Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/455rEjvdrvrAPxfqGOzgD1mFktQ.roa
File:                     455rEjvdrvrAPxfqGOzgD1mFktQ.roa (raw, json)
Hash identifier:          igj6fMjQFQVzXGGjd5BEUMRXWEi6HKa9eDgtVZRxlqU=
Subject key identifier:   E3:9E:6B:12:3B:DD:AE:FA:C0:3F:17:EA:18:EC:E0:0F:59:85:92:D4
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018FB3A7B11B0F49E15F85F9DC8ADEB33137
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/455rEjvdrvrAPxfqGOzgD1mFktQ.roa
Signing time:             Sun 26 May 2024 06:47:42 +0000
ROA not before:           Sun 26 May 2024 06:47:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        62.72.162.0/23 maxlen: 23
                          62.72.164.0/22 maxlen: 22
                          62.72.164.0/23 maxlen: 23
                          62.72.176.0/24 maxlen: 24
                          62.72.183.0/24 maxlen: 24
                          62.72.189.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.4.0/22 maxlen: 24
                          81.21.8.0/24 maxlen: 24
                          81.21.9.0/24 maxlen: 24
                          81.21.10.0/23 maxlen: 23
                          81.21.11.0/24 maxlen: 24
                          81.21.12.0/22 maxlen: 24
                          81.21.12.0/24 maxlen: 24
                          81.21.14.0/23 maxlen: 24
                          81.21.14.0/24 maxlen: 24
                          81.21.15.0/24 maxlen: 24
                          176.57.53.0/24 maxlen: 24
                          176.57.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 29 May 2024 07:08:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:b3:a7:b1:1b:0f:49:e1:5f:85:f9:dc:8a:de:b3:31:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: May 26 06:47:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e39e6b123bddaefac03f17ea18ece00f598592d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:65:15:0c:41:42:a4:d3:89:de:36:db:bb:be:
                    f0:7e:6c:44:eb:36:b0:98:d5:b9:b5:dc:14:26:c3:
                    ef:9a:61:73:36:66:0c:58:85:64:db:52:a7:4b:3c:
                    b2:d5:d9:24:cf:66:5d:c1:07:fd:74:bc:6e:7b:7b:
                    5d:0b:2a:94:16:ea:c9:e3:04:cd:59:47:8a:22:bb:
                    ae:a1:0e:d7:7d:bc:81:45:49:0a:e5:d2:ff:60:69:
                    68:0b:21:ce:98:61:ef:b3:1b:30:27:50:b5:a7:d0:
                    23:2c:8f:c5:4d:5e:ce:66:60:6e:bd:1f:4b:fc:51:
                    d3:d8:b1:31:12:a0:0c:4e:5b:11:90:56:ec:35:f2:
                    8e:bb:5f:50:03:85:02:b8:09:ad:7b:6c:64:ef:43:
                    8a:ef:8b:d4:da:1a:3f:97:08:4e:0b:e5:a3:e0:d5:
                    54:c6:5a:2a:98:9c:7c:53:0d:35:57:ce:14:7b:2b:
                    7c:a8:8e:b7:fa:3e:17:cc:cc:77:62:a9:1f:17:b6:
                    78:0a:86:76:cd:19:2d:62:4d:41:24:fa:69:98:13:
                    4e:9d:0e:3f:40:95:1f:4b:8e:7b:8b:e3:ae:e3:6b:
                    1e:84:6b:8d:3c:a2:65:eb:8d:cc:fc:74:2f:1d:54:
                    84:9e:ae:6a:93:59:9f:b5:1f:e7:c5:a1:92:36:11:
                    33:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:9E:6B:12:3B:DD:AE:FA:C0:3F:17:EA:18:EC:E0:0F:59:85:92:D4
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/455rEjvdrvrAPxfqGOzgD1mFktQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.162.0-62.72.167.255
                  62.72.176.0/24
                  62.72.183.0/24
                  62.72.189.0/24
                  81.21.2.0-81.21.15.255
                  176.57.53.0/24
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:15:3b:6b:63:bc:cd:ce:de:f8:4a:ff:f7:9b:18:a2:f6:09:
         00:a5:1e:a6:99:22:68:f0:72:67:41:58:42:2b:e9:6d:36:77:
         97:b4:1b:63:4c:49:06:79:3a:67:98:eb:54:2c:83:0a:90:df:
         4a:ed:fd:47:b6:0e:8f:32:fe:a5:67:eb:22:64:bd:30:cb:7c:
         30:ed:3f:bd:43:1b:fa:92:8c:cc:af:7e:bb:b6:08:ae:7f:46:
         af:6e:bb:fd:36:a0:25:99:9f:c0:db:e2:36:ec:fe:80:19:75:
         f8:29:f9:7e:dd:80:db:a3:d3:66:28:68:af:55:35:a5:cc:5f:
         86:78:36:c3:e1:d5:61:2d:7b:fa:45:0f:21:25:e9:d0:60:3e:
         c5:4e:89:7b:ae:c1:1f:41:5a:0f:c8:52:65:49:36:b4:27:cd:
         56:38:b5:03:2b:c9:71:41:be:ee:62:86:95:d5:ce:ca:68:2e:
         a8:52:44:79:83:4f:3c:46:9e:8b:70:d3:24:60:f6:19:b5:2c:
         f2:de:51:18:4c:99:5a:94:6e:11:59:e8:c5:23:f8:50:15:67:
         a2:f6:01:2f:ff:54:e4:29:c0:88:19:a9:e7:0a:30:3d:e7:06:
         20:50:44:ce:c5:f2:6a:fd:ee:94:5d:6e:a1:d1:97:74:c6:92:
         6a:85:b9:8b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAY+zp7EbD0nhX4X53IreszE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwNTI2MDY0NzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzllNmIxMjNiZGRhZWZhYzAzZjE3ZWExOGVjZTAwZjU5ODU5MmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWUVDEFCpNOJ3jbbu77wfmxE6zaw
mNW5tdwUJsPvmmFzNmYMWIVk21KnSzyy1dkkz2ZdwQf9dLxue3tdCyqUFurJ4wTN
WUeKIruuoQ7XfbyBRUkK5dL/YGloCyHOmGHvsxswJ1C1p9AjLI/FTV7OZmBuvR9L
/FHT2LExEqAMTlsRkFbsNfKOu19QA4UCuAmte2xk70OK74vU2ho/lwhOC+Wj4NVU
xloqmJx8Uw01V84Ueyt8qI63+j4XzMx3YqkfF7Z4CoZ2zRktYk1BJPppmBNOnQ4/
QJUfS457i+Ou42sehGuNPKJl643M/HQvHVSEnq5qk1mftR/nxaGSNhEz0QIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFOOeaxI73a76wD8X6hjs4A9ZhZLUMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvNDU1ckVqdmRydnJBUHhmcUdPemdEMW1Ga3RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6MAwDBAE+SKID
BAM+SKADBAA+SLADBAA+SLcDBAA+SL0wDAMEAVEVAgMEBFEVAAMEALA5NQMEALA5
PzANBgkqhkiG9w0BAQsFAAOCAQEAgxU7a2O8zc7e+Er/95sYovYJAKUeppkiaPBy
Z0FYQivpbTZ3l7QbY0xJBnk6Z5jrVCyDCpDfSu39R7YOjzL+pWfrImS9MMt8MO0/
vUMb+pKMzK9+u7YIrn9Gr267/TagJZmfwNviNuz+gBl1+Cn5ft2A26PTZihor1U1
pcxfhng2w+HVYS17+kUPISXp0GA+xU6Je67BH0FaD8hSZUk2tCfNVji1AyvJcUG+
7mKGldXOymguqFJEeYNPPEaei3DTJGD2GbUs8t5RGEyZWpRuEVnoxSP4UBVnovYB
L/9U5CnAiBmp5wowPecGIFBEzsXyav3ulF1uodGXdMaSaoW5iw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:54 2024 by rpki-client on console-ams.rpki-client.org