Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/PjXl4NkGwWHf6qViZXRxIzF-chA.roa
File:                     PjXl4NkGwWHf6qViZXRxIzF-chA.roa (raw, json)
Hash identifier:          lAy8hDuvTWDrsiXOHVgOTLov0xxLNNlUQeg7vgblExA=
Subject key identifier:   3E:35:E5:E0:D9:06:C1:61:DF:EA:A5:62:65:74:71:23:31:7E:72:10
Certificate issuer:       /CN=df0198a7b3afdcdd7003562a0871878e238760ad
Certificate serial:       018CC64AE8E3C202F9B1730AD31229AA4757
Authority key identifier: DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/PjXl4NkGwWHf6qViZXRxIzF-chA.roa
Signing time:             Mon 01 Jan 2024 18:30:47 +0000
ROA not before:           Mon 01 Jan 2024 18:30:47 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     1299
IP address blocks:        213.222.128.0/18 maxlen: 24

Validation:               Failed, certificate revoked on Thu 04 Jan 2024 08:35:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4a:e8:e3:c2:02:f9:b1:73:0a:d3:12:29:aa:47:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df0198a7b3afdcdd7003562a0871878e238760ad
        Validity
            Not Before: Jan  1 18:30:47 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3e35e5e0d906c161dfeaa56265747123317e7210
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:7b:a1:bc:c4:93:cd:5a:6e:ba:b3:dc:b3:0a:
                    04:48:db:3d:7f:2d:22:8d:38:78:e8:ab:97:a2:67:
                    8a:3c:e2:5a:41:1b:7b:f6:e9:3c:be:20:58:c3:7e:
                    43:a3:09:d7:3c:22:0a:d5:2e:00:bf:e7:93:63:e9:
                    5b:76:d2:6e:54:56:59:94:7d:1a:9b:af:f8:f9:48:
                    91:d1:10:56:7d:f8:78:6b:0f:25:a3:13:a4:70:c3:
                    9b:fe:ee:83:0c:ea:47:36:c7:36:0a:d4:ad:11:f2:
                    ba:cc:5f:fd:b6:e9:62:f4:97:2e:77:1b:b9:b8:11:
                    54:b5:49:9a:64:9a:cd:a3:48:85:e0:9c:31:c7:26:
                    c2:28:6f:64:64:cc:95:9f:1f:df:97:20:dc:ab:8b:
                    16:aa:ff:75:86:1a:50:85:f2:22:a4:30:12:a7:35:
                    73:72:c1:2f:1b:1f:9a:0e:67:17:8a:14:97:9a:d3:
                    24:6f:fb:0f:f0:50:eb:7b:c4:1c:55:3a:f9:bb:b1:
                    e4:2d:e9:8a:25:36:ca:56:31:a5:c7:17:a3:f4:b4:
                    5e:5f:34:67:13:5f:82:0f:72:bd:dd:26:12:e6:62:
                    da:9e:29:35:aa:c0:df:81:f2:eb:80:67:33:1e:8d:
                    01:4d:e0:7a:c3:94:fc:20:ce:96:8f:c7:fc:bc:3e:
                    e9:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:35:E5:E0:D9:06:C1:61:DF:EA:A5:62:65:74:71:23:31:7E:72:10
            X509v3 Authority Key Identifier:
                keyid:DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/PjXl4NkGwWHf6qViZXRxIzF-chA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.222.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         31:a3:f5:c3:41:4e:d5:02:fd:04:c6:d8:e5:00:c9:ee:14:e0:
         30:6e:c3:23:09:6b:ae:3b:c7:97:e5:95:86:f7:50:fb:22:4f:
         da:97:f4:c5:c5:41:49:21:b3:ab:fd:9f:bc:d2:ea:6a:73:b0:
         b7:8d:5a:e2:33:aa:0a:21:2d:98:f0:1b:98:d4:6d:38:bd:6d:
         82:71:03:ca:a5:7c:20:2c:1c:7d:70:82:b5:57:65:1a:09:22:
         54:7d:1d:db:20:ab:96:c7:73:81:23:84:29:13:1d:fb:56:7f:
         9a:92:2b:91:de:6a:33:db:dc:9c:17:67:34:b2:d9:19:23:95:
         81:49:1e:10:ea:d6:50:11:7a:49:4b:e5:a9:6e:90:53:25:7c:
         51:8e:f3:93:b5:6b:d5:ce:96:28:a9:73:a7:9e:5a:0a:73:3f:
         eb:06:67:ba:f8:d9:65:f1:81:51:13:ea:2a:9e:0d:89:45:6c:
         c3:ea:8f:70:16:d1:3f:a9:5a:d9:22:41:05:99:21:26:84:8f:
         7e:f0:35:03:fd:4f:91:ec:c0:b9:cf:3c:4d:fb:86:23:c3:81:
         88:bf:e2:1b:21:75:2d:68:d0:45:03:95:7a:2d:71:db:06:47:
         cd:b7:d7:7a:c8:0c:69:59:f6:14:be:db:62:26:79:3a:c8:17:
         d5:13:bb:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSujjwgL5sXMK0xIpqkdXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMDE5OGE3YjNhZmRjZGQ3MDAzNTYyYTA4NzE4NzhlMjM4
NzYwYWQwHhcNMjQwMTAxMTgzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTM1ZTVlMGQ5MDZjMTYxZGZlYWE1NjI2NTc0NzEyMzMxN2U3MjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nuhvMSTzVpuurPcswoESNs9fy0i
jTh46KuXomeKPOJaQRt79uk8viBYw35DownXPCIK1S4Av+eTY+lbdtJuVFZZlH0a
m6/4+UiR0RBWffh4aw8loxOkcMOb/u6DDOpHNsc2CtStEfK6zF/9tuli9Jcudxu5
uBFUtUmaZJrNo0iF4JwxxybCKG9kZMyVnx/flyDcq4sWqv91hhpQhfIipDASpzVz
csEvGx+aDmcXihSXmtMkb/sP8FDre8QcVTr5u7HkLemKJTbKVjGlxxej9LReXzRn
E1+CD3K93SYS5mLanik1qsDfgfLrgGczHo0BTeB6w5T8IM6Wj8f8vD7pYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD415eDZBsFh3+qlYmV0cSMxfnIQMB8GA1UdIwQY
MBaAFN8BmKezr9zdcANWKghxh44jh2CtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kM2ZjYTYtZWNiNS00M2FhLThjOWQt
MGZjYzZjMzAxMWZjLzEvUGpYbDROa0d3V0hmNnFWaVpYUnhJekYtY2hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9kM2ZjYTYtZWNiNS00M2FhLThjOWQtMGZjYzZjMzAxMWZj
LzEvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQG1d6AMA0G
CSqGSIb3DQEBCwUAA4IBAQAxo/XDQU7VAv0ExtjlAMnuFOAwbsMjCWuuO8eX5ZWG
91D7Ik/al/TFxUFJIbOr/Z+80upqc7C3jVriM6oKIS2Y8BuY1G04vW2CcQPKpXwg
LBx9cIK1V2UaCSJUfR3bIKuWx3OBI4QpEx37Vn+akiuR3moz29ycF2c0stkZI5WB
SR4Q6tZQEXpJS+WpbpBTJXxRjvOTtWvVzpYoqXOnnloKcz/rBme6+Nll8YFRE+oq
ng2JRWzD6o9wFtE/qVrZIkEFmSEmhI9+8DUD/U+R7MC5zzxN+4Yjw4GIv+IbIXUt
aNBFA5V6LXHbBkfNt9d6yAxpWfYUvttiJnk6yBfVE7vW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:34 2024 by rpki-client on console-ams.rpki-client.org