Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/7QUuKCib5RWN-5k0VwVJ8swqqUE.roa
File:                     7QUuKCib5RWN-5k0VwVJ8swqqUE.roa (raw, json)
Hash identifier:          ANsA8/qVwcx31z59thc90GKwr6Zrz0kKzGYgT3cK/O8=
Subject key identifier:   ED:05:2E:28:28:9B:E5:15:8D:FB:99:34:57:05:49:F2:CC:2A:A9:41
Certificate issuer:       /CN=12fd558a64e97586a43dc7ee50a8d6b292365b60
Certificate serial:       018CC3B6CC5D6F3065015C7748B3B21508BB
Authority key identifier: 12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/7QUuKCib5RWN-5k0VwVJ8swqqUE.roa
Signing time:             Mon 01 Jan 2024 06:29:46 +0000
ROA not before:           Mon 01 Jan 2024 06:29:46 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        62.3.54.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 23 Jan 2024 15:02:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:cc:5d:6f:30:65:01:5c:77:48:b3:b2:15:08:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=12fd558a64e97586a43dc7ee50a8d6b292365b60
        Validity
            Not Before: Jan  1 06:29:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ed052e28289be5158dfb9934570549f2cc2aa941
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:40:75:15:74:72:60:2f:59:b5:95:a6:da:52:
                    78:eb:22:fb:ab:16:7c:8e:c5:1e:e4:8f:37:2b:1e:
                    3e:63:f8:64:56:07:f8:af:93:c8:ab:7d:90:f8:13:
                    fd:de:e3:32:12:ce:d2:3e:05:79:a8:e4:d5:51:6f:
                    ed:76:45:25:f4:70:15:a3:62:3d:1c:37:14:0a:af:
                    02:78:d3:1b:21:cf:62:53:9e:c8:4a:e6:2f:99:30:
                    15:4c:75:5a:93:01:78:26:dd:3c:e1:e5:f5:5c:96:
                    fe:14:b7:a5:07:47:64:61:00:37:60:25:60:ef:2c:
                    9e:a7:71:c3:ca:81:22:8a:96:52:9c:a7:d4:0c:68:
                    53:73:7e:96:14:e4:27:f0:80:c7:1f:54:3f:fd:a7:
                    47:45:f3:c2:e4:43:1e:ce:4f:52:a9:2b:d1:2d:ee:
                    a2:a7:53:8c:99:fe:01:ea:ba:b6:9a:52:bd:10:4e:
                    ef:e3:72:dd:a5:26:98:03:25:36:04:bc:69:51:e6:
                    a0:4f:6d:0f:41:8a:11:ee:1a:72:39:e6:9a:55:73:
                    8e:66:0e:5d:b6:30:64:91:c5:b3:43:4c:a3:90:ab:
                    e5:8b:e5:97:fc:f1:89:e3:23:67:87:70:31:65:02:
                    23:57:81:43:b9:19:47:52:a9:21:d0:04:74:f2:28:
                    88:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:05:2E:28:28:9B:E5:15:8D:FB:99:34:57:05:49:F2:CC:2A:A9:41
            X509v3 Authority Key Identifier:
                keyid:12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/7QUuKCib5RWN-5k0VwVJ8swqqUE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/Ev1VimTpdYakPcfuUKjWspI2W2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.3.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:02:70:3c:96:ca:85:db:da:86:b0:89:f7:e1:22:20:9d:10:
         44:57:c9:9b:10:b8:12:73:6b:96:0d:7a:cb:24:cf:7c:a1:e3:
         dc:2a:51:5a:28:3a:d3:82:71:c2:2f:06:42:a2:80:cc:c2:72:
         9f:fa:0d:80:44:e3:e7:ac:bc:10:c8:4e:e1:12:75:1b:bd:02:
         ab:1b:6b:69:c4:ca:0f:b3:54:b5:36:f9:bc:38:49:ef:79:7d:
         44:48:e3:d5:24:45:b7:05:0c:21:81:3d:a5:a0:03:74:b5:b7:
         57:b5:bf:08:0f:4c:5d:f9:ff:21:aa:ad:80:46:39:df:be:4d:
         82:5d:00:71:61:14:39:90:1d:cc:25:a7:2a:c6:68:f6:dd:73:
         bc:ed:93:aa:71:6b:8c:b2:76:13:cd:4a:d0:42:54:1a:b4:23:
         9b:49:4f:30:4a:c7:02:b3:8e:53:6d:8c:9e:bb:5a:74:bb:47:
         c1:02:1e:7a:ed:a1:26:56:72:83:d7:12:bc:5a:f7:3e:69:94:
         1e:99:e9:78:3f:5d:35:92:54:80:ae:02:14:d3:18:82:e5:a9:
         85:7d:b1:9e:13:c7:7c:8b:89:76:f8:29:2e:06:1a:68:dc:5d:
         b4:e5:db:0e:a7:67:6d:9b:df:d6:59:3e:c0:d7:87:c5:84:b0:
         20:f7:5f:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtsxdbzBlAVx3SLOyFQi7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZmQ1NThhNjRlOTc1ODZhNDNkYzdlZTUwYThkNmIyOTIz
NjViNjAwHhcNMjQwMTAxMDYyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDA1MmUyODI4OWJlNTE1OGRmYjk5MzQ1NzA1NDlmMmNjMmFhOTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkB1FXRyYC9ZtZWm2lJ46yL7qxZ8
jsUe5I83Kx4+Y/hkVgf4r5PIq32Q+BP93uMyEs7SPgV5qOTVUW/tdkUl9HAVo2I9
HDcUCq8CeNMbIc9iU57ISuYvmTAVTHVakwF4Jt084eX1XJb+FLelB0dkYQA3YCVg
7yyep3HDyoEiipZSnKfUDGhTc36WFOQn8IDHH1Q//adHRfPC5EMezk9SqSvRLe6i
p1OMmf4B6rq2mlK9EE7v43LdpSaYAyU2BLxpUeagT20PQYoR7hpyOeaaVXOOZg5d
tjBkkcWzQ0yjkKvli+WX/PGJ4yNnh3AxZQIjV4FDuRlHUqkh0AR08iiIswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO0FLigom+UVjfuZNFcFSfLMKqlBMB8GA1UdIwQY
MBaAFBL9VYpk6XWGpD3H7lCo1rKSNltgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMt
MjRkOGU3NDdjMzhmLzEvN1FVdUtDaWI1UldOLTVrMFZ3Vko4c3dxcVVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMtMjRkOGU3NDdjMzhm
LzEvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPgM2MA0G
CSqGSIb3DQEBCwUAA4IBAQATAnA8lsqF29qGsIn34SIgnRBEV8mbELgSc2uWDXrL
JM98oePcKlFaKDrTgnHCLwZCooDMwnKf+g2AROPnrLwQyE7hEnUbvQKrG2tpxMoP
s1S1Nvm8OEnveX1ESOPVJEW3BQwhgT2loAN0tbdXtb8ID0xd+f8hqq2ARjnfvk2C
XQBxYRQ5kB3MJacqxmj23XO87ZOqcWuMsnYTzUrQQlQatCObSU8wSscCs45TbYye
u1p0u0fBAh567aEmVnKD1xK8Wvc+aZQemel4P101klSArgIU0xiC5amFfbGeE8d8
i4l2+CkuBhpo3F205dsOp2dtm9/WWT7A14fFhLAg91/U
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:50 2024 by rpki-client on console-ams.rpki-client.org