Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/99d68e-27c3-4b2d-95f5-250a9e6708d0/1/phQ2CSrD7tEwM38buhpGWvpy_Ig.roa
File:                     phQ2CSrD7tEwM38buhpGWvpy_Ig.roa (raw, json)
Hash identifier:          ESPmyUxQ1SsHIA9W7mHwu7Ljq5QoS2NmvwGytuj/klo=
Subject key identifier:   A6:14:36:09:2A:C3:EE:D1:30:33:7F:1B:BA:1A:46:5A:FA:72:FC:88
Certificate issuer:       /CN=11f2e35b3c559b6d843667cad5dac674e01b96c3
Certificate serial:       018CC2DAFEC7624615DC36DD130C70E636B0
Authority key identifier: 11:F2:E3:5B:3C:55:9B:6D:84:36:67:CA:D5:DA:C6:74:E0:1B:96:C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EfLjWzxVm22ENmfK1drGdOAblsM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/99d68e-27c3-4b2d-95f5-250a9e6708d0/1/phQ2CSrD7tEwM38buhpGWvpy_Ig.roa
Signing time:             Mon 01 Jan 2024 02:29:41 +0000
ROA not before:           Mon 01 Jan 2024 02:29:41 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     30781
IP address blocks:        62.68.88.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 03 Jan 2024 09:43:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:da:fe:c7:62:46:15:dc:36:dd:13:0c:70:e6:36:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11f2e35b3c559b6d843667cad5dac674e01b96c3
        Validity
            Not Before: Jan  1 02:29:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a61436092ac3eed130337f1bba1a465afa72fc88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:80:97:a6:33:22:75:09:28:f2:45:b1:41:f9:
                    e1:d2:9d:50:ef:26:c1:f7:65:a5:35:ac:08:c8:d9:
                    f6:92:69:a3:fa:32:2b:e6:2d:f2:ca:d9:d0:69:4f:
                    18:86:28:81:5e:71:e7:e0:35:e2:2e:31:14:b3:d3:
                    80:a8:16:13:fe:26:56:96:49:7d:62:ab:36:e6:5d:
                    37:8d:cf:10:e8:5e:33:f5:e0:89:ec:12:51:01:53:
                    e7:17:11:ef:99:77:08:80:09:30:c2:d8:15:0b:39:
                    38:4d:b6:c3:bc:a4:b5:5a:fd:82:2c:7d:1e:c0:c2:
                    d0:15:94:79:65:99:56:51:b6:fa:6b:da:5a:a7:14:
                    2d:47:41:5d:e0:f6:59:17:e8:79:34:80:3b:18:86:
                    0c:f6:48:7e:23:fc:ee:65:52:0f:b1:94:df:31:4e:
                    af:b9:3b:ab:72:b6:09:fc:bc:54:38:cb:d6:91:84:
                    7e:7a:44:e6:e8:8a:dd:c4:e6:30:1b:da:33:1f:48:
                    50:42:d4:d7:d6:23:6a:ff:f0:35:bb:cc:8c:65:f3:
                    2c:71:73:c7:cc:b8:db:11:f8:2a:04:17:66:f3:33:
                    fe:4f:1b:1d:df:51:b1:e1:83:69:01:00:b6:5c:47:
                    d6:57:22:7e:dd:ce:14:e2:73:f3:2d:c8:a5:35:b9:
                    5f:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:14:36:09:2A:C3:EE:D1:30:33:7F:1B:BA:1A:46:5A:FA:72:FC:88
            X509v3 Authority Key Identifier:
                keyid:11:F2:E3:5B:3C:55:9B:6D:84:36:67:CA:D5:DA:C6:74:E0:1B:96:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EfLjWzxVm22ENmfK1drGdOAblsM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/99d68e-27c3-4b2d-95f5-250a9e6708d0/1/phQ2CSrD7tEwM38buhpGWvpy_Ig.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/99d68e-27c3-4b2d-95f5-250a9e6708d0/1/EfLjWzxVm22ENmfK1drGdOAblsM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.68.88.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:cd:a5:18:fe:59:30:95:37:10:aa:1c:34:9e:64:e2:ac:f1:
         d4:72:49:49:5b:09:79:29:bd:80:75:e4:46:01:81:03:55:a8:
         ef:e3:01:be:ee:b2:28:08:41:b4:70:22:36:46:ac:f6:62:f3:
         8d:71:17:e8:d5:3d:a8:96:e0:54:01:97:d6:19:7e:ac:e0:0d:
         59:97:65:f5:cb:62:d8:fa:bd:a2:49:6c:6c:03:e0:d6:cd:50:
         e0:e9:4c:05:57:c5:17:63:b4:74:fe:48:65:b8:13:df:0c:b6:
         1b:fc:cd:cf:41:99:27:8e:37:07:29:37:26:a8:92:06:67:59:
         c7:97:17:87:9a:6c:c1:b4:ff:71:d4:9f:a2:ab:3f:22:b4:b4:
         ca:47:cf:68:ac:cd:47:d6:ae:1c:7c:41:c2:fb:61:fb:24:95:
         dc:3f:7c:3a:22:0e:c3:c5:f4:22:a0:21:4b:48:e2:d9:9e:a0:
         c6:d4:2f:7e:f2:71:14:7f:c5:6d:c7:11:11:82:e3:5d:da:e5:
         8f:87:84:dc:27:fd:19:77:5b:e1:70:14:0f:a6:f0:6d:46:80:
         78:d2:4f:f4:c9:51:74:01:ec:f3:e7:a4:53:6a:56:20:32:90:
         b0:9a:cb:7f:01:3e:1d:49:f1:1e:5d:55:2f:9b:c4:3d:5d:22:
         59:31:32:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2v7HYkYV3DbdEwxw5jawMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZjJlMzViM2M1NTliNmQ4NDM2NjdjYWQ1ZGFjNjc0ZTAx
Yjk2YzMwHhcNMjQwMTAxMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjE0MzYwOTJhYzNlZWQxMzAzMzdmMWJiYTFhNDY1YWZhNzJmYzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoCXpjMidQko8kWxQfnh0p1Q7ybB
92WlNawIyNn2kmmj+jIr5i3yytnQaU8YhiiBXnHn4DXiLjEUs9OAqBYT/iZWlkl9
Yqs25l03jc8Q6F4z9eCJ7BJRAVPnFxHvmXcIgAkwwtgVCzk4TbbDvKS1Wv2CLH0e
wMLQFZR5ZZlWUbb6a9papxQtR0Fd4PZZF+h5NIA7GIYM9kh+I/zuZVIPsZTfMU6v
uTurcrYJ/LxUOMvWkYR+ekTm6IrdxOYwG9ozH0hQQtTX1iNq//A1u8yMZfMscXPH
zLjbEfgqBBdm8zP+Txsd31Gx4YNpAQC2XEfWVyJ+3c4U4nPzLcilNblfBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKYUNgkqw+7RMDN/G7oaRlr6cvyIMB8GA1UdIwQY
MBaAFBHy41s8VZtthDZnytXaxnTgG5bDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWZMald6eFZtMjJFTm1mSzFkckdkT0FibHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi85OWQ2OGUtMjdjMy00YjJkLTk1ZjUt
MjUwYTllNjcwOGQwLzEvcGhRMkNTckQ3dEV3TTM4YnVocEdXdnB5X0lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi85OWQ2OGUtMjdjMy00YjJkLTk1ZjUtMjUwYTllNjcwOGQw
LzEvRWZMald6eFZtMjJFTm1mSzFkckdkT0FibHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkRYMA0G
CSqGSIb3DQEBCwUAA4IBAQBazaUY/lkwlTcQqhw0nmTirPHUcklJWwl5Kb2AdeRG
AYEDVajv4wG+7rIoCEG0cCI2Rqz2YvONcRfo1T2oluBUAZfWGX6s4A1Zl2X1y2LY
+r2iSWxsA+DWzVDg6UwFV8UXY7R0/khluBPfDLYb/M3PQZknjjcHKTcmqJIGZ1nH
lxeHmmzBtP9x1J+iqz8itLTKR89orM1H1q4cfEHC+2H7JJXcP3w6Ig7DxfQioCFL
SOLZnqDG1C9+8nEUf8VtxxERguNd2uWPh4TcJ/0Zd1vhcBQPpvBtRoB40k/0yVF0
Aezz56RTalYgMpCwmst/AT4dSfEeXVUvm8Q9XSJZMTJI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:57 2024 by rpki-client on console-ams.rpki-client.org