Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/UeJqW0s2t-WPS7IB31eonMjrGds.roa
File:                     UeJqW0s2t-WPS7IB31eonMjrGds.roa (raw, json)
Hash identifier:          TiXyS/rRmsvWDzLgRyheC1q0niQ+rF/BtaY46ZgIPqg=
Subject key identifier:   51:E2:6A:5B:4B:36:B7:E5:8F:4B:B2:01:DF:57:A8:9C:C8:EB:19:DB
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018BA9545377525487B1277FF4F2A12A9234
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/UeJqW0s2t-WPS7IB31eonMjrGds.roa
Signing time:             Tue 07 Nov 2023 10:29:17 +0000
ROA not before:           Tue 07 Nov 2023 10:29:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        81.21.12.0/22 maxlen: 24
                          81.21.14.0/23 maxlen: 24
                          176.57.51.0/24 maxlen: 24
                          176.57.53.0/24 maxlen: 24
                          176.57.58.0/24 maxlen: 24
                          176.57.59.0/24 maxlen: 24
                          176.57.63.0/24 maxlen: 24
                          62.72.162.0/24 maxlen: 24
                          62.72.162.0/23 maxlen: 23
                          62.72.163.0/24 maxlen: 24
                          62.72.164.0/23 maxlen: 23
                          62.72.164.0/24 maxlen: 24
                          62.72.165.0/24 maxlen: 24
                          62.72.164.0/22 maxlen: 22
                          62.72.166.0/24 maxlen: 24
                          62.72.169.0/24 maxlen: 24
                          62.72.168.0/22 maxlen: 22
                          62.72.170.0/24 maxlen: 24
                          62.72.167.0/24 maxlen: 24
                          62.72.168.0/24 maxlen: 24
                          62.72.179.0/24 maxlen: 24
                          62.72.173.0/24 maxlen: 24
                          62.72.174.0/23 maxlen: 23
                          62.72.174.0/24 maxlen: 24
                          62.72.175.0/24 maxlen: 24
                          62.72.185.0/24 maxlen: 24
                          62.72.186.0/24 maxlen: 24
                          62.72.180.0/23 maxlen: 23
                          62.72.184.0/22 maxlen: 22
                          62.72.181.0/24 maxlen: 24
                          62.72.182.0/24 maxlen: 24
                          62.72.191.0/24 maxlen: 24
                          62.72.187.0/24 maxlen: 24
                          62.72.188.0/24 maxlen: 24
                          62.72.189.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.4.0/22 maxlen: 24
                          81.21.10.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Thu 09 Nov 2023 06:42:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:a9:54:53:77:52:54:87:b1:27:7f:f4:f2:a1:2a:92:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Nov  7 10:29:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=51e26a5b4b36b7e58f4bb201df57a89cc8eb19db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:9d:d5:0e:83:f1:4d:e9:cb:56:e8:db:58:cd:
                    06:76:0d:77:23:e9:46:eb:52:e3:ec:87:cd:8f:e7:
                    51:87:d1:65:ed:6a:19:1d:62:3e:03:84:a0:5d:16:
                    83:eb:09:93:76:eb:b1:10:ed:de:2f:c0:2d:94:17:
                    a0:e9:23:ca:5c:68:a6:3b:4d:16:85:0d:d6:8e:93:
                    d4:c8:a1:6e:27:f1:61:c6:65:2d:96:a1:16:b3:95:
                    55:cd:62:f8:c4:b6:f6:32:c7:fb:38:53:95:3e:aa:
                    92:0b:c4:2e:8a:3c:19:41:19:33:cf:35:8d:a3:91:
                    a2:90:8c:9c:42:8e:1b:f5:09:6d:10:d6:0f:fb:74:
                    ea:cc:d5:d5:cb:d3:e2:89:69:f1:13:4d:25:81:89:
                    ab:ed:3c:b2:f2:f4:a5:b4:ca:2f:5c:4e:5b:23:d5:
                    07:60:39:0f:b5:d8:a3:46:6d:26:1a:f5:3a:35:eb:
                    6e:ae:af:7a:40:e4:8d:01:fe:0e:6f:76:49:f4:c2:
                    d0:50:93:c0:d9:9b:ac:b0:10:9a:b6:a6:ee:70:85:
                    e5:d6:fa:65:c1:9a:95:fa:24:46:fb:23:7f:7a:c0:
                    a0:1d:1a:17:76:39:7d:56:89:36:cc:c6:51:42:b1:
                    d2:5d:07:84:b0:a3:1d:9d:5f:f2:18:02:f6:7d:1f:
                    82:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:E2:6A:5B:4B:36:B7:E5:8F:4B:B2:01:DF:57:A8:9C:C8:EB:19:DB
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/UeJqW0s2t-WPS7IB31eonMjrGds.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.162.0-62.72.171.255
                  62.72.173.0-62.72.175.255
                  62.72.179.0-62.72.182.255
                  62.72.184.0-62.72.189.255
                  62.72.191.0/24
                  81.21.2.0-81.21.7.255
                  81.21.10.0-81.21.15.255
                  176.57.51.0/24
                  176.57.53.0/24
                  176.57.58.0/23
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:3f:ef:58:70:9b:ac:a1:5e:f0:65:06:3a:06:f4:0b:b9:3e:
         f5:a7:42:83:28:2e:82:f0:45:50:c6:3e:53:aa:fa:c0:af:7b:
         21:80:fd:7f:ba:75:1f:ec:09:17:11:fd:1d:dd:5a:17:d9:07:
         74:5b:c6:23:d3:5d:99:60:6f:06:8c:6f:dc:28:6d:f6:8d:f9:
         b1:d4:7f:c9:f4:01:50:1b:0e:7d:0c:4f:c5:b4:7c:82:1d:ee:
         e9:0a:ed:a7:8f:4b:7d:04:16:8b:e6:d4:65:ee:8a:e2:39:5c:
         b2:b6:b9:85:a9:7e:b4:17:9a:54:81:38:71:e6:26:4d:1b:ba:
         77:53:b1:55:a6:e6:2e:ff:8e:35:a1:89:6a:dc:73:15:5a:b2:
         2c:19:28:1b:f0:78:a7:f9:01:0b:dc:6d:f1:8e:cc:26:f4:cf:
         06:bc:86:87:0c:76:b3:dc:7b:f0:09:17:b3:59:a0:97:4d:4a:
         d4:c3:b0:7b:ec:53:b7:0b:64:44:de:36:13:3a:32:1f:09:3e:
         e9:5d:d0:c2:19:bc:9e:25:81:52:1d:35:4e:d9:de:fe:60:e1:
         5b:7f:76:b2:77:c6:0e:f6:b6:34:e3:c0:f7:bd:56:34:59:8d:
         15:5a:1e:db:12:a1:5d:16:3f:84:23:9e:89:f2:42:91:d8:d6:
         f9:da:71:37
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYupVFN3UlSHsSd/9PKhKpI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMxMTA3MTAyOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWUyNmE1YjRiMzZiN2U1OGY0YmIyMDFkZjU3YTg5Y2M4ZWIxOWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZ3VDoPxTenLVujbWM0Gdg13I+lG
61Lj7IfNj+dRh9Fl7WoZHWI+A4SgXRaD6wmTduuxEO3eL8AtlBeg6SPKXGimO00W
hQ3WjpPUyKFuJ/FhxmUtlqEWs5VVzWL4xLb2Msf7OFOVPqqSC8QuijwZQRkzzzWN
o5GikIycQo4b9QltENYP+3TqzNXVy9PiiWnxE00lgYmr7Tyy8vSltMovXE5bI9UH
YDkPtdijRm0mGvU6Neturq96QOSNAf4Ob3ZJ9MLQUJPA2ZussBCatqbucIXl1vpl
wZqV+iRG+yN/esCgHRoXdjl9Vok2zMZRQrHSXQeEsKMdnV/yGAL2fR+CswIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFFHialtLNrflj0uyAd9XqJzI6xnbMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvVWVKcVcwczJ0LVdQUzdJQjMxZW9uTWpyR2RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcjAMAwQBPkii
AwQCPkioMAwDBAA+SK0DBAQ+SKAwDAMEAD5IswMEAD5ItjAMAwQDPki4AwQBPki8
AwQAPki/MAwDBAFRFQIDBANRFQAwDAMEAVEVCgMEBFEVAAMEALA5MwMEALA5NQME
AbA5OgMEALA5PzANBgkqhkiG9w0BAQsFAAOCAQEApj/vWHCbrKFe8GUGOgb0C7k+
9adCgygugvBFUMY+U6r6wK97IYD9f7p1H+wJFxH9Hd1aF9kHdFvGI9NdmWBvBoxv
3Cht9o35sdR/yfQBUBsOfQxPxbR8gh3u6Qrtp49LfQQWi+bUZe6K4jlcsra5hal+
tBeaVIE4ceYmTRu6d1OxVabmLv+ONaGJatxzFVqyLBkoG/B4p/kBC9xt8Y7MJvTP
BryGhwx2s9x78AkXs1mgl01K1MOwe+xTtwtkRN42EzoyHwk+6V3Qwhm8niWBUh01
Ttne/mDhW392snfGDva2NOPA971WNFmNFVoe2xKhXRY/hCOeifJCkdjW+dpxNw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:54 2024 by rpki-client on console-fra.rpki-client.org