Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/AZLHrmxb-zSOk1WMV7GGLgUBRVU.roa
File:                     AZLHrmxb-zSOk1WMV7GGLgUBRVU.roa (raw, json)
Hash identifier:          zQrdFN7L92Q7RlOgNZ9Xu/A+hxfiAjeO03ETwtm6WlQ=
Subject key identifier:   01:92:C7:AE:6C:5B:FB:34:8E:93:55:8C:57:B1:86:2E:05:01:45:55
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018BD73ACE68AD4AECD94BD881432798F1B1
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/AZLHrmxb-zSOk1WMV7GGLgUBRVU.roa
Signing time:             Thu 16 Nov 2023 08:23:57 +0000
ROA not before:           Thu 16 Nov 2023 08:23:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        81.21.12.0/24 maxlen: 24
                          81.21.12.0/22 maxlen: 24
                          81.21.13.0/24 maxlen: 24
                          81.21.14.0/23 maxlen: 24
                          176.57.51.0/24 maxlen: 24
                          176.57.53.0/24 maxlen: 24
                          176.57.58.0/24 maxlen: 24
                          176.57.59.0/24 maxlen: 24
                          176.57.63.0/24 maxlen: 24
                          62.72.162.0/23 maxlen: 23
                          62.72.164.0/23 maxlen: 23
                          62.72.164.0/22 maxlen: 22
                          62.72.168.0/22 maxlen: 22
                          62.72.174.0/23 maxlen: 23
                          62.72.180.0/23 maxlen: 23
                          62.72.184.0/22 maxlen: 22
                          62.72.191.0/24 maxlen: 24
                          62.72.187.0/24 maxlen: 24
                          62.72.188.0/24 maxlen: 24
                          62.72.189.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.3.0/24 maxlen: 24
                          81.21.4.0/22 maxlen: 24
                          81.21.4.0/24 maxlen: 24
                          81.21.10.0/23 maxlen: 23
                          81.21.11.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 17 Nov 2023 12:06:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:d7:3a:ce:68:ad:4a:ec:d9:4b:d8:81:43:27:98:f1:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Nov 16 08:23:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0192c7ae6c5bfb348e93558c57b1862e05014555
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:3d:57:68:a1:2f:66:b5:73:26:08:0d:38:ef:
                    43:2e:0a:bf:cb:e2:5a:0f:6c:0c:f8:12:13:5e:06:
                    08:2f:35:ee:d6:63:3a:ed:70:43:01:02:27:dc:ba:
                    52:ac:cd:e3:84:37:c6:e2:e7:80:49:84:a9:f5:23:
                    0c:de:48:b5:03:3b:f5:45:18:e2:6d:5d:9b:bf:fc:
                    1a:a2:bb:4c:4c:46:3c:57:08:d3:d9:6a:aa:44:d4:
                    0b:35:6e:68:4d:98:46:01:de:27:3f:4f:30:6d:53:
                    6f:75:9f:a0:df:05:e9:14:23:41:cd:70:67:5d:0e:
                    ed:7e:02:3a:b1:9d:e3:34:f8:fc:48:76:9f:12:3a:
                    d9:ef:a5:7d:d8:ad:5f:93:f3:82:64:45:67:b3:94:
                    d7:c6:13:3c:b7:33:04:85:54:85:be:18:bd:5c:56:
                    99:35:d4:7a:fe:78:15:c3:01:9c:84:d5:18:03:8e:
                    d8:75:7d:2b:a9:a6:5e:92:01:a2:66:d3:e8:4f:56:
                    f4:3a:b7:40:f0:0c:88:1a:bb:a2:46:1a:72:92:6d:
                    de:ac:88:72:16:49:4d:f8:b4:8e:1b:5f:26:fd:29:
                    72:ba:8c:3a:82:25:2c:67:3a:54:2d:bb:d6:94:19:
                    64:f5:20:6d:c2:4c:49:de:9e:0e:25:a9:28:2e:f4:
                    92:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:92:C7:AE:6C:5B:FB:34:8E:93:55:8C:57:B1:86:2E:05:01:45:55
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/AZLHrmxb-zSOk1WMV7GGLgUBRVU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.162.0-62.72.171.255
                  62.72.174.0/23
                  62.72.180.0/23
                  62.72.184.0-62.72.189.255
                  62.72.191.0/24
                  81.21.2.0-81.21.7.255
                  81.21.10.0-81.21.15.255
                  176.57.51.0/24
                  176.57.53.0/24
                  176.57.58.0/23
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:17:29:04:36:4a:8a:6e:01:6f:f8:23:d1:96:04:42:0e:53:
         d0:5a:d6:ea:8c:7e:d7:6b:eb:cf:38:bc:41:42:8e:9c:46:4c:
         a3:5f:ba:39:01:76:cb:06:fd:ee:26:66:23:8d:10:c7:3d:74:
         3c:73:63:f9:32:f2:92:05:9a:be:e2:68:62:ba:de:ad:55:68:
         e1:7d:4c:42:82:e5:32:59:e3:c6:f2:32:53:11:bb:32:1c:b2:
         0b:47:71:99:92:e3:db:e3:cf:83:e0:76:be:4a:3e:e3:df:dd:
         be:5f:fc:f9:2f:da:31:23:2c:4e:e0:a5:a6:21:88:98:8a:b0:
         e4:08:ed:66:41:25:47:e8:24:0d:e5:08:d1:f6:6d:f9:1f:35:
         1e:02:e3:bb:09:1c:b4:8e:c1:b4:e2:2d:a8:e0:ad:6b:25:24:
         50:ad:07:cc:5f:e3:3f:96:5d:0f:11:92:fd:f7:4c:79:ef:30:
         53:9d:0c:04:12:98:61:83:16:f4:1d:22:2e:69:5e:09:1b:d4:
         9d:c4:4e:43:e1:30:cf:63:7b:f2:09:74:ad:e0:35:b1:70:75:
         63:e8:f3:5b:6d:95:5a:fe:23:ef:3c:c7:69:e8:d3:72:8c:25:
         eb:c7:1c:1c:2b:aa:4a:d2:42:66:4b:3e:5e:60:8e:a5:d8:5c:
         08:ca:d8:51
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYvXOs5orUrs2UvYgUMnmPGxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMxMTE2MDgyMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTkyYzdhZTZjNWJmYjM0OGU5MzU1OGM1N2IxODYyZTA1MDE0NTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqj1XaKEvZrVzJggNOO9DLgq/y+Ja
D2wM+BITXgYILzXu1mM67XBDAQIn3LpSrM3jhDfG4ueASYSp9SMM3ki1Azv1RRji
bV2bv/waortMTEY8VwjT2WqqRNQLNW5oTZhGAd4nP08wbVNvdZ+g3wXpFCNBzXBn
XQ7tfgI6sZ3jNPj8SHafEjrZ76V92K1fk/OCZEVns5TXxhM8tzMEhVSFvhi9XFaZ
NdR6/ngVwwGchNUYA47YdX0rqaZekgGiZtPoT1b0OrdA8AyIGruiRhpykm3erIhy
FklN+LSOG18m/Slyuow6giUsZzpULbvWlBlk9SBtwkxJ3p4OJakoLvSSOwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFAGSx65sW/s0jpNVjFexhi4FAUVVMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvQVpMSHJteGItelNPazFXTVY3R0dMZ1VCUlZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiMAwDBAE+SKID
BAI+SKgDBAE+SK4DBAE+SLQwDAMEAz5IuAMEAT5IvAMEAD5IvzAMAwQBURUCAwQD
URUAMAwDBAFRFQoDBARRFQADBACwOTMDBACwOTUDBAGwOToDBACwOT8wDQYJKoZI
hvcNAQELBQADggEBALQXKQQ2SopuAW/4I9GWBEIOU9Ba1uqMftdr6884vEFCjpxG
TKNfujkBdssG/e4mZiONEMc9dDxzY/ky8pIFmr7iaGK63q1VaOF9TEKC5TJZ48by
MlMRuzIcsgtHcZmS49vjz4Pgdr5KPuPf3b5f/Pkv2jEjLE7gpaYhiJiKsOQI7WZB
JUfoJA3lCNH2bfkfNR4C47sJHLSOwbTiLajgrWslJFCtB8xf4z+WXQ8Rkv33THnv
MFOdDAQSmGGDFvQdIi5pXgkb1J3ETkPhMM9je/IJdK3gNbFwdWPo81ttlVr+I+88
x2no03KMJevHHBwrqkrSQmZLPl5gjqXYXAjK2FE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:54 2024 by rpki-client on console-fra.rpki-client.org