Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/ItYmJrMO--DO98SGSmxRRUqPqic.roa
File:                     ItYmJrMO--DO98SGSmxRRUqPqic.roa (raw, json)
Hash identifier:          gcsLnheiCeBpXy73OqGa9qo6CsTuaL+FIZMP3g0TRJk=
Subject key identifier:   22:D6:26:26:B3:0E:FB:E0:CE:F7:C4:86:4A:6C:51:45:4A:8F:AA:27
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018AEC4109DF387AC1E7FA5E4A1E744B6B90
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/ItYmJrMO--DO98SGSmxRRUqPqic.roa
Signing time:             Sun 01 Oct 2023 17:19:59 +0000
ROA not before:           Sun 01 Oct 2023 17:19:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        81.21.12.0/22 maxlen: 24
                          176.57.51.0/24 maxlen: 24
                          176.57.53.0/24 maxlen: 24
                          176.57.58.0/24 maxlen: 24
                          176.57.59.0/24 maxlen: 24
                          176.57.62.0/24 maxlen: 24
                          176.57.63.0/24 maxlen: 24
                          62.72.162.0/24 maxlen: 24
                          62.72.162.0/23 maxlen: 23
                          62.72.163.0/24 maxlen: 24
                          62.72.164.0/23 maxlen: 23
                          62.72.164.0/24 maxlen: 24
                          62.72.165.0/24 maxlen: 24
                          62.72.161.0/24 maxlen: 24
                          62.72.169.0/24 maxlen: 24
                          62.72.168.0/22 maxlen: 22
                          62.72.170.0/24 maxlen: 24
                          62.72.168.0/24 maxlen: 24
                          62.72.177.0/24 maxlen: 24
                          62.72.179.0/24 maxlen: 24
                          62.72.173.0/24 maxlen: 24
                          62.72.174.0/23 maxlen: 23
                          62.72.174.0/24 maxlen: 24
                          62.72.175.0/24 maxlen: 24
                          62.72.184.0/24 maxlen: 24
                          62.72.185.0/24 maxlen: 24
                          62.72.186.0/24 maxlen: 24
                          62.72.180.0/23 maxlen: 23
                          62.72.180.0/24 maxlen: 24
                          62.72.184.0/22 maxlen: 22
                          62.72.181.0/24 maxlen: 24
                          62.72.182.0/24 maxlen: 24
                          62.72.191.0/24 maxlen: 24
                          62.72.187.0/24 maxlen: 24
                          62.72.188.0/24 maxlen: 24
                          62.72.189.0/24 maxlen: 24
                          81.21.2.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.3.0/24 maxlen: 24
                          81.21.4.0/22 maxlen: 24
                          81.21.1.0/24 maxlen: 24
                          81.21.10.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 02 Oct 2023 06:11:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:ec:41:09:df:38:7a:c1:e7:fa:5e:4a:1e:74:4b:6b:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Oct  1 17:19:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=22d62626b30efbe0cef7c4864a6c51454a8faa27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:f1:72:a2:60:d8:56:ec:65:f5:48:53:5a:ba:
                    9a:ee:5e:ee:6e:18:d8:fc:98:df:53:29:63:c7:78:
                    00:7c:2e:2f:49:a2:3e:8e:e4:3a:c9:07:ce:9e:a9:
                    47:e7:99:28:51:d5:b4:f9:b8:94:96:af:91:67:d7:
                    82:3c:7e:2e:13:0a:ef:d0:a4:02:41:06:4f:ff:ea:
                    20:63:2c:e8:cb:84:c7:1b:17:62:be:09:89:9c:9f:
                    85:db:40:c1:64:00:85:18:f5:3b:06:d5:6d:8e:29:
                    85:a3:cf:bb:e5:9f:d5:b5:c9:5c:e3:df:2b:ab:69:
                    3d:6c:bc:3d:4a:87:13:ca:a5:d5:bc:d5:48:14:01:
                    a1:25:3a:8f:e0:ef:92:f4:75:0a:ec:58:02:f6:75:
                    da:ff:87:60:9a:1d:f0:48:56:93:c3:1e:54:84:5e:
                    de:d6:db:fa:74:b3:66:e5:cf:05:83:30:ec:13:17:
                    9c:a3:a5:b9:a8:94:e7:8c:97:11:6d:35:59:6f:ef:
                    33:7b:2a:b5:a3:d9:32:a1:07:fe:6e:07:92:d8:67:
                    39:7c:b5:a1:b6:c7:14:98:39:cc:4a:b0:14:e2:f7:
                    2d:20:75:0c:78:cf:32:05:bb:fe:81:d1:33:78:f3:
                    87:4d:41:c3:ce:02:cd:60:41:62:fd:80:fe:22:b2:
                    4b:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:D6:26:26:B3:0E:FB:E0:CE:F7:C4:86:4A:6C:51:45:4A:8F:AA:27
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/ItYmJrMO--DO98SGSmxRRUqPqic.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.161.0-62.72.165.255
                  62.72.168.0/22
                  62.72.173.0-62.72.175.255
                  62.72.177.0/24
                  62.72.179.0-62.72.182.255
                  62.72.184.0-62.72.189.255
                  62.72.191.0/24
                  81.21.1.0-81.21.7.255
                  81.21.10.0-81.21.15.255
                  176.57.51.0/24
                  176.57.53.0/24
                  176.57.58.0/23
                  176.57.62.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ac:dd:53:11:39:63:f6:11:d0:e3:e7:ef:0c:39:3a:33:73:11:
         66:8a:98:4c:ab:27:02:46:d0:f4:fa:78:f5:1e:45:26:12:b0:
         ab:7a:f0:d6:38:1a:70:50:67:f6:b5:b4:a3:52:69:19:b4:c9:
         5a:31:06:b0:f7:29:43:45:9b:03:6f:ab:8a:e5:77:2d:88:b5:
         2b:b6:2d:fb:3d:12:75:53:30:90:80:5d:a6:05:53:fd:7c:0a:
         bf:ff:37:04:98:c8:aa:ce:aa:1e:12:df:ac:3f:17:45:3a:a1:
         fd:4d:a7:11:e5:ae:bd:cd:8a:1d:3c:b8:16:de:ae:57:5f:06:
         60:e9:2e:fa:2c:fe:70:5a:50:f9:dc:78:a4:26:f4:1d:60:cf:
         6b:6c:6f:bb:6a:e5:a7:52:2a:e8:6f:f0:f6:59:a5:ab:46:29:
         30:dc:02:88:26:a8:90:4e:e3:f2:fa:ae:b7:39:46:84:01:79:
         21:41:54:94:dc:b8:44:e3:28:6d:fe:02:35:2b:48:20:bf:6b:
         3d:d0:f6:39:eb:63:79:1b:34:27:60:84:ee:77:f4:34:fe:7b:
         7a:9c:57:9b:52:49:ec:6f:58:6b:40:34:b2:53:fb:5c:37:27:
         1b:d0:8f:0f:7e:12:86:fa:92:dd:af:a6:e8:07:5b:a6:70:d1:
         65:50:da:6a
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYrsQQnfOHrB5/peSh50S2uQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMxMDAxMTcxOTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmQ2MjYyNmIzMGVmYmUwY2VmN2M0ODY0YTZjNTE0NTRhOGZhYTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvFyomDYVuxl9UhTWrqa7l7ubhjY
/JjfUyljx3gAfC4vSaI+juQ6yQfOnqlH55koUdW0+biUlq+RZ9eCPH4uEwrv0KQC
QQZP/+ogYyzoy4THGxdivgmJnJ+F20DBZACFGPU7BtVtjimFo8+75Z/Vtclc498r
q2k9bLw9SocTyqXVvNVIFAGhJTqP4O+S9HUK7FgC9nXa/4dgmh3wSFaTwx5UhF7e
1tv6dLNm5c8FgzDsExeco6W5qJTnjJcRbTVZb+8zeyq1o9kyoQf+bgeS2Gc5fLWh
tscUmDnMSrAU4vctIHUMeM8yBbv+gdEzePOHTUHDzgLNYEFi/YD+IrJLmwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFCLWJiazDvvgzvfEhkpsUUVKj6onMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvSXRZbUpyTU8tLURPOThTR1NteFJSVXFQcWljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfjAMAwQA
PkihAwQBPkikAwQCPkioMAwDBAA+SK0DBAQ+SKADBAA+SLEwDAMEAD5IswMEAD5I
tjAMAwQDPki4AwQBPki8AwQAPki/MAwDBABRFQEDBANRFQAwDAMEAVEVCgMEBFEV
AAMEALA5MwMEALA5NQMEAbA5OgMEAbA5PjANBgkqhkiG9w0BAQsFAAOCAQEArN1T
ETlj9hHQ4+fvDDk6M3MRZoqYTKsnAkbQ9Pp49R5FJhKwq3rw1jgacFBn9rW0o1Jp
GbTJWjEGsPcpQ0WbA2+riuV3LYi1K7Yt+z0SdVMwkIBdpgVT/XwKv/83BJjIqs6q
HhLfrD8XRTqh/U2nEeWuvc2KHTy4Ft6uV18GYOku+iz+cFpQ+dx4pCb0HWDPa2xv
u2rlp1Iq6G/w9lmlq0YpMNwCiCaokE7j8vqutzlGhAF5IUFUlNy4ROMobf4CNStI
IL9rPdD2OetjeRs0J2CE7nf0NP57epxXm1JJ7G9Ya0A0slP7XDcnG9CPD34ShvqS
3a+m6AdbpnDRZVDaag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:55 2024 by rpki-client on console-ams.rpki-client.org