Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/bw7EZo4uDwwHMaikyMWRDxCDwFY.roa
File:                     bw7EZo4uDwwHMaikyMWRDxCDwFY.roa (raw, json)
Hash identifier:          gqqegcQTWXg69+9Tjbhix9VJX+98P417PGPCBimwPG0=
Subject key identifier:   6F:0E:C4:66:8E:2E:0F:0C:07:31:A8:A4:C8:C5:91:0F:10:83:C0:56
Certificate issuer:       /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial:       018964C053212258AD1529D96D36266FFE40
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/bw7EZo4uDwwHMaikyMWRDxCDwFY.roa
Signing time:             Mon 17 Jul 2023 16:47:52 +0000
ROA not before:           Mon 17 Jul 2023 16:47:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62240
IP address blocks:        185.128.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:64:c0:53:21:22:58:ad:15:29:d9:6d:36:26:6f:fe:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
        Validity
            Not Before: Jul 17 16:47:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6f0ec4668e2e0f0c0731a8a4c8c5910f1083c056
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:24:36:63:5a:fe:2e:06:84:80:2e:ae:1b:6a:
                    57:0d:85:0f:cf:8b:19:8c:e7:22:67:b8:46:ac:7a:
                    d4:df:9a:be:3d:52:45:65:ba:56:02:cd:ba:79:13:
                    6c:f9:2a:b5:b3:13:80:12:77:be:f2:3e:79:18:b2:
                    c5:d6:79:79:86:81:f8:68:16:37:f0:29:52:5f:8a:
                    41:34:17:00:3b:8d:e3:10:03:42:9f:d9:bc:d1:3a:
                    60:9b:ab:d0:00:10:4f:ca:0b:ac:b4:3c:1c:95:c9:
                    06:60:0a:b8:d9:f6:00:d1:46:bd:aa:71:f8:dd:8c:
                    3d:3b:e4:1c:c9:b6:4c:6d:a9:f9:a0:1d:6d:15:f7:
                    6b:f9:fa:11:69:12:07:e3:12:e8:e4:1b:8f:9b:26:
                    a9:f2:63:c1:5c:b5:80:9a:e7:2d:03:04:50:67:f9:
                    ac:fe:93:a4:20:4e:c9:1a:5a:0f:0a:85:2f:9a:ac:
                    2d:ca:42:b7:16:1b:30:65:a7:dd:47:6d:30:3a:7a:
                    54:96:7a:c0:59:e4:e4:a4:11:be:96:39:d9:2b:5d:
                    6e:81:2a:a9:96:38:28:5e:d2:e8:33:37:4a:81:40:
                    d1:5b:58:81:c4:84:8f:a2:40:d1:3d:20:a0:d6:28:
                    7f:43:b1:29:5c:dd:17:8b:a0:da:53:b2:d2:99:c4:
                    49:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:0E:C4:66:8E:2E:0F:0C:07:31:A8:A4:C8:C5:91:0F:10:83:C0:56
            X509v3 Authority Key Identifier:
                keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/bw7EZo4uDwwHMaikyMWRDxCDwFY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.128.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:14:3b:72:63:23:f0:d4:98:2b:a8:4a:1e:9a:8a:30:7f:f4:
         e2:d9:43:ec:93:07:74:3a:1a:1c:df:c6:51:91:c1:de:86:a1:
         99:35:5d:3c:77:df:26:4d:87:66:a8:20:9c:63:c8:57:ec:2f:
         c8:c6:76:02:98:71:b7:d2:42:df:3b:bb:92:35:43:68:92:ed:
         85:1d:b4:86:ee:ba:6d:bd:d8:72:3e:35:b1:d7:7e:97:38:17:
         66:63:a5:77:54:55:08:02:52:b2:14:47:01:d9:1e:43:c2:2a:
         14:8f:ba:d0:09:1a:dd:1b:6c:70:3d:97:77:43:a2:d5:43:7e:
         c6:1c:63:bd:cf:c2:2c:8e:89:2b:dc:37:55:f4:90:e8:cb:1f:
         d0:4a:84:db:60:37:e0:13:46:d8:6f:a8:f1:11:52:d2:38:9f:
         c3:93:4f:fd:50:9a:24:93:5a:5e:50:20:21:97:54:d4:dd:a8:
         f1:cc:03:b4:28:6d:fb:3b:f1:55:87:f1:8a:da:0c:cf:4a:e0:
         36:fb:79:47:d9:d0:4b:cb:c0:10:e2:1e:e9:2e:10:93:59:ee:
         4e:69:20:67:20:d7:4e:19:34:ca:e0:cf:37:d0:23:e0:90:fc:
         f8:9a:af:13:d7:e1:8d:47:7c:8b:2c:63:02:e0:4a:03:49:cf:
         8b:3e:75:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlkwFMhIlitFSnZbTYmb/5AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjMwNzE3MTY0NzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjBlYzQ2NjhlMmUwZjBjMDczMWE4YTRjOGM1OTEwZjEwODNjMDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCQ2Y1r+LgaEgC6uG2pXDYUPz4sZ
jOciZ7hGrHrU35q+PVJFZbpWAs26eRNs+Sq1sxOAEne+8j55GLLF1nl5hoH4aBY3
8ClSX4pBNBcAO43jEANCn9m80Tpgm6vQABBPygustDwclckGYAq42fYA0Ua9qnH4
3Yw9O+QcybZMban5oB1tFfdr+foRaRIH4xLo5BuPmyap8mPBXLWAmuctAwRQZ/ms
/pOkIE7JGloPCoUvmqwtykK3FhswZafdR20wOnpUlnrAWeTkpBG+ljnZK11ugSqp
ljgoXtLoMzdKgUDRW1iBxISPokDRPSCg1ih/Q7EpXN0Xi6DaU7LSmcRJFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG8OxGaOLg8MBzGopMjFkQ8Qg8BWMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvYnc3RVpvNHVEd3dITWFpa3lNV1JEeENEd0ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYAqMA0G
CSqGSIb3DQEBCwUAA4IBAQA9FDtyYyPw1JgrqEoemoowf/Ti2UPskwd0Ohoc38ZR
kcHehqGZNV08d98mTYdmqCCcY8hX7C/IxnYCmHG30kLfO7uSNUNoku2FHbSG7rpt
vdhyPjWx136XOBdmY6V3VFUIAlKyFEcB2R5DwioUj7rQCRrdG2xwPZd3Q6LVQ37G
HGO9z8Isjokr3DdV9JDoyx/QSoTbYDfgE0bYb6jxEVLSOJ/Dk0/9UJokk1peUCAh
l1TU3ajxzAO0KG37O/FVh/GK2gzPSuA2+3lH2dBLy8AQ4h7pLhCTWe5OaSBnINdO
GTTK4M830CPgkPz4mq8T1+GNR3yLLGMC4EoDSc+LPnVF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:56 2024 by rpki-client on console-ams.rpki-client.org