Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/Hy_BxbDqm14SE8q74z52Kv2pxbs.roa
File:                     Hy_BxbDqm14SE8q74z52Kv2pxbs.roa (raw, json)
Hash identifier:          Gso8SuHIvWTVFby9T6Gi7LETkLaMzdKk4blIXMM5fAA=
Subject key identifier:   1F:2F:C1:C5:B0:EA:9B:5E:12:13:CA:BB:E3:3E:76:2A:FD:A9:C5:BB
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018D733D57DF1A6311C8F07B357ABC1D92FF
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/Hy_BxbDqm14SE8q74z52Kv2pxbs.roa
Signing time:             Sun 04 Feb 2024 08:30:16 +0000
ROA not before:           Sun 04 Feb 2024 08:30:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        62.72.162.0/23 maxlen: 23
                          62.72.164.0/22 maxlen: 22
                          62.72.164.0/23 maxlen: 23
                          81.21.2.0/23 maxlen: 23
                          81.21.4.0/22 maxlen: 24
                          81.21.10.0/23 maxlen: 23
                          81.21.10.0/24 maxlen: 24
                          81.21.12.0/22 maxlen: 24
                          81.21.14.0/23 maxlen: 24
                          176.57.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 05 Feb 2024 09:05:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:73:3d:57:df:1a:63:11:c8:f0:7b:35:7a:bc:1d:92:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Feb  4 08:30:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1f2fc1c5b0ea9b5e1213cabbe33e762afda9c5bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:d2:0b:d1:14:15:57:a3:8c:9b:01:71:89:83:
                    0c:65:19:57:8f:20:39:94:c3:fc:cb:e1:ca:75:09:
                    f1:a7:1e:5b:64:5e:db:8a:95:0d:69:67:56:19:7c:
                    57:fc:81:34:b8:1a:00:2c:50:10:61:56:4d:53:ca:
                    c4:2b:9e:17:0b:a4:fa:ce:1c:4f:b0:6c:78:e7:dc:
                    ed:e5:19:62:95:2f:b2:2e:8b:df:47:42:a7:54:78:
                    40:fe:0f:30:ff:cf:39:4d:d4:13:61:58:1a:da:c1:
                    be:37:67:29:1a:23:99:51:7a:4a:ca:d9:f8:52:6d:
                    37:2f:eb:05:21:1e:de:25:92:7a:f5:fa:cd:ba:7e:
                    94:9a:3a:86:ee:b9:10:e7:c0:ca:42:8d:a3:62:b5:
                    94:5b:8b:c4:08:ed:b7:79:b9:97:01:b4:3c:69:5b:
                    5b:8d:d5:36:55:fe:7c:a5:dc:46:6a:d0:b4:44:30:
                    c4:20:23:35:36:fb:c9:91:8c:6a:25:08:32:fd:08:
                    83:87:a3:43:78:f0:65:28:b2:89:20:a1:a5:20:40:
                    d3:10:c2:58:d6:63:f9:eb:1d:64:52:98:06:c0:84:
                    c4:12:da:e1:94:9a:fd:da:4c:c0:50:3b:d0:ab:5b:
                    4b:0d:27:e9:3e:cb:9e:eb:a3:7f:e7:9c:ea:9d:4f:
                    e7:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:2F:C1:C5:B0:EA:9B:5E:12:13:CA:BB:E3:3E:76:2A:FD:A9:C5:BB
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/Hy_BxbDqm14SE8q74z52Kv2pxbs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.162.0-62.72.167.255
                  81.21.2.0-81.21.7.255
                  81.21.10.0-81.21.15.255
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b1:87:2e:f0:0c:63:0f:db:59:4d:1c:e8:11:5b:74:35:4d:e9:
         e1:9c:76:48:50:2f:8a:27:f8:f8:ac:42:cf:36:ac:a8:dd:4d:
         2d:85:ce:9c:22:2f:fb:05:1f:b5:0d:95:f5:b3:26:43:72:1e:
         08:40:dc:06:a7:b2:35:ec:d0:80:0d:0b:0a:e1:fc:13:70:6a:
         b7:35:7b:76:e4:96:e4:28:a6:b8:93:1f:1f:3f:14:69:64:26:
         96:17:e2:00:8c:b0:42:6f:e1:52:86:f7:bc:93:8d:68:e5:7e:
         aa:7e:66:22:86:5c:a4:f7:c5:ee:10:19:fa:d0:09:4e:2a:92:
         de:73:31:d1:4e:ad:fd:fb:83:6e:2a:6c:07:79:ff:a5:6a:df:
         68:9c:34:df:82:65:7f:f1:0a:2e:1e:b7:06:0f:39:52:52:99:
         85:23:cb:f1:fb:c5:11:66:62:4e:45:cd:eb:6c:67:53:a0:f5:
         b5:c3:be:00:c6:f4:c7:98:05:8b:e3:34:ef:10:60:5e:72:ed:
         c0:35:d6:65:b7:03:b4:81:66:84:79:80:ab:f7:7b:d3:73:e6:
         a4:d4:96:64:4d:45:8a:ba:f3:a1:81:9f:dc:d9:16:74:67:c5:
         33:ad:0d:77:21:d5:1c:5b:ae:08:8d:d8:a8:8f:91:8e:37:95:
         85:95:55:0a
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY1zPVffGmMRyPB7NXq8HZL/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwMjA0MDgzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjJmYzFjNWIwZWE5YjVlMTIxM2NhYmJlMzNlNzYyYWZkYTljNWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdIL0RQVV6OMmwFxiYMMZRlXjyA5
lMP8y+HKdQnxpx5bZF7bipUNaWdWGXxX/IE0uBoALFAQYVZNU8rEK54XC6T6zhxP
sGx459zt5RlilS+yLovfR0KnVHhA/g8w/885TdQTYVga2sG+N2cpGiOZUXpKytn4
Um03L+sFIR7eJZJ69frNun6UmjqG7rkQ58DKQo2jYrWUW4vECO23ebmXAbQ8aVtb
jdU2Vf58pdxGatC0RDDEICM1NvvJkYxqJQgy/QiDh6NDePBlKLKJIKGlIEDTEMJY
1mP56x1kUpgGwITEEtrhlJr92kzAUDvQq1tLDSfpPsue66N/55zqnU/n6QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFB8vwcWw6pteEhPKu+M+dir9qcW7MB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvSHlfQnhiRHFtMTRTRThxNzR6NTJLdjJweGJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwMAwDBAE+SKID
BAM+SKAwDAMEAVEVAgMEA1EVADAMAwQBURUKAwQEURUAAwQAsDk/MA0GCSqGSIb3
DQEBCwUAA4IBAQCxhy7wDGMP21lNHOgRW3Q1TenhnHZIUC+KJ/j4rELPNqyo3U0t
hc6cIi/7BR+1DZX1syZDch4IQNwGp7I17NCADQsK4fwTcGq3NXt25JbkKKa4kx8f
PxRpZCaWF+IAjLBCb+FShve8k41o5X6qfmYihlyk98XuEBn60AlOKpLeczHRTq39
+4NuKmwHef+lat9onDTfgmV/8QouHrcGDzlSUpmFI8vx+8URZmJORc3rbGdToPW1
w74AxvTHmAWL4zTvEGBecu3ANdZltwO0gWaEeYCr93vTc+ak1JZkTUWKuvOhgZ/c
2RZ0Z8UzrQ13IdUcW64Ijdioj5GON5WFlVUK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:55 2024 by rpki-client on console-ams.rpki-client.org