Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/JsSiLyjfajHUx1Xp6fzYpYkd3qg.roa
File:                     JsSiLyjfajHUx1Xp6fzYpYkd3qg.roa (raw, json)
Hash identifier:          1mih8iy0oSdVxxf5hkcZTaG9Uo5rYR13YtpFcmvvOkw=
Subject key identifier:   26:C4:A2:2F:28:DF:6A:31:D4:C7:55:E9:E9:FC:D8:A5:89:1D:DE:A8
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018BB2DB8613BA6BB8450E24D56F3DA22203
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/JsSiLyjfajHUx1Xp6fzYpYkd3qg.roa
Signing time:             Thu 09 Nov 2023 06:53:33 +0000
ROA not before:           Thu 09 Nov 2023 06:53:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        81.21.12.0/22 maxlen: 24
                          81.21.14.0/23 maxlen: 24
                          176.57.51.0/24 maxlen: 24
                          176.57.53.0/24 maxlen: 24
                          176.57.58.0/24 maxlen: 24
                          176.57.59.0/24 maxlen: 24
                          176.57.63.0/24 maxlen: 24
                          62.72.162.0/23 maxlen: 23
                          62.72.164.0/23 maxlen: 23
                          62.72.165.0/24 maxlen: 24
                          62.72.164.0/22 maxlen: 22
                          62.72.166.0/24 maxlen: 24
                          62.72.169.0/24 maxlen: 24
                          62.72.168.0/22 maxlen: 22
                          62.72.167.0/24 maxlen: 24
                          62.72.179.0/24 maxlen: 24
                          62.72.174.0/23 maxlen: 23
                          62.72.185.0/24 maxlen: 24
                          62.72.186.0/24 maxlen: 24
                          62.72.180.0/23 maxlen: 23
                          62.72.184.0/22 maxlen: 22
                          62.72.181.0/24 maxlen: 24
                          62.72.182.0/24 maxlen: 24
                          62.72.191.0/24 maxlen: 24
                          62.72.187.0/24 maxlen: 24
                          62.72.188.0/24 maxlen: 24
                          62.72.189.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.4.0/22 maxlen: 24
                          81.21.10.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Thu 09 Nov 2023 14:10:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:b2:db:86:13:ba:6b:b8:45:0e:24:d5:6f:3d:a2:22:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Nov  9 06:53:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=26c4a22f28df6a31d4c755e9e9fcd8a5891ddea8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:fa:80:2e:bb:b0:8c:65:1d:a5:df:ac:a3:b8:
                    60:42:ef:bf:72:22:72:b6:7b:10:de:25:3e:e0:8b:
                    76:66:43:6a:94:80:95:db:e8:15:64:23:82:3c:50:
                    64:8c:8d:b3:d1:a1:34:98:43:2b:44:d2:3e:21:a2:
                    30:47:55:50:1c:89:16:70:82:f9:69:b1:29:31:e7:
                    a0:11:3c:6a:de:e9:64:9c:fc:ab:cf:af:da:49:bc:
                    1b:a1:a5:b2:5e:39:ab:f6:b0:30:9c:3c:54:f3:cf:
                    47:6e:1d:88:52:ef:63:c0:7c:e4:9a:60:45:e4:27:
                    80:d6:49:04:da:14:61:6c:d8:ab:54:f6:3a:35:91:
                    c3:0e:f4:37:a7:2f:a8:e6:ac:36:02:50:81:d2:e8:
                    8d:a0:97:c0:a3:6e:dd:4f:1d:03:37:4a:f5:db:4d:
                    12:05:db:71:42:0b:0f:2c:1b:c2:a3:dc:48:61:b2:
                    62:5d:9b:fb:a7:6f:ac:a6:0a:7b:24:ca:76:f3:ba:
                    80:11:f6:eb:89:a1:3a:cc:8a:a6:e9:5a:71:0a:e8:
                    5e:a9:13:e1:ec:a5:7b:e5:96:48:4d:e5:93:7a:89:
                    ac:0a:3f:24:c0:73:c5:78:84:b6:26:2b:4d:49:ae:
                    2a:d8:16:8a:3b:bc:da:f6:7c:37:4a:c6:bc:7c:3c:
                    d3:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:C4:A2:2F:28:DF:6A:31:D4:C7:55:E9:E9:FC:D8:A5:89:1D:DE:A8
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/JsSiLyjfajHUx1Xp6fzYpYkd3qg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.162.0-62.72.171.255
                  62.72.174.0/23
                  62.72.179.0-62.72.182.255
                  62.72.184.0-62.72.189.255
                  62.72.191.0/24
                  81.21.2.0-81.21.7.255
                  81.21.10.0-81.21.15.255
                  176.57.51.0/24
                  176.57.53.0/24
                  176.57.58.0/23
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:71:6b:d6:fe:fd:68:15:ce:da:67:e2:54:19:4f:d4:e0:23:
         b1:f3:78:26:66:f5:cf:1f:50:fc:5c:8a:a6:68:69:b4:74:2d:
         29:2f:9b:60:75:f4:ce:31:38:9a:cc:d2:ed:68:fb:9d:4b:6b:
         86:92:df:6f:ce:66:7d:e2:30:f3:83:11:fc:db:73:e8:de:62:
         4e:f4:3a:2c:06:ae:2b:cc:07:d8:38:f3:a7:38:98:65:fe:dd:
         ff:b9:54:b4:03:69:78:bc:b3:49:1b:79:5d:c5:43:12:2b:6c:
         8f:a1:e9:da:01:91:b9:17:48:eb:57:cd:42:a1:13:2a:db:e2:
         a8:b8:f3:f9:5b:d6:3c:fa:75:05:67:19:82:d9:1a:a5:b5:e9:
         fe:a6:24:7a:30:50:f8:dd:ff:39:39:2a:9c:39:29:6b:95:37:
         31:18:ad:96:d0:88:16:55:30:67:87:8e:93:f7:12:12:4b:91:
         87:6d:c6:e0:24:d9:05:67:ff:bc:84:90:b7:54:e5:d6:7c:0d:
         89:41:36:ed:3e:a1:8b:3c:a4:92:fb:bf:97:d5:bc:5b:94:33:
         05:3d:20:2f:e1:a4:48:59:6a:bf:42:58:24:f5:95:02:56:b5:
         db:4f:20:db:bb:23:7a:0e:e7:e4:10:b6:cc:87:00:68:70:c3:
         66:71:8b:96
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYuy24YTumu4RQ4k1W89oiIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMxMTA5MDY1MzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmM0YTIyZjI4ZGY2YTMxZDRjNzU1ZTllOWZjZDhhNTg5MWRkZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPqALruwjGUdpd+so7hgQu+/ciJy
tnsQ3iU+4It2ZkNqlICV2+gVZCOCPFBkjI2z0aE0mEMrRNI+IaIwR1VQHIkWcIL5
abEpMeegETxq3ulknPyrz6/aSbwboaWyXjmr9rAwnDxU889Hbh2IUu9jwHzkmmBF
5CeA1kkE2hRhbNirVPY6NZHDDvQ3py+o5qw2AlCB0uiNoJfAo27dTx0DN0r1200S
BdtxQgsPLBvCo9xIYbJiXZv7p2+spgp7JMp287qAEfbriaE6zIqm6VpxCuheqRPh
7KV75ZZITeWTeomsCj8kwHPFeIS2JitNSa4q2BaKO7za9nw3Ssa8fDzTnQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFCbEoi8o32ox1MdV6en82KWJHd6oMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvSnNTaUx5amZhakhVeDFYcDZmellwWWtkM3FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwajAMAwQBPkii
AwQCPkioAwQBPkiuMAwDBAA+SLMDBAA+SLYwDAMEAz5IuAMEAT5IvAMEAD5IvzAM
AwQBURUCAwQDURUAMAwDBAFRFQoDBARRFQADBACwOTMDBACwOTUDBAGwOToDBACw
OT8wDQYJKoZIhvcNAQELBQADggEBADdxa9b+/WgVztpn4lQZT9TgI7HzeCZm9c8f
UPxciqZoabR0LSkvm2B19M4xOJrM0u1o+51La4aS32/OZn3iMPODEfzbc+jeYk70
OiwGrivMB9g486c4mGX+3f+5VLQDaXi8s0kbeV3FQxIrbI+h6doBkbkXSOtXzUKh
Eyrb4qi48/lb1jz6dQVnGYLZGqW16f6mJHowUPjd/zk5Kpw5KWuVNzEYrZbQiBZV
MGeHjpP3EhJLkYdtxuAk2QVn/7yEkLdU5dZ8DYlBNu0+oYs8pJL7v5fVvFuUMwU9
IC/hpEhZar9CWCT1lQJWtdtPINu7I3oO5+QQtsyHAGhww2Zxi5Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:55 2024 by rpki-client on console-ams.rpki-client.org