Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/rDCztzNRFFzNEHT9TD08nsovnpE.roa
File:                     rDCztzNRFFzNEHT9TD08nsovnpE.roa (raw, json)
Hash identifier:          ELN0kGNgNY/qKBT+Tz2vD4f0sdKuLIrodgvIbWCno3o=
Subject key identifier:   AC:30:B3:B7:33:51:14:5C:CD:10:74:FD:4C:3D:3C:9E:CA:2F:9E:91
Certificate issuer:       /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial:       01856CB8395C4CB1C77A43972D1C45EB4CD0
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/rDCztzNRFFzNEHT9TD08nsovnpE.roa
Signing time:             Sun 01 Jan 2023 09:44:50 +0000
ROA not before:           Sun 01 Jan 2023 09:44:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8908
IP address blocks:        62.160.27.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:b8:39:5c:4c:b1:c7:7a:43:97:2d:1c:45:eb:4c:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
        Validity
            Not Before: Jan  1 09:44:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ac30b3b73351145ccd1074fd4c3d3c9eca2f9e91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:47:0f:c3:d3:53:29:7c:09:61:56:0f:3f:0b:
                    15:bb:36:98:26:86:c6:b5:91:dd:b7:9a:1a:15:66:
                    4f:bf:41:7c:ca:8a:78:b7:e1:b8:4e:7f:17:a7:31:
                    a4:5f:bd:fe:31:cc:f3:68:97:59:23:db:a5:38:15:
                    e1:90:60:e8:7b:b5:d8:ea:0f:bf:20:9f:aa:93:24:
                    06:e8:fe:2e:5a:f8:28:07:95:40:8a:a3:12:b6:71:
                    77:cb:dc:4d:a6:c8:3b:bb:d8:2b:b8:c6:2e:32:7c:
                    80:22:b1:96:2c:2d:32:9d:10:b6:6c:71:44:41:a1:
                    89:9b:79:fe:cc:d2:82:c4:9d:21:4c:01:47:a2:c6:
                    ce:f7:9a:26:39:0b:30:3b:b9:0d:b9:01:1c:39:b1:
                    86:7d:ab:7b:77:38:04:d7:36:03:9f:4e:8f:e5:10:
                    6d:12:9d:a7:35:a3:23:e6:f4:b4:dd:9f:1e:c5:87:
                    b3:66:d2:15:96:17:28:18:05:3c:b6:ea:3c:e3:af:
                    46:97:61:fd:68:69:2e:b7:4a:c8:b0:7f:db:d4:e7:
                    37:1b:a2:29:a8:7d:72:ff:7f:f2:3e:f6:55:2d:c8:
                    97:a3:98:27:95:3a:bb:83:a6:08:68:01:08:96:dd:
                    8f:6a:6c:d8:bb:b0:b8:2b:f0:0c:98:07:bf:0d:b2:
                    8c:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:30:B3:B7:33:51:14:5C:CD:10:74:FD:4C:3D:3C:9E:CA:2F:9E:91
            X509v3 Authority Key Identifier:
                keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/rDCztzNRFFzNEHT9TD08nsovnpE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.160.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:dc:81:2d:a4:95:c6:25:59:e0:43:40:13:80:bb:b8:39:9d:
         60:42:25:73:e7:11:79:49:8e:73:de:b6:fa:e6:61:70:09:14:
         2a:2a:bb:cb:d7:b7:24:a5:8b:e8:f9:0b:d3:db:46:af:13:bd:
         ee:de:45:44:60:79:95:ec:e1:9d:5f:83:93:c2:3f:e8:2e:ff:
         0e:ae:a1:ca:ef:3e:2e:3c:5d:1d:bc:59:f1:d7:46:97:84:b5:
         07:5b:4a:ac:55:3d:f5:e0:da:18:02:7e:6c:22:2e:2a:68:c4:
         4b:9b:cf:86:8b:3e:06:15:5e:a5:98:58:2b:12:1e:bf:0d:ce:
         66:3f:bf:c2:29:07:b1:22:58:87:be:62:25:c9:68:8b:96:51:
         39:05:1e:52:41:47:06:ec:b8:39:f4:93:dd:80:01:db:64:b2:
         8c:69:c1:dd:1f:0f:85:6e:88:8f:cd:c4:e4:e9:12:20:0f:d5:
         9d:d7:6e:e2:d8:85:23:29:df:cb:44:69:d6:ed:f8:11:7b:39:
         77:22:0f:dc:03:b1:9e:17:45:3e:e9:73:46:ca:aa:cb:62:a4:
         92:f3:b6:b8:2f:4f:ee:c5:5c:ca:f1:de:05:79:b0:82:b3:80:
         77:4b:18:64:96:76:67:58:32:a7:6d:43:5c:90:58:e4:4c:5b:
         ed:7a:a0:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsuDlcTLHHekOXLRxF60zQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzMwYjNiNzMzNTExNDVjY2QxMDc0ZmQ0YzNkM2M5ZWNhMmY5ZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0cPw9NTKXwJYVYPPwsVuzaYJobG
tZHdt5oaFWZPv0F8yop4t+G4Tn8XpzGkX73+MczzaJdZI9ulOBXhkGDoe7XY6g+/
IJ+qkyQG6P4uWvgoB5VAiqMStnF3y9xNpsg7u9gruMYuMnyAIrGWLC0ynRC2bHFE
QaGJm3n+zNKCxJ0hTAFHosbO95omOQswO7kNuQEcObGGfat7dzgE1zYDn06P5RBt
Ep2nNaMj5vS03Z8exYezZtIVlhcoGAU8tuo8469Gl2H9aGkut0rIsH/b1Oc3G6Ip
qH1y/3/yPvZVLciXo5gnlTq7g6YIaAEIlt2PamzYu7C4K/AMmAe/DbKMpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKwws7czURRczRB0/Uw9PJ7KL56RMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvckRDenR6TlJGRnpORUhUOVREMDhuc292bnBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPqAbMA0G
CSqGSIb3DQEBCwUAA4IBAQBY3IEtpJXGJVngQ0ATgLu4OZ1gQiVz5xF5SY5z3rb6
5mFwCRQqKrvL17ckpYvo+QvT20avE73u3kVEYHmV7OGdX4OTwj/oLv8OrqHK7z4u
PF0dvFnx10aXhLUHW0qsVT314NoYAn5sIi4qaMRLm8+Giz4GFV6lmFgrEh6/Dc5m
P7/CKQexIliHvmIlyWiLllE5BR5SQUcG7Lg59JPdgAHbZLKMacHdHw+FboiPzcTk
6RIgD9Wd127i2IUjKd/LRGnW7fgRezl3Ig/cA7GeF0U+6XNGyqrLYqSS87a4L0/u
xVzK8d4FebCCs4B3SxhklnZnWDKnbUNckFjkTFvteqA4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:52 2024 by rpki-client on console-fra.rpki-client.org