Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/RFxZ_CZlP9P-3RMQPYJzMOePhhY.roa
File:                     RFxZ_CZlP9P-3RMQPYJzMOePhhY.roa (raw, json)
Hash identifier:          osHmfYfwXX1Q3QF9cobHeBXJXMId9YTrNRRSutk15eY=
Subject key identifier:   44:5C:59:FC:26:65:3F:D3:FE:DD:13:10:3D:82:73:30:E7:8F:86:16
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018610D3A8ED493193031646016233123008
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/RFxZ_CZlP9P-3RMQPYJzMOePhhY.roa
Signing time:             Thu 02 Feb 2023 06:32:32 +0000
ROA not before:           Thu 02 Feb 2023 06:32:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209260
IP address blocks:        62.72.164.0/24 maxlen: 24
                          62.72.162.0/24 maxlen: 24
                          62.72.163.0/24 maxlen: 24
                          62.72.160.0/24 maxlen: 24
                          62.72.161.0/24 maxlen: 24
                          62.72.171.0/24 maxlen: 24
                          62.72.169.0/24 maxlen: 24
                          62.72.170.0/24 maxlen: 24
                          62.72.168.0/24 maxlen: 24
                          62.72.174.0/24 maxlen: 24
                          62.72.175.0/24 maxlen: 24
                          62.72.173.0/24 maxlen: 24
                          62.72.176.0/24 maxlen: 24
                          62.72.183.0/24 maxlen: 24
                          62.72.184.0/24 maxlen: 24
                          62.72.190.0/24 maxlen: 24
                          176.57.62.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 06 Feb 2023 08:18:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:10:d3:a8:ed:49:31:93:03:16:46:01:62:33:12:30:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Feb  2 06:32:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=445c59fc26653fd3fedd13103d827330e78f8616
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:63:0f:3a:fd:09:66:4f:10:59:a5:11:4d:ca:
                    0c:d9:45:57:d0:ca:f3:54:16:ac:d3:45:69:fc:0e:
                    21:26:70:7f:56:ba:16:7f:97:24:75:9a:5f:a2:82:
                    0f:8d:0b:2d:47:7a:7f:49:72:27:33:b1:03:80:a5:
                    10:62:a3:af:2b:0b:45:59:a6:23:47:3c:c0:d4:cb:
                    14:80:f4:23:d3:41:19:59:d3:4b:d6:98:14:4b:f3:
                    5d:38:d3:65:77:4f:28:12:3a:dd:ac:cc:22:b9:ce:
                    de:a3:04:d2:e9:9a:5a:a4:1e:2f:e6:df:b7:aa:4e:
                    2a:f3:94:0a:ec:81:30:64:d7:ba:e0:70:34:f5:ab:
                    43:ba:51:f8:b6:84:52:12:2d:77:59:ca:26:9b:87:
                    6e:6c:f4:ed:5f:fa:af:aa:d6:b7:2a:08:0d:3a:8f:
                    46:fb:9c:db:c7:7b:6c:38:bc:3f:99:4a:f9:46:f4:
                    7a:d5:9d:5e:7b:49:b9:57:6e:cb:c8:e0:4c:7c:f4:
                    a8:c0:38:1c:b2:b1:0b:01:47:fe:e7:af:8a:3a:2b:
                    70:38:d9:2b:92:0b:9e:d8:79:27:79:bc:44:8f:44:
                    cb:56:b0:08:d3:17:9a:66:5a:85:ed:2e:7f:8a:9e:
                    22:40:dc:c6:c3:b2:ee:b8:fe:8f:1f:a9:bd:f7:83:
                    25:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:5C:59:FC:26:65:3F:D3:FE:DD:13:10:3D:82:73:30:E7:8F:86:16
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/RFxZ_CZlP9P-3RMQPYJzMOePhhY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.160.0-62.72.164.255
                  62.72.168.0/22
                  62.72.173.0-62.72.176.255
                  62.72.183.0-62.72.184.255
                  62.72.190.0/24
                  176.57.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:a1:37:f9:b4:b5:c7:f6:82:91:c7:ad:5d:f7:04:ad:95:3c:
         2d:31:69:15:13:86:1a:fe:70:71:df:15:a1:15:d5:f7:82:29:
         d6:37:9d:f8:2a:5e:d9:33:f2:04:05:f4:0c:53:8c:dc:d7:cc:
         93:4d:8a:d1:d1:b6:82:c8:7e:48:4d:41:80:5b:52:7e:32:c4:
         d6:81:61:e5:22:15:e7:65:28:7d:0e:59:9d:78:79:1d:8e:08:
         e6:c9:90:f4:06:e9:7b:3b:d3:43:a7:3f:68:a1:fc:2c:c4:0c:
         3f:4b:4a:a7:f2:13:cb:cc:c5:c8:25:2e:e3:17:0e:96:30:7e:
         8b:43:15:94:e6:a8:fe:dc:8f:ed:9e:6a:7c:ba:d9:af:75:52:
         87:bb:8a:61:b4:d9:41:c8:a8:e4:f6:41:56:98:e7:e8:1b:ff:
         b5:07:aa:0d:b8:08:fd:3b:db:34:0f:2e:a8:93:16:de:03:98:
         91:5c:d6:47:b8:63:59:09:30:bf:da:57:a8:d0:a0:37:76:2e:
         1e:15:99:9a:48:51:1f:57:ca:1b:76:4c:e2:21:9e:6d:df:88:
         46:c9:ef:77:be:4e:05:48:4b:f8:1f:b1:a1:b8:57:46:fd:c8:
         1b:44:4f:33:86:e2:b3:cf:99:f1:7b:12:34:0f:6b:6f:d0:ff:
         b4:2a:63:d8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYYQ06jtSTGTAxZGAWIzEjAIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwMjAyMDYzMjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDVjNTlmYzI2NjUzZmQzZmVkZDEzMTAzZDgyNzMzMGU3OGY4NjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWMPOv0JZk8QWaURTcoM2UVX0Mrz
VBas00Vp/A4hJnB/VroWf5ckdZpfooIPjQstR3p/SXInM7EDgKUQYqOvKwtFWaYj
RzzA1MsUgPQj00EZWdNL1pgUS/NdONNld08oEjrdrMwiuc7eowTS6ZpapB4v5t+3
qk4q85QK7IEwZNe64HA09atDulH4toRSEi13Wcomm4dubPTtX/qvqta3KggNOo9G
+5zbx3tsOLw/mUr5RvR61Z1ee0m5V27LyOBMfPSowDgcsrELAUf+56+KOitwONkr
kgue2HknebxEj0TLVrAI0xeaZlqF7S5/ip4iQNzGw7LuuP6PH6m994MlnQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFERcWfwmZT/T/t0TED2CczDnj4YWMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvUkZ4Wl9DWmxQOVAtM1JNUVBZSnpNT2VQaGhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8MAwDBAU+SKAD
BAA+SKQDBAI+SKgwDAMEAD5IrQMEAD5IsDAMAwQAPki3AwQAPki4AwQAPki+AwQA
sDk+MA0GCSqGSIb3DQEBCwUAA4IBAQCuoTf5tLXH9oKRx61d9wStlTwtMWkVE4Ya
/nBx3xWhFdX3ginWN534Kl7ZM/IEBfQMU4zc18yTTYrR0baCyH5ITUGAW1J+MsTW
gWHlIhXnZSh9DlmdeHkdjgjmyZD0Bul7O9NDpz9oofwsxAw/S0qn8hPLzMXIJS7j
Fw6WMH6LQxWU5qj+3I/tnmp8utmvdVKHu4phtNlByKjk9kFWmOfoG/+1B6oNuAj9
O9s0Dy6okxbeA5iRXNZHuGNZCTC/2leo0KA3di4eFZmaSFEfV8obdkziIZ5t34hG
ye93vk4FSEv4H7GhuFdG/cgbRE8zhuKzz5nxexI0D2tv0P+0KmPY
-----END CERTIFICATE-----