Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/a80dbf-5cb4-4e26-adaf-68fe08622614/1/0QXFONnBMjnz_wGa-UrN1OTlm7s.roa
File:                     0QXFONnBMjnz_wGa-UrN1OTlm7s.roa (raw, json)
Hash identifier:          PsBsxe+8zPLZucQftjCOjeK0GiPGwMEOulcQ/kqM72E=
Subject key identifier:   D1:05:C5:38:D9:C1:32:39:F3:FF:01:9A:F9:4A:CD:D4:E4:E5:9B:BB
Certificate issuer:       /CN=b0a4fc2af38af5b4f5861e27fd007e624b5f9b02
Certificate serial:       018584F931E550F938079DD414B5356F0E71
Authority key identifier: B0:A4:FC:2A:F3:8A:F5:B4:F5:86:1E:27:FD:00:7E:62:4B:5F:9B:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sKT8KvOK9bT1hh4n_QB-YktfmwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/a80dbf-5cb4-4e26-adaf-68fe08622614/1/0QXFONnBMjnz_wGa-UrN1OTlm7s.roa
Signing time:             Fri 06 Jan 2023 02:46:41 +0000
ROA not before:           Fri 06 Jan 2023 02:46:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200445
IP address blocks:        176.222.60.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:84:f9:31:e5:50:f9:38:07:9d:d4:14:b5:35:6f:0e:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0a4fc2af38af5b4f5861e27fd007e624b5f9b02
        Validity
            Not Before: Jan  6 02:46:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d105c538d9c13239f3ff019af94acdd4e4e59bbb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:d9:57:03:bd:00:15:12:31:0f:7d:91:dd:3f:
                    29:c8:ee:80:84:ed:6e:00:fb:1b:e3:4c:48:e3:8b:
                    6d:14:b6:7d:0e:b3:ff:b5:a5:3c:1e:77:2f:34:5d:
                    3e:ad:b3:d7:10:03:71:63:9c:60:74:c0:d1:69:4c:
                    d7:49:84:2d:da:5d:d3:ae:c7:68:3d:c9:ee:7a:f4:
                    30:6b:c2:77:fe:8b:57:c3:31:6a:cb:ee:09:a8:02:
                    85:de:70:da:cf:15:0e:3b:3f:06:97:7a:2c:cf:45:
                    6d:57:cd:6f:36:92:ed:1e:fd:25:d5:87:95:94:5a:
                    c8:81:ee:2d:fd:26:20:1b:23:46:5a:0f:90:43:b8:
                    b1:c6:24:a1:ca:16:5e:f2:2b:21:b1:d2:6d:6f:c5:
                    b4:5f:e9:42:d6:dd:64:61:e1:49:0f:98:38:d6:26:
                    81:51:56:0c:aa:4a:6c:a1:3f:69:c5:bd:63:be:c2:
                    96:dc:bd:8a:4b:1a:1c:90:ed:24:3f:3f:62:74:81:
                    08:b3:c9:c0:d5:35:13:08:20:c7:30:3b:90:97:1d:
                    99:79:41:19:5e:dc:81:6a:a6:a1:3b:70:f7:cb:22:
                    0e:92:c9:76:dd:ba:7b:27:4f:49:5e:43:fe:56:f0:
                    fd:6d:44:50:fb:34:c8:87:c3:35:42:48:ae:bf:d2:
                    24:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:05:C5:38:D9:C1:32:39:F3:FF:01:9A:F9:4A:CD:D4:E4:E5:9B:BB
            X509v3 Authority Key Identifier:
                keyid:B0:A4:FC:2A:F3:8A:F5:B4:F5:86:1E:27:FD:00:7E:62:4B:5F:9B:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sKT8KvOK9bT1hh4n_QB-YktfmwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a80dbf-5cb4-4e26-adaf-68fe08622614/1/0QXFONnBMjnz_wGa-UrN1OTlm7s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a80dbf-5cb4-4e26-adaf-68fe08622614/1/sKT8KvOK9bT1hh4n_QB-YktfmwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.222.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:a2:a6:2d:46:a1:6b:01:76:dd:ae:98:9b:15:74:d5:c0:75:
         4b:47:4e:e4:62:49:1d:6b:be:3f:3e:09:1f:e2:74:ad:bd:9f:
         dd:99:80:1a:55:58:8c:75:95:14:89:6e:cb:4f:8f:40:c9:4f:
         b3:51:ef:43:b8:97:e7:c0:42:2e:18:85:48:4d:6a:e0:93:90:
         73:3d:98:85:5f:15:85:04:d9:49:33:ea:cb:42:63:71:17:33:
         9f:6c:90:53:4e:42:be:c6:5e:b5:31:0d:fa:7e:72:a2:12:9c:
         80:db:df:af:ee:56:ba:7a:15:ec:b4:84:06:4e:28:b1:85:21:
         c8:9f:2a:3d:5b:de:0e:52:06:15:ce:6f:59:2e:ca:91:ca:d3:
         a9:8b:2c:a1:ce:15:45:ae:23:ec:89:44:41:3a:e0:09:10:de:
         fc:38:f7:ed:cb:dd:6c:28:38:cc:43:9c:83:8e:8f:de:cb:90:
         b3:65:c3:dc:b8:c7:c0:12:aa:84:06:36:07:1f:60:fe:ce:2b:
         80:3e:1a:aa:93:b3:0c:a9:c9:c5:38:0d:ca:6c:48:1f:9a:79:
         11:05:d4:4f:5a:1c:cd:84:97:13:d1:94:1f:3a:4f:b0:89:c8:
         07:be:a1:71:80:52:06:95:43:e6:7a:db:01:df:c4:11:87:41:
         87:85:be:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWE+THlUPk4B53UFLU1bw5xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYTRmYzJhZjM4YWY1YjRmNTg2MWUyN2ZkMDA3ZTYyNGI1
ZjliMDIwHhcNMjMwMTA2MDI0NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTA1YzUzOGQ5YzEzMjM5ZjNmZjAxOWFmOTRhY2RkNGU0ZTU5YmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9lXA70AFRIxD32R3T8pyO6AhO1u
APsb40xI44ttFLZ9DrP/taU8HncvNF0+rbPXEANxY5xgdMDRaUzXSYQt2l3Trsdo
PcnuevQwa8J3/otXwzFqy+4JqAKF3nDazxUOOz8Gl3osz0VtV81vNpLtHv0l1YeV
lFrIge4t/SYgGyNGWg+QQ7ixxiShyhZe8ishsdJtb8W0X+lC1t1kYeFJD5g41iaB
UVYMqkpsoT9pxb1jvsKW3L2KSxockO0kPz9idIEIs8nA1TUTCCDHMDuQlx2ZeUEZ
XtyBaqahO3D3yyIOksl23bp7J09JXkP+VvD9bURQ+zTIh8M1Qkiuv9IkNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNEFxTjZwTI58/8BmvlKzdTk5Zu7MB8GA1UdIwQY
MBaAFLCk/CrzivW09YYeJ/0AfmJLX5sCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0tUOEt2T0s5YlQxaGg0bl9RQi1Za3RmbXdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hODBkYmYtNWNiNC00ZTI2LWFkYWYt
NjhmZTA4NjIyNjE0LzEvMFFYRk9ObkJNam56X3dHYS1Vck4xT1RsbTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hODBkYmYtNWNiNC00ZTI2LWFkYWYtNjhmZTA4NjIyNjE0
LzEvc0tUOEt2T0s5YlQxaGg0bl9RQi1Za3RmbXdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsN48MA0G
CSqGSIb3DQEBCwUAA4IBAQBKoqYtRqFrAXbdrpibFXTVwHVLR07kYkkda74/Pgkf
4nStvZ/dmYAaVViMdZUUiW7LT49AyU+zUe9DuJfnwEIuGIVITWrgk5BzPZiFXxWF
BNlJM+rLQmNxFzOfbJBTTkK+xl61MQ36fnKiEpyA29+v7la6ehXstIQGTiixhSHI
nyo9W94OUgYVzm9ZLsqRytOpiyyhzhVFriPsiURBOuAJEN78OPfty91sKDjMQ5yD
jo/ey5CzZcPcuMfAEqqEBjYHH2D+ziuAPhqqk7MMqcnFOA3KbEgfmnkRBdRPWhzN
hJcT0ZQfOk+wicgHvqFxgFIGlUPmetsB38QRh0GHhb4w
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:41 2024 by rpki-client on console-ams.rpki-client.org