Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/d4c891-4bc0-4a3e-8457-44276f604233/1/1lmd2TZuBE6QHnWJDWkwvc_SSZI.roa
File:                     1lmd2TZuBE6QHnWJDWkwvc_SSZI.roa (raw, json)
Hash identifier:          BLFo44vij+xXprlQ22/o7Nw7rEAVtle2AlJptsgknKg=
Subject key identifier:   D6:59:9D:D9:36:6E:04:4E:90:1E:75:89:0D:69:30:BD:CF:D2:49:92
Certificate issuer:       /CN=3b54fa60b327a0803dc85e970a9b76a4514ceb5e
Certificate serial:       01857079884823846520F13E89EEDF98D12C
Authority key identifier: 3B:54:FA:60:B3:27:A0:80:3D:C8:5E:97:0A:9B:76:A4:51:4C:EB:5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O1T6YLMnoIA9yF6XCpt2pFFM614.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/d4c891-4bc0-4a3e-8457-44276f604233/1/1lmd2TZuBE6QHnWJDWkwvc_SSZI.roa
Signing time:             Mon 02 Jan 2023 03:14:50 +0000
ROA not before:           Mon 02 Jan 2023 03:14:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9121
IP address blocks:        62.106.71.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 18 Feb 2023 13:23:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:79:88:48:23:84:65:20:f1:3e:89:ee:df:98:d1:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b54fa60b327a0803dc85e970a9b76a4514ceb5e
        Validity
            Not Before: Jan  2 03:14:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d6599dd9366e044e901e75890d6930bdcfd24992
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:71:ff:b6:31:5a:25:fc:c4:5e:b8:22:57:75:
                    8d:67:6c:a4:9a:78:c3:d5:51:3c:66:99:db:41:2a:
                    73:c4:a0:db:36:0e:10:53:3a:3c:61:19:ac:87:d1:
                    43:7f:39:8b:f6:cb:2a:e9:1d:75:b0:88:be:3d:92:
                    f5:ce:a6:0f:66:aa:7c:50:8f:cb:52:5d:61:47:97:
                    cc:e4:88:48:21:2a:e8:0c:61:41:b8:fc:dd:59:71:
                    ef:8e:d3:41:60:8f:b4:bf:7b:55:54:7d:46:89:96:
                    8a:88:9c:55:26:9e:af:25:0d:cc:96:35:64:b7:46:
                    ed:30:b9:ee:01:42:37:fe:9c:66:fb:1c:39:50:91:
                    d5:00:3b:b3:87:a8:bd:d0:fe:d3:1b:69:00:0c:76:
                    c6:cf:61:54:8b:6a:00:b3:a6:1c:c3:bf:6a:42:ea:
                    53:cc:76:db:92:dc:f1:16:dc:93:af:8c:d7:81:e3:
                    97:45:5a:03:18:21:54:e5:67:df:3c:00:c6:9d:ea:
                    53:b2:09:83:d9:c3:69:77:78:65:a6:7d:e1:56:f6:
                    86:cb:36:d0:4f:82:16:a3:1b:1a:a3:c2:c1:04:77:
                    a7:56:4b:13:87:04:ac:21:87:57:63:67:b2:be:f9:
                    9e:44:9c:52:fc:31:e0:33:45:5b:6c:87:10:9b:4d:
                    e1:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:59:9D:D9:36:6E:04:4E:90:1E:75:89:0D:69:30:BD:CF:D2:49:92
            X509v3 Authority Key Identifier:
                keyid:3B:54:FA:60:B3:27:A0:80:3D:C8:5E:97:0A:9B:76:A4:51:4C:EB:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1T6YLMnoIA9yF6XCpt2pFFM614.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/d4c891-4bc0-4a3e-8457-44276f604233/1/1lmd2TZuBE6QHnWJDWkwvc_SSZI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/d4c891-4bc0-4a3e-8457-44276f604233/1/O1T6YLMnoIA9yF6XCpt2pFFM614.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.106.71.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:55:07:08:78:b9:41:b6:18:d2:c0:cd:16:3b:fe:b8:4a:c4:
         67:ed:a8:b8:b1:7d:e7:22:5e:aa:fb:ce:92:3b:3d:d0:f2:ad:
         a4:de:03:91:1b:94:fc:3f:86:b5:13:da:48:41:d5:bc:64:a6:
         4d:c3:92:b5:61:84:28:f0:5a:fa:3a:67:4b:05:1e:fb:ba:42:
         c6:84:a9:1a:41:ac:63:c8:fb:1f:29:a3:4c:be:ec:38:86:6a:
         bd:89:8f:27:5a:d2:74:dd:ae:1e:e1:80:26:4b:1b:01:58:99:
         e5:36:fc:65:a4:df:c2:cd:6a:66:bd:da:e5:d6:ac:0b:4b:13:
         99:2a:8a:22:45:60:7d:e2:8d:d4:54:e8:51:34:bf:35:6c:8d:
         29:0c:e4:b1:a4:12:23:ff:8d:bc:f4:5d:c0:6a:2a:20:c4:a7:
         4c:c8:27:c1:78:9b:ef:f6:6d:0b:0d:2a:a0:48:5d:68:ce:47:
         a2:8b:58:f6:a7:38:0e:f2:74:c6:17:3c:b6:2b:28:49:0c:ca:
         63:01:15:50:95:e1:53:e0:1f:c6:3e:a8:1c:01:6d:7d:13:41:
         dd:5a:17:eb:89:db:27:9e:97:4a:23:12:20:35:87:26:95:5b:
         bc:e3:7c:07:e7:4d:b7:ed:8e:f5:97:57:ab:54:37:82:7f:d1:
         58:61:f2:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVweYhII4RlIPE+ie7fmNEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTRmYTYwYjMyN2EwODAzZGM4NWU5NzBhOWI3NmE0NTE0
Y2ViNWUwHhcNMjMwMTAyMDMxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjU5OWRkOTM2NmUwNDRlOTAxZTc1ODkwZDY5MzBiZGNmZDI0OTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXH/tjFaJfzEXrgiV3WNZ2ykmnjD
1VE8ZpnbQSpzxKDbNg4QUzo8YRmsh9FDfzmL9ssq6R11sIi+PZL1zqYPZqp8UI/L
Ul1hR5fM5IhIISroDGFBuPzdWXHvjtNBYI+0v3tVVH1GiZaKiJxVJp6vJQ3MljVk
t0btMLnuAUI3/pxm+xw5UJHVADuzh6i90P7TG2kADHbGz2FUi2oAs6Ycw79qQupT
zHbbktzxFtyTr4zXgeOXRVoDGCFU5WffPADGnepTsgmD2cNpd3hlpn3hVvaGyzbQ
T4IWoxsao8LBBHenVksThwSsIYdXY2eyvvmeRJxS/DHgM0VbbIcQm03hqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZZndk2bgROkB51iQ1pML3P0kmSMB8GA1UdIwQY
MBaAFDtU+mCzJ6CAPchelwqbdqRRTOteMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFUNllMTW5vSUE5eUY2WENwdDJwRkZNNjE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9kNGM4OTEtNGJjMC00YTNlLTg0NTct
NDQyNzZmNjA0MjMzLzEvMWxtZDJUWnVCRTZRSG5XSkRXa3d2Y19TU1pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9kNGM4OTEtNGJjMC00YTNlLTg0NTctNDQyNzZmNjA0MjMz
LzEvTzFUNllMTW5vSUE5eUY2WENwdDJwRkZNNjE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPmpHMA0G
CSqGSIb3DQEBCwUAA4IBAQBzVQcIeLlBthjSwM0WO/64SsRn7ai4sX3nIl6q+86S
Oz3Q8q2k3gORG5T8P4a1E9pIQdW8ZKZNw5K1YYQo8Fr6OmdLBR77ukLGhKkaQaxj
yPsfKaNMvuw4hmq9iY8nWtJ03a4e4YAmSxsBWJnlNvxlpN/CzWpmvdrl1qwLSxOZ
KooiRWB94o3UVOhRNL81bI0pDOSxpBIj/4289F3AaiogxKdMyCfBeJvv9m0LDSqg
SF1ozkeii1j2pzgO8nTGFzy2KyhJDMpjARVQleFT4B/GPqgcAW19E0HdWhfridsn
npdKIxIgNYcmlVu843wH50237Y71l1erVDeCf9FYYfKR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:04 2024 by rpki-client on console-fra.rpki-client.org