Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/oqHnRDRdhuX3E8cmEu9lTLMjIE0.roa
File:                     oqHnRDRdhuX3E8cmEu9lTLMjIE0.roa (raw, json)
Hash identifier:          IaGon+87IRv28/xJ0VYPM80hMhFix1yzYJf3rxW2WLM=
Subject key identifier:   A2:A1:E7:44:34:5D:86:E5:F7:13:C7:26:12:EF:65:4C:B3:23:20:4D
Certificate issuer:       /CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Certificate serial:       018CD5FD2CE4101EF54847192AA232B86E50
Authority key identifier: 60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/oqHnRDRdhuX3E8cmEu9lTLMjIE0.roa
Signing time:             Thu 04 Jan 2024 19:39:48 +0000
ROA not before:           Thu 04 Jan 2024 19:39:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     13335
IP address blocks:        192.35.206.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 23 May 2024 15:11:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:d5:fd:2c:e4:10:1e:f5:48:47:19:2a:a2:32:b8:6e:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
        Validity
            Not Before: Jan  4 19:39:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a2a1e744345d86e5f713c72612ef654cb323204d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ea:1e:af:ff:15:57:59:f3:12:f1:2a:69:a4:
                    d4:30:8e:6c:a2:a6:35:d4:65:a5:c2:8f:1e:02:3c:
                    1e:71:38:8e:24:c5:bc:27:38:b7:d1:1b:fd:07:d2:
                    c6:00:57:3a:e3:fe:44:69:d6:cc:2f:17:14:6a:f1:
                    49:9b:17:c4:a0:e2:25:22:5f:8a:bf:29:c5:cd:96:
                    f5:01:e6:9f:ee:e9:db:5d:79:a7:40:c3:51:4e:3c:
                    43:bc:75:fe:68:34:37:ec:a1:0b:1c:95:5d:e1:67:
                    05:03:b4:6d:8a:1f:4a:e3:bf:96:18:e8:aa:0b:82:
                    f6:2c:14:13:ae:45:47:e7:d8:b8:b9:d4:73:f8:0f:
                    98:50:c1:5b:91:44:b6:dc:b7:87:7e:92:33:c2:da:
                    28:c5:1b:4b:ae:3d:3c:79:8f:65:98:41:41:1d:d2:
                    6d:a5:d8:91:1e:4b:6c:22:90:de:37:5b:c3:3c:e5:
                    94:38:99:f7:31:58:a2:99:69:83:da:41:44:29:34:
                    24:b9:4b:b5:3e:79:9c:3f:d4:fa:70:52:77:35:86:
                    89:ed:d1:0b:6d:ac:88:0f:5c:17:8e:13:85:63:03:
                    bf:a9:86:06:f7:77:bf:18:ce:74:a0:94:ab:96:c1:
                    d6:8f:8e:4e:7f:73:aa:4d:7f:c8:0c:07:f4:40:16:
                    e4:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:A1:E7:44:34:5D:86:E5:F7:13:C7:26:12:EF:65:4C:B3:23:20:4D
            X509v3 Authority Key Identifier:
                keyid:60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/oqHnRDRdhuX3E8cmEu9lTLMjIE0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.35.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:2a:db:0a:00:5f:b6:40:b2:0a:f6:53:02:ff:ef:b1:a4:94:
         7b:5a:9e:c0:e3:13:4a:6e:e9:af:3e:50:1d:97:55:fa:fe:17:
         a2:db:b0:f9:4d:fc:ae:9a:b3:ce:51:2f:7b:2c:2a:21:66:bb:
         33:cc:89:4c:8d:df:4d:d1:f7:2a:d2:18:73:c0:d1:ef:02:2f:
         6c:25:f3:5e:52:29:35:7f:e0:c7:13:50:e3:73:bf:c8:4c:df:
         07:70:6a:d1:46:59:3c:9d:6c:03:f1:be:55:20:0d:f5:cd:5a:
         6c:1b:51:64:70:4c:9c:86:2f:86:b1:b5:5f:30:07:9d:9e:5e:
         56:f2:b1:df:9d:95:d6:11:52:aa:34:a8:4a:06:19:06:91:d2:
         d3:09:f4:a3:48:17:36:15:93:42:39:91:f7:3d:d2:43:03:8a:
         a1:17:6f:9c:35:72:89:bf:30:2e:90:04:c0:e0:9d:84:18:5d:
         c9:dc:8b:13:98:c0:e5:a2:e6:b9:5f:cc:80:e4:e9:f0:97:34:
         05:c2:0c:73:ab:9f:4e:af:2a:71:f6:3c:39:3f:b8:f8:90:bd:
         04:c7:ce:27:ad:e6:6c:6b:c7:7e:80:cd:55:7d:05:dc:7b:c7:
         a1:25:72:1c:77:cb:b3:12:75:93:5d:9d:66:60:83:4b:7c:7d:
         60:c4:a5:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzV/SzkEB71SEcZKqIyuG5QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTk4ZDNjOWQ4YmRjOWMxZGZmOGUzMTk0MjQ0MTJiNmNk
YzFkZDMwHhcNMjQwMTA0MTkzOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmExZTc0NDM0NWQ4NmU1ZjcxM2M3MjYxMmVmNjU0Y2IzMjMyMDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruoer/8VV1nzEvEqaaTUMI5soqY1
1GWlwo8eAjwecTiOJMW8Jzi30Rv9B9LGAFc64/5EadbMLxcUavFJmxfEoOIlIl+K
vynFzZb1Aeaf7unbXXmnQMNRTjxDvHX+aDQ37KELHJVd4WcFA7Rtih9K47+WGOiq
C4L2LBQTrkVH59i4udRz+A+YUMFbkUS23LeHfpIzwtooxRtLrj08eY9lmEFBHdJt
pdiRHktsIpDeN1vDPOWUOJn3MViimWmD2kFEKTQkuUu1PnmcP9T6cFJ3NYaJ7dEL
bayID1wXjhOFYwO/qYYG93e/GM50oJSrlsHWj45Of3OqTX/IDAf0QBbkUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKh50Q0XYbl9xPHJhLvZUyzIyBNMB8GA1UdIwQY
MBaAFGCZjTydi9ycHf+OMZQkQSts3B3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWIt
MGVhNGQ1MzFiNzkzLzEvb3FIblJEUmRodVgzRThjbUV1OWxUTE1qSUUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWItMGVhNGQ1MzFiNzkz
LzEvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwCPOMA0G
CSqGSIb3DQEBCwUAA4IBAQAdKtsKAF+2QLIK9lMC/++xpJR7Wp7A4xNKbumvPlAd
l1X6/hei27D5TfyumrPOUS97LCohZrszzIlMjd9N0fcq0hhzwNHvAi9sJfNeUik1
f+DHE1Djc7/ITN8HcGrRRlk8nWwD8b5VIA31zVpsG1FkcEychi+GsbVfMAednl5W
8rHfnZXWEVKqNKhKBhkGkdLTCfSjSBc2FZNCOZH3PdJDA4qhF2+cNXKJvzAukATA
4J2EGF3J3IsTmMDloua5X8yA5OnwlzQFwgxzq59Orypx9jw5P7j4kL0Ex84nreZs
a8d+gM1VfQXce8ehJXIcd8uzEnWTXZ1mYINLfH1gxKUg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:06 2024 by rpki-client on console-ams.rpki-client.org