Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/a80dbf-5cb4-4e26-adaf-68fe08622614/1/nmV9C1Q8rVKp6ukfanGtXf2buzg.roa
File:                     nmV9C1Q8rVKp6ukfanGtXf2buzg.roa (raw, json)
Hash identifier:          pdeLJeYWB1B+3c0i+JZ4Th5fwIgy8m5qhTpifX08TTo=
Subject key identifier:   9E:65:7D:0B:54:3C:AD:52:A9:EA:E9:1F:6A:71:AD:5D:FD:9B:BB:38
Certificate issuer:       /CN=b0a4fc2af38af5b4f5861e27fd007e624b5f9b02
Certificate serial:       018CC6B77C06BC7C6ACF964872A1A9E550E5
Authority key identifier: B0:A4:FC:2A:F3:8A:F5:B4:F5:86:1E:27:FD:00:7E:62:4B:5F:9B:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sKT8KvOK9bT1hh4n_QB-YktfmwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/a80dbf-5cb4-4e26-adaf-68fe08622614/1/nmV9C1Q8rVKp6ukfanGtXf2buzg.roa
Signing time:             Mon 01 Jan 2024 20:29:22 +0000
ROA not before:           Mon 01 Jan 2024 20:29:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60663
IP address blocks:        176.222.62.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 28 May 2024 14:26:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b7:7c:06:bc:7c:6a:cf:96:48:72:a1:a9:e5:50:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0a4fc2af38af5b4f5861e27fd007e624b5f9b02
        Validity
            Not Before: Jan  1 20:29:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9e657d0b543cad52a9eae91f6a71ad5dfd9bbb38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:fd:52:87:8a:96:98:59:07:a9:fb:91:ec:3f:
                    27:0c:ed:26:08:0b:b9:7e:04:80:11:c7:d3:f7:a8:
                    f4:c7:22:e1:08:5a:18:56:d1:39:5b:b2:3d:79:d5:
                    c1:80:f1:89:96:26:2f:a0:4b:eb:83:ad:5b:e5:e7:
                    85:3b:72:04:07:3e:c7:dc:58:a8:39:c6:d1:dc:84:
                    22:c7:dd:6e:56:0e:4e:c7:a3:18:c6:42:69:88:13:
                    ea:f7:23:dc:b4:36:7b:83:ff:17:69:76:bf:db:c1:
                    93:5a:2e:51:49:96:9c:80:3d:a4:96:29:2e:9b:a3:
                    d5:b6:e6:77:f3:97:47:37:79:94:a6:06:57:88:d9:
                    05:46:a1:47:c9:fa:ab:0e:03:bf:7a:d5:9f:52:af:
                    91:5f:e5:a8:29:9d:d9:83:99:30:cd:23:23:98:e6:
                    09:46:b5:27:92:f9:a6:21:b5:8c:fd:3e:7d:4b:09:
                    13:49:52:4b:b7:17:2b:6f:a7:c1:78:0d:a8:4d:2e:
                    cc:6f:47:97:b9:df:aa:77:a9:14:62:b8:bb:c2:d4:
                    b7:63:b4:6b:aa:b2:9e:c5:49:53:af:1f:03:e2:e0:
                    62:14:43:71:50:46:7f:30:fc:e1:08:2e:82:a2:e7:
                    20:e0:7b:4a:cc:81:3f:02:44:ca:da:9e:bc:49:fb:
                    f9:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:65:7D:0B:54:3C:AD:52:A9:EA:E9:1F:6A:71:AD:5D:FD:9B:BB:38
            X509v3 Authority Key Identifier:
                keyid:B0:A4:FC:2A:F3:8A:F5:B4:F5:86:1E:27:FD:00:7E:62:4B:5F:9B:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sKT8KvOK9bT1hh4n_QB-YktfmwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a80dbf-5cb4-4e26-adaf-68fe08622614/1/nmV9C1Q8rVKp6ukfanGtXf2buzg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a80dbf-5cb4-4e26-adaf-68fe08622614/1/sKT8KvOK9bT1hh4n_QB-YktfmwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.222.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:c3:4f:9c:e3:68:c7:b3:10:97:06:31:95:6e:06:a2:86:4d:
         dc:f7:da:45:1f:9d:a3:6d:b3:7e:da:eb:8f:ec:2b:6c:e6:a4:
         45:8a:e2:5a:1a:c0:be:c7:f7:07:1d:22:5a:aa:d7:67:ea:61:
         fb:19:19:14:ed:94:90:0a:0e:57:ed:dc:f2:83:0f:77:62:53:
         45:50:1b:f4:fb:1a:ba:49:b8:c8:ea:b5:be:ac:40:2c:78:0d:
         9e:00:ff:c7:ee:7e:dc:ef:84:1c:aa:6b:aa:d8:0f:9b:6b:88:
         c0:fb:4d:b0:ac:7a:7c:7e:58:d3:87:aa:33:8c:ea:02:43:51:
         76:a4:75:90:a7:fd:1a:f9:9e:6b:d8:4e:d7:7e:45:82:ee:07:
         2d:21:2f:69:9c:5c:e5:47:9b:b3:bd:84:dd:45:1c:a2:19:57:
         af:cb:38:51:f5:29:75:15:50:7c:c8:37:e7:1d:28:f9:a7:49:
         d9:f4:f9:9f:24:ed:31:23:36:52:a3:98:4e:74:24:55:05:4e:
         76:bb:2a:0f:d1:a3:5e:99:cd:0d:3e:be:08:48:78:98:e1:c0:
         6f:73:25:df:ab:59:10:74:2a:55:79:ee:df:56:38:e8:95:70:
         e7:ad:0a:6b:f6:84:f4:0d:74:b9:b1:e7:7a:80:04:5e:b4:73:
         6d:b5:0f:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt3wGvHxqz5ZIcqGp5VDlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYTRmYzJhZjM4YWY1YjRmNTg2MWUyN2ZkMDA3ZTYyNGI1
ZjliMDIwHhcNMjQwMTAxMjAyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTY1N2QwYjU0M2NhZDUyYTllYWU5MWY2YTcxYWQ1ZGZkOWJiYjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwv1Sh4qWmFkHqfuR7D8nDO0mCAu5
fgSAEcfT96j0xyLhCFoYVtE5W7I9edXBgPGJliYvoEvrg61b5eeFO3IEBz7H3Fio
OcbR3IQix91uVg5Ox6MYxkJpiBPq9yPctDZ7g/8XaXa/28GTWi5RSZacgD2kliku
m6PVtuZ385dHN3mUpgZXiNkFRqFHyfqrDgO/etWfUq+RX+WoKZ3Zg5kwzSMjmOYJ
RrUnkvmmIbWM/T59SwkTSVJLtxcrb6fBeA2oTS7Mb0eXud+qd6kUYri7wtS3Y7Rr
qrKexUlTrx8D4uBiFENxUEZ/MPzhCC6Coucg4HtKzIE/AkTK2p68Sfv50QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ5lfQtUPK1SqerpH2pxrV39m7s4MB8GA1UdIwQY
MBaAFLCk/CrzivW09YYeJ/0AfmJLX5sCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0tUOEt2T0s5YlQxaGg0bl9RQi1Za3RmbXdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hODBkYmYtNWNiNC00ZTI2LWFkYWYt
NjhmZTA4NjIyNjE0LzEvbm1WOUMxUThyVktwNnVrZmFuR3RYZjJidXpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hODBkYmYtNWNiNC00ZTI2LWFkYWYtNjhmZTA4NjIyNjE0
LzEvc0tUOEt2T0s5YlQxaGg0bl9RQi1Za3RmbXdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsN4+MA0G
CSqGSIb3DQEBCwUAA4IBAQBgw0+c42jHsxCXBjGVbgaihk3c99pFH52jbbN+2uuP
7Cts5qRFiuJaGsC+x/cHHSJaqtdn6mH7GRkU7ZSQCg5X7dzygw93YlNFUBv0+xq6
SbjI6rW+rEAseA2eAP/H7n7c74Qcqmuq2A+ba4jA+02wrHp8fljTh6ozjOoCQ1F2
pHWQp/0a+Z5r2E7XfkWC7gctIS9pnFzlR5uzvYTdRRyiGVevyzhR9Sl1FVB8yDfn
HSj5p0nZ9PmfJO0xIzZSo5hOdCRVBU52uyoP0aNemc0NPr4ISHiY4cBvcyXfq1kQ
dCpVee7fVjjolXDnrQpr9oT0DXS5sed6gARetHNttQ+U
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:41 2024 by rpki-client on console-ams.rpki-client.org