Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/J8cBxfw39J6WFaeD-nScLp_8C-M.roa
File:                     J8cBxfw39J6WFaeD-nScLp_8C-M.roa (raw, json)
Hash identifier:          dTP3YWLkt1/AdIn/adL22t02jvNVpvT4ScD1w+mVzf0=
Subject key identifier:   27:C7:01:C5:FC:37:F4:9E:96:15:A7:83:FA:74:9C:2E:9F:FC:0B:E3
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018C80D893B29AA0F58F220C70E94E664657
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/J8cBxfw39J6WFaeD-nScLp_8C-M.roa
Signing time:             Tue 19 Dec 2023 06:52:06 +0000
ROA not before:           Tue 19 Dec 2023 06:52:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199077
IP address blocks:        62.72.171.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:80:d8:93:b2:9a:a0:f5:8f:22:0c:70:e9:4e:66:46:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Dec 19 06:52:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=27c701c5fc37f49e9615a783fa749c2e9ffc0be3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:c5:20:55:e5:b8:6b:fc:1a:40:93:71:96:3a:
                    3a:48:d5:e3:48:26:35:76:1f:cf:8f:0b:71:68:95:
                    d2:75:ce:e1:eb:9f:75:e0:7a:d4:40:0f:ff:22:fd:
                    77:78:64:9d:30:47:02:ab:9d:dd:64:15:9d:89:4d:
                    fe:02:94:d2:56:10:3c:c3:b9:bd:78:68:8e:7e:c2:
                    df:5d:8d:4c:03:bc:b5:e8:aa:66:74:9f:af:b5:c4:
                    67:6d:a1:22:e2:71:95:db:24:80:c7:9d:4d:7c:2c:
                    02:de:ee:81:a3:5b:fa:dc:7e:57:0b:a6:0a:29:d6:
                    da:d9:0a:64:96:e4:d8:9d:5b:da:91:ce:78:8d:57:
                    7d:5d:b1:20:3c:44:a4:13:7d:78:3a:e2:90:13:e7:
                    0d:76:f9:32:07:bc:95:af:ed:f4:c3:60:a6:ac:06:
                    c7:53:ef:28:b9:2d:f8:2a:ea:af:16:4c:4f:89:5d:
                    3f:6d:9c:dc:6f:85:c1:35:ff:30:e8:e7:36:5b:e6:
                    81:73:84:bc:a4:af:88:88:ac:51:0a:c2:d0:7d:cd:
                    78:6b:61:b4:2f:20:4e:1a:ba:2a:9b:51:2e:54:4c:
                    71:0b:49:eb:67:3c:c7:0c:5e:bb:a8:13:7d:2b:35:
                    1c:ff:a3:53:dd:e3:06:44:96:6c:77:41:46:a0:80:
                    18:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:C7:01:C5:FC:37:F4:9E:96:15:A7:83:FA:74:9C:2E:9F:FC:0B:E3
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/J8cBxfw39J6WFaeD-nScLp_8C-M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:80:95:2c:4e:d2:ee:0f:83:cb:b7:1c:57:b2:2c:62:02:44:
         f3:ea:32:da:a8:2b:9a:cd:2a:4d:a2:b8:2d:61:3f:30:f0:d6:
         d7:5e:c8:65:50:2a:b8:39:68:3b:4f:19:97:f3:eb:89:22:55:
         61:a5:29:60:f0:4a:da:43:07:d0:fa:ed:78:84:ac:96:0c:11:
         a1:33:b3:c6:87:db:75:9b:f7:b8:fb:e6:1a:93:9e:7c:ab:e5:
         22:8e:07:cf:13:d2:ed:d3:91:ce:ce:91:e1:29:38:a4:62:83:
         ed:61:71:4f:43:8b:95:66:42:dc:75:ee:2f:95:b9:a9:da:46:
         8f:2a:f9:92:15:46:f7:37:ab:41:5a:b7:7c:32:eb:f5:57:25:
         56:c8:3d:ed:b9:93:90:31:55:33:7a:97:8a:fd:3c:9d:5d:1f:
         03:6b:61:cf:72:15:fa:84:10:94:7d:25:6c:92:ef:84:47:7e:
         d2:fe:7c:a9:36:83:86:12:ae:45:db:4b:c2:e0:95:0e:4e:06:
         66:07:78:ea:13:e1:85:41:06:46:d1:f5:cd:a0:68:c3:bc:81:
         48:56:70:12:a8:86:f1:36:5e:db:ce:f4:81:ed:03:69:aa:64:
         1f:95:15:5f:55:af:04:bf:77:c6:fe:f3:1a:f9:80:9a:3d:20:
         73:df:c4:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyA2JOymqD1jyIMcOlOZkZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMxMjE5MDY1MjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2M3MDFjNWZjMzdmNDllOTYxNWE3ODNmYTc0OWMyZTlmZmMwYmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicUgVeW4a/waQJNxljo6SNXjSCY1
dh/PjwtxaJXSdc7h65914HrUQA//Iv13eGSdMEcCq53dZBWdiU3+ApTSVhA8w7m9
eGiOfsLfXY1MA7y16KpmdJ+vtcRnbaEi4nGV2ySAx51NfCwC3u6Bo1v63H5XC6YK
Kdba2QpkluTYnVvakc54jVd9XbEgPESkE314OuKQE+cNdvkyB7yVr+30w2CmrAbH
U+8ouS34KuqvFkxPiV0/bZzcb4XBNf8w6Oc2W+aBc4S8pK+IiKxRCsLQfc14a2G0
LyBOGroqm1EuVExxC0nrZzzHDF67qBN9KzUc/6NT3eMGRJZsd0FGoIAY1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCfHAcX8N/SelhWng/p0nC6f/AvjMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvSjhjQnhmdzM5SjZXRmFlRC1uU2NMcF84Qy1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkirMA0G
CSqGSIb3DQEBCwUAA4IBAQCDgJUsTtLuD4PLtxxXsixiAkTz6jLaqCuazSpNorgt
YT8w8NbXXshlUCq4OWg7TxmX8+uJIlVhpSlg8EraQwfQ+u14hKyWDBGhM7PGh9t1
m/e4++Yak558q+UijgfPE9Lt05HOzpHhKTikYoPtYXFPQ4uVZkLcde4vlbmp2kaP
KvmSFUb3N6tBWrd8Muv1VyVWyD3tuZOQMVUzepeK/TydXR8Da2HPchX6hBCUfSVs
ku+ER37S/nypNoOGEq5F20vC4JUOTgZmB3jqE+GFQQZG0fXNoGjDvIFIVnASqIbx
Nl7bzvSB7QNpqmQflRVfVa8Ev3fG/vMa+YCaPSBz38Ti
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:54 2024 by rpki-client on console-fra.rpki-client.org