Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/REMgjq_-yBVoc4V_7AjXwF8e_kk.roa
File:                     REMgjq_-yBVoc4V_7AjXwF8e_kk.roa (raw, json)
Hash identifier:          z6Q1/p8hKU2L/Xd+7txYAeEF1ofCWMecWVDhQ9jyXKQ=
Subject key identifier:   44:43:20:8E:AF:FE:C8:15:68:73:85:7F:EC:08:D7:C0:5F:1E:FE:49
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018C670A216CA275A6DAC99EA191952A9832
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/REMgjq_-yBVoc4V_7AjXwF8e_kk.roa
Signing time:             Thu 14 Dec 2023 06:36:06 +0000
ROA not before:           Thu 14 Dec 2023 06:36:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        62.72.162.0/23 maxlen: 23
                          62.72.164.0/23 maxlen: 23
                          62.72.164.0/22 maxlen: 22
                          62.72.168.0/22 maxlen: 22
                          62.72.170.0/24 maxlen: 24
                          62.72.171.0/24 maxlen: 24
                          62.72.174.0/23 maxlen: 23
                          62.72.174.0/24 maxlen: 24
                          62.72.175.0/24 maxlen: 24
                          62.72.180.0/23 maxlen: 23
                          62.72.184.0/22 maxlen: 22
                          81.21.12.0/22 maxlen: 24
                          81.21.14.0/23 maxlen: 24
                          176.57.51.0/24 maxlen: 24
                          176.57.53.0/24 maxlen: 24
                          176.57.58.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.4.0/22 maxlen: 24
                          176.57.59.0/24 maxlen: 24
                          81.21.10.0/23 maxlen: 23
                          176.57.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 14 Dec 2023 11:13:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:67:0a:21:6c:a2:75:a6:da:c9:9e:a1:91:95:2a:98:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Dec 14 06:36:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4443208eaffec8156873857fec08d7c05f1efe49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:0a:a9:d3:ce:2c:bd:9c:8f:2d:0b:aa:0d:fe:
                    39:6a:6c:9e:9a:d3:d4:40:99:bb:79:c4:9a:b3:2c:
                    6b:c7:a4:57:f2:fd:b4:17:08:74:cf:4c:3a:8d:77:
                    46:17:91:53:f5:ba:ff:bf:a0:f5:6c:81:04:dd:69:
                    d0:01:9f:d8:74:38:3c:59:fe:74:48:ea:e4:6e:e1:
                    dc:3a:d5:49:2d:d6:c8:dd:70:a7:04:3e:1c:99:76:
                    00:ae:b8:e4:be:29:01:58:67:85:5f:07:15:0b:c8:
                    5a:54:9c:87:5b:72:a7:7c:5b:d1:94:78:7f:a4:b4:
                    24:0b:84:5f:71:0d:14:38:d8:c8:66:2e:4a:fd:ad:
                    e1:df:03:40:81:c1:b7:31:b5:f1:22:64:59:d6:9b:
                    23:5f:0f:b2:3a:d2:f4:36:c1:dc:ed:de:b0:5e:a0:
                    ca:72:64:89:08:8d:13:5c:48:9b:d9:62:3d:e2:9a:
                    51:ca:40:e9:bb:97:f2:e2:1a:2a:17:55:84:7c:22:
                    45:08:dc:28:9b:23:f5:e9:d2:8f:c5:21:9a:5d:e0:
                    b9:c0:81:b1:b7:9c:21:aa:21:80:b2:b7:8a:f4:bf:
                    6d:43:0f:fb:e4:74:63:10:20:27:f4:4c:70:9b:b4:
                    58:4c:bc:48:5d:e1:7b:b0:6a:29:2c:f6:51:0d:9e:
                    67:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:43:20:8E:AF:FE:C8:15:68:73:85:7F:EC:08:D7:C0:5F:1E:FE:49
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/REMgjq_-yBVoc4V_7AjXwF8e_kk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.162.0-62.72.171.255
                  62.72.174.0/23
                  62.72.180.0/23
                  62.72.184.0/22
                  81.21.2.0-81.21.7.255
                  81.21.10.0-81.21.15.255
                  176.57.51.0/24
                  176.57.53.0/24
                  176.57.58.0/23
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:ad:ab:2d:92:1f:30:85:b0:a2:41:3e:35:4f:4d:29:39:e1:
         20:75:fe:a7:f4:d3:d8:e4:06:4d:37:c3:12:a6:a8:ce:46:ad:
         4d:85:c9:d2:3b:6c:bf:93:36:db:bf:d7:66:2b:45:cf:0b:07:
         24:56:af:49:82:d3:d0:55:ea:65:5f:4b:a9:ec:b4:6b:49:1c:
         9e:61:1a:a3:16:2c:a3:bf:a7:f0:6c:94:8f:15:7d:4c:2d:60:
         72:b8:42:7b:61:68:79:47:91:a5:81:bc:a8:42:54:f5:10:67:
         51:f5:45:b7:e8:ee:01:92:ff:ac:49:2a:13:b5:e8:6e:f0:2e:
         eb:0f:a3:ce:b5:b7:20:99:94:46:68:06:54:29:60:eb:75:07:
         0a:40:99:37:cc:7e:ce:65:7f:1d:18:61:6f:67:cc:68:01:41:
         78:c2:7e:99:36:2e:17:78:d8:18:12:c2:3a:50:49:35:70:d8:
         1e:f0:32:c2:ee:88:2f:0c:a9:e4:d7:bd:67:67:67:5d:c9:d1:
         64:60:03:5b:74:0f:b1:56:e8:8e:25:1f:dd:c8:c0:1e:59:77:
         30:ba:66:af:79:45:18:22:d6:0c:2e:60:e7:8a:cf:fd:56:a2:
         48:4e:97:c2:92:cf:36:f4:7d:d4:9a:39:a2:8a:35:a8:43:1f:
         e8:dc:1b:b4
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYxnCiFsonWm2smeoZGVKpgyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMxMjE0MDYzNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDQzMjA4ZWFmZmVjODE1Njg3Mzg1N2ZlYzA4ZDdjMDVmMWVmZTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAqp084svZyPLQuqDf45amyemtPU
QJm7ecSasyxrx6RX8v20Fwh0z0w6jXdGF5FT9br/v6D1bIEE3WnQAZ/YdDg8Wf50
SOrkbuHcOtVJLdbI3XCnBD4cmXYArrjkvikBWGeFXwcVC8haVJyHW3KnfFvRlHh/
pLQkC4RfcQ0UONjIZi5K/a3h3wNAgcG3MbXxImRZ1psjXw+yOtL0NsHc7d6wXqDK
cmSJCI0TXEib2WI94ppRykDpu5fy4hoqF1WEfCJFCNwomyP16dKPxSGaXeC5wIGx
t5whqiGAsreK9L9tQw/75HRjECAn9Exwm7RYTLxIXeF7sGopLPZRDZ5naQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFERDII6v/sgVaHOFf+wI18BfHv5JMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvUkVNZ2pxXy15QlZvYzRWXzdBalh3RjhlX2trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUMAwDBAE+SKID
BAI+SKgDBAE+SK4DBAE+SLQDBAI+SLgwDAMEAVEVAgMEA1EVADAMAwQBURUKAwQE
URUAAwQAsDkzAwQAsDk1AwQBsDk6AwQAsDk/MA0GCSqGSIb3DQEBCwUAA4IBAQBI
rastkh8whbCiQT41T00pOeEgdf6n9NPY5AZNN8MSpqjORq1NhcnSO2y/kzbbv9dm
K0XPCwckVq9JgtPQVeplX0up7LRrSRyeYRqjFiyjv6fwbJSPFX1MLWByuEJ7YWh5
R5GlgbyoQlT1EGdR9UW36O4Bkv+sSSoTtehu8C7rD6POtbcgmZRGaAZUKWDrdQcK
QJk3zH7OZX8dGGFvZ8xoAUF4wn6ZNi4XeNgYEsI6UEk1cNge8DLC7ogvDKnk171n
Z2ddydFkYANbdA+xVuiOJR/dyMAeWXcwumaveUUYItYMLmDnis/9VqJITpfCks82
9H3UmjmiijWoQx/o3Bu0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:54 2024 by rpki-client on console-fra.rpki-client.org