Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS60721.roa
File:                     AS60721.roa (raw, json)
Hash identifier:          dVrko6vcPqQPTHGFmluuX1U2MyYHjYHPbn98SHO7hwM=
Subject key identifier:   41:87:0A:70:C1:DC:5F:89:58:D7:BD:F9:21:BF:AE:D8:C5:EC:BA:3E
Certificate issuer:       /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial:       77A53D44FA29C2CCFB7D742550A09663C56E93DE
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS60721.roa
Signing time:             Wed 04 Jan 2023 00:00:11 +0000
ROA not before:           Tue 03 Jan 2023 23:55:11 +0000
ROA not after:            Wed 03 Jan 2024 00:00:11 +0000
asID:                     60721
IP address blocks:        141.11.20.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:a5:3d:44:fa:29:c2:cc:fb:7d:74:25:50:a0:96:63:c5:6e:93:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
        Validity
            Not Before: Jan  3 23:55:11 2023 GMT
            Not After : Jan  3 00:00:11 2024 GMT
        Subject: CN=41870A70C1DC5F8958D7BDF921BFAED8C5ECBA3E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:98:db:0e:3a:25:3a:2c:bd:b2:56:ef:5b:77:
                    25:44:88:a8:79:8c:a8:f5:d1:74:0f:5d:39:27:54:
                    cd:d8:51:4e:02:e9:42:7e:ba:c3:51:b0:13:05:de:
                    61:e3:aa:9e:2c:11:c9:14:3e:ee:3c:d9:dc:c9:ee:
                    bb:e5:d5:df:79:d1:58:c0:0a:69:a6:5c:bf:7e:b7:
                    06:5e:62:5f:4e:c4:c9:11:60:1f:4f:15:98:b8:4b:
                    a7:be:df:3f:92:76:a8:7f:35:75:20:3a:0e:aa:c3:
                    ce:b8:cf:f2:ea:de:cc:4d:fb:fe:ea:11:40:78:f4:
                    3c:c5:a8:30:27:ac:73:a7:dd:d6:cd:4d:50:2f:c0:
                    fb:34:bf:0e:5d:90:29:54:35:d2:75:80:0d:f3:33:
                    b5:54:0e:75:b4:78:29:fc:85:41:8b:93:44:a3:e4:
                    59:f4:21:ef:fb:aa:0e:7c:83:41:cf:da:61:52:1c:
                    c2:4c:ba:59:9a:4f:77:e2:cd:30:b6:a0:97:c4:1d:
                    71:84:9a:99:6b:c7:50:35:9e:68:5b:ee:25:51:a5:
                    81:aa:9f:03:69:e3:a5:c1:a0:73:1b:c6:97:8a:9f:
                    81:40:4f:6f:4f:9e:c9:0a:7c:d2:ec:50:da:3f:59:
                    a1:09:26:2e:e5:eb:81:59:71:97:7b:51:00:e8:bd:
                    fb:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:87:0A:70:C1:DC:5F:89:58:D7:BD:F9:21:BF:AE:D8:C5:EC:BA:3E
            X509v3 Authority Key Identifier:
                keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS60721.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.11.20.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:2c:44:b9:05:01:14:5c:4e:02:21:8e:99:73:07:11:0f:34:
         ef:81:f5:09:f9:f6:70:d0:d5:2c:1f:28:3e:46:bb:03:bc:79:
         36:40:f7:c0:03:04:96:ba:fd:31:c5:96:98:3a:93:c7:6d:3d:
         66:7a:6d:86:9f:f4:d5:2a:f7:0e:63:f3:dd:99:c0:cc:2a:cc:
         7e:43:50:fc:c5:71:db:05:a3:30:bf:0a:97:45:d8:db:c7:cd:
         01:d4:7d:30:89:6b:bd:9f:22:23:34:9c:e3:e4:6c:0a:07:6b:
         32:e6:19:32:81:7e:cc:f8:62:1d:e0:c2:d3:ee:53:75:4f:e4:
         1d:5e:5f:db:a8:06:19:f2:dd:27:e5:83:d7:e9:71:24:8e:f0:
         fe:3c:4e:f9:18:1a:ae:f3:f1:ad:b2:3c:02:60:70:95:96:42:
         41:ce:83:69:ba:6d:96:99:3a:78:b4:f1:5a:1f:e1:07:c0:74:
         43:a9:ed:7e:1f:d8:51:3b:8c:f6:a7:3c:2d:2d:86:b8:51:65:
         f2:d4:c6:df:9d:e1:c7:8e:6d:00:d2:68:34:26:a7:73:1f:22:
         3e:bc:4c:13:fa:e2:44:31:f9:cf:38:20:09:7b:7b:cb:b6:6e:
         11:30:c4:d6:e7:cd:c5:79:be:8b:e1:c4:b9:48:5f:fe:a0:f8:
         43:5a:02:9a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUd6U9RPopwsz7fXQlUKCWY8Vuk94wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzAxMDMyMzU1MTFaFw0yNDAxMDMwMDAwMTFaMDMxMTAvBgNV
BAMTKDQxODcwQTcwQzFEQzVGODk1OEQ3QkRGOTIxQkZBRUQ4QzVFQ0JBM0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJmNsOOiU6LL2yVu9bdyVEiKh5
jKj10XQPXTknVM3YUU4C6UJ+usNRsBMF3mHjqp4sEckUPu482dzJ7rvl1d950VjA
CmmmXL9+twZeYl9OxMkRYB9PFZi4S6e+3z+Sdqh/NXUgOg6qw864z/Lq3sxN+/7q
EUB49DzFqDAnrHOn3dbNTVAvwPs0vw5dkClUNdJ1gA3zM7VUDnW0eCn8hUGLk0Sj
5Fn0Ie/7qg58g0HP2mFSHMJMulmaT3fizTC2oJfEHXGEmplrx1A1nmhb7iVRpYGq
nwNp46XBoHMbxpeKn4FAT29PnskKfNLsUNo/WaEJJi7l64FZcZd7UQDovfsPAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUQYcKcMHcX4lY1735Ib+u2MXsuj4wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNjA3MjEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACNCxQw
DQYJKoZIhvcNAQELBQADggEBADMsRLkFARRcTgIhjplzBxEPNO+B9Qn59nDQ1Swf
KD5GuwO8eTZA98ADBJa6/THFlpg6k8dtPWZ6bYaf9NUq9w5j892ZwMwqzH5DUPzF
cdsFozC/CpdF2NvHzQHUfTCJa72fIiM0nOPkbAoHazLmGTKBfsz4Yh3gwtPuU3VP
5B1eX9uoBhny3Sflg9fpcSSO8P48TvkYGq7z8a2yPAJgcJWWQkHOg2m6bZaZOni0
8Vof4QfAdEOp7X4f2FE7jPanPC0thrhRZfLUxt+d4ceObQDSaDQmp3MfIj68TBP6
4kQx+c84IAl7e8u2bhEwxNbnzcV5vovhxLlIX/6g+ENaApo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:59 2023 by rpki-client on console-fra.rpki-client.org