Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f0a2a1-66fc-4a34-ac5a-5d5117b7140d/1/pxtuZlDrcgOkA9-Nv1Kk2TtIydo.roa
File:                     pxtuZlDrcgOkA9-Nv1Kk2TtIydo.roa (raw, json)
Hash identifier:          NvCzB4FGUAsmzYqmzTQut2fR11Dp1xDf6lZ3R1WOo54=
Subject key identifier:   A7:1B:6E:66:50:EB:72:03:A4:03:DF:8D:BF:52:A4:D9:3B:48:C9:DA
Certificate issuer:       /CN=44e63efc9483869e40213e6d1019553a11bd1b74
Certificate serial:       018A03DF5D663537DD90391DF83E07C15C3C
Authority key identifier: 44:E6:3E:FC:94:83:86:9E:40:21:3E:6D:10:19:55:3A:11:BD:1B:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ROY-_JSDhp5AIT5tEBlVOhG9G3Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/f0a2a1-66fc-4a34-ac5a-5d5117b7140d/1/pxtuZlDrcgOkA9-Nv1Kk2TtIydo.roa
Signing time:             Thu 17 Aug 2023 14:21:24 +0000
ROA not before:           Thu 17 Aug 2023 14:21:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59877
IP address blocks:        62.68.65.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:03:df:5d:66:35:37:dd:90:39:1d:f8:3e:07:c1:5c:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44e63efc9483869e40213e6d1019553a11bd1b74
        Validity
            Not Before: Aug 17 14:21:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a71b6e6650eb7203a403df8dbf52a4d93b48c9da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:bd:52:0e:b0:13:12:a4:86:12:d6:6c:97:50:
                    7c:5e:a4:0e:d7:a0:9d:8d:76:c7:e7:40:07:91:18:
                    1a:40:13:4d:ca:9c:da:1f:9c:4f:4f:a1:31:32:42:
                    28:8b:20:64:51:b5:30:4e:76:fb:30:25:e6:3d:8c:
                    a6:3e:b5:2e:98:f1:60:3d:9b:29:da:7a:6e:60:5c:
                    97:ea:2a:19:a0:54:37:29:8d:d4:f4:f3:34:87:5b:
                    dc:7a:43:c5:67:11:80:a0:f7:9b:5b:b3:28:dc:d5:
                    e1:04:13:7e:ca:fd:81:66:0f:6c:67:1e:2b:52:f3:
                    57:af:5f:d3:37:8e:7f:8b:ab:9d:0b:10:9b:ec:4a:
                    08:88:6f:97:4b:33:0a:a1:e7:aa:3e:a4:97:73:c2:
                    d2:59:ac:ce:2a:fd:4b:7a:e3:86:d8:a1:44:52:db:
                    4d:d5:e8:6a:ea:8d:74:6c:a4:c1:4e:aa:7b:a0:4c:
                    16:ae:95:f2:b0:c8:7d:da:01:56:49:f4:23:42:d5:
                    9c:c2:a4:4c:91:02:c9:65:08:30:cc:d6:bd:f9:91:
                    dc:fb:60:3c:d4:e7:ce:52:31:68:12:22:27:06:fd:
                    53:51:ec:79:b4:66:98:53:ec:18:d1:26:a9:9e:0b:
                    f3:2c:c2:ea:7c:f0:63:1d:bb:33:a0:23:ef:4e:a7:
                    01:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:1B:6E:66:50:EB:72:03:A4:03:DF:8D:BF:52:A4:D9:3B:48:C9:DA
            X509v3 Authority Key Identifier:
                keyid:44:E6:3E:FC:94:83:86:9E:40:21:3E:6D:10:19:55:3A:11:BD:1B:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROY-_JSDhp5AIT5tEBlVOhG9G3Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f0a2a1-66fc-4a34-ac5a-5d5117b7140d/1/pxtuZlDrcgOkA9-Nv1Kk2TtIydo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f0a2a1-66fc-4a34-ac5a-5d5117b7140d/1/ROY-_JSDhp5AIT5tEBlVOhG9G3Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.68.65.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:3f:dd:29:e7:03:85:91:84:a0:23:41:f7:0a:08:5f:03:b6:
         fe:60:f3:a5:f5:71:c2:86:dc:b6:93:e5:55:b0:96:e3:5d:c2:
         d5:47:3e:29:c5:14:0c:b7:be:8d:22:4f:fb:1d:f2:0f:bf:b9:
         52:4e:a7:41:80:55:e2:1b:dc:4d:3d:0f:14:4e:3d:4b:e7:2b:
         5e:12:c0:a0:47:29:95:7e:b2:06:7b:e6:dd:3e:56:7a:71:80:
         e9:a1:9a:bb:c5:eb:ef:00:3e:84:a9:aa:fe:7d:64:26:fb:cc:
         8e:1a:2b:d3:14:6a:e5:fb:3c:b1:a4:d6:6c:45:1d:ab:c7:5f:
         30:ae:86:7d:76:49:88:02:04:46:fa:cb:81:88:96:fc:3d:29:
         5c:a8:c0:81:8b:eb:3e:3c:17:0c:60:d2:14:49:0d:46:7e:2a:
         47:db:ed:24:29:c7:ed:71:20:1a:5d:14:f0:04:98:78:fd:73:
         93:f9:5d:85:4f:f6:40:b8:45:c8:49:1e:bd:af:46:ea:45:09:
         4b:72:33:0f:36:7e:7b:b5:89:5c:5c:e3:17:3e:5c:45:9d:f7:
         12:93:65:25:49:c8:8c:76:33:0b:e5:c4:46:b5:1a:89:9a:a8:
         88:36:85:f1:d4:88:9b:98:58:d8:ce:09:d0:ae:56:2a:8a:2a:
         fa:9f:51:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoD311mNTfdkDkd+D4HwVw8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZTYzZWZjOTQ4Mzg2OWU0MDIxM2U2ZDEwMTk1NTNhMTFi
ZDFiNzQwHhcNMjMwODE3MTQyMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzFiNmU2NjUwZWI3MjAzYTQwM2RmOGRiZjUyYTRkOTNiNDhjOWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArL1SDrATEqSGEtZsl1B8XqQO16Cd
jXbH50AHkRgaQBNNypzaH5xPT6ExMkIoiyBkUbUwTnb7MCXmPYymPrUumPFgPZsp
2npuYFyX6ioZoFQ3KY3U9PM0h1vcekPFZxGAoPebW7Mo3NXhBBN+yv2BZg9sZx4r
UvNXr1/TN45/i6udCxCb7EoIiG+XSzMKoeeqPqSXc8LSWazOKv1LeuOG2KFEUttN
1ehq6o10bKTBTqp7oEwWrpXysMh92gFWSfQjQtWcwqRMkQLJZQgwzNa9+ZHc+2A8
1OfOUjFoEiInBv1TUex5tGaYU+wY0SapngvzLMLqfPBjHbszoCPvTqcBRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKcbbmZQ63IDpAPfjb9SpNk7SMnaMB8GA1UdIwQY
MBaAFETmPvyUg4aeQCE+bRAZVToRvRt0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk9ZLV9KU0RocDVBSVQ1dEVCbFZPaEc5RzNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mMGEyYTEtNjZmYy00YTM0LWFjNWEt
NWQ1MTE3YjcxNDBkLzEvcHh0dVpsRHJjZ09rQTktTnYxS2syVHRJeWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mMGEyYTEtNjZmYy00YTM0LWFjNWEtNWQ1MTE3YjcxNDBk
LzEvUk9ZLV9KU0RocDVBSVQ1dEVCbFZPaEc5RzNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkRBMA0G
CSqGSIb3DQEBCwUAA4IBAQBXP90p5wOFkYSgI0H3CghfA7b+YPOl9XHChty2k+VV
sJbjXcLVRz4pxRQMt76NIk/7HfIPv7lSTqdBgFXiG9xNPQ8UTj1L5yteEsCgRymV
frIGe+bdPlZ6cYDpoZq7xevvAD6Eqar+fWQm+8yOGivTFGrl+zyxpNZsRR2rx18w
roZ9dkmIAgRG+suBiJb8PSlcqMCBi+s+PBcMYNIUSQ1GfipH2+0kKcftcSAaXRTw
BJh4/XOT+V2FT/ZAuEXISR69r0bqRQlLcjMPNn57tYlcXOMXPlxFnfcSk2UlSciM
djML5cRGtRqJmqiINoXx1IibmFjYzgnQrlYqiir6n1EY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:38 2024 by rpki-client on console-fra.rpki-client.org