYxGDMdnEvlQz+dgwz/o6Bd
B/qul+F6AYiyj78L11XzQVjb3YCzj0HjVdol6DmrHyEy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:24 2024 by rpki-client on console-fra.rpki-client.org