Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/3dc222-1206-4922-8890-455b19f766cc/1/rxLSIRoZwBw1nPGO4i1HZxjqP0Q.roa
File:                     rxLSIRoZwBw1nPGO4i1HZxjqP0Q.roa (raw, json)
Hash identifier:          qT4gA6AgZ4OKCyvSteKUC0S0gv5I8AScEsIkqFl7z30=
Subject key identifier:   AF:12:D2:21:1A:19:C0:1C:35:9C:F1:8E:E2:2D:47:67:18:EA:3F:44
Certificate issuer:       /CN=4f0e77d9c6ff68dca68f05df8f4675ee7bdcb0bc
Certificate serial:       018571DE95E4FE07B1F74A1CD7335CC940F7
Authority key identifier: 4F:0E:77:D9:C6:FF:68:DC:A6:8F:05:DF:8F:46:75:EE:7B:DC:B0:BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Tw532cb_aNymjwXfj0Z17nvcsLw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/3dc222-1206-4922-8890-455b19f766cc/1/rxLSIRoZwBw1nPGO4i1HZxjqP0Q.roa
Signing time:             Mon 02 Jan 2023 09:44:50 +0000
ROA not before:           Mon 02 Jan 2023 09:44:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31263
IP address blocks:        176.62.48.0/20 maxlen: 20

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:de:95:e4:fe:07:b1:f7:4a:1c:d7:33:5c:c9:40:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f0e77d9c6ff68dca68f05df8f4675ee7bdcb0bc
        Validity
            Not Before: Jan  2 09:44:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=af12d2211a19c01c359cf18ee22d476718ea3f44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:fc:9e:2c:64:b7:19:74:f3:6e:eb:89:3b:6f:
                    fd:f6:d4:ef:45:69:71:c6:67:3f:d3:20:64:dd:57:
                    0b:57:5d:13:ef:aa:4d:96:3b:f2:df:24:d9:54:f0:
                    6d:b6:01:a8:44:a2:1e:e4:74:49:63:46:02:c7:0b:
                    86:fb:97:13:a4:d4:73:08:e5:42:34:ca:fc:36:17:
                    79:6f:fb:a1:f1:2f:7a:11:a7:93:e4:94:39:e3:e0:
                    81:89:05:ac:ef:81:4d:a4:5d:90:c8:c3:ee:32:f2:
                    0c:c1:6e:76:81:a5:ae:6c:06:14:a9:e8:3b:76:07:
                    e9:50:3a:48:1a:f4:23:19:9e:4f:b7:9f:76:96:ff:
                    e8:66:d2:f9:b8:10:65:7e:c2:f3:f7:7f:35:6a:a9:
                    c8:0b:15:21:da:36:ac:51:99:3d:00:d0:fe:14:03:
                    89:18:6a:7e:33:80:6b:ae:db:fe:ec:d1:fb:f2:39:
                    09:1a:d5:45:49:a2:9a:8a:91:9f:33:0a:c3:9e:5c:
                    49:67:60:5d:f5:be:d5:35:8b:2e:df:2d:3d:ee:00:
                    50:a8:20:35:97:8f:cb:cd:e9:5a:85:7d:01:55:7d:
                    a5:27:41:09:9e:0e:d4:ba:d0:c9:ef:82:ad:e6:2a:
                    8b:0f:04:5e:28:80:59:40:86:ba:0d:7a:ce:5e:a7:
                    18:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:12:D2:21:1A:19:C0:1C:35:9C:F1:8E:E2:2D:47:67:18:EA:3F:44
            X509v3 Authority Key Identifier:
                keyid:4F:0E:77:D9:C6:FF:68:DC:A6:8F:05:DF:8F:46:75:EE:7B:DC:B0:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tw532cb_aNymjwXfj0Z17nvcsLw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/3dc222-1206-4922-8890-455b19f766cc/1/rxLSIRoZwBw1nPGO4i1HZxjqP0Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/3dc222-1206-4922-8890-455b19f766cc/1/Tw532cb_aNymjwXfj0Z17nvcsLw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.62.48.0/20

    Signature Algorithm: sha256WithRSAEncryption
         76:15:85:c3:67:f2:91:10:81:88:5a:a4:8f:99:cf:ac:b9:35:
         ca:ca:cb:f3:e1:32:7f:69:8a:1e:71:80:4a:eb:6c:1a:0a:b7:
         86:a3:bf:7d:db:4f:0d:ce:ec:4c:57:bc:50:7e:91:28:7e:e9:
         f2:22:be:56:8f:43:84:00:5a:ea:1c:93:41:0d:d1:cc:19:e4:
         98:92:dd:01:e0:64:1d:9c:46:06:ab:72:70:63:6b:36:75:9a:
         08:6a:17:c3:fc:0a:8d:55:b2:41:03:09:2f:35:c8:c7:c8:56:
         10:5c:3b:3d:ed:eb:8a:2c:8a:6e:f1:5a:36:9d:ce:c6:10:ca:
         bd:c6:9e:4d:f8:a9:d6:94:cf:9a:f0:6e:b8:cf:00:cf:1e:e0:
         0e:d3:9e:66:a5:63:de:d9:2e:8c:ce:77:aa:89:0c:32:98:28:
         10:94:e1:f5:23:e1:19:e9:4e:98:6a:97:2e:79:f9:01:5c:05:
         8b:de:49:2e:c0:e4:50:d7:39:03:c9:a2:53:fe:bd:d2:71:20:
         4e:76:39:92:90:73:d7:a5:c1:02:33:13:2b:7c:d0:ac:19:31:
         a3:ab:26:ee:66:18:ab:d2:17:f8:f4:33:16:35:c1:bc:72:73:
         4a:62:a6:f6:50:ed:71:3c:53:7b:1e:ee:c0:d6:98:04:a3:d9:
         e4:ba:73:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx3pXk/gex90oc1zNcyUD3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMGU3N2Q5YzZmZjY4ZGNhNjhmMDVkZjhmNDY3NWVlN2Jk
Y2IwYmMwHhcNMjMwMTAyMDk0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjEyZDIyMTFhMTljMDFjMzU5Y2YxOGVlMjJkNDc2NzE4ZWEzZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvyeLGS3GXTzbuuJO2/99tTvRWlx
xmc/0yBk3VcLV10T76pNljvy3yTZVPBttgGoRKIe5HRJY0YCxwuG+5cTpNRzCOVC
NMr8Nhd5b/uh8S96EaeT5JQ54+CBiQWs74FNpF2QyMPuMvIMwW52gaWubAYUqeg7
dgfpUDpIGvQjGZ5Pt592lv/oZtL5uBBlfsLz9381aqnICxUh2jasUZk9AND+FAOJ
GGp+M4Brrtv+7NH78jkJGtVFSaKaipGfMwrDnlxJZ2Bd9b7VNYsu3y097gBQqCA1
l4/LzelahX0BVX2lJ0EJng7UutDJ74Kt5iqLDwReKIBZQIa6DXrOXqcYmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK8S0iEaGcAcNZzxjuItR2cY6j9EMB8GA1UdIwQY
MBaAFE8Od9nG/2jcpo8F349Gde573LC8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHc1MzJjYl9hTnltandYZmowWjE3bnZjc0x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8zZGMyMjItMTIwNi00OTIyLTg4OTAt
NDU1YjE5Zjc2NmNjLzEvcnhMU0lSb1p3QncxblBHTzRpMUhaeGpxUDBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8zZGMyMjItMTIwNi00OTIyLTg4OTAtNDU1YjE5Zjc2NmNj
LzEvVHc1MzJjYl9hTnltandYZmowWjE3bnZjc0x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEsD4wMA0G
CSqGSIb3DQEBCwUAA4IBAQB2FYXDZ/KREIGIWqSPmc+suTXKysvz4TJ/aYoecYBK
62waCreGo799208NzuxMV7xQfpEofunyIr5Wj0OEAFrqHJNBDdHMGeSYkt0B4GQd
nEYGq3JwY2s2dZoIahfD/AqNVbJBAwkvNcjHyFYQXDs97euKLIpu8Vo2nc7GEMq9
xp5N+KnWlM+a8G64zwDPHuAO055mpWPe2S6MzneqiQwymCgQlOH1I+EZ6U6Yapcu
efkBXAWL3kkuwORQ1zkDyaJT/r3ScSBOdjmSkHPXpcECMxMrfNCsGTGjqybuZhir
0hf49DMWNcG8cnNKYqb2UO1xPFN7Hu7A1pgEo9nkunMV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:16 2024 by rpki-client on console-fra.rpki-client.org