Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/cF6kxuXuZfqPpXjwuB4kLLzekLM.roa
File:                     cF6kxuXuZfqPpXjwuB4kLLzekLM.roa (raw, json)
Hash identifier:          4z60UJsrsDwOoyso5RqZHHiJbJd8HJTirb7/KgZOl7I=
Subject key identifier:   70:5E:A4:C6:E5:EE:65:FA:8F:A5:78:F0:B8:1E:24:2C:BC:DE:90:B3
Certificate issuer:       /CN=27f5180f9b93ae7573c08a894bd452bd77ce56cd
Certificate serial:       018572FA5CE8703EFF362C1DF7A8672BD57B
Authority key identifier: 27:F5:18:0F:9B:93:AE:75:73:C0:8A:89:4B:D4:52:BD:77:CE:56:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J_UYD5uTrnVzwIqJS9RSvXfOVs0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/cF6kxuXuZfqPpXjwuB4kLLzekLM.roa
Signing time:             Mon 02 Jan 2023 14:54:48 +0000
ROA not before:           Mon 02 Jan 2023 14:54:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15623
IP address blocks:        193.247.205.0/24 maxlen: 24
                          193.246.253.0/24 maxlen: 24
                          212.45.192.0/19 maxlen: 19
                          195.226.0.0/19 maxlen: 19
                          213.189.128.0/19 maxlen: 19
                          217.75.16.0/21 maxlen: 21
                          217.75.24.0/21 maxlen: 21
                          212.55.192.0/19 maxlen: 19
                          213.158.128.0/19 maxlen: 19
                          195.144.160.0/19 maxlen: 19
                          62.12.128.0/17 maxlen: 17
                          217.14.64.0/20 maxlen: 20
                          193.5.123.0/24 maxlen: 24
                          2001:8a8::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:fa:5c:e8:70:3e:ff:36:2c:1d:f7:a8:67:2b:d5:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27f5180f9b93ae7573c08a894bd452bd77ce56cd
        Validity
            Not Before: Jan  2 14:54:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=705ea4c6e5ee65fa8fa578f0b81e242cbcde90b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:fb:ce:e7:da:7a:56:f3:92:f7:4c:81:d5:3f:
                    6a:22:e9:5e:8b:41:0f:a5:62:f7:15:54:31:db:4a:
                    ca:a6:bd:27:89:d8:85:e6:d1:65:8b:91:c5:b0:17:
                    9a:89:a4:a0:b4:60:ea:66:2b:a0:88:ad:a2:fa:34:
                    43:23:2b:f7:a0:71:cf:bc:70:16:59:94:fc:13:62:
                    e0:8a:b9:92:c0:e8:3a:5c:6d:07:6a:2c:1b:a4:85:
                    01:17:e1:0f:82:fa:c6:ed:e9:9a:88:40:1f:6d:67:
                    d3:81:e3:ba:58:02:cb:02:3f:7f:9d:6a:e7:4f:52:
                    4d:f3:b2:ea:f0:e7:8c:17:c7:e1:0f:42:81:dd:10:
                    dc:56:92:e0:55:81:ad:ae:94:42:72:58:91:28:ab:
                    b1:f2:65:0a:4a:d3:d0:7b:cb:a5:28:dd:79:a2:7f:
                    66:74:19:0d:61:0f:4e:37:4e:2e:50:7b:61:73:80:
                    8d:f3:20:80:3f:45:3e:c6:b9:c3:9e:16:45:9f:7d:
                    b6:e2:e6:8f:ca:09:43:a4:41:ef:5f:d1:44:3e:1a:
                    28:aa:7a:85:42:c2:9b:18:50:2e:9d:46:5b:2d:74:
                    a3:f5:ca:c8:bb:5c:0c:1c:87:6d:23:d9:f0:ba:9d:
                    34:30:4a:ff:07:b0:47:72:79:76:ca:10:39:7c:c4:
                    37:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:5E:A4:C6:E5:EE:65:FA:8F:A5:78:F0:B8:1E:24:2C:BC:DE:90:B3
            X509v3 Authority Key Identifier:
                keyid:27:F5:18:0F:9B:93:AE:75:73:C0:8A:89:4B:D4:52:BD:77:CE:56:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J_UYD5uTrnVzwIqJS9RSvXfOVs0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/cF6kxuXuZfqPpXjwuB4kLLzekLM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/J_UYD5uTrnVzwIqJS9RSvXfOVs0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.12.128.0/17
                  193.5.123.0/24
                  193.246.253.0/24
                  193.247.205.0/24
                  195.144.160.0/19
                  195.226.0.0/19
                  212.45.192.0/19
                  212.55.192.0/19
                  213.158.128.0/19
                  213.189.128.0/19
                  217.14.64.0/20
                  217.75.16.0/20
                IPv6:
                  2001:8a8::/32

    Signature Algorithm: sha256WithRSAEncryption
         0c:ef:9f:f8:f9:96:81:48:ea:cb:c3:1a:b7:28:3b:c7:a2:6d:
         0c:42:5a:b1:b5:23:b1:0f:9b:69:f2:9a:ea:35:c2:85:5d:45:
         85:6e:22:78:11:0e:1d:fb:1c:90:0d:d6:3a:35:ca:af:8e:82:
         3c:f8:a5:c6:5e:17:3a:f3:db:68:77:bb:f1:a9:9f:ad:a1:72:
         1a:64:4d:1f:b1:51:97:01:b2:41:aa:20:6b:53:a3:ef:e8:28:
         15:85:d7:6d:e6:54:af:02:85:8c:5d:94:9d:ed:23:59:a9:df:
         08:33:a8:05:29:70:bb:a0:06:b1:98:b2:0b:a8:ee:98:b4:2e:
         80:0b:5d:a0:3b:48:82:21:81:16:24:b2:56:50:78:2b:40:a4:
         6c:9f:df:32:4d:f7:77:06:24:9e:56:ec:93:16:dd:d1:e2:5d:
         97:e1:90:7e:2d:af:27:d9:f8:e6:75:50:3e:e2:7e:42:5d:3b:
         68:e0:2b:3e:1f:e4:78:db:49:9e:f2:25:af:01:e4:59:59:bb:
         ff:ad:5f:21:0c:a1:96:6a:e0:96:86:59:43:1e:9a:87:2a:9b:
         00:4a:8a:95:cf:66:90:58:8d:77:23:9b:75:1e:8b:3b:21:a3:
         ec:ea:fc:5b:d9:cb:c2:fb:b1:13:59:d3:1a:b3:31:ba:19:4f:
         31:38:4f:59
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYVy+lzocD7/Niwd96hnK9V7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZjUxODBmOWI5M2FlNzU3M2MwOGE4OTRiZDQ1MmJkNzdj
ZTU2Y2QwHhcNMjMwMTAyMTQ1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDVlYTRjNmU1ZWU2NWZhOGZhNTc4ZjBiODFlMjQyY2JjZGU5MGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPvO59p6VvOS90yB1T9qIulei0EP
pWL3FVQx20rKpr0nidiF5tFli5HFsBeaiaSgtGDqZiugiK2i+jRDIyv3oHHPvHAW
WZT8E2LgirmSwOg6XG0HaiwbpIUBF+EPgvrG7emaiEAfbWfTgeO6WALLAj9/nWrn
T1JN87Lq8OeMF8fhD0KB3RDcVpLgVYGtrpRCcliRKKux8mUKStPQe8ulKN15on9m
dBkNYQ9ON04uUHthc4CN8yCAP0U+xrnDnhZFn3224uaPyglDpEHvX9FEPhooqnqF
QsKbGFAunUZbLXSj9crIu1wMHIdtI9nwup00MEr/B7BHcnl2yhA5fMQ3pwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFHBepMbl7mX6j6V48LgeJCy83pCzMB8GA1UdIwQY
MBaAFCf1GA+bk651c8CKiUvUUr13zlbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSl9VWUQ1dVRyblZ6d0lxSlM5UlN2WGZPVnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lMWI4NGItMzlhNi00YWM4LWJlNjMt
MzBmZWUyN2U4NGNiLzEvY0Y2a3h1WHVaZnFQcFhqd3VCNGtMTHpla0xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lMWI4NGItMzlhNi00YWM4LWJlNjMtMzBmZWUyN2U4NGNi
LzEvSl9VWUQ1dVRyblZ6d0lxSlM5UlN2WGZPVnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQHPgyAAwQA
wQV7AwQAwfb9AwQAwffNAwQFw5CgAwQFw+IAAwQF1C3AAwQF1DfAAwQF1Z6AAwQF
1b2AAwQE2Q5AAwQE2UsQMA0EAgACMAcDBQAgAQioMA0GCSqGSIb3DQEBCwUAA4IB
AQAM75/4+ZaBSOrLwxq3KDvHom0MQlqxtSOxD5tp8prqNcKFXUWFbiJ4EQ4d+xyQ
DdY6NcqvjoI8+KXGXhc689tod7vxqZ+toXIaZE0fsVGXAbJBqiBrU6Pv6CgVhddt
5lSvAoWMXZSd7SNZqd8IM6gFKXC7oAaxmLILqO6YtC6AC12gO0iCIYEWJLJWUHgr
QKRsn98yTfd3BiSeVuyTFt3R4l2X4ZB+La8n2fjmdVA+4n5CXTto4Cs+H+R420me
8iWvAeRZWbv/rV8hDKGWauCWhllDHpqHKpsASoqVz2aQWI13I5t1Hos7IaPs6vxb
2cvC+7ETWdMaszG6GU8xOE9Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:00 2024 by rpki-client on console-ams.rpki-client.org