Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/1-ZbrLV8tNk7b-Dr3gtpDLNy-7YQ.roa
File:                     1-ZbrLV8tNk7b-Dr3gtpDLNy-7YQ.roa (raw, json)
Hash identifier:          2XcGuOAOWuUf9dTXe5gNVaVeVk+4XaueAhP5XqOwb6g=
Subject key identifier:   F9:96:EB:2D:5F:2D:36:4E:DB:F8:3A:F7:82:DA:43:2C:DC:BE:ED:84
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018C6EADB4053A35C161A75875DF02E9B1F6
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/1-ZbrLV8tNk7b-Dr3gtpDLNy-7YQ.roa
Signing time:             Fri 15 Dec 2023 18:12:06 +0000
ROA not before:           Fri 15 Dec 2023 18:12:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        62.72.162.0/23 maxlen: 23
                          62.72.164.0/23 maxlen: 23
                          62.72.164.0/22 maxlen: 22
                          62.72.175.0/24 maxlen: 24
                          62.72.184.0/22 maxlen: 22
                          62.72.181.0/24 maxlen: 24
                          81.21.12.0/22 maxlen: 24
                          81.21.14.0/23 maxlen: 24
                          176.57.51.0/24 maxlen: 24
                          176.57.53.0/24 maxlen: 24
                          176.57.58.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.4.0/22 maxlen: 24
                          176.57.59.0/24 maxlen: 24
                          81.21.10.0/23 maxlen: 23
                          176.57.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 17 Dec 2023 07:02:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:6e:ad:b4:05:3a:35:c1:61:a7:58:75:df:02:e9:b1:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Dec 15 18:12:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f996eb2d5f2d364edbf83af782da432cdcbeed84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:35:e4:2d:84:a7:1f:11:b6:00:3d:b2:94:f7:
                    c5:e5:2d:aa:e8:cb:e1:9f:a0:e6:0c:aa:96:6a:d6:
                    92:69:bc:33:4b:9c:20:c9:ad:b0:6a:7b:c0:a7:40:
                    c0:e0:03:c1:2e:f9:e9:e7:20:4d:99:47:35:44:3c:
                    97:66:64:0e:c5:e1:d8:6f:a8:05:66:2e:44:3c:45:
                    4e:5d:98:ab:4a:d4:8c:cd:91:2c:a4:8c:e1:b4:ff:
                    8f:39:d8:ce:dc:a9:85:f2:df:4b:56:25:f3:b3:3a:
                    59:cd:a8:93:7c:f0:80:09:2e:ac:a5:1d:0a:0c:f4:
                    f4:13:88:14:4c:fe:e9:8c:3e:64:f4:4b:ac:6e:a7:
                    b5:67:32:74:93:9f:4d:b3:73:65:ee:7c:a7:7a:ca:
                    37:47:d6:4b:a3:79:af:82:1b:fd:30:7b:73:38:eb:
                    92:a1:9c:0f:f3:d8:5f:74:62:8e:fe:8b:30:bf:b1:
                    29:24:52:c3:5a:0b:6d:58:e8:67:ca:20:5d:c8:0d:
                    c6:35:08:cc:dd:c7:e6:43:c7:ce:d2:60:56:77:7b:
                    47:b2:80:52:45:4b:61:56:db:0d:10:31:b7:3f:a4:
                    7c:f4:33:20:2a:94:3a:9b:a5:e1:5b:a6:0a:ba:74:
                    1e:70:1b:e3:d3:63:41:c5:7e:e5:e8:c5:2d:a9:4f:
                    93:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:96:EB:2D:5F:2D:36:4E:DB:F8:3A:F7:82:DA:43:2C:DC:BE:ED:84
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/1-ZbrLV8tNk7b-Dr3gtpDLNy-7YQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.162.0-62.72.167.255
                  62.72.175.0/24
                  62.72.181.0/24
                  62.72.184.0/22
                  81.21.2.0-81.21.7.255
                  81.21.10.0-81.21.15.255
                  176.57.51.0/24
                  176.57.53.0/24
                  176.57.58.0/23
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:68:2c:01:20:cd:5b:17:f0:a8:ee:26:79:2f:fe:d9:f2:f4:
         23:e9:85:ce:01:20:b1:77:1c:2d:5f:23:f2:de:08:56:a0:8d:
         39:fe:3e:c9:5a:73:63:8d:5c:bc:fd:b6:6f:70:00:81:9a:8a:
         f5:0d:db:14:0b:9c:ca:93:3e:13:f7:f6:59:2b:9d:50:96:b6:
         82:44:ea:6d:15:46:34:86:06:71:40:25:07:f3:bd:f4:56:2b:
         13:d6:6c:26:91:c6:87:ef:03:42:d6:9b:33:57:76:16:3c:8e:
         a7:53:23:dc:88:d6:d1:8b:53:2a:dc:c9:9a:bf:57:19:65:67:
         a7:42:fc:0e:2b:9e:78:a4:d8:ca:f7:d3:01:a2:57:e0:2b:c0:
         e9:05:05:f3:1b:3a:df:57:67:69:56:54:a6:0d:e7:85:93:80:
         cf:3b:69:3e:c5:56:67:d8:4b:6c:87:9e:0c:0b:3f:31:82:8f:
         de:46:38:73:96:b7:af:cd:85:8c:ea:af:f2:31:7e:b1:97:17:
         0d:d8:95:4a:26:85:1d:8c:9f:ad:1d:05:f9:d5:9f:a7:41:14:
         d9:c5:43:fc:15:d4:8d:43:f8:1b:92:4c:74:0e:4c:18:0c:1a:
         ca:81:e0:01:b3:3e:b7:92:94:2a:d8:52:34:18:3a:1d:d2:1d:
         70:77:92:8d
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYxurbQFOjXBYadYdd8C6bH2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMxMjE1MTgxMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTk2ZWIyZDVmMmQzNjRlZGJmODNhZjc4MmRhNDMyY2RjYmVlZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTXkLYSnHxG2AD2ylPfF5S2q6Mvh
n6DmDKqWataSabwzS5wgya2wanvAp0DA4APBLvnp5yBNmUc1RDyXZmQOxeHYb6gF
Zi5EPEVOXZirStSMzZEspIzhtP+POdjO3KmF8t9LViXzszpZzaiTfPCACS6spR0K
DPT0E4gUTP7pjD5k9Eusbqe1ZzJ0k59Ns3Nl7nyneso3R9ZLo3mvghv9MHtzOOuS
oZwP89hfdGKO/oswv7EpJFLDWgttWOhnyiBdyA3GNQjM3cfmQ8fO0mBWd3tHsoBS
RUthVtsNEDG3P6R89DMgKpQ6m6XhW6YKunQecBvj02NBxX7l6MUtqU+TcwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFPmW6y1fLTZO2/g694LaQyzcvu2EMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvMS1aYnJMVjh0Tms3Yi1EcjNndHBETE55LTdZUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjUvMDA2MjQxLTgwOGQtNGE0OS1iMGNkLTU2MjQ0ZjQzMGRj
Yy8xL0ZmR1FkRlNOS2lsT1E0WFpYTloxSkpEdVJ0Yy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBtBggrBgEFBQcBBwEB/wReMFwwWgQCAAEwVDAMAwQBPkii
AwQDPkigAwQAPkivAwQAPki1AwQCPki4MAwDBAFRFQIDBANRFQAwDAMEAVEVCgME
BFEVAAMEALA5MwMEALA5NQMEAbA5OgMEALA5PzANBgkqhkiG9w0BAQsFAAOCAQEA
HWgsASDNWxfwqO4meS/+2fL0I+mFzgEgsXccLV8j8t4IVqCNOf4+yVpzY41cvP22
b3AAgZqK9Q3bFAucypM+E/f2WSudUJa2gkTqbRVGNIYGcUAlB/O99FYrE9ZsJpHG
h+8DQtabM1d2FjyOp1Mj3IjW0YtTKtzJmr9XGWVnp0L8DiueeKTYyvfTAaJX4CvA
6QUF8xs631dnaVZUpg3nhZOAzztpPsVWZ9hLbIeeDAs/MYKP3kY4c5a3r82FjOqv
8jF+sZcXDdiVSiaFHYyfrR0F+dWfp0EU2cVD/BXUjUP4G5JMdA5MGAwayoHgAbM+
t5KUKthSNBg6HdIdcHeSjQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:54 2024 by rpki-client on console-ams.rpki-client.org