Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/oJNpYn1BgnkB9krkdn7qX6iWFAg.roa
File:                     oJNpYn1BgnkB9krkdn7qX6iWFAg.roa (raw, json)
Hash identifier:          QGWavLkJWYqW3d3RVY1He0/j+mZysXhr9qHNQElaq6E=
Subject key identifier:   A0:93:69:62:7D:41:82:79:01:F6:4A:E4:76:7E:EA:5F:A8:96:14:08
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       01893E0F34CE183D4B6116B611D2EF3A348A
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/oJNpYn1BgnkB9krkdn7qX6iWFAg.roa
Signing time:             Mon 10 Jul 2023 04:28:51 +0000
ROA not before:           Mon 10 Jul 2023 04:28:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60528
IP address blocks:        62.197.129.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 19 Jul 2023 12:37:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:3e:0f:34:ce:18:3d:4b:61:16:b6:11:d2:ef:3a:34:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jul 10 04:28:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a09369627d41827901f64ae4767eea5fa8961408
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:54:ef:db:27:e3:9f:3a:bd:2b:45:a2:21:94:
                    cd:a0:ae:2e:6b:6d:9b:b6:f8:80:0f:16:6b:95:a9:
                    3a:88:76:09:a4:d7:0c:39:45:11:25:f8:8d:63:23:
                    b3:bf:63:97:5e:c6:96:d4:93:bd:aa:9c:60:36:44:
                    29:55:d5:61:da:37:59:19:e0:d3:2f:61:ca:e3:f8:
                    70:7f:08:4c:56:f3:a2:0c:79:6e:7c:50:d4:16:31:
                    9b:d4:38:7c:dd:60:e2:de:87:43:5f:8d:3a:f4:b4:
                    09:d5:00:0e:52:4e:ee:d3:33:62:37:91:f0:70:af:
                    08:d1:71:d0:84:00:ce:fb:27:0b:c8:84:bb:59:1b:
                    a7:1b:dc:45:c6:d9:0d:46:e3:6c:8d:ce:f7:8e:95:
                    04:52:64:13:e7:a8:a1:af:e1:b1:28:79:d8:8c:68:
                    84:0a:03:06:8b:8a:46:84:0d:94:8f:62:82:69:20:
                    cb:33:7c:90:26:d4:4f:4f:85:7e:34:18:78:7c:dc:
                    9d:01:a7:0c:1d:21:b6:c2:28:17:2d:95:c7:0a:92:
                    81:73:a5:d2:d1:6a:12:af:e0:16:29:bd:4a:d7:65:
                    c2:48:2f:1d:b5:0f:6a:e5:6c:5d:87:70:8c:2a:38:
                    5e:18:fa:ab:80:b2:ee:8c:79:23:fb:0e:37:81:9c:
                    01:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:93:69:62:7D:41:82:79:01:F6:4A:E4:76:7E:EA:5F:A8:96:14:08
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/oJNpYn1BgnkB9krkdn7qX6iWFAg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.197.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:ea:1f:b4:40:05:cd:50:57:70:3c:d8:ae:63:c3:d4:db:db:
         60:a8:93:b5:33:e2:41:44:e2:e4:48:d8:9f:2d:00:21:b1:bc:
         52:c6:b3:ec:f3:3f:ed:ed:f1:e3:7a:f8:6b:90:ff:81:9d:39:
         cb:74:5a:24:a1:a5:5b:fc:af:72:62:69:ea:d5:01:ec:1c:b2:
         83:73:37:4c:bc:bd:d3:5b:6c:47:c9:2d:93:61:91:a4:9d:63:
         d2:f4:1e:94:1b:f0:78:cc:1d:08:0e:b2:ae:8a:05:a5:59:6d:
         4b:0d:6e:8f:60:ee:47:41:de:3d:4b:b7:93:3d:69:f8:70:dc:
         df:a3:00:b3:0c:ba:f1:e5:83:b1:de:ce:93:46:b2:49:15:dc:
         c6:2f:9d:27:fe:1e:99:ea:13:14:79:08:d3:44:8e:cb:96:78:
         1a:68:c9:99:06:51:1d:13:57:a8:42:d3:7a:2e:93:bb:ed:a8:
         2e:91:4b:fc:cd:f7:bd:3a:5a:14:53:fd:aa:74:82:4d:7b:e3:
         97:ec:bc:60:06:6f:35:5e:ad:f2:33:ab:aa:79:7c:73:84:58:
         51:fb:1f:46:ba:fb:db:6d:7c:a6:a1:4e:b1:4f:fa:7d:c4:2f:
         0a:48:b5:55:9c:53:87:98:16:cc:19:a6:e4:ac:ef:b5:76:06:
         2d:9b:5a:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYk+DzTOGD1LYRa2EdLvOjSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzEwMDQyODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDkzNjk2MjdkNDE4Mjc5MDFmNjRhZTQ3NjdlZWE1ZmE4OTYxNDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1Tv2yfjnzq9K0WiIZTNoK4ua22b
tviADxZrlak6iHYJpNcMOUURJfiNYyOzv2OXXsaW1JO9qpxgNkQpVdVh2jdZGeDT
L2HK4/hwfwhMVvOiDHlufFDUFjGb1Dh83WDi3odDX4069LQJ1QAOUk7u0zNiN5Hw
cK8I0XHQhADO+ycLyIS7WRunG9xFxtkNRuNsjc73jpUEUmQT56ihr+GxKHnYjGiE
CgMGi4pGhA2Uj2KCaSDLM3yQJtRPT4V+NBh4fNydAacMHSG2wigXLZXHCpKBc6XS
0WoSr+AWKb1K12XCSC8dtQ9q5Wxdh3CMKjheGPqrgLLujHkj+w43gZwBIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKCTaWJ9QYJ5AfZK5HZ+6l+olhQIMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvb0pOcFluMUJnbmtCOWtya2RuN3FYNmlXRkFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPsWBMA0G
CSqGSIb3DQEBCwUAA4IBAQBX6h+0QAXNUFdwPNiuY8PU29tgqJO1M+JBROLkSNif
LQAhsbxSxrPs8z/t7fHjevhrkP+BnTnLdFokoaVb/K9yYmnq1QHsHLKDczdMvL3T
W2xHyS2TYZGknWPS9B6UG/B4zB0IDrKuigWlWW1LDW6PYO5HQd49S7eTPWn4cNzf
owCzDLrx5YOx3s6TRrJJFdzGL50n/h6Z6hMUeQjTRI7LlngaaMmZBlEdE1eoQtN6
LpO77agukUv8zfe9OloUU/2qdIJNe+OX7LxgBm81Xq3yM6uqeXxzhFhR+x9Guvvb
bXymoU6xT/p9xC8KSLVVnFOHmBbMGabkrO+1dgYtm1qe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org