Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/DOXa8VFEK6r4FgK5cW9BsxkC-8o.roa
File:                     DOXa8VFEK6r4FgK5cW9BsxkC-8o.roa (raw, json)
Hash identifier:          myyWdbJfmtwPiLotXd5woobO0Vv3zjK4ssuRJwQYTX8=
Subject key identifier:   0C:E5:DA:F1:51:44:2B:AA:F8:16:02:B9:71:6F:41:B3:19:02:FB:CA
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       0188FC913C7A32223FF930B71AEBB732093D
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/DOXa8VFEK6r4FgK5cW9BsxkC-8o.roa
Signing time:             Tue 27 Jun 2023 11:15:56 +0000
ROA not before:           Tue 27 Jun 2023 11:15:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211975
IP address blocks:        62.72.165.0/24 maxlen: 24
                          62.72.166.0/24 maxlen: 24
                          62.72.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 04 Aug 2023 11:57:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:fc:91:3c:7a:32:22:3f:f9:30:b7:1a:eb:b7:32:09:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Jun 27 11:15:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0ce5daf151442baaf81602b9716f41b31902fbca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:c4:f5:02:7b:04:f6:3d:8c:3b:0d:68:ce:98:
                    75:4a:68:df:c2:bf:9d:49:61:1a:f9:91:b0:36:e6:
                    07:fe:f2:2e:7a:2d:da:7e:13:0b:20:d2:bd:b8:60:
                    a3:8b:5a:77:e2:b0:5e:cc:2c:d6:ca:46:fb:0a:a5:
                    50:84:88:bc:6b:18:6e:fe:e0:09:9b:23:93:f1:84:
                    0f:6b:f9:b0:b6:68:f0:9a:a3:a2:aa:99:ae:5f:48:
                    1f:df:07:c7:8b:b9:ca:2d:47:09:17:77:14:e2:0e:
                    46:d3:0f:ff:1b:7c:19:09:32:24:3a:1e:c4:db:f1:
                    85:36:60:9a:e0:7e:e8:14:d3:7e:e7:00:dc:8d:b9:
                    72:e9:6c:ff:73:30:4a:62:9c:25:bb:87:f9:d4:2f:
                    eb:ef:43:00:4b:ec:05:b7:04:dc:bf:e1:27:f2:fa:
                    95:a5:78:df:1e:89:5d:97:d8:bd:68:85:11:1e:f8:
                    5b:7f:4c:58:46:44:b7:47:70:51:ea:a0:86:c2:4b:
                    67:0d:6f:77:9e:ba:40:15:48:2f:d2:28:2d:2f:83:
                    da:dc:48:8d:02:7b:e0:dc:91:c6:61:f7:e8:99:2b:
                    dc:66:7c:75:18:79:bf:5c:22:f1:2a:81:36:d2:eb:
                    93:03:89:35:a2:8e:18:00:5f:21:ed:ff:26:c9:36:
                    56:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:E5:DA:F1:51:44:2B:AA:F8:16:02:B9:71:6F:41:B3:19:02:FB:CA
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/DOXa8VFEK6r4FgK5cW9BsxkC-8o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.165.0-62.72.167.255

    Signature Algorithm: sha256WithRSAEncryption
         ad:b3:b9:67:b9:d7:27:4e:29:30:5a:51:e2:a7:15:e2:6f:d0:
         f7:c3:17:a6:99:35:49:c0:61:73:66:f7:9a:1b:aa:b4:4c:d0:
         09:27:4d:bb:02:eb:0d:d1:dc:ff:27:d7:d8:c2:01:b2:83:9a:
         db:39:69:49:d1:dd:00:a4:d3:3d:7b:8b:73:aa:52:4a:73:23:
         b2:a9:4a:0c:08:32:2c:8c:6d:58:18:e2:7e:ae:80:ba:d6:76:
         51:5a:ab:b3:1c:be:63:a8:ad:0f:d5:ea:03:7a:f4:e4:1f:0c:
         4d:83:ee:31:ac:fe:c3:80:5c:59:41:af:ff:73:16:f0:61:3e:
         3b:f7:7a:40:7e:e6:30:ac:8d:a3:af:73:b4:0b:27:ab:c3:5a:
         e4:1b:4c:aa:6f:90:c7:e9:03:32:82:3f:54:a6:d5:4c:69:80:
         80:72:4a:40:fb:47:7d:85:e2:d1:b0:de:c7:76:81:81:7e:92:
         d7:5d:bd:b0:8d:ed:54:04:f6:73:72:6b:b7:da:6d:14:52:64:
         73:96:67:80:1a:c1:0b:8d:b4:3d:fc:6d:36:10:59:fd:b3:2a:
         c2:1b:cc:c7:98:8f:0a:07:3d:32:13:c4:82:2d:f6:41:c1:81:
         3c:d4:29:a6:33:9b:0e:97:6a:74:99:24:73:e1:62:fe:4c:f3:
         df:e0:9e:97
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYj8kTx6MiI/+TC3Guu3Mgk9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwNjI3MTExNTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2U1ZGFmMTUxNDQyYmFhZjgxNjAyYjk3MTZmNDFiMzE5MDJmYmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8T1AnsE9j2MOw1ozph1Smjfwr+d
SWEa+ZGwNuYH/vIuei3afhMLINK9uGCji1p34rBezCzWykb7CqVQhIi8axhu/uAJ
myOT8YQPa/mwtmjwmqOiqpmuX0gf3wfHi7nKLUcJF3cU4g5G0w//G3wZCTIkOh7E
2/GFNmCa4H7oFNN+5wDcjbly6Wz/czBKYpwlu4f51C/r70MAS+wFtwTcv+En8vqV
pXjfHoldl9i9aIURHvhbf0xYRkS3R3BR6qCGwktnDW93nrpAFUgv0igtL4Pa3EiN
Anvg3JHGYffomSvcZnx1GHm/XCLxKoE20uuTA4k1oo4YAF8h7f8myTZWjQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAzl2vFRRCuq+BYCuXFvQbMZAvvKMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvRE9YYThWRkVLNnI0RmdLNWNXOUJzeGtDLThvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAA+SKUD
BAM+SKAwDQYJKoZIhvcNAQELBQADggEBAK2zuWe51ydOKTBaUeKnFeJv0PfDF6aZ
NUnAYXNm95obqrRM0AknTbsC6w3R3P8n19jCAbKDmts5aUnR3QCk0z17i3OqUkpz
I7KpSgwIMiyMbVgY4n6ugLrWdlFaq7McvmOorQ/V6gN69OQfDE2D7jGs/sOAXFlB
r/9zFvBhPjv3ekB+5jCsjaOvc7QLJ6vDWuQbTKpvkMfpAzKCP1Sm1UxpgIBySkD7
R32F4tGw3sd2gYF+ktddvbCN7VQE9nNya7fabRRSZHOWZ4AawQuNtD38bTYQWf2z
KsIbzMeYjwoHPTITxIIt9kHBgTzUKaYzmw6XanSZJHPhYv5M89/gnpc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:54 2024 by rpki-client on console-fra.rpki-client.org