Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/Gpn3rQnukHyfUDlU6Y7wIU2mhPM.roa
File:                     Gpn3rQnukHyfUDlU6Y7wIU2mhPM.roa (raw, json)
Hash identifier:          DRXxCIixNNVD1imXOzkoQR2NKektl00M5wKjGFK5J4U=
Subject key identifier:   1A:99:F7:AD:09:EE:90:7C:9F:50:39:54:E9:8E:F0:21:4D:A6:84:F3
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018B26FD993DC68C23AD26DDEB53731EED46
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/Gpn3rQnukHyfUDlU6Y7wIU2mhPM.roa
Signing time:             Fri 13 Oct 2023 03:03:55 +0000
ROA not before:           Fri 13 Oct 2023 03:03:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     54252
IP address blocks:        62.72.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:26:fd:99:3d:c6:8c:23:ad:26:dd:eb:53:73:1e:ed:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Oct 13 03:03:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1a99f7ad09ee907c9f503954e98ef0214da684f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:99:6a:71:16:db:6b:12:70:5d:84:6b:d5:10:
                    46:cb:4b:18:e6:5e:95:47:f3:d0:50:d9:9d:3e:d2:
                    e3:99:00:4f:27:2e:b7:8a:dc:2c:ec:0e:27:37:9a:
                    85:4d:eb:28:09:e3:f4:e5:14:4b:bc:c5:90:84:a3:
                    c1:b3:80:1f:d4:a4:a7:11:58:9c:3c:69:ca:6e:df:
                    96:61:ee:16:e7:c5:70:12:ab:55:03:f0:d4:b0:03:
                    ef:4f:dc:83:6d:29:97:d7:23:69:08:d9:63:94:45:
                    95:68:d6:79:89:1d:43:2a:cb:f7:80:ec:0b:99:2e:
                    67:90:c1:de:26:cb:5f:f2:cd:2b:49:42:5e:49:05:
                    7a:17:1c:6f:4e:72:de:9e:a5:0a:b9:ff:5e:f1:40:
                    34:57:dd:08:c2:e0:86:3c:0f:d5:c4:58:3c:77:2c:
                    35:f0:62:b7:68:06:82:21:8c:85:44:4d:78:0b:82:
                    c7:0b:b3:ee:2d:bc:31:6c:34:b1:e1:62:62:67:ac:
                    bd:ee:1b:b9:6c:4a:ba:c6:8b:3c:16:61:e4:b1:a9:
                    ff:45:39:74:fe:4d:b8:a5:03:fe:e1:08:c1:be:a0:
                    66:6e:e8:ff:70:8d:5c:ca:ad:14:68:1f:7e:ce:0d:
                    a8:4e:f6:84:50:80:c2:eb:e3:68:9f:99:23:83:4e:
                    d7:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:99:F7:AD:09:EE:90:7C:9F:50:39:54:E9:8E:F0:21:4D:A6:84:F3
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/Gpn3rQnukHyfUDlU6Y7wIU2mhPM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:67:e3:44:97:b7:49:18:ae:5e:25:96:35:69:c9:98:4a:42:
         20:39:24:3c:49:50:f4:b0:b8:a7:85:bd:f8:d8:f1:32:06:f2:
         58:97:80:f5:49:d0:a3:c6:30:ac:ee:50:9f:70:c9:50:a4:49:
         3b:90:67:c6:fa:b9:1a:e8:65:84:20:5f:53:e7:5c:42:d0:4b:
         3d:cb:b9:17:b9:f0:4c:19:65:6d:dd:32:f7:e5:b7:fd:06:ce:
         35:9c:e1:43:8c:61:b7:f8:9e:3f:35:a0:8a:7e:2f:42:60:c2:
         9b:e1:01:09:75:f7:d6:6f:a7:c2:0d:a0:0f:3f:bc:2d:28:54:
         55:1e:0b:0c:1a:d6:64:7e:0d:65:50:77:df:15:2c:b4:20:be:
         28:47:35:30:2a:70:81:5c:35:b2:b7:0c:3f:bb:7e:22:f4:d2:
         7a:8d:2a:c9:da:a7:2b:d8:17:f6:e3:c1:e9:d8:1e:87:8d:16:
         1f:be:7a:c0:3e:b4:09:8b:5a:3b:a5:54:da:34:05:67:69:8b:
         16:ac:8f:fb:48:b6:ae:d7:05:c6:97:f9:ff:19:e9:ec:da:e9:
         10:d5:c1:ad:6d:47:d2:cb:36:ba:4b:45:44:eb:c2:9a:30:11:
         d9:5d:cb:7c:02:f9:1d:77:47:ca:56:ce:38:a2:82:09:87:3e:
         74:58:48:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsm/Zk9xowjrSbd61NzHu1GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMxMDEzMDMwMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTk5ZjdhZDA5ZWU5MDdjOWY1MDM5NTRlOThlZjAyMTRkYTY4NGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5lqcRbbaxJwXYRr1RBGy0sY5l6V
R/PQUNmdPtLjmQBPJy63itws7A4nN5qFTesoCeP05RRLvMWQhKPBs4Af1KSnEVic
PGnKbt+WYe4W58VwEqtVA/DUsAPvT9yDbSmX1yNpCNljlEWVaNZ5iR1DKsv3gOwL
mS5nkMHeJstf8s0rSUJeSQV6FxxvTnLenqUKuf9e8UA0V90IwuCGPA/VxFg8dyw1
8GK3aAaCIYyFRE14C4LHC7PuLbwxbDSx4WJiZ6y97hu5bEq6xos8FmHksan/RTl0
/k24pQP+4QjBvqBmbuj/cI1cyq0UaB9+zg2oTvaEUIDC6+Non5kjg07XnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBqZ960J7pB8n1A5VOmO8CFNpoTzMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvR3BuM3JRbnVrSHlmVURsVTZZN3dJVTJtaFBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkihMA0G
CSqGSIb3DQEBCwUAA4IBAQAcZ+NEl7dJGK5eJZY1acmYSkIgOSQ8SVD0sLinhb34
2PEyBvJYl4D1SdCjxjCs7lCfcMlQpEk7kGfG+rka6GWEIF9T51xC0Es9y7kXufBM
GWVt3TL35bf9Bs41nOFDjGG3+J4/NaCKfi9CYMKb4QEJdffWb6fCDaAPP7wtKFRV
HgsMGtZkfg1lUHffFSy0IL4oRzUwKnCBXDWytww/u34i9NJ6jSrJ2qcr2Bf248Hp
2B6HjRYfvnrAPrQJi1o7pVTaNAVnaYsWrI/7SLau1wXGl/n/Gens2ukQ1cGtbUfS
yza6S0VE68KaMBHZXct8Avkdd0fKVs44ooIJhz50WEh+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:55 2024 by rpki-client on console-ams.rpki-client.org