Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/XnZK6JByQfDXFYQMpG7lKpqyVrI.roa
File:                     XnZK6JByQfDXFYQMpG7lKpqyVrI.roa (raw, json)
Hash identifier:          0fY2pPoHcH9FL5sSEz9i2ESUd/aQ+HPrxlUlp+HgQcY=
Subject key identifier:   5E:76:4A:E8:90:72:41:F0:D7:15:84:0C:A4:6E:E5:2A:9A:B2:56:B2
Certificate issuer:       /CN=12fd558a64e97586a43dc7ee50a8d6b292365b60
Certificate serial:       018F3F4068B05644BE823C0E249529B36196
Authority key identifier: 12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/XnZK6JByQfDXFYQMpG7lKpqyVrI.roa
Signing time:             Fri 03 May 2024 16:18:56 +0000
ROA not before:           Fri 03 May 2024 16:18:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        62.3.54.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 13 May 2024 12:56:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:3f:40:68:b0:56:44:be:82:3c:0e:24:95:29:b3:61:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=12fd558a64e97586a43dc7ee50a8d6b292365b60
        Validity
            Not Before: May  3 16:18:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5e764ae8907241f0d715840ca46ee52a9ab256b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:42:d9:aa:a5:81:56:c6:1c:83:af:81:72:c7:
                    1d:b3:33:a9:c5:03:f2:e7:31:5b:34:18:ea:bf:0f:
                    be:e4:9c:7f:4f:d4:10:95:99:98:46:59:11:4a:18:
                    a6:3e:cd:46:e2:a6:b2:c2:71:e6:ea:f9:76:7f:a6:
                    dd:ab:66:14:3c:60:ee:8a:70:6e:78:6f:49:91:8b:
                    48:dd:94:b1:aa:c3:8b:a4:24:1b:f9:ea:4b:33:bc:
                    69:0d:85:3d:c8:43:67:56:0b:90:09:7a:cd:3f:93:
                    92:65:18:e6:a8:84:dd:e8:a7:32:13:06:1b:65:29:
                    b8:50:0b:e9:21:c3:1f:36:3a:24:65:a7:91:95:aa:
                    85:b6:75:8e:93:08:a3:65:60:da:72:76:94:be:21:
                    d9:3d:64:4c:5c:dd:98:df:d2:40:6e:e4:b5:95:d5:
                    e8:68:e0:38:7c:9e:b2:10:eb:e7:45:da:11:0e:22:
                    41:51:2a:9a:43:5d:86:3e:34:22:26:48:28:15:25:
                    81:98:77:d4:02:3a:70:a4:c4:40:1f:c0:8c:56:da:
                    e3:cd:f8:fe:92:a0:c2:29:44:03:9f:de:05:93:f3:
                    01:cf:4f:ca:a6:35:8e:e8:e3:85:cc:6f:1a:05:99:
                    e2:3f:56:94:c7:de:51:0d:c2:60:38:b1:a9:54:a4:
                    c5:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:76:4A:E8:90:72:41:F0:D7:15:84:0C:A4:6E:E5:2A:9A:B2:56:B2
            X509v3 Authority Key Identifier:
                keyid:12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/XnZK6JByQfDXFYQMpG7lKpqyVrI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/Ev1VimTpdYakPcfuUKjWspI2W2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.3.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:46:c5:a1:7e:c1:d2:02:96:7c:9a:07:12:1f:72:f9:34:4f:
         3d:ad:e9:43:72:49:30:f5:c1:14:62:b8:93:c1:bd:99:d0:a0:
         c8:02:5d:79:b4:b0:06:da:ea:db:4d:88:88:7d:dc:f8:ea:bd:
         59:6d:0e:96:51:56:b1:ad:91:76:35:6a:3a:f8:96:1b:97:cd:
         b9:e4:b8:13:4a:6c:38:b9:41:49:6e:04:be:36:99:a8:8e:91:
         e6:8e:f4:e7:a9:0a:dd:ce:81:f5:3e:d0:81:c6:d0:d8:bf:96:
         8c:d4:0a:1a:ef:d1:a4:4f:5b:e4:b7:14:10:3e:5e:96:87:4a:
         79:29:1a:96:b5:24:60:21:dc:bb:08:9a:54:ba:0c:12:85:a1:
         ae:b1:60:8d:10:24:38:d7:0e:73:70:89:89:a2:8d:4f:37:fe:
         28:36:bf:a0:35:6c:2b:0a:95:1d:f8:e9:e6:d6:62:27:d0:98:
         ab:e3:b3:51:6e:d3:37:6e:a3:8c:fd:c0:30:90:6c:6f:1a:c2:
         cd:09:17:42:82:74:ab:b1:dc:aa:f3:b3:40:b0:c4:8d:76:81:
         7a:2a:7b:72:97:e7:13:89:4e:18:97:84:72:9e:41:6c:18:33:
         1f:13:9a:61:7b:4a:9d:44:fa:93:ac:3d:03:4b:ba:9b:99:e9:
         50:47:15:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8/QGiwVkS+gjwOJJUps2GWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZmQ1NThhNjRlOTc1ODZhNDNkYzdlZTUwYThkNmIyOTIz
NjViNjAwHhcNMjQwNTAzMTYxODU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTc2NGFlODkwNzI0MWYwZDcxNTg0MGNhNDZlZTUyYTlhYjI1NmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsELZqqWBVsYcg6+BcscdszOpxQPy
5zFbNBjqvw++5Jx/T9QQlZmYRlkRShimPs1G4qaywnHm6vl2f6bdq2YUPGDuinBu
eG9JkYtI3ZSxqsOLpCQb+epLM7xpDYU9yENnVguQCXrNP5OSZRjmqITd6KcyEwYb
ZSm4UAvpIcMfNjokZaeRlaqFtnWOkwijZWDacnaUviHZPWRMXN2Y39JAbuS1ldXo
aOA4fJ6yEOvnRdoRDiJBUSqaQ12GPjQiJkgoFSWBmHfUAjpwpMRAH8CMVtrjzfj+
kqDCKUQDn94Fk/MBz0/KpjWO6OOFzG8aBZniP1aUx95RDcJgOLGpVKTFdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF52SuiQckHw1xWEDKRu5SqaslayMB8GA1UdIwQY
MBaAFBL9VYpk6XWGpD3H7lCo1rKSNltgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMt
MjRkOGU3NDdjMzhmLzEvWG5aSzZKQnlRZkRYRllRTXBHN2xLcHF5VnJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMtMjRkOGU3NDdjMzhm
LzEvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPgM2MA0G
CSqGSIb3DQEBCwUAA4IBAQCERsWhfsHSApZ8mgcSH3L5NE89relDckkw9cEUYriT
wb2Z0KDIAl15tLAG2urbTYiIfdz46r1ZbQ6WUVaxrZF2NWo6+JYbl8255LgTSmw4
uUFJbgS+NpmojpHmjvTnqQrdzoH1PtCBxtDYv5aM1Aoa79GkT1vktxQQPl6Wh0p5
KRqWtSRgIdy7CJpUugwShaGusWCNECQ41w5zcImJoo1PN/4oNr+gNWwrCpUd+Onm
1mIn0Jir47NRbtM3bqOM/cAwkGxvGsLNCRdCgnSrsdyq87NAsMSNdoF6Kntyl+cT
iU4Yl4RynkFsGDMfE5phe0qdRPqTrD0DS7qbmelQRxWm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:50 2024 by rpki-client on console-ams.rpki-client.org