Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/URtrPtnDp-3I55OLDNYCpP-cMsM.roa
File:                     URtrPtnDp-3I55OLDNYCpP-cMsM.roa (raw, json)
Hash identifier:          krAmRoH9aWgnos2EPSWLhFToLWga/2UAPc3y6EDRf1w=
Subject key identifier:   51:1B:6B:3E:D9:C3:A7:ED:C8:E7:93:8B:0C:D6:02:A4:FF:9C:32:C3
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       0190E3961EF0490E6916905CC888C48E6B10
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/URtrPtnDp-3I55OLDNYCpP-cMsM.roa
Signing time:             Wed 24 Jul 2024 07:13:04 +0000
ROA not before:           Wed 24 Jul 2024 07:13:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        62.72.162.0/23 maxlen: 23
                          62.72.164.0/22 maxlen: 22
                          62.72.164.0/23 maxlen: 23
                          62.72.189.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.4.0/22 maxlen: 24
                          81.21.6.0/24 maxlen: 24
                          81.21.8.0/24 maxlen: 24
                          81.21.9.0/24 maxlen: 24
                          81.21.10.0/23 maxlen: 23
                          81.21.11.0/24 maxlen: 24
                          81.21.12.0/22 maxlen: 24
                          81.21.12.0/24 maxlen: 24
                          81.21.14.0/23 maxlen: 24
                          81.21.14.0/24 maxlen: 24
                          81.21.15.0/24 maxlen: 24
                          176.57.57.0/24 maxlen: 24
                          176.57.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 28 Jul 2024 14:11:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:e3:96:1e:f0:49:0e:69:16:90:5c:c8:88:c4:8e:6b:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Jul 24 07:13:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=511b6b3ed9c3a7edc8e7938b0cd602a4ff9c32c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:bb:2b:0d:5b:0a:13:92:2b:0f:0d:51:e8:0c:
                    8b:0a:3d:77:a2:17:54:35:fd:51:61:46:24:54:8c:
                    19:40:d2:d5:f1:ce:95:42:62:c0:e0:23:4b:db:6a:
                    64:2c:53:fc:d0:ff:26:4a:fa:06:9c:25:3c:01:a0:
                    bd:ad:18:45:7e:96:eb:a0:b4:04:3c:38:f5:de:e5:
                    60:f9:c8:6f:5f:01:03:0b:8d:68:2b:23:b5:88:c7:
                    6c:4e:86:27:94:f0:f3:19:ee:1f:b4:37:51:58:e2:
                    84:f6:a5:bc:a7:60:8c:90:cd:ce:ef:58:c6:3e:a1:
                    98:20:32:de:25:f6:68:d7:b3:9e:f9:77:2f:d9:c0:
                    28:5e:4f:51:13:22:c3:54:ff:84:72:7e:01:ac:6e:
                    6f:01:f6:c7:24:f1:f6:1d:69:92:23:44:88:8c:29:
                    0c:40:76:dd:be:ef:13:4b:8c:c8:75:4c:03:0e:64:
                    b8:d5:2d:99:f2:50:99:04:66:e4:cf:95:5f:46:3e:
                    b5:64:fb:a3:1e:61:63:d1:cd:c0:00:55:c5:fd:1b:
                    28:12:2c:bb:7d:16:39:c8:b4:e8:d0:5d:2b:89:48:
                    15:e1:d8:c5:7d:87:8a:ff:d4:a8:02:0c:4f:5e:2a:
                    6e:ce:1a:03:a3:fc:e9:57:66:da:d4:b8:3a:b8:0c:
                    e2:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:1B:6B:3E:D9:C3:A7:ED:C8:E7:93:8B:0C:D6:02:A4:FF:9C:32:C3
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/URtrPtnDp-3I55OLDNYCpP-cMsM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.162.0-62.72.167.255
                  62.72.189.0/24
                  81.21.2.0-81.21.15.255
                  176.57.57.0/24
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:e2:4f:33:8f:1b:0b:dc:a5:66:e5:64:9f:f8:57:4c:26:de:
         94:61:4b:e8:b9:3b:fe:91:83:af:dc:28:69:c9:7c:ac:d4:4d:
         d0:48:84:31:18:0a:bb:30:48:bf:f9:4d:df:77:de:19:f3:3b:
         99:24:30:df:d4:cd:ad:f6:a6:8b:cd:9a:fb:1b:cd:bb:6e:fe:
         27:96:04:47:c5:de:64:8e:ee:4e:b7:09:53:06:ce:c1:78:38:
         e0:2a:17:80:2e:ee:83:95:70:0c:8d:13:2a:6e:c3:20:a6:1e:
         6b:e3:3c:9a:04:3d:2d:63:cc:b8:85:d1:45:5a:28:a4:6f:04:
         bb:6d:47:f9:15:2b:2a:43:0e:b7:cb:87:8d:e0:67:67:06:2b:
         b9:e4:9f:75:10:ca:55:c0:cd:83:df:6a:5d:27:fe:bd:31:99:
         be:e4:db:c7:b3:87:eb:03:1e:f8:d4:fa:6a:e3:3d:0a:eb:58:
         3d:55:cd:4a:98:a3:3e:bf:c6:12:08:1c:e2:8d:88:69:56:98:
         62:bd:58:79:8c:44:1c:b3:36:3c:b3:57:2b:65:f8:87:31:be:
         d9:71:51:12:4a:02:f2:d7:35:e0:84:b5:52:bb:e4:3d:00:a6:
         52:bc:c7:2f:ef:86:d4:3b:aa:36:6f:23:44:58:4a:ef:96:3f:
         dd:44:a7:b3
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZDjlh7wSQ5pFpBcyIjEjmsQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwNzI0MDcxMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTFiNmIzZWQ5YzNhN2VkYzhlNzkzOGIwY2Q2MDJhNGZmOWMzMmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbsrDVsKE5IrDw1R6AyLCj13ohdU
Nf1RYUYkVIwZQNLV8c6VQmLA4CNL22pkLFP80P8mSvoGnCU8AaC9rRhFfpbroLQE
PDj13uVg+chvXwEDC41oKyO1iMdsToYnlPDzGe4ftDdRWOKE9qW8p2CMkM3O71jG
PqGYIDLeJfZo17Oe+Xcv2cAoXk9REyLDVP+Ecn4BrG5vAfbHJPH2HWmSI0SIjCkM
QHbdvu8TS4zIdUwDDmS41S2Z8lCZBGbkz5VfRj61ZPujHmFj0c3AAFXF/RsoEiy7
fRY5yLTo0F0riUgV4djFfYeK/9SoAgxPXipuzhoDo/zpV2ba1Lg6uAziiQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFFEbaz7Zw6ftyOeTiwzWAqT/nDLDMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvVVJ0clB0bkRwLTNJNTVPTEROWUNwUC1jTXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAE+SKID
BAM+SKADBAA+SL0wDAMEAVEVAgMEBFEVAAMEALA5OQMEALA5PzANBgkqhkiG9w0B
AQsFAAOCAQEAN+JPM48bC9ylZuVkn/hXTCbelGFL6Lk7/pGDr9woacl8rNRN0EiE
MRgKuzBIv/lN33feGfM7mSQw39TNrfami82a+xvNu27+J5YER8XeZI7uTrcJUwbO
wXg44CoXgC7ug5VwDI0TKm7DIKYea+M8mgQ9LWPMuIXRRVoopG8Eu21H+RUrKkMO
t8uHjeBnZwYrueSfdRDKVcDNg99qXSf+vTGZvuTbx7OH6wMe+NT6auM9CutYPVXN
SpijPr/GEggc4o2IaVaYYr1YeYxEHLM2PLNXK2X4hzG+2XFREkoC8tc14IS1Urvk
PQCmUrzHL++G1DuqNm8jRFhK75Y/3USnsw==
-----END CERTIFICATE-----