Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/DaPALAKcZftCYaroB0SqbALho6U.roa
File:                     DaPALAKcZftCYaroB0SqbALho6U.roa (raw, json)
Hash identifier:          QXGziZHS3UUB/yW3oc9sr3TAOd8fETHtCZ6SgxdMOII=
Subject key identifier:   0D:A3:C0:2C:02:9C:65:FB:42:61:AA:E8:07:44:AA:6C:02:E1:A3:A5
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       0186C572FF128CB6A214003F440A7404C908
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/DaPALAKcZftCYaroB0SqbALho6U.roa
Signing time:             Thu 09 Mar 2023 08:18:13 +0000
ROA not before:           Thu 09 Mar 2023 08:18:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211440
IP address blocks:        176.57.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:c5:72:ff:12:8c:b6:a2:14:00:3f:44:0a:74:04:c9:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Mar  9 08:18:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0da3c02c029c65fb4261aae80744aa6c02e1a3a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:dc:99:7a:57:25:99:68:dd:c5:20:71:f1:0a:
                    79:95:11:d3:58:7d:b9:80:2c:d1:5e:a9:94:8b:9d:
                    ba:0c:a8:24:21:a4:0f:dc:02:14:af:48:f0:fe:98:
                    6e:0e:ee:5e:b2:4f:e7:3e:e8:95:39:de:e4:52:5b:
                    26:63:d5:41:c0:ca:90:b6:43:42:87:07:c3:22:25:
                    90:14:cd:ba:21:97:70:5c:51:74:d9:d6:a0:6f:c2:
                    72:ac:17:a7:98:b0:ab:2e:82:17:3d:ae:5a:25:94:
                    5e:b7:85:c7:e6:02:11:41:e6:48:f1:79:91:68:a1:
                    6c:ee:1f:c0:91:b6:b0:13:31:30:ee:4f:42:18:e3:
                    37:16:f4:e2:b0:e8:21:1b:78:d3:29:e7:3a:d4:33:
                    c7:25:66:00:60:ed:f2:1a:d6:a2:39:fd:aa:44:53:
                    0d:72:39:d4:a7:ee:09:07:8d:e0:6b:05:aa:56:72:
                    e3:7b:ac:a8:2e:ce:6f:f7:49:67:49:1b:09:7d:f9:
                    83:fc:bf:08:0a:2e:64:82:a9:12:0c:dc:a4:57:78:
                    e3:41:6a:af:87:dc:43:64:66:84:80:35:d4:d9:5c:
                    eb:65:76:07:3b:d6:24:c5:8c:8d:54:2c:df:41:13:
                    0f:9f:74:b7:9a:f0:a9:f0:19:0a:e7:25:10:d7:bb:
                    0a:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:A3:C0:2C:02:9C:65:FB:42:61:AA:E8:07:44:AA:6C:02:E1:A3:A5
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/DaPALAKcZftCYaroB0SqbALho6U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:5a:6d:47:c3:76:df:4d:d5:e4:b7:39:77:f2:6a:f4:bd:28:
         a0:60:8e:01:b6:bb:c3:e1:26:b3:52:b1:31:c5:44:17:d8:79:
         b2:63:86:dd:18:81:78:15:20:6d:a5:fa:83:07:ad:71:05:06:
         12:5b:32:18:c0:68:38:3c:fc:59:f5:96:4f:90:ff:1c:29:97:
         d5:3b:c2:12:01:8b:68:21:02:4b:75:6e:9b:d2:4c:1b:62:c9:
         ff:f8:9c:ae:81:6e:7b:5f:a0:c2:e6:e3:fd:cc:ba:f4:c5:3d:
         82:36:00:c2:9f:9e:6b:17:bb:07:5c:f1:e3:5e:8b:57:d1:af:
         44:af:d1:1b:0d:3e:71:54:87:4c:c2:8f:c5:d1:d0:29:14:32:
         5e:31:7e:f6:34:4c:31:94:bd:a0:b2:b7:d3:b3:f2:10:8d:c8:
         ca:11:f2:ee:8a:53:a4:55:f6:5d:80:b7:73:96:68:20:6e:66:
         9f:30:0e:67:d5:4c:5d:d1:c4:5b:07:a3:32:af:27:8d:eb:5a:
         fd:01:35:12:1e:41:7b:b5:20:4a:d6:f5:e6:bf:c5:62:29:97:
         10:c7:f3:f5:d7:46:c9:53:71:8c:77:68:5a:7d:da:12:e2:22:
         7e:79:a0:d0:b8:83:c9:aa:f0:8c:08:72:fc:1a:d3:1a:79:54:
         bd:d5:1c:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbFcv8SjLaiFAA/RAp0BMkIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwMzA5MDgxODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGEzYzAyYzAyOWM2NWZiNDI2MWFhZTgwNzQ0YWE2YzAyZTFhM2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNyZelclmWjdxSBx8Qp5lRHTWH25
gCzRXqmUi526DKgkIaQP3AIUr0jw/phuDu5esk/nPuiVOd7kUlsmY9VBwMqQtkNC
hwfDIiWQFM26IZdwXFF02dagb8JyrBenmLCrLoIXPa5aJZRet4XH5gIRQeZI8XmR
aKFs7h/AkbawEzEw7k9CGOM3FvTisOghG3jTKec61DPHJWYAYO3yGtaiOf2qRFMN
cjnUp+4JB43gawWqVnLje6yoLs5v90lnSRsJffmD/L8ICi5kgqkSDNykV3jjQWqv
h9xDZGaEgDXU2VzrZXYHO9YkxYyNVCzfQRMPn3S3mvCp8BkK5yUQ17sKMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA2jwCwCnGX7QmGq6AdEqmwC4aOlMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvRGFQQUxBS2NaZnRDWWFyb0IwU3FiQUxobzZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsDk/MA0G
CSqGSIb3DQEBCwUAA4IBAQAkWm1Hw3bfTdXktzl38mr0vSigYI4BtrvD4SazUrEx
xUQX2HmyY4bdGIF4FSBtpfqDB61xBQYSWzIYwGg4PPxZ9ZZPkP8cKZfVO8ISAYto
IQJLdW6b0kwbYsn/+JyugW57X6DC5uP9zLr0xT2CNgDCn55rF7sHXPHjXotX0a9E
r9EbDT5xVIdMwo/F0dApFDJeMX72NEwxlL2gsrfTs/IQjcjKEfLuilOkVfZdgLdz
lmggbmafMA5n1Uxd0cRbB6MyryeN61r9ATUSHkF7tSBK1vXmv8ViKZcQx/P110bJ
U3GMd2hafdoS4iJ+eaDQuIPJqvCMCHL8GtMaeVS91Rz5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:55 2024 by rpki-client on console-ams.rpki-client.org