Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/aTBZLf8aqh5MZIIzSzinTTrZ2vw.roa
File:                     aTBZLf8aqh5MZIIzSzinTTrZ2vw.roa (raw, json)
Hash identifier:          6Yva8uCUgFI91dRzOHfOQ+AZZ4e0jDtaVkEu99ULd7I=
Subject key identifier:   69:30:59:2D:FF:1A:AA:1E:4C:64:82:33:4B:38:A7:4D:3A:D9:DA:FC
Certificate issuer:       /CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Certificate serial:       018A1974951560E74AAE93347EDE01399577
Authority key identifier: 60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/aTBZLf8aqh5MZIIzSzinTTrZ2vw.roa
Signing time:             Mon 21 Aug 2023 18:56:25 +0000
ROA not before:           Mon 21 Aug 2023 18:56:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200482
IP address blocks:        212.11.64.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:19:74:95:15:60:e7:4a:ae:93:34:7e:de:01:39:95:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
        Validity
            Not Before: Aug 21 18:56:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6930592dff1aaa1e4c6482334b38a74d3ad9dafc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:cc:53:3b:01:9d:76:ca:37:37:e1:76:4f:a9:
                    5c:16:88:33:94:de:37:f4:ef:ac:5f:c2:aa:c6:63:
                    96:d5:3b:38:47:54:07:07:50:e7:71:12:1a:25:13:
                    d0:4d:a5:4d:8e:4b:37:49:7b:e9:0e:be:16:57:cb:
                    9f:64:be:77:3f:02:bc:6f:14:c9:17:e5:0f:cc:25:
                    69:a3:f9:44:7f:12:70:8a:f6:c8:2d:26:6f:10:b3:
                    55:f6:16:7d:87:57:ea:58:8e:7c:6a:99:a4:5e:b2:
                    10:07:42:bd:64:4a:18:83:b6:eb:b8:3c:d8:f1:74:
                    71:52:12:16:97:43:60:c8:43:63:14:21:7b:51:a5:
                    b4:f8:84:40:38:d4:8b:55:61:3a:7b:5f:6b:1e:72:
                    88:20:24:53:d4:3a:12:28:91:ee:33:87:18:f1:57:
                    9f:07:8c:43:11:e9:f2:08:62:27:50:0b:81:f4:2d:
                    98:43:82:40:56:b5:e3:90:ce:d2:76:54:1b:f0:60:
                    1c:65:8c:30:93:41:61:9c:af:81:53:88:40:0e:3a:
                    d1:48:2f:05:96:2d:20:ee:d9:e8:60:2c:34:fd:38:
                    d0:78:03:ce:a4:70:93:c3:41:cc:e6:e7:b6:5f:22:
                    4f:cc:78:08:f6:58:e0:72:95:12:b4:d4:1b:86:98:
                    b4:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:30:59:2D:FF:1A:AA:1E:4C:64:82:33:4B:38:A7:4D:3A:D9:DA:FC
            X509v3 Authority Key Identifier:
                keyid:60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/aTBZLf8aqh5MZIIzSzinTTrZ2vw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.11.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:51:6a:ee:8c:ed:5f:cf:c2:02:2c:34:0f:4e:69:00:d7:a0:
         1f:24:11:5d:e8:1a:3d:82:fc:ae:6d:37:cd:dc:07:96:46:a5:
         47:b3:48:36:91:de:14:59:36:aa:10:d9:8e:51:0a:e0:41:8c:
         93:73:d0:1a:cd:3b:af:81:85:67:07:cc:03:d7:63:08:9e:86:
         39:98:fe:fe:fd:40:ee:3e:d3:92:71:57:4a:4b:2e:f5:5f:e0:
         4c:e7:95:14:42:44:78:92:67:3f:d7:ac:cc:89:bf:e3:14:a4:
         2a:71:7f:3c:a2:47:06:fd:ce:68:d5:97:b9:a4:0a:50:86:e9:
         73:7e:1e:da:e0:55:cf:61:17:56:b2:5a:aa:66:97:b0:fc:39:
         96:da:82:a0:d5:da:d1:53:8c:b8:bf:41:b6:09:44:f0:4c:38:
         e1:e5:87:12:0f:29:58:cb:81:6d:cb:c0:86:77:53:26:c6:32:
         02:f7:5c:48:95:23:0b:8a:cd:4a:6a:84:b7:b7:e0:56:2e:ac:
         e3:9a:49:b6:c6:d1:92:42:0d:64:91:c7:89:2a:fc:42:9a:ca:
         f6:62:aa:86:65:51:3f:2f:b9:07:fb:0c:aa:b9:e8:e5:ef:46:
         8d:5e:f4:e3:5f:90:ab:2e:81:7e:6e:e4:c2:fc:21:df:50:22:
         14:77:4d:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoZdJUVYOdKrpM0ft4BOZV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTk4ZDNjOWQ4YmRjOWMxZGZmOGUzMTk0MjQ0MTJiNmNk
YzFkZDMwHhcNMjMwODIxMTg1NjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTMwNTkyZGZmMWFhYTFlNGM2NDgyMzM0YjM4YTc0ZDNhZDlkYWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncxTOwGddso3N+F2T6lcFogzlN43
9O+sX8KqxmOW1Ts4R1QHB1DncRIaJRPQTaVNjks3SXvpDr4WV8ufZL53PwK8bxTJ
F+UPzCVpo/lEfxJwivbILSZvELNV9hZ9h1fqWI58apmkXrIQB0K9ZEoYg7bruDzY
8XRxUhIWl0NgyENjFCF7UaW0+IRAONSLVWE6e19rHnKIICRT1DoSKJHuM4cY8Vef
B4xDEenyCGInUAuB9C2YQ4JAVrXjkM7SdlQb8GAcZYwwk0FhnK+BU4hADjrRSC8F
li0g7tnoYCw0/TjQeAPOpHCTw0HM5ue2XyJPzHgI9ljgcpUStNQbhpi0rwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGkwWS3/GqoeTGSCM0s4p0062dr8MB8GA1UdIwQY
MBaAFGCZjTydi9ycHf+OMZQkQSts3B3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWIt
MGVhNGQ1MzFiNzkzLzEvYVRCWkxmOGFxaDVNWklJelN6aW5UVHJaMnZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWItMGVhNGQ1MzFiNzkz
LzEvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1AtAMA0G
CSqGSIb3DQEBCwUAA4IBAQC0UWrujO1fz8ICLDQPTmkA16AfJBFd6Bo9gvyubTfN
3AeWRqVHs0g2kd4UWTaqENmOUQrgQYyTc9AazTuvgYVnB8wD12MInoY5mP7+/UDu
PtOScVdKSy71X+BM55UUQkR4kmc/16zMib/jFKQqcX88okcG/c5o1Ze5pApQhulz
fh7a4FXPYRdWslqqZpew/DmW2oKg1drRU4y4v0G2CUTwTDjh5YcSDylYy4Fty8CG
d1MmxjIC91xIlSMLis1KaoS3t+BWLqzjmkm2xtGSQg1kkceJKvxCmsr2YqqGZVE/
L7kH+wyquejl70aNXvTjX5CrLoF+buTC/CHfUCIUd03Y
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:47 2024 by rpki-client on console-ams.rpki-client.org