Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/Ba1_cdVKbZzXIZ9KYx3P2hj83dA.roa
File:                     Ba1_cdVKbZzXIZ9KYx3P2hj83dA.roa (raw, json)
Hash identifier:          HB2E6eEgANtzvoQqARbUZ5qdtpJjNOSXnicyBkF96qg=
Subject key identifier:   05:AD:7F:71:D5:4A:6D:9C:D7:21:9F:4A:63:1D:CF:DA:18:FC:DD:D0
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       0188D31BA32D3B0656460C1CF13704017AC4
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/Ba1_cdVKbZzXIZ9KYx3P2hj83dA.roa
Signing time:             Mon 19 Jun 2023 10:03:03 +0000
ROA not before:           Mon 19 Jun 2023 10:03:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        62.72.162.0/24 maxlen: 24
                          62.72.161.0/24 maxlen: 24
                          62.72.176.0/24 maxlen: 24
                          62.72.184.0/24 maxlen: 24
                          62.72.186.0/24 maxlen: 24
                          62.72.190.0/24 maxlen: 24
                          62.72.191.0/24 maxlen: 24
                          62.72.187.0/24 maxlen: 24
                          176.57.63.0/24 maxlen: 24
                          81.21.12.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 20 Jun 2023 06:49:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:d3:1b:a3:2d:3b:06:56:46:0c:1c:f1:37:04:01:7a:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Jun 19 10:03:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=05ad7f71d54a6d9cd7219f4a631dcfda18fcddd0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:f4:53:2f:5f:84:c3:5d:f9:97:5f:f5:85:ff:
                    1c:b1:74:60:fb:e0:81:0b:66:01:b6:e9:c8:36:ac:
                    50:01:8e:4f:0a:75:d9:dc:89:63:b5:79:53:0a:08:
                    36:dd:98:36:47:10:17:cf:f9:bf:05:50:14:25:47:
                    df:9f:ee:78:8e:e8:74:54:32:9e:53:92:ee:8d:f9:
                    46:ae:6d:46:df:4e:97:c2:12:7f:40:0f:59:37:e0:
                    a3:8c:be:1e:cf:5a:ee:91:20:e9:06:e7:af:23:c6:
                    bd:e8:78:22:68:0c:d0:74:bd:55:22:c4:de:33:2e:
                    14:be:77:76:e6:43:9c:86:1f:3c:86:f5:36:a2:1d:
                    f4:c7:88:19:7d:81:2f:77:83:a2:2c:55:28:57:40:
                    64:1b:db:9e:22:c6:98:cb:2d:56:01:53:18:01:0a:
                    f7:55:6e:b2:47:30:88:d1:8a:ff:b5:54:18:1d:e1:
                    57:0e:43:2d:c4:35:76:a5:a9:9c:18:e4:b7:fc:0d:
                    84:17:82:34:82:e8:03:ab:fa:41:7d:2a:e6:c4:09:
                    20:12:40:64:0b:f2:e7:bc:6c:5e:96:7d:81:ee:57:
                    8a:01:c1:bd:f4:37:3f:42:f5:b9:a5:9e:1c:ab:8b:
                    0a:cf:da:3f:11:b3:20:16:28:85:37:ce:18:b3:ab:
                    93:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:AD:7F:71:D5:4A:6D:9C:D7:21:9F:4A:63:1D:CF:DA:18:FC:DD:D0
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/Ba1_cdVKbZzXIZ9KYx3P2hj83dA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.161.0-62.72.162.255
                  62.72.176.0/24
                  62.72.184.0/24
                  62.72.186.0/23
                  62.72.190.0/23
                  81.21.12.0/22
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:98:b3:20:8d:93:69:15:7a:40:69:a1:b5:fa:6a:4e:f5:91:
         b9:40:22:da:7f:64:54:9e:05:77:b8:20:ae:30:dd:7f:ea:fd:
         44:ad:cf:4d:6b:03:c6:41:6a:72:6a:8d:da:d8:18:e3:51:04:
         7e:84:d8:5e:75:fa:f2:66:fb:d7:75:5f:df:6b:19:04:2b:cf:
         33:3e:02:68:53:55:b3:15:e8:2c:2c:ed:2e:80:9a:1b:35:d6:
         ac:21:07:83:62:fe:7b:4b:b2:fd:42:d1:28:01:29:fd:a8:ce:
         5d:cf:14:53:15:e4:f5:dd:e4:40:7d:b7:e0:2c:b2:c6:c8:ad:
         82:18:53:ff:04:3b:0a:53:3a:7d:56:db:3b:96:12:3a:e8:ac:
         8b:80:57:23:dc:c4:98:b2:f7:50:50:17:5f:0b:83:03:68:e5:
         52:e3:0b:d5:b9:0e:97:ed:b7:84:ae:20:43:5a:be:98:8a:71:
         9d:ff:2b:bc:b7:bf:6e:c1:e5:78:d0:8c:63:ff:da:d5:99:b5:
         c9:2a:77:ad:b5:f6:3f:c9:5a:33:97:40:43:5c:0c:38:59:cf:
         93:84:92:4f:55:72:87:fb:a3:7f:05:e7:41:89:55:ba:3d:7a:
         2e:1b:b4:46:fe:e1:1f:d1:7f:2b:37:75:68:14:61:8a:18:d0:
         e3:f6:1b:fa
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYjTG6MtOwZWRgwc8TcEAXrEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwNjE5MTAwMzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWFkN2Y3MWQ1NGE2ZDljZDcyMTlmNGE2MzFkY2ZkYTE4ZmNkZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvRTL1+Ew135l1/1hf8csXRg++CB
C2YBtunINqxQAY5PCnXZ3IljtXlTCgg23Zg2RxAXz/m/BVAUJUffn+54juh0VDKe
U5LujflGrm1G306XwhJ/QA9ZN+CjjL4ez1rukSDpBuevI8a96HgiaAzQdL1VIsTe
My4Uvnd25kOchh88hvU2oh30x4gZfYEvd4OiLFUoV0BkG9ueIsaYyy1WAVMYAQr3
VW6yRzCI0Yr/tVQYHeFXDkMtxDV2pamcGOS3/A2EF4I0gugDq/pBfSrmxAkgEkBk
C/LnvGxeln2B7leKAcG99Dc/QvW5pZ4cq4sKz9o/EbMgFiiFN84Ys6uTdQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFAWtf3HVSm2c1yGfSmMdz9oY/N3QMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvQmExX2NkVktiWnpYSVo5S1l4M1AyaGo4M2RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAA+SKED
BAA+SKIDBAA+SLADBAA+SLgDBAE+SLoDBAE+SL4DBAJRFQwDBACwOT8wDQYJKoZI
hvcNAQELBQADggEBAE+YsyCNk2kVekBpobX6ak71kblAItp/ZFSeBXe4IK4w3X/q
/UStz01rA8ZBanJqjdrYGONRBH6E2F51+vJm+9d1X99rGQQrzzM+AmhTVbMV6Cws
7S6Amhs11qwhB4Ni/ntLsv1C0SgBKf2ozl3PFFMV5PXd5EB9t+AsssbIrYIYU/8E
OwpTOn1W2zuWEjrorIuAVyPcxJiy91BQF18LgwNo5VLjC9W5Dpftt4SuIENavpiK
cZ3/K7y3v27B5XjQjGP/2tWZtckqd6219j/JWjOXQENcDDhZz5OEkk9Vcof7o38F
50GJVbo9ei4btEb+4R/Rfys3dWgUYYoY0OP2G/o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:54 2024 by rpki-client on console-fra.rpki-client.org