Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/abd12f-1d66-412f-9be2-28cb3bbf05ae/1/mOkBRMGwhH5lRYikQWJo2c_jvcg.roa
File:                     mOkBRMGwhH5lRYikQWJo2c_jvcg.roa (raw, json)
Hash identifier:          ePk1659rOaEZdp1FBL6B8fhmh0y7Ne8ppcoQyTjPKPE=
Subject key identifier:   98:E9:01:44:C1:B0:84:7E:65:45:88:A4:41:62:68:D9:CF:E3:BD:C8
Certificate issuer:       /CN=df9c64e170b7f255d7ca30035d6532c8957eb169
Certificate serial:       01856EEFD39877BD37DF1359767EF69F247A
Authority key identifier: DF:9C:64:E1:70:B7:F2:55:D7:CA:30:03:5D:65:32:C8:95:7E:B1:69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/35xk4XC38lXXyjADXWUyyJV-sWk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/abd12f-1d66-412f-9be2-28cb3bbf05ae/1/mOkBRMGwhH5lRYikQWJo2c_jvcg.roa
Signing time:             Sun 01 Jan 2023 20:04:49 +0000
ROA not before:           Sun 01 Jan 2023 20:04:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57208
IP address blocks:        62.201.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:ef:d3:98:77:bd:37:df:13:59:76:7e:f6:9f:24:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df9c64e170b7f255d7ca30035d6532c8957eb169
        Validity
            Not Before: Jan  1 20:04:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=98e90144c1b0847e654588a4416268d9cfe3bdc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:5e:2f:ec:94:c1:4d:ae:80:37:6d:72:7c:09:
                    f4:29:27:5f:07:2c:49:19:33:02:6a:8e:2a:4a:7a:
                    7e:36:a8:45:e5:1d:22:81:bc:00:2f:5b:53:d4:af:
                    fd:b3:58:44:9b:85:ed:95:6c:fc:48:5d:09:1d:43:
                    b2:fe:e9:c0:84:e4:38:bd:af:23:a5:2a:40:34:d7:
                    1c:ca:6d:a1:bf:13:ac:fe:f0:98:ac:ab:81:09:58:
                    45:dc:dd:8d:c9:20:74:4b:bf:b3:64:d9:00:f0:bb:
                    a3:e8:e2:62:61:29:d8:2b:11:b0:be:4d:32:1c:f0:
                    1e:23:19:30:37:f5:ef:30:ae:a3:47:2c:09:f8:36:
                    a6:44:01:cc:33:f0:cb:96:1c:b4:b8:b7:87:5d:5d:
                    12:52:40:6c:50:02:25:0f:ca:46:6f:17:a4:82:4c:
                    fa:22:e3:19:3b:5a:6a:aa:84:10:29:99:b2:b8:5e:
                    cf:91:fc:a0:35:c3:24:e0:32:84:96:4f:e1:fb:b3:
                    14:90:4a:b3:d3:ae:3e:1b:d5:49:b5:49:eb:11:9f:
                    17:c7:b7:2b:65:e6:c0:67:a8:c4:03:51:48:7b:f8:
                    4a:5d:ec:79:07:d3:51:a2:b5:18:1d:4a:ed:83:c8:
                    bd:f6:ce:ea:c9:ed:48:61:d2:98:7b:cc:04:07:5a:
                    4f:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:E9:01:44:C1:B0:84:7E:65:45:88:A4:41:62:68:D9:CF:E3:BD:C8
            X509v3 Authority Key Identifier:
                keyid:DF:9C:64:E1:70:B7:F2:55:D7:CA:30:03:5D:65:32:C8:95:7E:B1:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/35xk4XC38lXXyjADXWUyyJV-sWk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/abd12f-1d66-412f-9be2-28cb3bbf05ae/1/mOkBRMGwhH5lRYikQWJo2c_jvcg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/abd12f-1d66-412f-9be2-28cb3bbf05ae/1/35xk4XC38lXXyjADXWUyyJV-sWk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.201.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:ee:87:a1:e3:b3:56:be:32:6b:f3:23:fb:e4:f2:ec:99:de:
         18:ef:c9:83:23:69:55:05:75:c2:c1:73:c4:a1:3e:14:2f:68:
         e1:be:3d:e5:ec:21:23:31:66:82:f1:ff:4a:8d:b3:6a:50:d5:
         c9:13:93:1b:db:e3:ae:b5:8a:78:ef:72:da:9c:4a:6e:dc:92:
         da:21:55:37:48:b5:71:3e:c7:17:74:8c:30:6c:44:27:9d:6c:
         51:da:c0:f2:59:31:3f:82:b2:6d:92:5f:3c:0e:55:48:f4:2b:
         dd:96:84:38:b4:7d:28:58:13:42:68:09:58:57:1a:0c:89:cb:
         ba:7f:81:1d:11:e3:03:54:fc:c9:18:f0:a0:36:df:fe:49:e6:
         c1:bc:38:ef:39:33:c8:e7:32:d3:5e:f1:c4:1a:b8:20:32:89:
         41:bb:e5:95:9e:d7:6e:c7:3d:63:1a:2d:36:36:9d:71:05:7d:
         6d:4a:54:79:90:dd:44:27:18:b2:2d:c6:3f:e6:d8:2e:c4:74:
         0d:97:1a:f1:7b:17:8d:67:f0:76:35:d4:21:2b:7e:05:be:6d:
         7b:80:23:86:07:a7:5e:ee:1e:6b:b3:32:c6:06:7a:5b:50:67:
         2a:09:d7:1f:c7:45:1a:e6:4c:33:6c:a4:77:46:14:1f:06:db:
         41:83:02:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu79OYd7033xNZdn72nyR6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOWM2NGUxNzBiN2YyNTVkN2NhMzAwMzVkNjUzMmM4OTU3
ZWIxNjkwHhcNMjMwMTAxMjAwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGU5MDE0NGMxYjA4NDdlNjU0NTg4YTQ0MTYyNjhkOWNmZTNiZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo14v7JTBTa6AN21yfAn0KSdfByxJ
GTMCao4qSnp+NqhF5R0igbwAL1tT1K/9s1hEm4XtlWz8SF0JHUOy/unAhOQ4va8j
pSpANNccym2hvxOs/vCYrKuBCVhF3N2NySB0S7+zZNkA8Luj6OJiYSnYKxGwvk0y
HPAeIxkwN/XvMK6jRywJ+DamRAHMM/DLlhy0uLeHXV0SUkBsUAIlD8pGbxekgkz6
IuMZO1pqqoQQKZmyuF7PkfygNcMk4DKElk/h+7MUkEqz064+G9VJtUnrEZ8Xx7cr
ZebAZ6jEA1FIe/hKXex5B9NRorUYHUrtg8i99s7qye1IYdKYe8wEB1pPewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJjpAUTBsIR+ZUWIpEFiaNnP473IMB8GA1UdIwQY
MBaAFN+cZOFwt/JV18owA11lMsiVfrFpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzV4azRYQzM4bFhYeWpBRFhXVXl5SlYtc1drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9hYmQxMmYtMWQ2Ni00MTJmLTliZTIt
MjhjYjNiYmYwNWFlLzEvbU9rQlJNR3doSDVsUllpa1FXSm8yY19qdmNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9hYmQxMmYtMWQ2Ni00MTJmLTliZTItMjhjYjNiYmYwNWFl
LzEvMzV4azRYQzM4bFhYeWpBRFhXVXl5SlYtc1drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPskqMA0G
CSqGSIb3DQEBCwUAA4IBAQB67oeh47NWvjJr8yP75PLsmd4Y78mDI2lVBXXCwXPE
oT4UL2jhvj3l7CEjMWaC8f9KjbNqUNXJE5Mb2+OutYp473LanEpu3JLaIVU3SLVx
PscXdIwwbEQnnWxR2sDyWTE/grJtkl88DlVI9CvdloQ4tH0oWBNCaAlYVxoMicu6
f4EdEeMDVPzJGPCgNt/+SebBvDjvOTPI5zLTXvHEGrggMolBu+WVntduxz1jGi02
Np1xBX1tSlR5kN1EJxiyLcY/5tguxHQNlxrxexeNZ/B2NdQhK34Fvm17gCOGB6de
7h5rszLGBnpbUGcqCdcfx0Ua5kwzbKR3RhQfBttBgwIt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:00 2024 by rpki-client on console-ams.rpki-client.org