Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/8QmSEiFQ67fqzN-7YCNuKdVuwJM.roa
File:                     8QmSEiFQ67fqzN-7YCNuKdVuwJM.roa (raw, json)
Hash identifier:          nF3XnrtV/o0hvKaaeEDYZx8J1JqHEIg4rHNR/u71MuE=
Subject key identifier:   F1:09:92:12:21:50:EB:B7:EA:CC:DF:BB:60:23:6E:29:D5:6E:C0:93
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018A5EC99802FADEEDAA8FBC6B8CF9264A13
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/8QmSEiFQ67fqzN-7YCNuKdVuwJM.roa
Signing time:             Mon 04 Sep 2023 06:03:04 +0000
ROA not before:           Mon 04 Sep 2023 06:03:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        81.21.12.0/22 maxlen: 24
                          81.21.12.0/24 maxlen: 24
                          81.21.13.0/24 maxlen: 24
                          81.21.14.0/24 maxlen: 24
                          81.21.15.0/24 maxlen: 24
                          176.57.51.0/24 maxlen: 24
                          176.57.53.0/24 maxlen: 24
                          176.57.58.0/24 maxlen: 24
                          176.57.59.0/24 maxlen: 24
                          176.57.62.0/24 maxlen: 24
                          176.57.63.0/24 maxlen: 24
                          62.72.162.0/24 maxlen: 24
                          62.72.162.0/23 maxlen: 23
                          62.72.163.0/24 maxlen: 24
                          62.72.165.0/24 maxlen: 24
                          62.72.161.0/24 maxlen: 24
                          62.72.169.0/24 maxlen: 24
                          62.72.170.0/24 maxlen: 24
                          62.72.177.0/24 maxlen: 24
                          62.72.179.0/24 maxlen: 24
                          62.72.173.0/24 maxlen: 24
                          62.72.174.0/24 maxlen: 24
                          62.72.175.0/24 maxlen: 24
                          62.72.185.0/24 maxlen: 24
                          62.72.186.0/24 maxlen: 24
                          62.72.181.0/24 maxlen: 24
                          62.72.182.0/24 maxlen: 24
                          62.72.191.0/24 maxlen: 24
                          62.72.187.0/24 maxlen: 24
                          62.72.188.0/24 maxlen: 24
                          62.72.189.0/24 maxlen: 24
                          81.21.2.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.3.0/24 maxlen: 24
                          81.21.4.0/22 maxlen: 24
                          81.21.1.0/24 maxlen: 24
                          81.21.8.0/24 maxlen: 24
                          81.21.9.0/24 maxlen: 24
                          81.21.10.0/23 maxlen: 23
                          81.21.11.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Sep 2023 06:45:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:5e:c9:98:02:fa:de:ed:aa:8f:bc:6b:8c:f9:26:4a:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Sep  4 06:03:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f10992122150ebb7eaccdfbb60236e29d56ec093
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:dd:7a:81:1d:d9:df:03:4f:cf:c7:7b:6f:60:
                    3f:a9:fa:fc:b8:5d:03:d0:bf:f1:f3:69:04:2a:73:
                    3b:33:27:e8:c1:e1:34:43:b6:94:68:c9:90:54:4a:
                    fa:07:62:5f:fe:08:96:5d:f4:cb:c8:6c:71:8a:56:
                    4a:ad:37:2f:ba:b5:30:fb:4d:24:d2:41:8b:26:b4:
                    15:89:a2:cc:b4:f8:e2:ee:4e:28:37:0a:07:a0:3f:
                    56:62:55:88:e3:c2:68:d0:38:37:ee:4f:f8:b7:eb:
                    46:d2:f8:ab:f0:c9:bd:bd:2d:4f:5b:08:59:1c:52:
                    3c:47:31:08:85:86:58:f0:73:4d:1d:51:1f:49:11:
                    bc:a9:39:fa:67:2d:c9:95:5e:c6:fe:e2:ad:db:a4:
                    07:d2:46:7d:c9:59:11:46:da:4b:ed:0e:15:93:47:
                    73:ca:a5:86:0e:35:fd:7f:63:ea:88:e4:d4:e4:e4:
                    77:d9:ab:e9:1c:3c:30:19:b2:23:03:f2:88:e4:c3:
                    fb:1b:c7:a4:fe:4f:6e:26:dd:18:52:86:15:54:9e:
                    37:ad:1a:47:f9:39:c7:4d:87:5c:82:ff:4d:67:bf:
                    66:36:37:fb:38:27:5a:a0:8e:86:f1:bb:b9:95:d2:
                    8a:95:97:41:6f:95:42:71:37:be:fa:23:4c:5f:02:
                    dd:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:09:92:12:21:50:EB:B7:EA:CC:DF:BB:60:23:6E:29:D5:6E:C0:93
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/8QmSEiFQ67fqzN-7YCNuKdVuwJM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.161.0-62.72.163.255
                  62.72.165.0/24
                  62.72.169.0-62.72.170.255
                  62.72.173.0-62.72.175.255
                  62.72.177.0/24
                  62.72.179.0/24
                  62.72.181.0-62.72.182.255
                  62.72.185.0-62.72.189.255
                  62.72.191.0/24
                  81.21.1.0-81.21.15.255
                  176.57.51.0/24
                  176.57.53.0/24
                  176.57.58.0/23
                  176.57.62.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3c:ad:8e:42:73:ac:90:cb:51:b1:73:ce:77:a0:02:d0:f2:94:
         0b:04:62:6d:10:ac:9b:e5:e4:a8:05:f1:87:95:65:6b:1e:b2:
         fa:cd:12:db:2f:a0:fc:52:e8:24:4f:12:60:55:31:8e:92:f1:
         96:61:9f:82:8c:30:34:30:d6:25:67:f8:5d:27:5c:9a:23:8e:
         6e:66:c5:2a:ec:58:06:37:d7:06:8e:90:66:79:7e:f4:e8:c1:
         62:7a:f5:b0:63:5a:9f:4d:dc:e6:e7:54:83:c0:c9:71:60:6a:
         d9:31:e6:ab:25:76:bd:4a:f2:af:dd:91:a4:de:8b:f0:3e:a2:
         4a:ca:d7:19:9e:64:9e:28:a6:ce:40:dd:6d:0c:2f:63:0f:2d:
         0d:e8:60:65:d8:40:a0:71:84:5c:2b:9d:df:75:9d:21:80:8e:
         98:b8:82:72:7a:d5:90:e0:89:47:62:5c:54:10:93:6f:cf:61:
         7c:a6:2c:4b:8f:88:02:40:be:7b:a9:94:e6:8d:ed:62:7c:21:
         d5:c7:7b:50:05:4a:9e:69:65:12:84:3b:10:76:76:31:e6:58:
         7a:90:7d:14:22:95:98:64:91:35:41:a1:eb:19:03:3f:ef:6d:
         05:54:f8:b1:e2:d2:3e:4c:c4:ce:4a:97:6c:89:67:f7:a1:d0:
         fc:ee:b9:d5
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAYpeyZgC+t7tqo+8a4z5JkoTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwOTA0MDYwMzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTA5OTIxMjIxNTBlYmI3ZWFjY2RmYmI2MDIzNmUyOWQ1NmVjMDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqd16gR3Z3wNPz8d7b2A/qfr8uF0D
0L/x82kEKnM7MyfoweE0Q7aUaMmQVEr6B2Jf/giWXfTLyGxxilZKrTcvurUw+00k
0kGLJrQViaLMtPji7k4oNwoHoD9WYlWI48Jo0Dg37k/4t+tG0vir8Mm9vS1PWwhZ
HFI8RzEIhYZY8HNNHVEfSRG8qTn6Zy3JlV7G/uKt26QH0kZ9yVkRRtpL7Q4Vk0dz
yqWGDjX9f2PqiOTU5OR32avpHDwwGbIjA/KI5MP7G8ek/k9uJt0YUoYVVJ43rRpH
+TnHTYdcgv9NZ79mNjf7OCdaoI6G8bu5ldKKlZdBb5VCcTe++iNMXwLdkwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFPEJkhIhUOu36szfu2AjbinVbsCTMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvOFFtU0VpRlE2N2Zxek4tN1lDTnVLZFZ1d0pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQwDAME
AD5IoQMEAj5IoAMEAD5IpTAMAwQAPkipAwQAPkiqMAwDBAA+SK0DBAQ+SKADBAA+
SLEDBAA+SLMwDAMEAD5ItQMEAD5ItjAMAwQAPki5AwQBPki8AwQAPki/MAwDBABR
FQEDBARRFQADBACwOTMDBACwOTUDBAGwOToDBAGwOT4wDQYJKoZIhvcNAQELBQAD
ggEBADytjkJzrJDLUbFzznegAtDylAsEYm0QrJvl5KgF8YeVZWsesvrNEtsvoPxS
6CRPEmBVMY6S8ZZhn4KMMDQw1iVn+F0nXJojjm5mxSrsWAY31waOkGZ5fvTowWJ6
9bBjWp9N3ObnVIPAyXFgatkx5qsldr1K8q/dkaTei/A+okrK1xmeZJ4ops5A3W0M
L2MPLQ3oYGXYQKBxhFwrnd91nSGAjpi4gnJ61ZDgiUdiXFQQk2/PYXymLEuPiAJA
vnuplOaN7WJ8IdXHe1AFSp5pZRKEOxB2djHmWHqQfRQilZhkkTVBoesZAz/vbQVU
+LHi0j5MxM5Kl2yJZ/eh0PzuudU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:53 2024 by rpki-client on console-fra.rpki-client.org