Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c0ec5b-fce5-49fa-80b5-5561c5a62d4c/1/hEBC-uMjKzmzw1f14O-uSHlUnOE.roa
File:                     hEBC-uMjKzmzw1f14O-uSHlUnOE.roa (raw, json)
Hash identifier:          xVZlFbXUD7HPZOKW/FvDrbNp/JIvHUE0mGVcm3lkwkI=
Subject key identifier:   84:40:42:FA:E3:23:2B:39:B3:C3:57:F5:E0:EF:AE:48:79:54:9C:E1
Certificate issuer:       /CN=619b9872dcc492fc9707f9ec7c16112f45b8535f
Certificate serial:       018B95FEF546E914A0C84E98567C7A6060C0
Authority key identifier: 61:9B:98:72:DC:C4:92:FC:97:07:F9:EC:7C:16:11:2F:45:B8:53:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YZuYctzEkvyXB_nsfBYRL0W4U18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/c0ec5b-fce5-49fa-80b5-5561c5a62d4c/1/hEBC-uMjKzmzw1f14O-uSHlUnOE.roa
Signing time:             Fri 03 Nov 2023 16:23:15 +0000
ROA not before:           Fri 03 Nov 2023 16:23:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199508
IP address blocks:        62.220.252.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:31:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:95:fe:f5:46:e9:14:a0:c8:4e:98:56:7c:7a:60:60:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=619b9872dcc492fc9707f9ec7c16112f45b8535f
        Validity
            Not Before: Nov  3 16:23:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=844042fae3232b39b3c357f5e0efae4879549ce1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:a2:06:05:a5:b8:9c:01:3f:ec:50:09:4c:7b:
                    c8:b4:aa:a9:c1:94:6c:42:27:61:97:2a:c1:13:be:
                    c3:1c:d1:67:af:03:cb:d8:e2:90:69:b2:89:05:d9:
                    04:c7:c1:f7:f4:c5:d0:04:31:dd:c4:1b:19:f9:54:
                    b4:44:a6:e8:d4:89:8f:ea:80:ee:f4:a4:58:2e:a6:
                    3f:2c:01:94:f3:ab:d2:87:ec:34:9e:fb:c7:ab:f5:
                    26:40:d3:14:1c:0b:ec:53:55:9e:9d:8e:3a:6b:f7:
                    3c:71:24:65:dc:db:c8:17:b1:ce:9d:19:97:76:a5:
                    49:89:f4:7e:ef:54:1a:85:f0:03:3a:c4:ff:5d:ae:
                    5e:82:5c:9c:80:8c:04:e5:9d:9b:92:cf:b0:4d:71:
                    27:da:0c:1b:8a:4f:b9:32:d5:8a:03:24:1f:7c:20:
                    06:8c:a3:c9:d9:45:ce:be:d1:70:7b:43:ab:ff:11:
                    e5:8e:1a:c4:58:c5:8d:d2:6c:37:29:71:38:be:61:
                    6a:72:b7:4a:e5:ea:c1:5a:7e:c3:77:ea:0e:f2:b0:
                    8c:f8:d1:b3:49:c2:84:44:94:65:e2:8a:99:a3:7d:
                    31:21:00:df:b9:f7:16:c3:02:fe:c7:3e:c8:5e:5c:
                    b7:f3:89:e0:59:47:56:4d:a2:65:68:3b:b8:f7:fb:
                    10:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:40:42:FA:E3:23:2B:39:B3:C3:57:F5:E0:EF:AE:48:79:54:9C:E1
            X509v3 Authority Key Identifier:
                keyid:61:9B:98:72:DC:C4:92:FC:97:07:F9:EC:7C:16:11:2F:45:B8:53:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YZuYctzEkvyXB_nsfBYRL0W4U18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c0ec5b-fce5-49fa-80b5-5561c5a62d4c/1/hEBC-uMjKzmzw1f14O-uSHlUnOE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c0ec5b-fce5-49fa-80b5-5561c5a62d4c/1/YZuYctzEkvyXB_nsfBYRL0W4U18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.220.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         62:62:4f:a3:98:a7:43:3c:fa:cc:8a:de:64:a8:4d:8f:91:82:
         36:c0:9c:31:cd:2c:4c:2e:58:86:19:b1:bc:0d:18:29:ca:dd:
         29:95:1c:a5:77:f2:34:3d:93:a0:4f:b1:c6:f4:1c:2a:90:b9:
         25:dc:4c:09:01:a6:48:8e:35:f7:6d:70:62:d0:f9:73:88:d5:
         36:04:7d:5e:8f:6d:06:5b:36:e0:ca:e6:11:dc:79:a7:27:98:
         21:43:54:84:a3:e9:2d:5f:7f:2f:4c:c1:9e:d6:54:6f:76:01:
         af:a2:53:69:e0:11:c9:5b:3f:97:34:5e:18:3f:39:7a:dc:e6:
         ce:b7:cc:b9:37:d7:f9:0f:17:09:d0:78:53:8b:f6:80:aa:36:
         74:92:27:34:6c:1d:90:08:1d:54:9f:71:95:75:fe:1e:71:4f:
         f7:0c:dc:de:65:50:2a:ea:e6:16:6f:e5:3b:5c:5a:7a:23:ca:
         de:b4:10:27:63:9e:07:cb:91:f2:1f:b2:7d:a2:67:12:4f:a0:
         74:b1:94:b2:5b:a5:1e:1f:a0:96:04:e8:a9:62:1f:e5:68:bf:
         d4:29:d1:94:a1:f2:c9:b3:c1:f7:f5:58:ca:3b:65:c2:cf:a1:
         b5:b6:d1:1e:eb:fc:4a:9c:27:95:a5:0f:00:a6:9b:c6:80:6f:
         44:41:b7:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuV/vVG6RSgyE6YVnx6YGDAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxOWI5ODcyZGNjNDkyZmM5NzA3ZjllYzdjMTYxMTJmNDVi
ODUzNWYwHhcNMjMxMTAzMTYyMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDQwNDJmYWUzMjMyYjM5YjNjMzU3ZjVlMGVmYWU0ODc5NTQ5Y2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6IGBaW4nAE/7FAJTHvItKqpwZRs
QidhlyrBE77DHNFnrwPL2OKQabKJBdkEx8H39MXQBDHdxBsZ+VS0RKbo1ImP6oDu
9KRYLqY/LAGU86vSh+w0nvvHq/UmQNMUHAvsU1WenY46a/c8cSRl3NvIF7HOnRmX
dqVJifR+71QahfADOsT/Xa5eglycgIwE5Z2bks+wTXEn2gwbik+5MtWKAyQffCAG
jKPJ2UXOvtFwe0Or/xHljhrEWMWN0mw3KXE4vmFqcrdK5erBWn7Dd+oO8rCM+NGz
ScKERJRl4oqZo30xIQDfufcWwwL+xz7IXly384ngWUdWTaJlaDu49/sQwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIRAQvrjIys5s8NX9eDvrkh5VJzhMB8GA1UdIwQY
MBaAFGGbmHLcxJL8lwf57HwWES9FuFNfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVp1WWN0ekVrdnlYQl9uc2ZCWVJMMFc0VTE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jMGVjNWItZmNlNS00OWZhLTgwYjUt
NTU2MWM1YTYyZDRjLzEvaEVCQy11TWpLem16dzFmMTRPLXVTSGxVbk9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jMGVjNWItZmNlNS00OWZhLTgwYjUtNTU2MWM1YTYyZDRj
LzEvWVp1WWN0ekVrdnlYQl9uc2ZCWVJMMFc0VTE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCPtz8MA0G
CSqGSIb3DQEBCwUAA4IBAQBiYk+jmKdDPPrMit5kqE2PkYI2wJwxzSxMLliGGbG8
DRgpyt0plRyld/I0PZOgT7HG9BwqkLkl3EwJAaZIjjX3bXBi0PlziNU2BH1ej20G
WzbgyuYR3HmnJ5ghQ1SEo+ktX38vTMGe1lRvdgGvolNp4BHJWz+XNF4YPzl63ObO
t8y5N9f5DxcJ0HhTi/aAqjZ0kic0bB2QCB1Un3GVdf4ecU/3DNzeZVAq6uYWb+U7
XFp6I8retBAnY54Hy5HyH7J9omcST6B0sZSyW6UeH6CWBOipYh/laL/UKdGUofLJ
s8H39VjKO2XCz6G1ttEe6/xKnCeVpQ8AppvGgG9EQbc+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:54 2024 by rpki-client on console-fra.rpki-client.org