Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/OgXaqcBYVDmrPrBi0Ja634XioKo.roa
File:                     OgXaqcBYVDmrPrBi0Ja634XioKo.roa (raw, json)
Hash identifier:          ou5uOYTnYxt8ZoA3RsP8eV4cS3EDjuR2rzJB04ZMuWQ=
Subject key identifier:   3A:05:DA:A9:C0:58:54:39:AB:3E:B0:62:D0:96:BA:DF:85:E2:A0:AA
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       019001B31F4D788FC0FC32187F406559FB03
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/OgXaqcBYVDmrPrBi0Ja634XioKo.roa
Signing time:             Mon 10 Jun 2024 10:30:34 +0000
ROA not before:           Mon 10 Jun 2024 10:30:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        62.72.162.0/23 maxlen: 23
                          62.72.164.0/22 maxlen: 22
                          62.72.164.0/23 maxlen: 23
                          62.72.185.0/24 maxlen: 24
                          62.72.189.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.4.0/22 maxlen: 24
                          81.21.8.0/24 maxlen: 24
                          81.21.9.0/24 maxlen: 24
                          81.21.10.0/23 maxlen: 23
                          81.21.11.0/24 maxlen: 24
                          81.21.12.0/22 maxlen: 24
                          81.21.12.0/24 maxlen: 24
                          81.21.14.0/23 maxlen: 24
                          81.21.14.0/24 maxlen: 24
                          81.21.15.0/24 maxlen: 24
                          176.57.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 14 Jun 2024 11:32:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:01:b3:1f:4d:78:8f:c0:fc:32:18:7f:40:65:59:fb:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Jun 10 10:30:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3a05daa9c0585439ab3eb062d096badf85e2a0aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:aa:b9:11:a6:fc:00:dd:f7:7c:20:fa:f7:07:
                    d6:95:16:7d:f6:78:33:3e:8f:91:3a:e2:ee:7b:56:
                    63:f4:ec:e7:9d:5f:6c:be:92:a2:a4:e0:2f:e2:84:
                    b1:83:8e:72:6b:7e:54:63:a3:5b:27:00:20:37:ce:
                    8a:83:6f:2c:5c:17:58:a7:b9:20:77:6d:32:87:20:
                    10:cf:80:b9:ea:81:5f:e8:11:b1:d9:64:02:dd:e3:
                    27:f7:1d:f9:28:c7:e0:7e:56:60:ef:3f:16:bf:cd:
                    ef:2f:54:e1:60:91:eb:7d:30:c2:c6:5c:55:49:6a:
                    75:c8:f0:8f:64:12:7b:35:5b:f2:ea:42:a8:b3:26:
                    d8:e5:39:e0:fc:4b:02:07:bc:31:53:72:a7:18:b5:
                    8f:c6:7c:54:99:53:34:e2:ce:2c:41:dc:15:b0:5a:
                    0e:db:d9:cf:6b:94:7e:d4:aa:7d:cd:1f:8d:17:51:
                    af:2a:19:5d:3e:ba:56:3e:3a:62:c0:88:6a:5d:7d:
                    b8:50:9b:fb:a6:d8:ef:49:dc:97:6e:ac:93:41:9c:
                    3c:9f:ab:db:da:f4:9a:f0:e2:6f:fb:6c:9e:ea:f4:
                    08:c2:d6:3f:11:bf:35:5b:9e:61:74:15:cd:67:6b:
                    cd:da:56:fa:7e:32:3e:ad:13:db:f3:69:9d:bc:79:
                    ed:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:05:DA:A9:C0:58:54:39:AB:3E:B0:62:D0:96:BA:DF:85:E2:A0:AA
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/OgXaqcBYVDmrPrBi0Ja634XioKo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.162.0-62.72.167.255
                  62.72.185.0/24
                  62.72.189.0/24
                  81.21.2.0-81.21.15.255
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:d2:82:dd:1a:3d:d8:97:c1:87:d8:0d:03:91:66:ef:8a:f7:
         c4:ad:d3:e4:ce:6b:15:fc:c6:dc:03:14:b9:67:7b:bf:ef:2d:
         20:1f:4f:9f:ce:0f:8f:3a:50:4d:b9:72:15:33:ad:4c:86:7c:
         cf:f6:2c:a5:6a:95:b5:a8:54:eb:c0:78:21:35:ef:8c:b8:33:
         b4:58:62:04:f5:92:8b:db:51:36:55:87:6c:4d:0b:b5:86:80:
         9a:4f:fe:05:f3:25:2a:0d:68:08:da:31:e6:1a:7d:fd:16:97:
         94:bc:da:33:b2:e3:fa:d1:48:93:de:75:aa:3b:2d:3d:d9:53:
         17:7f:6f:5b:16:ca:43:cb:4f:57:f0:9b:c7:83:44:bf:38:e9:
         25:86:62:a2:85:2e:17:36:ba:86:18:9f:a8:f1:5e:0b:43:08:
         a1:4e:35:9e:72:e7:cd:0d:03:86:4d:0d:76:25:97:fb:f6:c0:
         04:bb:8c:8a:11:9d:82:bf:c7:82:89:af:76:a6:ab:60:64:d6:
         02:fe:3c:e5:5f:a3:11:e5:6e:07:c1:75:0d:36:78:98:47:57:
         7f:08:d7:33:e4:28:12:00:37:89:12:fb:0e:06:bd:2b:70:52:
         be:45:46:15:c6:b9:9c:84:d8:27:63:8a:77:12:b6:41:9e:d4:
         e6:91:2e:ea
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZABsx9NeI/A/DIYf0BlWfsDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwNjEwMTAzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTA1ZGFhOWMwNTg1NDM5YWIzZWIwNjJkMDk2YmFkZjg1ZTJhMGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6q5Eab8AN33fCD69wfWlRZ99ngz
Po+ROuLue1Zj9OznnV9svpKipOAv4oSxg45ya35UY6NbJwAgN86Kg28sXBdYp7kg
d20yhyAQz4C56oFf6BGx2WQC3eMn9x35KMfgflZg7z8Wv83vL1ThYJHrfTDCxlxV
SWp1yPCPZBJ7NVvy6kKosybY5Tng/EsCB7wxU3KnGLWPxnxUmVM04s4sQdwVsFoO
29nPa5R+1Kp9zR+NF1GvKhldPrpWPjpiwIhqXX24UJv7ptjvSdyXbqyTQZw8n6vb
2vSa8OJv+2ye6vQIwtY/Eb81W55hdBXNZ2vN2lb6fjI+rRPb82mdvHntmwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFDoF2qnAWFQ5qz6wYtCWut+F4qCqMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvT2dYYXFjQllWRG1yUHJCaTBKYTYzNFhpb0tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAE+SKID
BAM+SKADBAA+SLkDBAA+SL0wDAMEAVEVAgMEBFEVAAMEALA5PzANBgkqhkiG9w0B
AQsFAAOCAQEAh9KC3Ro92JfBh9gNA5Fm74r3xK3T5M5rFfzG3AMUuWd7v+8tIB9P
n84PjzpQTblyFTOtTIZ8z/YspWqVtahU68B4ITXvjLgztFhiBPWSi9tRNlWHbE0L
tYaAmk/+BfMlKg1oCNox5hp9/RaXlLzaM7Lj+tFIk951qjstPdlTF39vWxbKQ8tP
V/Cbx4NEvzjpJYZiooUuFza6hhifqPFeC0MIoU41nnLnzQ0Dhk0NdiWX+/bABLuM
ihGdgr/HgomvdqarYGTWAv485V+jEeVuB8F1DTZ4mEdXfwjXM+QoEgA3iRL7Dga9
K3BSvkVGFca5nITYJ2OKdxK2QZ7U5pEu6g==
-----END CERTIFICATE-----