Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/AN0JGoPQIxrqVMVCzZea5sNCSNI.roa
File:                     AN0JGoPQIxrqVMVCzZea5sNCSNI.roa (raw, json)
Hash identifier:          femSSQJqVmcqorbrsZYI/m57Gu8ULkzQ7BK/53d4EnM=
Subject key identifier:   00:DD:09:1A:83:D0:23:1A:EA:54:C5:42:CD:97:9A:E6:C3:42:48:D2
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018C5DE9B45FB3106E9D449532365790811B
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/AN0JGoPQIxrqVMVCzZea5sNCSNI.roa
Signing time:             Tue 12 Dec 2023 12:04:06 +0000
ROA not before:           Tue 12 Dec 2023 12:04:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197842
IP address blocks:        62.72.173.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:5d:e9:b4:5f:b3:10:6e:9d:44:95:32:36:57:90:81:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Dec 12 12:04:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=00dd091a83d0231aea54c542cd979ae6c34248d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:e8:09:57:a5:db:06:a9:8d:bb:28:a8:5a:dc:
                    8d:f7:6f:85:4b:25:3f:8e:9e:d9:89:62:67:58:1a:
                    d7:39:c6:18:fc:0d:a7:16:ec:77:ce:37:b1:84:9b:
                    d6:3d:06:4a:ae:e3:11:2a:93:0e:c7:af:da:0f:fa:
                    5e:da:c0:b7:62:c4:95:7e:05:f9:13:77:bd:e1:a0:
                    f7:b1:4e:a3:b4:77:0e:d1:03:1d:dd:17:e1:e4:95:
                    0d:a4:f1:95:3f:a1:3a:75:a0:19:42:ae:b4:24:59:
                    b9:d4:4a:fc:21:37:c3:4b:b5:3f:c4:b3:cb:fe:50:
                    35:f1:be:e5:e6:73:3a:e2:d7:8c:f7:35:e1:c2:f5:
                    d3:e6:eb:af:d8:68:4e:b2:9e:67:5d:44:0f:b1:be:
                    72:a5:29:1d:46:30:c1:63:96:5b:50:71:16:67:bd:
                    6e:00:e8:2b:5b:96:4b:91:55:b6:d1:41:b8:29:bd:
                    bf:85:8e:5b:0b:d2:60:47:e5:ca:fa:f4:60:5a:13:
                    9a:00:d6:7b:ed:a2:4b:59:0f:74:3d:21:3b:8c:33:
                    dc:2f:8e:3f:ac:15:86:11:19:f5:f7:e4:9b:2f:94:
                    49:e6:8c:de:38:6a:21:86:c0:28:c2:5a:bc:56:54:
                    b2:a6:47:61:7a:9b:d0:65:17:40:76:82:30:bd:e7:
                    28:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:DD:09:1A:83:D0:23:1A:EA:54:C5:42:CD:97:9A:E6:C3:42:48:D2
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/AN0JGoPQIxrqVMVCzZea5sNCSNI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.173.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:96:1f:9b:57:43:07:69:ac:a4:90:d7:4e:bb:5d:c7:99:e2:
         5d:3c:de:b5:b0:85:f4:97:ff:37:27:e1:67:1c:92:f4:f1:26:
         3c:3c:ff:79:28:71:99:7f:02:c3:22:a5:92:77:39:f5:89:f1:
         49:3e:cc:0e:25:63:bd:65:a4:08:6e:fb:98:aa:4d:8f:00:23:
         4d:8e:2a:e1:ad:bb:4b:58:7e:91:71:5f:57:4c:71:dc:f4:13:
         f6:86:2b:57:e0:bd:12:8d:c1:bd:9a:9f:01:1e:13:0f:3b:09:
         44:c5:02:d2:dc:b1:ff:ad:db:4b:c0:0f:15:26:ff:74:f4:2f:
         03:b7:4d:a8:c6:1d:31:1f:86:9c:c9:1e:0b:f6:fb:c7:d6:03:
         66:a6:87:3a:59:b4:8f:dd:28:ea:5f:b5:b3:f3:2c:e9:ea:1f:
         92:42:50:1c:99:35:77:84:4b:2c:bf:7b:1b:c3:69:e2:84:f3:
         27:77:e5:9c:0f:4d:ea:1a:75:4a:d9:60:e7:c6:98:cc:5b:30:
         ba:53:0f:a3:f6:48:06:24:59:12:34:7f:18:bb:87:c1:c8:92:
         df:7e:d9:44:d3:96:1e:ed:f1:3e:6b:bd:c6:d3:db:28:49:ac:
         21:61:03:6d:26:6a:69:04:f8:53:23:b3:c2:3c:8f:3c:46:fb:
         98:61:60:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxd6bRfsxBunUSVMjZXkIEbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMxMjEyMTIwNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGRkMDkxYTgzZDAyMzFhZWE1NGM1NDJjZDk3OWFlNmMzNDI0OGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+gJV6XbBqmNuyioWtyN92+FSyU/
jp7ZiWJnWBrXOcYY/A2nFux3zjexhJvWPQZKruMRKpMOx6/aD/pe2sC3YsSVfgX5
E3e94aD3sU6jtHcO0QMd3Rfh5JUNpPGVP6E6daAZQq60JFm51Er8ITfDS7U/xLPL
/lA18b7l5nM64teM9zXhwvXT5uuv2GhOsp5nXUQPsb5ypSkdRjDBY5ZbUHEWZ71u
AOgrW5ZLkVW20UG4Kb2/hY5bC9JgR+XK+vRgWhOaANZ77aJLWQ90PSE7jDPcL44/
rBWGERn19+SbL5RJ5ozeOGohhsAowlq8VlSypkdhepvQZRdAdoIwvecoNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFADdCRqD0CMa6lTFQs2XmubDQkjSMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvQU4wSkdvUFFJeHJxVk1WQ3paZWE1c05DU05JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkitMA0G
CSqGSIb3DQEBCwUAA4IBAQB/lh+bV0MHaaykkNdOu13HmeJdPN61sIX0l/83J+Fn
HJL08SY8PP95KHGZfwLDIqWSdzn1ifFJPswOJWO9ZaQIbvuYqk2PACNNjirhrbtL
WH6RcV9XTHHc9BP2hitX4L0SjcG9mp8BHhMPOwlExQLS3LH/rdtLwA8VJv909C8D
t02oxh0xH4acyR4L9vvH1gNmpoc6WbSP3SjqX7Wz8yzp6h+SQlAcmTV3hEssv3sb
w2nihPMnd+WcD03qGnVK2WDnxpjMWzC6Uw+j9kgGJFkSNH8Yu4fByJLfftlE05Ye
7fE+a73G09soSawhYQNtJmppBPhTI7PCPI88RvuYYWC0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:54 2024 by rpki-client on console-ams.rpki-client.org