Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/1-tAp7o_AqyqiT38gdm5tS1O3QZU.roa
File:                     1-tAp7o_AqyqiT38gdm5tS1O3QZU.roa (raw, json)
Hash identifier:          ydwqO+UWYvd++1VGifsfc1tIzqqc6Lbh03rXKIxo+Q0=
Subject key identifier:   FA:D0:29:EE:8F:C0:AB:2A:A2:4F:7F:20:76:6E:6D:4B:53:B7:41:95
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       0189EE70361BE272CA7225C1836BC1587F28
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/1-tAp7o_AqyqiT38gdm5tS1O3QZU.roa
Signing time:             Sun 13 Aug 2023 10:27:58 +0000
ROA not before:           Sun 13 Aug 2023 10:27:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        81.21.12.0/22 maxlen: 24
                          81.21.12.0/24 maxlen: 24
                          81.21.13.0/24 maxlen: 24
                          81.21.14.0/24 maxlen: 24
                          81.21.15.0/24 maxlen: 24
                          176.57.51.0/24 maxlen: 24
                          176.57.53.0/24 maxlen: 24
                          176.57.62.0/24 maxlen: 24
                          176.57.63.0/24 maxlen: 24
                          62.72.162.0/24 maxlen: 24
                          62.72.162.0/23 maxlen: 23
                          62.72.163.0/24 maxlen: 24
                          62.72.165.0/24 maxlen: 24
                          62.72.161.0/24 maxlen: 24
                          62.72.169.0/24 maxlen: 24
                          62.72.170.0/24 maxlen: 24
                          62.72.177.0/24 maxlen: 24
                          62.72.179.0/24 maxlen: 24
                          62.72.175.0/24 maxlen: 24
                          62.72.185.0/24 maxlen: 24
                          62.72.181.0/24 maxlen: 24
                          62.72.182.0/24 maxlen: 24
                          62.72.191.0/24 maxlen: 24
                          62.72.187.0/24 maxlen: 24
                          62.72.188.0/24 maxlen: 24
                          62.72.189.0/24 maxlen: 24
                          81.21.2.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.3.0/24 maxlen: 24
                          81.21.1.0/24 maxlen: 24
                          81.21.8.0/24 maxlen: 24
                          81.21.9.0/24 maxlen: 24
                          81.21.10.0/24 maxlen: 24
                          81.21.10.0/23 maxlen: 23
                          81.21.11.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 16 Aug 2023 14:08:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:ee:70:36:1b:e2:72:ca:72:25:c1:83:6b:c1:58:7f:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Aug 13 10:27:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fad029ee8fc0ab2aa24f7f20766e6d4b53b74195
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:29:a1:70:34:18:0b:0f:4b:04:f3:18:37:b9:
                    4c:0c:4c:7f:68:6e:6e:10:ed:b3:a2:02:bb:e9:be:
                    f5:b6:d1:88:92:77:47:74:d3:7a:91:5a:29:75:1b:
                    60:e5:f8:0f:1d:3a:3f:bb:ba:7c:e4:87:dc:09:2a:
                    5b:87:94:44:48:9a:f7:ce:54:81:08:99:9c:b9:57:
                    90:86:c4:99:a3:8e:0d:4b:8e:0b:ab:21:ca:96:8c:
                    45:d9:53:13:94:04:f9:cb:88:97:bd:c3:49:03:3a:
                    a6:e5:06:2e:59:da:b4:d0:10:27:bd:a1:67:0d:4e:
                    30:e9:b7:54:29:39:88:95:e2:05:fa:48:a8:8a:1e:
                    ea:39:b2:04:e4:48:c0:0c:bf:1f:69:03:69:fc:2d:
                    b0:86:20:f3:a3:dd:cc:f5:af:8a:ef:a7:fe:1b:25:
                    05:94:93:d1:0f:ab:a3:d9:05:41:7a:34:c0:43:06:
                    11:37:4e:9b:58:ad:87:76:b7:55:ac:13:76:b1:e9:
                    c2:1c:1f:f8:17:74:3f:cc:62:43:2f:1b:07:de:33:
                    73:a3:d5:27:08:12:40:ed:d1:f8:43:7f:d0:cd:4a:
                    68:1f:4c:e3:15:96:00:83:cd:24:ba:1f:21:c1:b7:
                    9d:5c:ce:7c:22:18:bf:38:32:d0:2c:fd:f5:42:d7:
                    10:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:D0:29:EE:8F:C0:AB:2A:A2:4F:7F:20:76:6E:6D:4B:53:B7:41:95
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/1-tAp7o_AqyqiT38gdm5tS1O3QZU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.161.0-62.72.163.255
                  62.72.165.0/24
                  62.72.169.0-62.72.170.255
                  62.72.175.0/24
                  62.72.177.0/24
                  62.72.179.0/24
                  62.72.181.0-62.72.182.255
                  62.72.185.0/24
                  62.72.187.0-62.72.189.255
                  62.72.191.0/24
                  81.21.1.0-81.21.3.255
                  81.21.8.0/21
                  176.57.51.0/24
                  176.57.53.0/24
                  176.57.62.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9c:77:4d:86:ee:9b:b2:ad:65:d9:9e:f0:d4:e6:2b:70:3b:a6:
         6a:b7:6f:65:d3:38:a3:12:71:40:7a:a1:5e:11:bb:8e:e1:60:
         02:52:ca:54:47:e4:5e:6a:f6:ff:c4:80:7e:2f:dd:91:ef:01:
         8a:e9:c1:fc:ef:ce:64:05:c6:2d:bc:e9:d4:14:9a:10:17:ce:
         8f:36:36:42:1c:9c:db:f4:8c:81:f1:4b:cf:53:07:6e:45:9d:
         16:83:d4:69:6d:37:f8:f5:7a:4c:3f:73:ef:91:68:0f:ae:e7:
         92:dd:14:7d:36:b5:58:cd:2e:e2:44:78:27:e3:89:a0:dc:ee:
         5f:d0:52:d8:6b:8e:ae:b7:13:bb:f7:91:49:f1:26:73:33:45:
         f1:27:7b:c4:dc:7a:94:4d:ca:f4:4c:9c:6d:5b:80:ff:f5:c9:
         b7:67:d4:82:51:14:90:e4:f3:17:54:38:e0:03:a6:c6:a2:ba:
         a2:56:15:d6:bb:68:03:bf:12:aa:d9:4c:8f:6b:6a:e8:24:53:
         31:6e:cb:20:b7:13:0c:56:00:65:a4:7b:e9:ef:a4:81:5b:3d:
         0d:58:41:ab:1f:0e:d9:26:64:f7:3f:e2:87:96:d8:1d:f7:1b:
         56:a8:6f:fb:01:ed:c1:04:2b:0f:c9:32:ca:b3:e1:4e:d1:d3:
         a1:65:5f:d2
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYnucDYb4nLKciXBg2vBWH8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwODEzMTAyNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWQwMjllZThmYzBhYjJhYTI0ZjdmMjA3NjZlNmQ0YjUzYjc0MTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzimhcDQYCw9LBPMYN7lMDEx/aG5u
EO2zogK76b71ttGIkndHdNN6kVopdRtg5fgPHTo/u7p85IfcCSpbh5RESJr3zlSB
CJmcuVeQhsSZo44NS44LqyHKloxF2VMTlAT5y4iXvcNJAzqm5QYuWdq00BAnvaFn
DU4w6bdUKTmIleIF+kioih7qObIE5EjADL8faQNp/C2whiDzo93M9a+K76f+GyUF
lJPRD6uj2QVBejTAQwYRN06bWK2HdrdVrBN2senCHB/4F3Q/zGJDLxsH3jNzo9Un
CBJA7dH4Q3/QzUpoH0zjFZYAg80kuh8hwbedXM58Ihi/ODLQLP31QtcQPQIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFPrQKe6PwKsqok9/IHZubUtTt0GVMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvMS10QXA3b19BcXlxaVQzOGdkbTV0UzFPM1FaVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjUvMDA2MjQxLTgwOGQtNGE0OS1iMGNkLTU2MjQ0ZjQzMGRj
Yy8xL0ZmR1FkRlNOS2lsT1E0WFpYTloxSkpEdVJ0Yy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBnwYIKwYBBQUHAQcBAf8EgY8wgYwwgYkEAgABMIGCMAwD
BAA+SKEDBAI+SKADBAA+SKUwDAMEAD5IqQMEAD5IqgMEAD5IrwMEAD5IsQMEAD5I
szAMAwQAPki1AwQAPki2AwQAPki5MAwDBAA+SLsDBAE+SLwDBAA+SL8wDAMEAFEV
AQMEAlEVAAMEA1EVCAMEALA5MwMEALA5NQMEAbA5PjANBgkqhkiG9w0BAQsFAAOC
AQEAnHdNhu6bsq1l2Z7w1OYrcDumardvZdM4oxJxQHqhXhG7juFgAlLKVEfkXmr2
/8SAfi/dke8BiunB/O/OZAXGLbzp1BSaEBfOjzY2Qhyc2/SMgfFLz1MHbkWdFoPU
aW03+PV6TD9z75FoD67nkt0UfTa1WM0u4kR4J+OJoNzuX9BS2GuOrrcTu/eRSfEm
czNF8Sd7xNx6lE3K9EycbVuA//XJt2fUglEUkOTzF1Q44AOmxqK6olYV1rtoA78S
qtlMj2tq6CRTMW7LILcTDFYAZaR76e+kgVs9DVhBqx8O2SZk9z/ih5bYHfcbVqhv
+wHtwQQrD8kyyrPhTtHToWVf0g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:54 2024 by rpki-client on console-ams.rpki-client.org