Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/KJCw0PaIGhmLebfM2Y8LX80k4PI.roa
File:                     KJCw0PaIGhmLebfM2Y8LX80k4PI.roa (raw, json)
Hash identifier:          vJZNEb0Z22GgxtRgd9MKMtKuiyXDC4LeZvrTxaYHNMo=
Subject key identifier:   28:90:B0:D0:F6:88:1A:19:8B:79:B7:CC:D9:8F:0B:5F:CD:24:E0:F2
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018CC6B79BF1098AC570413B803F261D406D
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/KJCw0PaIGhmLebfM2Y8LX80k4PI.roa
Signing time:             Mon 01 Jan 2024 20:29:30 +0000
ROA not before:           Mon 01 Jan 2024 20:29:30 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     14445
IP address blocks:        62.72.183.0/24 maxlen: 24
                          81.21.7.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Apr 2024 07:19:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b7:9b:f1:09:8a:c5:70:41:3b:80:3f:26:1d:40:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Jan  1 20:29:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2890b0d0f6881a198b79b7ccd98f0b5fcd24e0f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:5a:9c:de:fc:76:0d:8f:ac:ca:32:b3:90:46:
                    9f:13:5a:cc:26:c6:c4:71:f3:bf:35:ea:ef:a9:3b:
                    cf:60:8b:2a:17:72:e0:e7:4d:25:41:d9:6b:99:06:
                    d8:9b:28:22:91:df:5e:27:21:dd:3f:45:52:44:bd:
                    a3:5f:b7:92:ec:eb:00:43:48:bb:16:a8:ca:72:3e:
                    39:d6:c0:1d:5f:c3:28:fb:02:f0:ac:f6:d5:84:67:
                    d2:d3:dd:47:d8:e0:31:cf:e9:b5:2e:cf:ce:d1:8d:
                    04:1e:4b:6c:20:86:de:90:cf:99:67:61:ce:f4:6e:
                    f9:76:c1:e6:94:f9:7e:18:1a:1f:ba:37:89:3b:44:
                    7a:7b:18:65:17:15:a1:13:4e:16:2e:4b:7e:67:5b:
                    53:d8:76:8a:24:aa:1a:85:43:a0:d9:14:1d:03:a7:
                    32:c2:4c:65:86:98:1a:44:0a:99:d8:d8:3b:7e:e6:
                    bf:e8:9d:bd:4d:66:3f:8b:02:b1:5d:82:bc:77:16:
                    42:d4:38:44:c8:ee:0e:3b:05:38:38:64:f1:8b:45:
                    ab:af:8d:53:dd:06:10:db:ff:05:52:3e:a9:62:17:
                    be:d8:f1:30:38:d5:88:e2:8a:ad:22:c3:08:89:92:
                    4c:18:6a:c6:b7:7f:36:d1:1f:d1:4d:7f:16:7b:e9:
                    d7:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:90:B0:D0:F6:88:1A:19:8B:79:B7:CC:D9:8F:0B:5F:CD:24:E0:F2
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/KJCw0PaIGhmLebfM2Y8LX80k4PI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.183.0/24
                  81.21.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:a5:76:b5:1c:12:ac:a3:99:12:04:04:ea:e4:13:08:5d:5e:
         37:46:71:27:86:93:db:8f:e2:56:02:e1:3d:31:7f:1a:01:89:
         9f:df:a9:b9:b5:fc:7e:dc:5c:47:74:6b:ae:c7:f7:82:2b:83:
         07:31:85:4f:8d:de:bd:dc:9d:8b:b9:86:cb:a5:af:44:78:84:
         20:a7:03:c1:cd:76:ef:c1:20:a1:2d:43:58:23:fa:2e:f6:df:
         0c:80:68:6b:29:af:a8:f1:5b:eb:ef:0f:da:eb:b6:20:5e:24:
         e3:34:fb:d2:6a:91:1e:71:15:7e:c7:69:fa:20:ea:d4:32:69:
         31:9b:2e:93:0c:a9:87:23:67:a3:0d:85:96:10:02:a0:84:09:
         c3:da:2a:5c:f5:d9:46:e2:f1:b9:e0:2a:96:b5:ea:e8:4b:c6:
         2d:b0:7a:68:e3:5e:74:26:4b:05:87:44:21:a3:09:5a:bb:76:
         eb:27:69:52:ed:e2:a7:53:7a:bd:30:57:08:01:a6:97:15:1d:
         26:05:f3:19:0d:82:12:36:36:70:71:67:6f:21:9a:aa:e6:98:
         e9:ed:df:5f:20:c3:30:78:6f:1b:f1:9c:85:8b:0f:5c:19:2d:
         b6:d6:99:4e:45:44:7c:8b:9b:72:f3:43:2a:63:3f:ec:a5:92:
         d1:9f:58:4d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGt5vxCYrFcEE7gD8mHUBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwMTAxMjAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODkwYjBkMGY2ODgxYTE5OGI3OWI3Y2NkOThmMGI1ZmNkMjRlMGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFqc3vx2DY+syjKzkEafE1rMJsbE
cfO/NervqTvPYIsqF3Lg500lQdlrmQbYmygikd9eJyHdP0VSRL2jX7eS7OsAQ0i7
FqjKcj451sAdX8Mo+wLwrPbVhGfS091H2OAxz+m1Ls/O0Y0EHktsIIbekM+ZZ2HO
9G75dsHmlPl+GBofujeJO0R6exhlFxWhE04WLkt+Z1tT2HaKJKoahUOg2RQdA6cy
wkxlhpgaRAqZ2Ng7fua/6J29TWY/iwKxXYK8dxZC1DhEyO4OOwU4OGTxi0Wrr41T
3QYQ2/8FUj6pYhe+2PEwONWI4oqtIsMIiZJMGGrGt3820R/RTX8We+nXKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCiQsND2iBoZi3m3zNmPC1/NJODyMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvS0pDdzBQYUlHaG1MZWJmTTJZOExYODBrNFBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPki3AwQA
URUHMA0GCSqGSIb3DQEBCwUAA4IBAQCrpXa1HBKso5kSBATq5BMIXV43RnEnhpPb
j+JWAuE9MX8aAYmf36m5tfx+3FxHdGuux/eCK4MHMYVPjd693J2LuYbLpa9EeIQg
pwPBzXbvwSChLUNYI/ou9t8MgGhrKa+o8Vvr7w/a67YgXiTjNPvSapEecRV+x2n6
IOrUMmkxmy6TDKmHI2ejDYWWEAKghAnD2ipc9dlG4vG54CqWteroS8YtsHpo4150
JksFh0Qhowlau3brJ2lS7eKnU3q9MFcIAaaXFR0mBfMZDYISNjZwcWdvIZqq5pjp
7d9fIMMweG8b8ZyFiw9cGS221plORUR8i5ty80MqYz/spZLRn1hN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:54 2024 by rpki-client on console-fra.rpki-client.org