Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/vUO3nCXM_t8W7afmQB8gGhfuxf0.roa
File:                     vUO3nCXM_t8W7afmQB8gGhfuxf0.roa (raw, json)
Hash identifier:          AeOtsTVZjjOHM4STYBFG2glI507sswZ8YmgpqLGEbAw=
Subject key identifier:   BD:43:B7:9C:25:CC:FE:DF:16:ED:A7:E6:40:1F:20:1A:17:EE:C5:FD
Certificate issuer:       /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial:       0185710C33FB7A412C67B6FDBD0EFE228CDB
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/vUO3nCXM_t8W7afmQB8gGhfuxf0.roa
Signing time:             Mon 02 Jan 2023 05:55:03 +0000
ROA not before:           Mon 02 Jan 2023 05:55:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62904
IP address blocks:        63.246.128.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 12 Jan 2023 18:50:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0c:33:fb:7a:41:2c:67:b6:fd:bd:0e:fe:22:8c:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
        Validity
            Not Before: Jan  2 05:55:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bd43b79c25ccfedf16eda7e6401f201a17eec5fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:5c:3f:ed:2a:a4:77:0b:31:72:ce:97:06:ce:
                    9f:eb:4c:eb:60:27:0f:93:a3:9f:5a:55:04:69:c7:
                    62:42:d1:59:33:cf:2e:f5:75:50:d2:e1:63:40:60:
                    03:0d:4a:f3:e9:8e:92:5d:79:cd:39:93:03:f0:77:
                    a6:c5:f0:72:25:b9:c2:78:ee:3f:c1:e8:fe:7d:a6:
                    cf:c8:e4:11:c5:87:8b:fd:25:c4:61:2e:93:f4:a8:
                    80:53:80:14:5e:ff:e1:dc:13:d5:d7:e8:44:bd:39:
                    e5:52:0d:79:0b:28:60:64:84:b3:18:7a:1d:3a:c9:
                    f2:5e:70:00:38:7c:35:2b:7c:54:cc:97:41:1c:51:
                    3e:51:3c:74:16:80:b0:71:84:80:a6:86:1e:59:7d:
                    3b:ab:f3:35:de:fc:0a:5b:6c:ac:47:6a:6e:f8:cc:
                    a1:29:c8:90:52:69:ba:f6:9b:94:00:7a:31:3c:b8:
                    98:79:18:c3:ed:08:f1:43:88:8f:19:89:ab:2d:7f:
                    8c:73:b0:18:f2:09:ef:2c:90:83:71:11:ac:84:76:
                    5b:82:f2:fb:45:f3:9a:22:ef:48:f5:9a:ba:0d:79:
                    66:a5:57:30:2b:37:6e:9c:f5:90:06:81:d1:21:e8:
                    be:0c:7c:95:b7:60:83:08:ee:aa:48:4e:ad:ca:0a:
                    9a:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:43:B7:9C:25:CC:FE:DF:16:ED:A7:E6:40:1F:20:1A:17:EE:C5:FD
            X509v3 Authority Key Identifier:
                keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/vUO3nCXM_t8W7afmQB8gGhfuxf0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  63.246.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:41:f6:b9:5e:71:3c:b4:e1:a7:66:26:a5:01:28:45:f1:f3:
         13:8e:46:77:ee:95:87:fe:7b:45:78:aa:bc:3d:a9:64:83:aa:
         ae:c8:7c:5b:42:df:b1:e9:de:a1:ef:fc:94:d4:83:8f:23:1d:
         d9:e4:00:b4:47:10:41:fa:f6:5e:d7:f4:ab:d2:12:40:69:32:
         b0:10:77:32:b3:5b:68:a3:5b:28:73:79:3d:35:cb:43:56:30:
         75:e6:c3:b6:05:8b:07:a9:9c:2e:d7:6a:e1:c8:90:12:62:72:
         ca:9e:fc:07:27:ab:8d:55:70:5b:fc:0d:9d:d2:83:cd:f7:c9:
         a4:79:a1:b4:08:54:dd:db:c9:a9:2a:e6:c1:39:f4:31:b0:92:
         cd:91:b2:41:3b:a3:fd:19:e4:bd:f4:a1:ac:5e:8e:75:84:ca:
         69:06:93:75:22:7f:81:d5:b3:d8:06:4b:e0:b0:a9:1b:3e:15:
         d8:06:8c:27:44:e7:ea:e4:f0:21:2b:0c:96:87:2b:32:58:14:
         cc:8a:a2:00:65:a8:aa:6a:4e:41:36:85:d0:5f:dc:a6:02:b0:
         dc:60:2d:8f:e1:ff:4d:f6:65:27:93:0f:32:61:2d:e7:46:4d:
         99:7e:64:54:79:5f:44:b5:b5:0a:ea:8e:be:3f:b3:f9:41:44:
         c9:22:66:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxDDP7ekEsZ7b9vQ7+IozbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwMTAyMDU1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDQzYjc5YzI1Y2NmZWRmMTZlZGE3ZTY0MDFmMjAxYTE3ZWVjNWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVw/7Sqkdwsxcs6XBs6f60zrYCcP
k6OfWlUEacdiQtFZM88u9XVQ0uFjQGADDUrz6Y6SXXnNOZMD8HemxfByJbnCeO4/
wej+fabPyOQRxYeL/SXEYS6T9KiAU4AUXv/h3BPV1+hEvTnlUg15CyhgZISzGHod
OsnyXnAAOHw1K3xUzJdBHFE+UTx0FoCwcYSApoYeWX07q/M13vwKW2ysR2pu+Myh
KciQUmm69puUAHoxPLiYeRjD7QjxQ4iPGYmrLX+Mc7AY8gnvLJCDcRGshHZbgvL7
RfOaIu9I9Zq6DXlmpVcwKzdunPWQBoHRIei+DHyVt2CDCO6qSE6tygqavQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL1Dt5wlzP7fFu2n5kAfIBoX7sX9MB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvdlVPM25DWE1fdDhXN2FmbVFCOGdHaGZ1eGYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAP/aAMA0G
CSqGSIb3DQEBCwUAA4IBAQB1Qfa5XnE8tOGnZialAShF8fMTjkZ37pWH/ntFeKq8
Palkg6quyHxbQt+x6d6h7/yU1IOPIx3Z5AC0RxBB+vZe1/Sr0hJAaTKwEHcys1to
o1soc3k9NctDVjB15sO2BYsHqZwu12rhyJASYnLKnvwHJ6uNVXBb/A2d0oPN98mk
eaG0CFTd28mpKubBOfQxsJLNkbJBO6P9GeS99KGsXo51hMppBpN1In+B1bPYBkvg
sKkbPhXYBownROfq5PAhKwyWhysyWBTMiqIAZaiqak5BNoXQX9ymArDcYC2P4f9N
9mUnkw8yYS3nRk2ZfmRUeV9EtbUK6o6+P7P5QUTJImbs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:55 2024 by rpki-client on console-fra.rpki-client.org