Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FtcnaHlHf-177Qi3QNFO-bOqvgs.roa
File:                     FtcnaHlHf-177Qi3QNFO-bOqvgs.roa (raw, json)
Hash identifier:          scFTw/jBV7dKuGlq13q8HAnrN62jbACS/fLLLiswZe4=
Subject key identifier:   16:D7:27:68:79:47:7F:ED:7B:ED:08:B7:40:D1:4E:F9:B3:AA:BE:0B
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       0191745DB0328EA173834E7F00FC33A17D27
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FtcnaHlHf-177Qi3QNFO-bOqvgs.roa
Signing time:             Wed 21 Aug 2024 09:56:22 +0000
ROA not before:           Wed 21 Aug 2024 09:56:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        62.72.162.0/23 maxlen: 23
                          62.72.164.0/22 maxlen: 22
                          62.72.164.0/23 maxlen: 23
                          62.72.164.0/24 maxlen: 24
                          62.72.189.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.4.0/22 maxlen: 24
                          81.21.8.0/24 maxlen: 24
                          81.21.9.0/24 maxlen: 24
                          81.21.10.0/23 maxlen: 23
                          81.21.11.0/24 maxlen: 24
                          81.21.12.0/22 maxlen: 24
                          81.21.12.0/24 maxlen: 24
                          81.21.14.0/23 maxlen: 24
                          81.21.14.0/24 maxlen: 24
                          81.21.15.0/24 maxlen: 24
                          176.57.52.0/24 maxlen: 24
                          176.57.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 30 Aug 2024 14:41:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:74:5d:b0:32:8e:a1:73:83:4e:7f:00:fc:33:a1:7d:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Aug 21 09:56:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=16d7276879477fed7bed08b740d14ef9b3aabe0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:fd:98:6f:22:e9:ac:90:80:4b:9e:2e:73:69:
                    85:85:49:23:91:0a:5d:9f:e7:46:4e:3f:bb:04:ea:
                    96:6a:d5:31:80:7c:01:d2:af:11:f7:6b:04:a3:c0:
                    ba:3d:50:50:33:9e:68:b7:02:65:db:0d:0b:7a:27:
                    84:e9:40:27:78:d5:8b:5f:8d:cb:3e:75:44:ff:73:
                    99:74:1c:f5:43:51:96:a5:b7:aa:98:1c:5a:f8:67:
                    c9:88:d6:88:fc:b0:51:f2:1d:2e:1d:ed:16:ae:f2:
                    8c:ca:86:35:35:d5:9a:e0:2c:cf:e6:2f:ef:f3:a0:
                    2a:ce:2d:15:d8:c0:01:91:48:85:9b:25:8d:cd:e8:
                    18:cb:49:bb:2a:aa:84:9b:3b:3e:94:de:be:cc:e2:
                    b3:9d:5e:2c:2d:75:e8:f8:ad:fd:fa:61:5b:56:f6:
                    b1:00:45:05:82:06:ab:2e:19:e3:0a:cc:b1:f2:ae:
                    fa:fa:37:93:2f:ba:20:c8:b5:5b:4e:23:8f:35:a3:
                    a8:fa:a6:2e:36:78:3b:d0:a3:8d:8e:5c:76:f2:f1:
                    6b:95:34:9d:e0:a8:1f:34:1f:76:a1:3c:03:1e:ea:
                    95:aa:7c:50:5f:b0:f3:d3:81:02:ec:69:a3:08:90:
                    10:a6:f1:7f:72:16:75:ff:82:5e:ad:34:b0:55:65:
                    c3:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:D7:27:68:79:47:7F:ED:7B:ED:08:B7:40:D1:4E:F9:B3:AA:BE:0B
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FtcnaHlHf-177Qi3QNFO-bOqvgs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.162.0-62.72.167.255
                  62.72.189.0/24
                  81.21.2.0-81.21.15.255
                  176.57.52.0/24
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:00:c0:da:15:87:33:4c:f9:a1:a7:97:2c:4b:19:12:e6:d1:
         89:a3:3e:03:e0:3d:9f:b0:25:8f:ad:0d:43:28:90:88:50:60:
         9b:5f:a6:5c:3f:79:c8:1b:34:eb:55:5d:30:15:50:9f:6c:45:
         73:6d:ea:fb:d4:b0:ee:d9:a8:2e:23:f6:49:56:6c:2b:f6:10:
         34:43:8f:84:37:0b:2e:07:e8:e7:df:ed:dc:85:2b:8b:9d:8c:
         a0:af:b5:ce:1f:e6:57:e2:f5:b0:a2:5d:b8:9d:6d:1b:49:9e:
         10:bc:94:16:e0:2a:46:de:f2:18:af:95:16:f7:2f:db:e8:64:
         be:74:62:d7:5e:09:d2:d8:8a:14:b7:1b:79:b9:45:7a:34:26:
         eb:a1:88:11:e3:62:84:b7:94:dc:b3:63:44:ae:53:b8:6a:ec:
         cc:f0:06:7e:6c:20:91:86:8d:d4:25:23:d0:13:a4:0a:76:8a:
         76:a3:d9:2b:ed:d6:68:cf:8b:95:3c:f7:73:a0:d5:15:71:a9:
         55:64:0b:e3:f7:d3:6d:06:10:1f:ce:50:e8:5c:07:47:c3:f7:
         6c:f6:c7:f7:30:90:88:91:b4:83:0d:c9:f3:68:bd:a4:7a:88:
         38:b5:df:8d:8e:ce:80:ed:30:c4:17:15:2e:b1:8c:a0:93:98:
         5e:00:fd:43
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZF0XbAyjqFzg05/APwzoX0nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwODIxMDk1NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmQ3Mjc2ODc5NDc3ZmVkN2JlZDA4Yjc0MGQxNGVmOWIzYWFiZTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwf2YbyLprJCAS54uc2mFhUkjkQpd
n+dGTj+7BOqWatUxgHwB0q8R92sEo8C6PVBQM55otwJl2w0LeieE6UAneNWLX43L
PnVE/3OZdBz1Q1GWpbeqmBxa+GfJiNaI/LBR8h0uHe0WrvKMyoY1NdWa4CzP5i/v
86Aqzi0V2MABkUiFmyWNzegYy0m7KqqEmzs+lN6+zOKznV4sLXXo+K39+mFbVvax
AEUFggarLhnjCsyx8q76+jeTL7ogyLVbTiOPNaOo+qYuNng70KONjlx28vFrlTSd
4KgfNB92oTwDHuqVqnxQX7Dz04EC7GmjCJAQpvF/chZ1/4JerTSwVWXDNQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFBbXJ2h5R3/te+0It0DRTvmzqr4LMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvRnRjbmFIbEhmLTE3N1FpM1FORk8tYk9xdmdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAE+SKID
BAM+SKADBAA+SL0wDAMEAVEVAgMEBFEVAAMEALA5NAMEALA5PzANBgkqhkiG9w0B
AQsFAAOCAQEAaQDA2hWHM0z5oaeXLEsZEubRiaM+A+A9n7Alj60NQyiQiFBgm1+m
XD95yBs061VdMBVQn2xFc23q+9Sw7tmoLiP2SVZsK/YQNEOPhDcLLgfo59/t3IUr
i52MoK+1zh/mV+L1sKJduJ1tG0meELyUFuAqRt7yGK+VFvcv2+hkvnRi114J0tiK
FLcbeblFejQm66GIEeNihLeU3LNjRK5TuGrszPAGfmwgkYaN1CUj0BOkCnaKdqPZ
K+3WaM+LlTz3c6DVFXGpVWQL4/fTbQYQH85Q6FwHR8P3bPbH9zCQiJG0gw3J82i9
pHqIOLXfjY7OgO0wxBcVLrGMoJOYXgD9Qw==
-----END CERTIFICATE-----