Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/EetK6PjWtT10gfHwWOsKUCvc2Mc.roa
File:                     EetK6PjWtT10gfHwWOsKUCvc2Mc.roa (raw, json)
Hash identifier:          ib1KOnfAfsSbxFDQfMCO0SkmXxGAVTITFSjSn4/0BCg=
Subject key identifier:   11:EB:4A:E8:F8:D6:B5:3D:74:81:F1:F0:58:EB:0A:50:2B:DC:D8:C7
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       019045617AFAD37B13D0EB2D17F5845EADB9
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/EetK6PjWtT10gfHwWOsKUCvc2Mc.roa
Signing time:             Sun 23 Jun 2024 13:55:34 +0000
ROA not before:           Sun 23 Jun 2024 13:55:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        62.72.162.0/23 maxlen: 23
                          62.72.164.0/22 maxlen: 22
                          62.72.164.0/23 maxlen: 23
                          62.72.164.0/24 maxlen: 24
                          62.72.168.0/24 maxlen: 24
                          62.72.189.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.4.0/22 maxlen: 24
                          81.21.8.0/24 maxlen: 24
                          81.21.9.0/24 maxlen: 24
                          81.21.10.0/23 maxlen: 23
                          81.21.11.0/24 maxlen: 24
                          81.21.12.0/22 maxlen: 24
                          81.21.12.0/24 maxlen: 24
                          81.21.14.0/23 maxlen: 24
                          81.21.14.0/24 maxlen: 24
                          81.21.15.0/24 maxlen: 24
                          176.57.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 24 Jun 2024 15:11:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:45:61:7a:fa:d3:7b:13:d0:eb:2d:17:f5:84:5e:ad:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Jun 23 13:55:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=11eb4ae8f8d6b53d7481f1f058eb0a502bdcd8c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:d3:b7:8b:a0:6b:d9:f1:cb:ea:05:36:73:9d:
                    ef:54:1a:f8:2d:3b:e6:ea:79:96:36:42:52:85:99:
                    10:68:71:89:0b:20:ba:e7:0c:b4:2c:45:7d:ed:da:
                    9d:61:ea:30:ce:5c:8a:82:15:77:eb:db:49:d0:e7:
                    21:86:f1:49:e6:c9:4d:a1:de:d0:ad:d6:57:70:26:
                    63:4f:63:0c:33:19:f8:61:73:63:34:a4:d9:00:b9:
                    1b:9f:e9:47:2c:62:2f:fa:e5:48:72:0d:fc:36:a5:
                    2b:c7:c5:f7:49:37:62:e9:4f:28:09:dc:8b:5e:24:
                    8c:2b:47:ed:d1:f0:14:61:98:16:20:67:17:4f:d0:
                    98:9f:9f:24:ba:55:75:6a:e4:1b:b0:c2:31:76:17:
                    2d:01:02:10:a9:0c:15:08:87:f7:c8:2f:c1:11:38:
                    ba:94:1d:6e:85:1b:bf:3f:6c:9e:07:8a:28:1d:73:
                    ee:46:f9:ca:1c:0e:4d:68:dc:48:14:e4:cd:52:c2:
                    e0:19:45:88:b4:48:08:bd:84:9e:34:38:59:80:f4:
                    41:19:3d:69:ce:c6:81:32:c5:13:08:6d:36:13:db:
                    54:77:b1:50:ff:22:53:9c:59:d6:82:fd:3d:3d:b1:
                    c2:76:a4:e7:f0:59:b2:b2:81:58:e8:9e:a3:94:4f:
                    d0:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:EB:4A:E8:F8:D6:B5:3D:74:81:F1:F0:58:EB:0A:50:2B:DC:D8:C7
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/EetK6PjWtT10gfHwWOsKUCvc2Mc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.162.0-62.72.168.255
                  62.72.189.0/24
                  81.21.2.0-81.21.15.255
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:01:6a:ec:a4:da:c9:65:11:e9:16:ac:94:73:f0:1f:3f:46:
         a8:82:78:14:3e:a1:1d:b4:30:19:73:9b:aa:64:40:16:94:05:
         4c:54:d2:01:3c:1c:94:5d:c7:48:a8:83:3d:4d:7c:ae:f1:41:
         15:fc:0a:b8:70:1a:26:13:be:4d:7f:20:23:a1:98:70:d5:9a:
         1d:0b:a1:0e:9c:57:47:5e:c9:41:fe:74:12:f4:d6:83:f9:14:
         06:1f:da:1b:34:d8:e6:4f:3d:bf:eb:4e:87:fe:1a:cb:ff:e4:
         08:fa:8e:85:f9:34:bf:eb:5f:37:31:52:d0:7e:56:97:02:9c:
         be:c5:de:26:ba:80:67:ef:24:0a:08:c0:09:7e:dd:a4:45:e6:
         0d:45:59:8a:38:2f:52:82:79:a6:79:ae:55:05:16:d7:38:b6:
         b3:80:3a:1a:eb:b5:8c:b0:b8:be:c0:59:ef:c6:8e:6c:2e:eb:
         c2:eb:2a:58:da:33:ed:df:29:bf:fe:bf:4f:f3:f9:ff:c5:56:
         74:b5:c8:c3:ac:08:26:07:bc:ae:8b:6b:e5:b8:39:ae:f0:b6:
         4b:5d:5a:8d:5c:d5:8b:03:a7:e3:c9:0c:4b:35:8c:aa:9f:ea:
         5f:7d:8d:6a:50:4a:e5:03:94:0b:e4:a5:11:35:58:a9:d5:f1:
         f7:8a:60:68
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZBFYXr603sT0OstF/WEXq25MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwNjIzMTM1NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWViNGFlOGY4ZDZiNTNkNzQ4MWYxZjA1OGViMGE1MDJiZGNkOGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdO3i6Br2fHL6gU2c53vVBr4LTvm
6nmWNkJShZkQaHGJCyC65wy0LEV97dqdYeowzlyKghV369tJ0OchhvFJ5slNod7Q
rdZXcCZjT2MMMxn4YXNjNKTZALkbn+lHLGIv+uVIcg38NqUrx8X3STdi6U8oCdyL
XiSMK0ft0fAUYZgWIGcXT9CYn58kulV1auQbsMIxdhctAQIQqQwVCIf3yC/BETi6
lB1uhRu/P2yeB4ooHXPuRvnKHA5NaNxIFOTNUsLgGUWItEgIvYSeNDhZgPRBGT1p
zsaBMsUTCG02E9tUd7FQ/yJTnFnWgv09PbHCdqTn8FmysoFY6J6jlE/QIQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFBHrSuj41rU9dIHx8FjrClAr3NjHMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvRWV0SzZQald0VDEwZ2ZId1dPc0tVQ3ZjMk1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAE+SKID
BAA+SKgDBAA+SL0wDAMEAVEVAgMEBFEVAAMEALA5PzANBgkqhkiG9w0BAQsFAAOC
AQEAZwFq7KTayWUR6RaslHPwHz9GqIJ4FD6hHbQwGXObqmRAFpQFTFTSATwclF3H
SKiDPU18rvFBFfwKuHAaJhO+TX8gI6GYcNWaHQuhDpxXR17JQf50EvTWg/kUBh/a
GzTY5k89v+tOh/4ay//kCPqOhfk0v+tfNzFS0H5WlwKcvsXeJrqAZ+8kCgjACX7d
pEXmDUVZijgvUoJ5pnmuVQUW1zi2s4A6Guu1jLC4vsBZ78aObC7rwusqWNoz7d8p
v/6/T/P5/8VWdLXIw6wIJge8rotr5bg5rvC2S11ajVzViwOn48kMSzWMqp/qX32N
alBK5QOUC+SlETVYqdXx94pgaA==
-----END CERTIFICATE-----