Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/HLWGlyXv88tSiQainFqRCSVhRBY.roa
File:                     HLWGlyXv88tSiQainFqRCSVhRBY.roa (raw, json)
Hash identifier:          P3ZwkMumaS4e0efIJ8+WfdNzhSAnWo1qbixV8OgOBno=
Subject key identifier:   1C:B5:86:97:25:EF:F3:CB:52:89:06:A2:9C:5A:91:09:25:61:44:16
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       01857E675F088578206403A76FDB5EB234BC
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/HLWGlyXv88tSiQainFqRCSVhRBY.roa
Signing time:             Wed 04 Jan 2023 20:09:41 +0000
ROA not before:           Wed 04 Jan 2023 20:09:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209260
IP address blocks:        62.72.164.0/24 maxlen: 24
                          62.72.162.0/24 maxlen: 24
                          62.72.163.0/24 maxlen: 24
                          62.72.160.0/24 maxlen: 24
                          62.72.161.0/24 maxlen: 24
                          62.72.176.0/24 maxlen: 24
                          62.72.183.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 06 Jan 2023 08:32:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:7e:67:5f:08:85:78:20:64:03:a7:6f:db:5e:b2:34:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Jan  4 20:09:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1cb5869725eff3cb528906a29c5a910925614416
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:99:89:48:10:47:ca:75:43:e6:5a:8d:69:ed:
                    c6:73:ff:c1:af:3b:df:9a:eb:22:2c:86:4b:3e:e3:
                    83:d9:d2:42:8c:8e:0e:9a:f2:55:89:04:9b:5e:30:
                    14:58:d7:b2:c5:7b:d3:bf:a5:3d:d1:ef:4a:34:90:
                    ba:15:3a:d0:83:ef:32:f3:8f:7e:bc:fc:22:65:47:
                    3e:22:4e:d0:19:c9:08:25:33:6f:df:1d:0f:a9:f3:
                    df:09:a1:ae:1e:fe:11:f1:79:c8:64:75:df:dc:9c:
                    c6:cc:56:0b:81:15:95:a5:cd:d8:fe:a3:2a:e5:26:
                    2b:0c:88:9f:00:e7:55:6e:e7:36:c1:9e:eb:15:bd:
                    2b:15:f3:b5:74:cf:5c:08:02:cd:13:1a:ed:b8:bb:
                    7f:c0:c7:45:fa:57:72:07:a2:91:21:37:e5:0a:7a:
                    c0:5d:1e:68:61:14:18:fd:80:c7:49:f2:31:53:29:
                    f7:45:ea:d1:8d:9c:4c:5a:c6:94:2c:7f:db:e2:4e:
                    c5:1a:c2:f3:a8:5e:d6:46:de:ad:3e:89:7d:4c:36:
                    11:d8:83:87:89:39:32:8e:62:36:1f:b5:9a:49:44:
                    29:8c:53:b0:56:e7:15:bf:3a:e9:6c:a9:9c:72:46:
                    43:dc:e4:07:d8:1f:de:c8:34:89:5a:e2:11:6a:7d:
                    71:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:B5:86:97:25:EF:F3:CB:52:89:06:A2:9C:5A:91:09:25:61:44:16
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/HLWGlyXv88tSiQainFqRCSVhRBY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.160.0-62.72.164.255
                  62.72.176.0/24
                  62.72.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:fb:df:2f:f3:f3:c7:1b:67:86:81:6a:17:3c:f1:8b:e2:46:
         f6:a6:ce:30:3f:7e:b6:65:d8:3e:6a:4c:fc:f5:bc:e6:48:73:
         8f:49:d4:db:e0:bb:b6:f1:5e:70:41:bc:73:fa:01:d7:a4:2b:
         4a:b0:d9:6c:35:39:e5:c9:77:91:6c:68:2c:f4:7b:11:c2:e4:
         0a:18:d0:1c:9d:51:c9:14:d2:ff:63:84:e4:27:85:6d:3f:61:
         0a:4a:22:4c:a1:04:7a:3a:32:14:a7:39:b8:f3:b2:6f:5f:c0:
         db:71:02:8d:3b:ea:5b:64:90:93:9b:a0:79:5d:ac:ac:00:c8:
         13:e6:51:60:43:88:c3:cc:e2:11:f3:3e:13:b8:7a:82:53:8d:
         9d:3f:82:6a:a5:73:15:17:8b:4b:d1:f9:16:9b:6e:2e:4a:e7:
         6c:00:43:66:6a:c9:bd:92:81:44:91:2e:78:e4:8a:51:6b:b6:
         b1:8a:a8:64:f5:7e:1e:24:42:a8:83:8e:4d:3f:a2:2b:23:59:
         f4:04:37:71:94:81:1a:3b:4e:38:9b:98:52:df:e8:21:8e:c0:
         de:a9:ba:e2:48:e1:07:41:0f:c6:70:6a:90:00:38:6c:31:09:
         01:36:a9:02:3b:ee:dd:80:f1:25:ff:03:1c:62:85:bd:51:4c:
         68:9f:54:80
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYV+Z18IhXggZAOnb9tesjS8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwMTA0MjAwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2I1ODY5NzI1ZWZmM2NiNTI4OTA2YTI5YzVhOTEwOTI1NjE0NDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJmJSBBHynVD5lqNae3Gc//Brzvf
musiLIZLPuOD2dJCjI4OmvJViQSbXjAUWNeyxXvTv6U90e9KNJC6FTrQg+8y849+
vPwiZUc+Ik7QGckIJTNv3x0PqfPfCaGuHv4R8XnIZHXf3JzGzFYLgRWVpc3Y/qMq
5SYrDIifAOdVbuc2wZ7rFb0rFfO1dM9cCALNExrtuLt/wMdF+ldyB6KRITflCnrA
XR5oYRQY/YDHSfIxUyn3RerRjZxMWsaULH/b4k7FGsLzqF7WRt6tPol9TDYR2IOH
iTkyjmI2H7WaSUQpjFOwVucVvzrpbKmcckZD3OQH2B/eyDSJWuIRan1xEQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBy1hpcl7/PLUokGopxakQklYUQWMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvSExXR2x5WHY4OHRTaVFhaW5GcVJDU1ZoUkJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAU+SKAD
BAA+SKQDBAA+SLADBAA+SLcwDQYJKoZIhvcNAQELBQADggEBAAv73y/z88cbZ4aB
ahc88YviRvamzjA/frZl2D5qTPz1vOZIc49J1Nvgu7bxXnBBvHP6AdekK0qw2Ww1
OeXJd5FsaCz0exHC5AoY0BydUckU0v9jhOQnhW0/YQpKIkyhBHo6MhSnObjzsm9f
wNtxAo076ltkkJOboHldrKwAyBPmUWBDiMPM4hHzPhO4eoJTjZ0/gmqlcxUXi0vR
+Rabbi5K52wAQ2Zqyb2SgUSRLnjkilFrtrGKqGT1fh4kQqiDjk0/oisjWfQEN3GU
gRo7TjibmFLf6CGOwN6puuJI4QdBD8ZwapAAOGwxCQE2qQI77t2A8SX/Axxihb1R
TGifVIA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:54 2024 by rpki-client on console-fra.rpki-client.org