Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/CxE73ECv-9iIiMpxog6lxjnbNiY.roa
File:                     CxE73ECv-9iIiMpxog6lxjnbNiY.roa (raw, json)
Hash identifier:          TjG5TeRZXJng6KnjeFaSbIPxhmmdmcqXGoqg/E3N66g=
Subject key identifier:   0B:11:3B:DC:40:AF:FB:D8:88:88:CA:71:A2:0E:A5:C6:39:DB:36:26
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018C7B9E12F92C3E557BA06D06C7FD0D883B
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/CxE73ECv-9iIiMpxog6lxjnbNiY.roa
Signing time:             Mon 18 Dec 2023 06:30:06 +0000
ROA not before:           Mon 18 Dec 2023 06:30:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     398465
IP address blocks:        62.72.189.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:7b:9e:12:f9:2c:3e:55:7b:a0:6d:06:c7:fd:0d:88:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Dec 18 06:30:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0b113bdc40affbd88888ca71a20ea5c639db3626
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:20:d4:27:bc:2e:bf:c0:33:8d:ac:6a:da:03:
                    fb:2b:a3:8e:dc:dd:f0:86:c8:1d:17:bf:77:77:93:
                    ea:a8:1b:42:1f:0c:79:73:64:f5:70:ed:09:bc:ec:
                    b0:ea:e0:be:1a:e5:1c:21:8b:32:72:2f:99:9c:7e:
                    84:84:0a:f6:dc:c3:39:fc:05:41:9b:18:15:8f:2e:
                    2c:ea:24:e6:2a:a4:6b:68:60:11:65:85:5a:ff:8c:
                    21:02:19:b9:60:41:4c:e2:36:98:de:a7:5e:fe:c7:
                    4f:62:98:a9:7a:fb:4a:51:01:49:e3:9f:dc:84:44:
                    7b:af:32:bb:eb:d9:09:a8:32:07:50:f6:f9:e4:b7:
                    ac:5a:ee:a7:c5:b8:07:60:ea:16:fe:69:38:f5:31:
                    6c:5e:0a:74:42:eb:b0:4f:23:dd:c4:7a:db:86:4d:
                    d3:6d:98:c4:7e:6e:2c:6e:c2:0b:bf:00:b2:90:6e:
                    01:49:9a:ec:33:b4:dc:c0:12:5a:31:88:31:3c:66:
                    76:12:2b:10:0d:90:79:c5:5d:14:42:63:03:6c:11:
                    e9:c8:ff:4c:66:52:82:2c:e7:cb:66:57:39:ad:ee:
                    9a:ea:27:97:d8:ca:b6:8e:dc:53:f5:fa:a6:4d:c7:
                    d4:43:9e:e0:7f:52:eb:8e:95:ed:09:b9:d4:2b:7f:
                    33:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:11:3B:DC:40:AF:FB:D8:88:88:CA:71:A2:0E:A5:C6:39:DB:36:26
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/CxE73ECv-9iIiMpxog6lxjnbNiY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:3f:8a:57:62:00:ae:b7:6d:8e:0d:40:03:22:80:30:09:48:
         5c:94:93:0c:02:78:5d:cb:f8:47:41:d6:6e:db:51:ee:94:0d:
         48:f5:cf:c3:d3:50:a0:de:a8:20:2e:07:e4:e1:72:a3:3a:bb:
         a9:a9:f3:50:47:0a:92:74:32:2c:01:f6:cf:26:6f:26:af:cd:
         56:ec:8f:48:8e:d3:02:9a:f8:78:16:4b:3c:75:c9:52:f1:17:
         d1:19:c6:e7:e0:17:11:53:c5:9f:16:0e:cc:7c:3e:aa:90:c2:
         b3:86:c2:de:c3:90:9d:4d:55:7a:ba:9e:62:8e:cc:c0:73:10:
         a0:47:ff:95:90:df:e0:b9:40:a9:2a:da:7c:7c:b5:48:26:0f:
         dc:da:d3:c3:42:9a:fe:be:ba:fe:2f:4a:5f:54:ec:1e:7f:b7:
         14:74:8b:ef:44:b1:e9:f8:59:c5:85:fb:d1:2f:fa:65:b4:62:
         bd:e1:2f:16:c7:2a:76:bf:05:ff:06:51:0a:1d:d4:52:6a:94:
         f9:a0:dd:e1:bd:3d:b1:bd:14:38:4a:bf:64:75:c7:32:ba:b7:
         91:53:2d:43:b3:47:12:3d:c3:71:b6:bf:a9:41:99:88:21:60:
         5b:e8:06:48:8f:16:ce:81:3d:d0:3d:41:9e:5f:94:66:47:c2:
         4d:80:05:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYx7nhL5LD5Ve6BtBsf9DYg7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMxMjE4MDYzMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjExM2JkYzQwYWZmYmQ4ODg4OGNhNzFhMjBlYTVjNjM5ZGIzNjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyDUJ7wuv8Azjaxq2gP7K6OO3N3w
hsgdF793d5PqqBtCHwx5c2T1cO0JvOyw6uC+GuUcIYsyci+ZnH6EhAr23MM5/AVB
mxgVjy4s6iTmKqRraGARZYVa/4whAhm5YEFM4jaY3qde/sdPYpipevtKUQFJ45/c
hER7rzK769kJqDIHUPb55LesWu6nxbgHYOoW/mk49TFsXgp0QuuwTyPdxHrbhk3T
bZjEfm4sbsILvwCykG4BSZrsM7TcwBJaMYgxPGZ2EisQDZB5xV0UQmMDbBHpyP9M
ZlKCLOfLZlc5re6a6ieX2Mq2jtxT9fqmTcfUQ57gf1LrjpXtCbnUK38zdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAsRO9xAr/vYiIjKcaIOpcY52zYmMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvQ3hFNzNFQ3YtOWlJaU1weG9nNmx4am5iTmlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPki9MA0G
CSqGSIb3DQEBCwUAA4IBAQAMP4pXYgCut22ODUADIoAwCUhclJMMAnhdy/hHQdZu
21HulA1I9c/D01Cg3qggLgfk4XKjOrupqfNQRwqSdDIsAfbPJm8mr81W7I9IjtMC
mvh4Fks8dclS8RfRGcbn4BcRU8WfFg7MfD6qkMKzhsLew5CdTVV6up5ijszAcxCg
R/+VkN/guUCpKtp8fLVIJg/c2tPDQpr+vrr+L0pfVOwef7cUdIvvRLHp+FnFhfvR
L/pltGK94S8Wxyp2vwX/BlEKHdRSapT5oN3hvT2xvRQ4Sr9kdccyureRUy1Ds0cS
PcNxtr+pQZmIIWBb6AZIjxbOgT3QPUGeX5RmR8JNgAUo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:55 2024 by rpki-client on console-ams.rpki-client.org