Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/XwJhJKSLGF6oe7tM6JpozSwjB0w.roa
File:                     XwJhJKSLGF6oe7tM6JpozSwjB0w.roa (raw, json)
Hash identifier:          QU85JLIif3x6kfsOcn7LEXgVuFs7XEgU+6itSYlXpBk=
Subject key identifier:   5F:02:61:24:A4:8B:18:5E:A8:7B:BB:4C:E8:9A:68:CD:2C:23:07:4C
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       0188CD8CECA4D8B5DF98E77DB56B738006BE
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/XwJhJKSLGF6oe7tM6JpozSwjB0w.roa
Signing time:             Sun 18 Jun 2023 08:09:04 +0000
ROA not before:           Sun 18 Jun 2023 08:09:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        62.72.162.0/24 maxlen: 24
                          62.72.161.0/24 maxlen: 24
                          62.72.185.0/24 maxlen: 24
                          62.72.186.0/24 maxlen: 24
                          62.72.190.0/24 maxlen: 24
                          62.72.191.0/24 maxlen: 24
                          62.72.187.0/24 maxlen: 24
                          176.57.63.0/24 maxlen: 24
                          81.21.12.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 19 Jun 2023 06:28:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:cd:8c:ec:a4:d8:b5:df:98:e7:7d:b5:6b:73:80:06:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Jun 18 08:09:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5f026124a48b185ea87bbb4ce89a68cd2c23074c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:34:4d:06:ba:c0:c5:9c:87:a3:f4:1e:41:17:
                    d2:b8:31:2f:4f:cb:51:2c:42:f4:42:ad:29:d3:07:
                    40:d1:43:a3:08:0c:1b:50:36:8c:e1:12:69:87:82:
                    4d:a1:b1:b0:d6:86:5c:38:0c:aa:b5:24:95:cc:09:
                    78:4e:b6:75:64:fd:bf:b1:f9:31:83:d4:df:3c:ea:
                    d4:11:ad:3a:b7:c4:0e:06:ad:35:36:4c:62:54:01:
                    2b:7a:87:41:18:c5:cb:cc:d1:84:43:f4:db:a4:7e:
                    6a:b2:6b:e2:a3:46:25:ba:25:18:12:d5:38:2a:ac:
                    10:4a:2c:81:15:0d:56:f8:32:cb:be:9d:3c:21:2c:
                    e4:87:68:5d:55:4f:b0:fa:3d:b7:34:c6:f9:b7:0d:
                    2c:7e:b3:f8:77:d3:6c:42:7c:82:38:06:36:1f:d1:
                    53:15:32:39:fa:d4:39:48:3d:98:04:ac:4f:b4:e3:
                    96:12:ba:12:3d:e5:3c:ab:7c:4c:ba:2c:2d:89:d0:
                    c6:b8:e5:d5:f9:63:5f:09:0b:5d:48:ad:4d:bb:c9:
                    cb:24:74:d6:15:95:14:ec:40:1b:3e:3a:f9:50:c3:
                    f6:80:91:2d:b6:1c:0a:43:8a:4b:4c:ee:1e:2c:5b:
                    6e:91:37:29:07:84:30:ce:5c:3b:08:c3:17:2b:71:
                    36:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:02:61:24:A4:8B:18:5E:A8:7B:BB:4C:E8:9A:68:CD:2C:23:07:4C
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/XwJhJKSLGF6oe7tM6JpozSwjB0w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.161.0-62.72.162.255
                  62.72.185.0-62.72.187.255
                  62.72.190.0/23
                  81.21.12.0/22
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:1c:11:8c:91:a7:c9:2e:58:06:52:06:a4:b0:20:b7:2b:29:
         77:d0:c8:79:d2:fe:f1:3f:c3:34:f7:79:58:d9:64:af:4f:d4:
         ac:ee:cc:aa:4e:4b:9e:d3:9a:4b:4e:ec:7f:a0:aa:6a:0b:41:
         e5:a0:20:96:2f:80:e2:a9:a1:57:d9:3a:e1:8c:e2:3b:c8:64:
         b0:57:09:7a:78:f4:dd:76:7d:fe:2e:21:d2:b5:8c:5f:3d:bf:
         c8:47:91:c7:98:22:6e:f5:9d:7b:a1:52:30:5f:97:46:ef:fa:
         28:ab:0f:04:c5:6f:ab:ea:80:50:bb:c5:38:cc:e3:84:04:72:
         d5:72:0a:89:9b:c7:9f:e9:6f:e8:3e:d4:2a:a4:f5:47:2c:b4:
         5a:04:f6:a7:b5:d7:24:ec:16:08:15:21:45:09:48:83:e2:50:
         9f:72:0c:19:36:09:79:57:3b:dc:45:29:a9:a4:fa:d5:cb:49:
         d8:ae:a5:5f:3f:d3:ec:a8:28:69:65:7b:fc:1f:a8:ce:63:97:
         cb:2e:30:ed:c8:c5:8e:d5:85:3d:c3:38:03:f4:ac:da:3f:cd:
         b9:5c:b4:16:4e:1d:bf:18:a7:5c:23:91:8e:66:8b:7e:c6:bc:
         53:53:42:41:48:ae:f1:c6:b5:14:7b:03:8a:99:97:ac:be:6b:
         fc:46:cf:f6
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYjNjOyk2LXfmOd9tWtzgAa+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwNjE4MDgwOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjAyNjEyNGE0OGIxODVlYTg3YmJiNGNlODlhNjhjZDJjMjMwNzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTRNBrrAxZyHo/QeQRfSuDEvT8tR
LEL0Qq0p0wdA0UOjCAwbUDaM4RJph4JNobGw1oZcOAyqtSSVzAl4TrZ1ZP2/sfkx
g9TfPOrUEa06t8QOBq01NkxiVAEreodBGMXLzNGEQ/TbpH5qsmvio0YluiUYEtU4
KqwQSiyBFQ1W+DLLvp08ISzkh2hdVU+w+j23NMb5tw0sfrP4d9NsQnyCOAY2H9FT
FTI5+tQ5SD2YBKxPtOOWEroSPeU8q3xMuiwtidDGuOXV+WNfCQtdSK1Nu8nLJHTW
FZUU7EAbPjr5UMP2gJEtthwKQ4pLTO4eLFtukTcpB4Qwzlw7CMMXK3E2qwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFF8CYSSkixheqHu7TOiaaM0sIwdMMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvWHdKaEpLU0xHRjZvZTd0TTZKcG96U3dqQjB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAA+SKED
BAA+SKIwDAMEAD5IuQMEAj5IuAMEAT5IvgMEAlEVDAMEALA5PzANBgkqhkiG9w0B
AQsFAAOCAQEAdhwRjJGnyS5YBlIGpLAgtyspd9DIedL+8T/DNPd5WNlkr0/UrO7M
qk5LntOaS07sf6CqagtB5aAgli+A4qmhV9k64YziO8hksFcJenj03XZ9/i4h0rWM
Xz2/yEeRx5gibvWde6FSMF+XRu/6KKsPBMVvq+qAULvFOMzjhARy1XIKiZvHn+lv
6D7UKqT1Ryy0WgT2p7XXJOwWCBUhRQlIg+JQn3IMGTYJeVc73EUpqaT61ctJ2K6l
Xz/T7KgoaWV7/B+ozmOXyy4w7cjFjtWFPcM4A/Ss2j/NuVy0Fk4dvxinXCORjmaL
fsa8U1NCQUiu8ca1FHsDipmXrL5r/EbP9g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:55 2024 by rpki-client on console-ams.rpki-client.org