Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/KU6utqmSNwItgaONS0VPdS0Ki5Y.roa
File:                     KU6utqmSNwItgaONS0VPdS0Ki5Y.roa (raw, json)
Hash identifier:          pQZ49xNSKDpol8VPqrpCni/XJDY4wBozQfrtljxLXnc=
Subject key identifier:   29:4E:AE:B6:A9:92:37:02:2D:81:A3:8D:4B:45:4F:75:2D:0A:8B:96
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018CFED46224B5E0B58DAE5E8568E20C3E06
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/KU6utqmSNwItgaONS0VPdS0Ki5Y.roa
Signing time:             Fri 12 Jan 2024 17:59:40 +0000
ROA not before:           Fri 12 Jan 2024 17:59:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211318
IP address blocks:        62.72.164.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 20 Apr 2024 15:58:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:fe:d4:62:24:b5:e0:b5:8d:ae:5e:85:68:e2:0c:3e:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Jan 12 17:59:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=294eaeb6a99237022d81a38d4b454f752d0a8b96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:ec:54:a5:92:f7:95:28:e2:1d:5e:a3:96:c3:
                    ad:81:6d:68:ff:63:1f:3a:e9:22:e8:e9:dc:8d:d2:
                    9b:d7:63:18:13:a2:1a:5a:f0:0c:44:ab:3c:cf:36:
                    7d:1c:25:b6:7a:47:07:d1:fc:2d:01:20:8e:00:bb:
                    8a:0e:f4:42:db:f4:ae:18:f5:f4:a8:01:6d:24:47:
                    39:f1:d9:a9:ce:b0:71:cc:9e:e7:82:b7:c5:67:8e:
                    25:32:0f:05:57:fd:20:3b:49:a9:a0:55:81:57:2c:
                    90:5c:b6:96:64:78:91:0a:2f:db:c6:2f:94:ca:04:
                    38:8b:8f:b2:6f:90:b8:41:65:4d:6f:bb:c6:d1:f1:
                    5c:48:52:7b:f3:7c:31:0b:ce:9b:2c:b4:24:ec:ea:
                    27:af:b5:32:03:27:b7:20:c9:19:3e:b7:21:3d:cf:
                    2f:92:a7:7b:e8:8d:b4:69:ad:54:0f:59:57:3f:ae:
                    d9:38:d4:e1:68:17:cc:ee:80:c9:78:c2:d0:19:77:
                    ae:cc:20:07:13:b3:18:9f:88:bd:20:0b:c8:47:7e:
                    0e:7d:bd:73:2c:3e:9a:db:bf:6e:cd:40:15:19:30:
                    4d:45:a0:5d:8d:59:60:21:bf:75:9c:e1:e5:f8:1e:
                    af:da:d7:31:89:71:2a:32:70:0f:80:cd:d8:a5:0b:
                    d4:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:4E:AE:B6:A9:92:37:02:2D:81:A3:8D:4B:45:4F:75:2D:0A:8B:96
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/KU6utqmSNwItgaONS0VPdS0Ki5Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:82:c1:ca:5d:fc:e1:d4:63:c7:13:9b:9a:24:1f:3a:f1:eb:
         68:35:3f:74:c7:23:78:42:5d:72:84:df:66:8c:31:c2:2c:94:
         df:9a:15:bb:12:fa:17:5c:1f:f4:96:fe:ab:ba:84:44:8e:95:
         56:e6:d5:49:40:2c:e9:f2:2a:7c:6d:08:c4:fe:d8:c1:38:4b:
         e2:63:e2:c8:4c:73:05:d3:90:b6:a0:d6:df:70:f4:82:18:dd:
         a7:de:32:09:c9:7e:fb:5c:95:5b:f5:5b:0c:c7:aa:24:43:6a:
         f0:23:96:b6:a2:5e:07:d3:5a:3b:11:d9:53:de:aa:1b:34:d1:
         b3:4b:6e:8f:3a:6d:3c:51:ef:35:e0:8d:95:79:13:94:f4:78:
         b5:6d:f4:11:c4:85:a5:24:8b:27:a3:df:6d:3b:89:1a:9c:65:
         9b:83:c8:73:2a:e2:a2:d9:02:04:02:54:d4:88:93:15:da:a0:
         20:79:14:c0:c9:9c:2c:58:5f:96:0b:7b:5d:e4:76:27:56:b4:
         72:29:d6:d6:76:ee:d6:77:8d:ac:06:00:3d:05:43:43:c3:4c:
         96:1e:80:05:fd:7f:c5:10:62:b9:e7:1b:81:b2:48:9b:1d:b4:
         d1:7a:da:fb:d9:bf:ad:f4:43:03:67:ee:27:0b:3b:74:67:82:
         79:f1:36:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYz+1GIkteC1ja5ehWjiDD4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwMTEyMTc1OTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTRlYWViNmE5OTIzNzAyMmQ4MWEzOGQ0YjQ1NGY3NTJkMGE4Yjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOxUpZL3lSjiHV6jlsOtgW1o/2Mf
Ouki6OncjdKb12MYE6IaWvAMRKs8zzZ9HCW2ekcH0fwtASCOALuKDvRC2/SuGPX0
qAFtJEc58dmpzrBxzJ7ngrfFZ44lMg8FV/0gO0mpoFWBVyyQXLaWZHiRCi/bxi+U
ygQ4i4+yb5C4QWVNb7vG0fFcSFJ783wxC86bLLQk7Oonr7UyAye3IMkZPrchPc8v
kqd76I20aa1UD1lXP67ZONThaBfM7oDJeMLQGXeuzCAHE7MYn4i9IAvIR34Ofb1z
LD6a279uzUAVGTBNRaBdjVlgIb91nOHl+B6v2tcxiXEqMnAPgM3YpQvUAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFClOrrapkjcCLYGjjUtFT3UtCouWMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvS1U2dXRxbVNOd0l0Z2FPTlMwVlBkUzBLaTVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkikMA0G
CSqGSIb3DQEBCwUAA4IBAQCRgsHKXfzh1GPHE5uaJB868etoNT90xyN4Ql1yhN9m
jDHCLJTfmhW7EvoXXB/0lv6ruoREjpVW5tVJQCzp8ip8bQjE/tjBOEviY+LITHMF
05C2oNbfcPSCGN2n3jIJyX77XJVb9VsMx6okQ2rwI5a2ol4H01o7EdlT3qobNNGz
S26POm08Ue814I2VeROU9Hi1bfQRxIWlJIsno99tO4kanGWbg8hzKuKi2QIEAlTU
iJMV2qAgeRTAyZwsWF+WC3td5HYnVrRyKdbWdu7Wd42sBgA9BUNDw0yWHoAF/X/F
EGK55xuBskibHbTRetr72b+t9EMDZ+4nCzt0Z4J58Tbs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:54 2024 by rpki-client on console-fra.rpki-client.org