Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/DWIWBM76eA32DwQQFKsE89RdA54.roa
File:                     DWIWBM76eA32DwQQFKsE89RdA54.roa (raw, json)
Hash identifier:          RZR96SR0hLMN8SArZKmjLkFm9XCPJ/7lT9yoLG5+P54=
Subject key identifier:   0D:62:16:04:CE:FA:78:0D:F6:0F:04:10:14:AB:04:F3:D4:5D:03:9E
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018C57C0C7A730A1B6DE4C02E1CE2AA0C37E
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/DWIWBM76eA32DwQQFKsE89RdA54.roa
Signing time:             Mon 11 Dec 2023 07:21:40 +0000
ROA not before:           Mon 11 Dec 2023 07:21:40 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        62.72.162.0/24 maxlen: 24
                          62.72.162.0/23 maxlen: 23
                          62.72.163.0/24 maxlen: 24
                          62.72.164.0/23 maxlen: 23
                          62.72.164.0/22 maxlen: 22
                          62.72.168.0/22 maxlen: 22
                          62.72.170.0/24 maxlen: 24
                          62.72.168.0/24 maxlen: 24
                          62.72.173.0/24 maxlen: 24
                          62.72.174.0/23 maxlen: 23
                          62.72.174.0/24 maxlen: 24
                          62.72.175.0/24 maxlen: 24
                          62.72.180.0/23 maxlen: 23
                          62.72.184.0/22 maxlen: 22
                          81.21.12.0/22 maxlen: 24
                          81.21.14.0/23 maxlen: 24
                          176.57.51.0/24 maxlen: 24
                          176.57.53.0/24 maxlen: 24
                          176.57.58.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.4.0/22 maxlen: 24
                          176.57.59.0/24 maxlen: 24
                          81.21.10.0/23 maxlen: 23
                          176.57.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 12 Dec 2023 06:30:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:57:c0:c7:a7:30:a1:b6:de:4c:02:e1:ce:2a:a0:c3:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Dec 11 07:21:40 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0d621604cefa780df60f041014ab04f3d45d039e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:49:e2:3c:8b:de:aa:9c:e4:91:e6:b9:c4:1f:
                    4b:08:77:1b:e8:2f:0d:e1:03:99:d8:aa:53:a7:12:
                    be:8b:f7:9b:40:6d:bc:75:bf:87:bf:b2:fd:16:04:
                    0e:38:c9:a3:3c:26:df:5e:6b:11:5a:4b:ba:8e:08:
                    91:96:b6:9a:4c:e6:30:26:a9:09:ec:c2:0c:af:79:
                    84:07:aa:4e:8f:80:f1:25:5b:df:11:c1:ab:15:e5:
                    24:b6:8c:f9:f1:c7:be:d3:03:d3:8e:2a:b2:f7:ca:
                    f6:7c:19:80:db:ec:8d:b3:54:54:cd:41:55:39:90:
                    d3:5f:23:52:81:8a:4f:92:e8:41:2d:fb:17:07:a2:
                    46:3f:5e:99:54:f8:45:77:d2:af:5e:31:cb:d5:e2:
                    77:9d:c5:4f:33:14:b0:e9:b2:80:b2:2c:8f:be:22:
                    95:64:ef:27:fa:8a:72:4d:61:a4:f5:61:08:ea:70:
                    02:2b:a4:15:41:18:ce:61:d1:f0:cb:75:b3:3e:93:
                    15:49:26:6d:a2:f5:aa:11:d0:b5:c0:87:28:fb:3d:
                    d0:3f:08:1e:4d:a0:0d:5c:c0:f7:1b:ef:99:a0:f0:
                    c5:f9:e0:aa:dc:53:46:53:c6:8b:1d:94:e3:29:ca:
                    58:fc:35:c5:96:64:7b:e5:dc:97:7d:ca:4f:5f:0d:
                    d3:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:62:16:04:CE:FA:78:0D:F6:0F:04:10:14:AB:04:F3:D4:5D:03:9E
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/DWIWBM76eA32DwQQFKsE89RdA54.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.162.0-62.72.171.255
                  62.72.173.0-62.72.175.255
                  62.72.180.0/23
                  62.72.184.0/22
                  81.21.2.0-81.21.7.255
                  81.21.10.0-81.21.15.255
                  176.57.51.0/24
                  176.57.53.0/24
                  176.57.58.0/23
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:9f:dc:5a:2f:ee:47:36:4f:47:0d:c8:b8:0f:e4:93:ca:47:
         15:5f:bc:ba:c9:9f:33:84:10:67:bd:e0:2d:26:3c:b8:76:3d:
         4b:84:ce:86:20:53:5f:5b:48:e1:a1:1a:96:ea:c7:6d:13:be:
         83:a6:39:70:43:10:8c:ba:b0:df:9e:93:62:a2:09:af:77:bf:
         17:a9:62:dd:fc:83:58:5e:8e:d7:f2:a9:78:e3:76:69:c9:8e:
         bd:c6:ad:98:4e:36:fb:33:7d:6f:57:2e:59:21:67:62:fd:71:
         15:a6:97:17:a3:23:89:9e:8e:48:66:a3:87:a1:11:83:2a:8b:
         a9:fb:bb:7c:cc:5e:1e:b0:08:36:07:a2:0c:98:92:93:1f:e9:
         b3:67:ca:69:98:60:dc:a2:31:5a:b1:b3:bf:3a:a3:98:59:93:
         8d:0e:d4:b2:90:e2:bd:77:db:97:fd:01:cf:9e:a4:83:84:bb:
         a0:72:3c:76:29:3d:a1:f4:ed:43:f6:c4:f3:7c:96:bd:09:36:
         0f:7c:5f:f6:7f:8a:c8:50:dd:76:24:34:fe:26:c7:c7:f4:f5:
         d2:4d:84:54:e6:cc:ba:24:e5:e2:ad:20:9d:26:6b:29:d9:c0:
         f4:ea:d4:f2:04:08:06:23:b6:6b:19:d2:4c:8e:ad:bc:24:06:
         24:10:92:30
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYxXwMenMKG23kwC4c4qoMN+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMxMjExMDcyMTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDYyMTYwNGNlZmE3ODBkZjYwZjA0MTAxNGFiMDRmM2Q0NWQwMzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukniPIveqpzkkea5xB9LCHcb6C8N
4QOZ2KpTpxK+i/ebQG28db+Hv7L9FgQOOMmjPCbfXmsRWku6jgiRlraaTOYwJqkJ
7MIMr3mEB6pOj4DxJVvfEcGrFeUktoz58ce+0wPTjiqy98r2fBmA2+yNs1RUzUFV
OZDTXyNSgYpPkuhBLfsXB6JGP16ZVPhFd9KvXjHL1eJ3ncVPMxSw6bKAsiyPviKV
ZO8n+opyTWGk9WEI6nACK6QVQRjOYdHwy3WzPpMVSSZtovWqEdC1wIco+z3QPwge
TaANXMD3G++ZoPDF+eCq3FNGU8aLHZTjKcpY/DXFlmR75dyXfcpPXw3TGwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFA1iFgTO+ngN9g8EEBSrBPPUXQOeMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvRFdJV0JNNzZlQTMyRHdRUUZLc0U4OVJkQTU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcMAwDBAE+SKID
BAI+SKgwDAMEAD5IrQMEBD5IoAMEAT5ItAMEAj5IuDAMAwQBURUCAwQDURUAMAwD
BAFRFQoDBARRFQADBACwOTMDBACwOTUDBAGwOToDBACwOT8wDQYJKoZIhvcNAQEL
BQADggEBAF2f3Fov7kc2T0cNyLgP5JPKRxVfvLrJnzOEEGe94C0mPLh2PUuEzoYg
U19bSOGhGpbqx20TvoOmOXBDEIy6sN+ek2KiCa93vxepYt38g1hejtfyqXjjdmnJ
jr3GrZhONvszfW9XLlkhZ2L9cRWmlxejI4mejkhmo4ehEYMqi6n7u3zMXh6wCDYH
ogyYkpMf6bNnymmYYNyiMVqxs786o5hZk40O1LKQ4r1325f9Ac+epIOEu6ByPHYp
PaH07UP2xPN8lr0JNg98X/Z/ishQ3XYkNP4mx8f09dJNhFTmzLok5eKtIJ0maynZ
wPTq1PIECAYjtmsZ0kyOrbwkBiQQkjA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:54 2024 by rpki-client on console-fra.rpki-client.org