Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/KzNm_sixcM7fEryHWbCWNgV94Mo.roa
File:                     KzNm_sixcM7fEryHWbCWNgV94Mo.roa (raw, json)
Hash identifier:          dYkcyEX96V6zWF9yBV+DHDPmNzyCDBlIu2RiWm53SQ8=
Subject key identifier:   2B:33:66:FE:C8:B1:70:CE:DF:12:BC:87:59:B0:96:36:05:7D:E0:CA
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018829BFC71863531E8A7FB7C75FE5EA9B52
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/KzNm_sixcM7fEryHWbCWNgV94Mo.roa
Signing time:             Wed 17 May 2023 12:46:54 +0000
ROA not before:           Wed 17 May 2023 12:46:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        62.72.162.0/24 maxlen: 24
                          62.72.177.0/24 maxlen: 24
                          62.72.183.0/24 maxlen: 24
                          62.72.184.0/24 maxlen: 24
                          62.72.191.0/24 maxlen: 24
                          176.57.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 18 May 2023 05:54:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:29:bf:c7:18:63:53:1e:8a:7f:b7:c7:5f:e5:ea:9b:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: May 17 12:46:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2b3366fec8b170cedf12bc8759b09636057de0ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:47:01:72:69:90:0b:98:20:25:02:6c:cf:b4:
                    52:00:c0:7c:db:a6:d4:2f:38:fa:ad:f7:ea:dd:36:
                    ab:d4:14:58:dd:6f:9f:eb:11:e7:2d:18:ab:12:73:
                    58:f9:8e:33:1b:70:75:36:24:36:42:a2:d1:23:ae:
                    92:b3:a7:d7:26:3f:e9:35:ac:d9:ac:e4:06:fa:b8:
                    a5:a1:00:8a:dc:ed:6d:9f:a9:3f:23:b9:d0:bd:5c:
                    c8:c2:29:32:92:1d:47:50:c3:e9:ab:4d:f6:63:e4:
                    10:7c:85:dc:dd:d2:8b:f0:b9:77:f6:67:5e:8d:d6:
                    3b:7e:3c:5e:af:8b:71:e3:ba:91:70:2b:73:c3:36:
                    14:97:7d:d5:fd:08:f5:8f:02:6b:56:4c:23:64:01:
                    ac:c7:dc:ea:65:e1:1a:ee:2b:5e:93:60:a5:0e:a7:
                    d6:ad:5a:ad:4a:db:e7:c7:be:7c:84:c1:c3:67:13:
                    43:53:26:ee:52:ea:7b:8e:22:29:1d:64:7f:11:c5:
                    b4:3f:c5:d9:af:39:25:9e:62:19:cc:1a:ca:d5:eb:
                    dd:ae:94:cb:95:30:61:82:2e:b3:67:f4:4e:9d:13:
                    82:9c:86:bf:2c:04:84:97:6b:5b:5f:fe:50:2f:75:
                    8c:19:ba:7c:ea:b8:b1:24:8f:5c:04:89:12:28:0c:
                    9d:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:33:66:FE:C8:B1:70:CE:DF:12:BC:87:59:B0:96:36:05:7D:E0:CA
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/KzNm_sixcM7fEryHWbCWNgV94Mo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.162.0/24
                  62.72.177.0/24
                  62.72.183.0-62.72.184.255
                  62.72.191.0/24
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:6b:5a:26:6f:e3:7a:a1:26:18:e2:de:8b:34:9c:86:7d:2c:
         ad:f5:3d:88:4c:6d:55:9c:3f:9b:65:b6:79:b6:38:39:f2:b6:
         de:b4:27:f0:7e:ab:f4:f4:91:78:1b:5b:ee:55:8a:42:32:bb:
         09:c9:f5:0e:72:c9:5f:e2:aa:c5:10:bb:0a:1c:93:8e:ae:52:
         0c:28:cd:30:12:d5:bc:35:2c:31:d4:7c:37:ec:ed:3f:37:09:
         b7:41:03:c4:f8:4c:8b:85:c4:9d:76:f3:a4:b4:f6:80:b5:dc:
         55:de:ef:f8:f3:b0:ee:95:95:f7:21:cc:e5:57:2b:e3:25:f5:
         ed:0b:09:2e:1b:1f:96:59:d9:dd:29:ec:e1:3a:51:18:20:fc:
         ab:96:ed:aa:1c:c8:d3:41:d2:f7:2e:95:1e:1f:64:78:8f:0d:
         b3:37:f1:28:34:d9:fd:19:33:a8:cd:94:8a:bf:03:2e:cc:c3:
         fa:21:fd:62:ed:9a:fc:31:8e:a7:12:32:c8:88:21:0a:9e:19:
         d7:e0:a7:52:b7:1b:74:b5:41:ac:f1:e6:58:1e:74:ed:81:fc:
         df:94:19:9b:ad:8d:eb:c9:8f:4c:f8:fb:45:57:af:00:28:37:
         2e:1e:1a:c1:3d:f8:9c:a8:8c:d0:81:2d:fe:4e:47:ce:ad:86:
         60:c9:92:56
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYgpv8cYY1Mein+3x1/l6ptSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwNTE3MTI0NjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjMzNjZmZWM4YjE3MGNlZGYxMmJjODc1OWIwOTYzNjA1N2RlMGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0cBcmmQC5ggJQJsz7RSAMB826bU
Lzj6rffq3Tar1BRY3W+f6xHnLRirEnNY+Y4zG3B1NiQ2QqLRI66Ss6fXJj/pNazZ
rOQG+riloQCK3O1tn6k/I7nQvVzIwikykh1HUMPpq032Y+QQfIXc3dKL8Ll39mde
jdY7fjxer4tx47qRcCtzwzYUl33V/Qj1jwJrVkwjZAGsx9zqZeEa7itek2ClDqfW
rVqtStvnx758hMHDZxNDUybuUup7jiIpHWR/EcW0P8XZrzklnmIZzBrK1evdrpTL
lTBhgi6zZ/ROnROCnIa/LASEl2tbX/5QL3WMGbp86rixJI9cBIkSKAyd9wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCszZv7IsXDO3xK8h1mwljYFfeDKMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvS3pObV9zaXhjTTdmRXJ5SFdiQ1dOZ1Y5NE1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAPkiiAwQA
PkixMAwDBAA+SLcDBAA+SLgDBAA+SL8DBACwOT8wDQYJKoZIhvcNAQELBQADggEB
AHprWiZv43qhJhji3os0nIZ9LK31PYhMbVWcP5tltnm2ODnytt60J/B+q/T0kXgb
W+5VikIyuwnJ9Q5yyV/iqsUQuwock46uUgwozTAS1bw1LDHUfDfs7T83CbdBA8T4
TIuFxJ1286S09oC13FXe7/jzsO6VlfchzOVXK+Ml9e0LCS4bH5ZZ2d0p7OE6URgg
/KuW7aocyNNB0vculR4fZHiPDbM38Sg02f0ZM6jNlIq/Ay7Mw/oh/WLtmvwxjqcS
MsiIIQqeGdfgp1K3G3S1Qazx5lgedO2B/N+UGZutjevJj0z4+0VXrwAoNy4eGsE9
+JyojNCBLf5OR86thmDJklY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:54 2024 by rpki-client on console-fra.rpki-client.org