Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/W99WlN7vCSbaDRjUpWznH-3NMWY.roa
File:                     W99WlN7vCSbaDRjUpWznH-3NMWY.roa (raw, json)
Hash identifier:          xMRIA1NdryHkty7jVTS1eowZP3yeoWCVzJnEAzhutbY=
Subject key identifier:   5B:DF:56:94:DE:EF:09:26:DA:0D:18:D4:A5:6C:E7:1F:ED:CD:31:66
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018C7B9E1286340908FDCB29F6E5475A6040
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/W99WlN7vCSbaDRjUpWznH-3NMWY.roa
Signing time:             Mon 18 Dec 2023 06:30:06 +0000
ROA not before:           Mon 18 Dec 2023 06:30:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        62.72.162.0/23 maxlen: 23
                          62.72.164.0/23 maxlen: 23
                          62.72.164.0/22 maxlen: 22
                          62.72.160.0/24 maxlen: 24
                          62.72.184.0/22 maxlen: 22
                          62.72.181.0/24 maxlen: 24
                          81.21.12.0/22 maxlen: 24
                          81.21.14.0/23 maxlen: 24
                          176.57.51.0/24 maxlen: 24
                          176.57.53.0/24 maxlen: 24
                          176.57.58.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.4.0/22 maxlen: 24
                          176.57.59.0/24 maxlen: 24
                          81.21.10.0/23 maxlen: 23
                          176.57.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Dec 2023 06:33:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:7b:9e:12:86:34:09:08:fd:cb:29:f6:e5:47:5a:60:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Dec 18 06:30:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5bdf5694deef0926da0d18d4a56ce71fedcd3166
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:cb:53:9a:8d:26:8b:9b:6a:18:11:3f:41:1f:
                    66:c0:a1:a7:92:82:04:e2:bd:df:11:86:70:08:ce:
                    f1:b9:4e:84:76:82:6d:1f:76:59:b4:61:17:45:9e:
                    a9:6d:7a:53:89:5e:88:eb:a1:d7:28:0b:84:41:6b:
                    9a:f4:eb:19:a4:7c:60:30:9e:dc:f8:37:60:9b:42:
                    48:d1:4a:37:2c:3d:41:76:fb:34:0d:5d:b9:2f:25:
                    98:bf:41:dc:2b:a3:62:01:b3:81:2e:09:49:1e:62:
                    2d:69:01:ea:28:86:4f:97:a5:36:56:a7:ef:29:af:
                    e9:ca:70:0f:6b:21:83:de:f8:78:f1:14:4c:44:ae:
                    eb:9a:83:a6:1e:9f:22:87:43:19:fe:92:47:c5:11:
                    4b:16:16:3f:42:4b:2f:68:93:cf:56:e8:d3:3b:22:
                    9d:2c:ae:0a:e4:f9:6d:fa:3c:d7:1c:86:3e:aa:87:
                    3a:35:99:4f:77:99:94:4e:a9:a4:e5:77:82:7a:d2:
                    70:00:e9:df:42:68:dd:63:15:7c:07:91:47:c8:4a:
                    df:27:c2:59:c2:8e:9f:3e:06:4b:68:c1:7d:a4:99:
                    5e:03:d5:64:77:cf:d3:20:56:e0:b4:df:51:84:3c:
                    9f:96:52:d4:a7:91:76:b2:aa:ac:17:95:d9:0b:97:
                    ca:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:DF:56:94:DE:EF:09:26:DA:0D:18:D4:A5:6C:E7:1F:ED:CD:31:66
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/W99WlN7vCSbaDRjUpWznH-3NMWY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.160.0/24
                  62.72.162.0-62.72.167.255
                  62.72.181.0/24
                  62.72.184.0/22
                  81.21.2.0-81.21.7.255
                  81.21.10.0-81.21.15.255
                  176.57.51.0/24
                  176.57.53.0/24
                  176.57.58.0/23
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:b0:4a:47:1c:f1:5e:53:6b:ff:21:0f:7e:85:d1:02:c1:cc:
         b1:f8:a8:cc:f3:57:62:77:61:10:af:dc:aa:3f:34:a7:33:d9:
         57:2f:f4:b7:36:b2:81:4c:8d:12:19:64:65:c9:d1:df:cc:62:
         1b:44:8f:d8:ba:69:78:45:53:0b:36:1a:38:98:7f:47:72:97:
         4c:20:bb:8a:a5:8b:fa:68:d2:dd:45:d7:08:fe:5d:b3:f0:8d:
         7b:33:31:71:db:69:c9:61:70:9e:05:4b:d3:2e:7b:41:17:4a:
         03:4a:57:67:ce:3f:89:5f:a2:ca:e9:bb:08:34:7c:3c:8a:a7:
         75:c9:3a:68:dc:09:58:bd:b4:51:50:2c:31:fc:53:07:a4:07:
         24:1f:d7:c1:13:7a:7b:ce:4a:cb:fb:c4:ff:a6:64:da:94:4b:
         d4:7f:96:0f:a4:80:c2:f8:c9:f7:28:c5:bc:b5:74:66:aa:df:
         55:27:92:14:49:74:81:58:92:52:91:ed:85:f1:36:96:2c:10:
         5d:82:36:5d:be:88:05:ff:a1:bb:7c:b9:84:07:72:50:8d:1e:
         7a:60:cf:8d:f8:ca:6b:1d:5f:49:c9:6c:88:0a:3f:6f:85:d9:
         70:3b:d4:44:56:eb:41:75:08:2b:df:22:a9:08:a1:c2:46:0e:
         09:73:ac:bd
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYx7nhKGNAkI/csp9uVHWmBAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMxMjE4MDYzMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmRmNTY5NGRlZWYwOTI2ZGEwZDE4ZDRhNTZjZTcxZmVkY2QzMTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsctTmo0mi5tqGBE/QR9mwKGnkoIE
4r3fEYZwCM7xuU6EdoJtH3ZZtGEXRZ6pbXpTiV6I66HXKAuEQWua9OsZpHxgMJ7c
+Ddgm0JI0Uo3LD1Bdvs0DV25LyWYv0HcK6NiAbOBLglJHmItaQHqKIZPl6U2Vqfv
Ka/pynAPayGD3vh48RRMRK7rmoOmHp8ih0MZ/pJHxRFLFhY/QksvaJPPVujTOyKd
LK4K5Plt+jzXHIY+qoc6NZlPd5mUTqmk5XeCetJwAOnfQmjdYxV8B5FHyErfJ8JZ
wo6fPgZLaMF9pJleA9Vkd8/TIFbgtN9RhDyfllLUp5F2sqqsF5XZC5fKlQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFFvfVpTe7wkm2g0Y1KVs5x/tzTFmMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvVzk5V2xON3ZDU2JhRFJqVXBXem5ILTNOTVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAPkigMAwD
BAE+SKIDBAM+SKADBAA+SLUDBAI+SLgwDAMEAVEVAgMEA1EVADAMAwQBURUKAwQE
URUAAwQAsDkzAwQAsDk1AwQBsDk6AwQAsDk/MA0GCSqGSIb3DQEBCwUAA4IBAQAV
sEpHHPFeU2v/IQ9+hdECwcyx+KjM81did2EQr9yqPzSnM9lXL/S3NrKBTI0SGWRl
ydHfzGIbRI/Yuml4RVMLNho4mH9HcpdMILuKpYv6aNLdRdcI/l2z8I17MzFx22nJ
YXCeBUvTLntBF0oDSldnzj+JX6LK6bsINHw8iqd1yTpo3AlYvbRRUCwx/FMHpAck
H9fBE3p7zkrL+8T/pmTalEvUf5YPpIDC+Mn3KMW8tXRmqt9VJ5IUSXSBWJJSke2F
8TaWLBBdgjZdvogF/6G7fLmEB3JQjR56YM+N+MprHV9JyWyICj9vhdlwO9REVutB
dQgr3yKpCKHCRg4Jc6y9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:54 2024 by rpki-client on console-fra.rpki-client.org