Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/5gNkX-_aDzPD7ERdfTkc3BuzxmY.roa
File:                     5gNkX-_aDzPD7ERdfTkc3BuzxmY.roa (raw, json)
Hash identifier:          3CNjGcAfluDv3DD6g0nrXYcXEY/Cljzm7XGIHU9oLZ0=
Subject key identifier:   E6:03:64:5F:EF:DA:0F:33:C3:EC:44:5D:7D:39:1C:DC:1B:B3:C6:66
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018AA75A57411FAAC15FFEBE82811A39A87B
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/5gNkX-_aDzPD7ERdfTkc3BuzxmY.roa
Signing time:             Mon 18 Sep 2023 08:13:50 +0000
ROA not before:           Mon 18 Sep 2023 08:13:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        81.21.12.0/22 maxlen: 24
                          176.57.51.0/24 maxlen: 24
                          176.57.53.0/24 maxlen: 24
                          176.57.58.0/24 maxlen: 24
                          176.57.59.0/24 maxlen: 24
                          176.57.62.0/24 maxlen: 24
                          176.57.63.0/24 maxlen: 24
                          62.72.162.0/24 maxlen: 24
                          62.72.162.0/23 maxlen: 23
                          62.72.163.0/24 maxlen: 24
                          62.72.164.0/23 maxlen: 23
                          62.72.164.0/24 maxlen: 24
                          62.72.165.0/24 maxlen: 24
                          62.72.161.0/24 maxlen: 24
                          62.72.169.0/24 maxlen: 24
                          62.72.168.0/22 maxlen: 22
                          62.72.170.0/24 maxlen: 24
                          62.72.171.0/24 maxlen: 24
                          62.72.168.0/24 maxlen: 24
                          62.72.177.0/24 maxlen: 24
                          62.72.179.0/24 maxlen: 24
                          62.72.173.0/24 maxlen: 24
                          62.72.174.0/23 maxlen: 23
                          62.72.174.0/24 maxlen: 24
                          62.72.175.0/24 maxlen: 24
                          62.72.184.0/24 maxlen: 24
                          62.72.185.0/24 maxlen: 24
                          62.72.186.0/24 maxlen: 24
                          62.72.180.0/24 maxlen: 24
                          62.72.184.0/22 maxlen: 22
                          62.72.181.0/24 maxlen: 24
                          62.72.182.0/24 maxlen: 24
                          62.72.191.0/24 maxlen: 24
                          62.72.187.0/24 maxlen: 24
                          62.72.188.0/24 maxlen: 24
                          62.72.189.0/24 maxlen: 24
                          81.21.2.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.3.0/24 maxlen: 24
                          81.21.4.0/22 maxlen: 24
                          81.21.1.0/24 maxlen: 24
                          81.21.10.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 19 Sep 2023 13:25:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:a7:5a:57:41:1f:aa:c1:5f:fe:be:82:81:1a:39:a8:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Sep 18 08:13:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e603645fefda0f33c3ec445d7d391cdc1bb3c666
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:0e:f2:fe:4c:26:b1:5d:fa:51:84:ec:70:af:
                    83:62:fe:c4:ea:3d:60:86:85:c8:bd:9e:0f:e1:4a:
                    63:81:9b:0f:56:27:f9:05:bc:60:89:c0:96:f5:f7:
                    99:23:d2:e5:d0:cb:ac:91:d8:9d:ef:6a:86:f1:b1:
                    91:81:e4:94:aa:be:d0:40:92:79:b1:c7:1b:ed:e2:
                    db:64:f2:8c:be:77:7a:87:68:40:c5:d6:9d:1e:a0:
                    67:ec:0f:5c:cc:b4:32:70:94:8b:74:f7:f6:86:c3:
                    4c:1f:ae:50:6a:ba:66:5e:05:ed:d1:03:11:cb:08:
                    c1:8c:1d:53:49:2f:93:29:06:31:67:24:94:c1:35:
                    03:5f:ce:d4:45:54:09:d5:00:5a:81:43:89:77:18:
                    36:ef:8e:2e:1c:38:f4:b2:5a:9f:0b:ae:29:30:a1:
                    a8:14:1d:f6:82:c8:a3:6c:b5:8c:66:5d:b0:e8:1d:
                    13:db:ec:a8:c1:70:65:40:09:64:89:85:78:89:e1:
                    7d:79:91:71:4e:af:ca:37:3c:3b:2d:ba:a5:19:b2:
                    b2:eb:f7:f1:07:6a:55:c3:59:5f:07:8c:34:2d:72:
                    10:5b:7f:17:93:df:74:b6:4f:52:cf:e6:a6:db:dc:
                    f4:1d:76:db:e1:fe:c8:7d:ba:73:da:71:d0:2a:d7:
                    64:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:03:64:5F:EF:DA:0F:33:C3:EC:44:5D:7D:39:1C:DC:1B:B3:C6:66
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/5gNkX-_aDzPD7ERdfTkc3BuzxmY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.161.0-62.72.165.255
                  62.72.168.0/22
                  62.72.173.0-62.72.175.255
                  62.72.177.0/24
                  62.72.179.0-62.72.182.255
                  62.72.184.0-62.72.189.255
                  62.72.191.0/24
                  81.21.1.0-81.21.7.255
                  81.21.10.0-81.21.15.255
                  176.57.51.0/24
                  176.57.53.0/24
                  176.57.58.0/23
                  176.57.62.0/23

    Signature Algorithm: sha256WithRSAEncryption
         26:b9:0b:f0:68:02:d6:d1:d5:1b:ce:e4:2c:08:1b:94:c7:c1:
         50:7f:38:27:db:81:a0:e8:5b:5f:b8:21:fe:ab:b4:19:6c:0c:
         ad:12:ba:97:66:59:c4:89:13:78:d5:08:df:b7:32:64:c5:a7:
         53:46:8e:81:66:76:02:29:43:ed:c1:7d:be:04:51:e4:e7:a8:
         5c:e6:2f:54:53:91:81:7e:ec:44:dd:6d:cf:dd:16:09:1e:2f:
         07:1f:7c:47:38:df:9e:4a:01:09:d7:b5:e2:b0:18:c1:3d:f8:
         5d:ad:9b:77:f1:78:47:4b:35:08:93:50:24:fc:6b:a6:43:a2:
         b1:d2:26:b8:45:ca:4f:ec:67:4a:fd:00:bb:cb:24:57:04:8f:
         1c:f3:ad:c5:da:7b:0d:15:dd:44:4b:27:30:e5:71:4f:ad:af:
         c3:05:e7:07:01:c8:2e:80:ef:c5:38:f0:2e:54:31:8b:19:03:
         da:6b:b2:e7:4e:8d:5b:e9:b6:27:40:53:ef:45:b2:84:93:b3:
         2b:0e:01:f2:2c:5b:9e:1e:27:5b:3b:8a:6e:b4:ac:e0:f2:f9:
         18:2e:e1:4a:66:10:28:36:48:10:48:42:8a:aa:e5:13:df:0d:
         01:2d:6b:77:2c:3b:5c:60:45:9d:ab:1c:30:60:96:a0:46:57:
         ce:d4:7c:ff
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYqnWldBH6rBX/6+goEaOah7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwOTE4MDgxMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjAzNjQ1ZmVmZGEwZjMzYzNlYzQ0NWQ3ZDM5MWNkYzFiYjNjNjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiA7y/kwmsV36UYTscK+DYv7E6j1g
hoXIvZ4P4UpjgZsPVif5BbxgicCW9feZI9Ll0Muskdid72qG8bGRgeSUqr7QQJJ5
sccb7eLbZPKMvnd6h2hAxdadHqBn7A9czLQycJSLdPf2hsNMH65QarpmXgXt0QMR
ywjBjB1TSS+TKQYxZySUwTUDX87URVQJ1QBagUOJdxg2744uHDj0slqfC64pMKGo
FB32gsijbLWMZl2w6B0T2+yowXBlQAlkiYV4ieF9eZFxTq/KNzw7LbqlGbKy6/fx
B2pVw1lfB4w0LXIQW38Xk990tk9Sz+am29z0HXbb4f7Ifbpz2nHQKtdkSQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFOYDZF/v2g8zw+xEXX05HNwbs8ZmMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvNWdOa1gtX2FEelBEN0VSZGZUa2MzQnV6eG1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfjAMAwQA
PkihAwQBPkikAwQCPkioMAwDBAA+SK0DBAQ+SKADBAA+SLEwDAMEAD5IswMEAD5I
tjAMAwQDPki4AwQBPki8AwQAPki/MAwDBABRFQEDBANRFQAwDAMEAVEVCgMEBFEV
AAMEALA5MwMEALA5NQMEAbA5OgMEAbA5PjANBgkqhkiG9w0BAQsFAAOCAQEAJrkL
8GgC1tHVG87kLAgblMfBUH84J9uBoOhbX7gh/qu0GWwMrRK6l2ZZxIkTeNUI37cy
ZMWnU0aOgWZ2AilD7cF9vgRR5OeoXOYvVFORgX7sRN1tz90WCR4vBx98RzjfnkoB
Cde14rAYwT34Xa2bd/F4R0s1CJNQJPxrpkOisdImuEXKT+xnSv0Au8skVwSPHPOt
xdp7DRXdREsnMOVxT62vwwXnBwHILoDvxTjwLlQxixkD2muy506NW+m2J0BT70Wy
hJOzKw4B8ixbnh4nWzuKbrSs4PL5GC7hSmYQKDZIEEhCiqrlE98NAS1rdyw7XGBF
nascMGCWoEZXztR8/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:53 2024 by rpki-client on console-fra.rpki-client.org