Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/mg0EmkzGAgku2MNxhc0Mnh0Y0V4.roa
File:                     mg0EmkzGAgku2MNxhc0Mnh0Y0V4.roa (raw, json)
Hash identifier:          hgyVeCYBuT3m4TZ6vzkbUVIf8ECZ8mN4jMFihoPEjks=
Subject key identifier:   9A:0D:04:9A:4C:C6:02:09:2E:D8:C3:71:85:CD:0C:9E:1D:18:D1:5E
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018FD92406B2AC1CFC2F8E8A1B9845E9753D
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/mg0EmkzGAgku2MNxhc0Mnh0Y0V4.roa
Signing time:             Sun 02 Jun 2024 13:29:27 +0000
ROA not before:           Sun 02 Jun 2024 13:29:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        62.72.162.0/23 maxlen: 23
                          62.72.164.0/22 maxlen: 22
                          62.72.164.0/23 maxlen: 23
                          62.72.183.0/24 maxlen: 24
                          62.72.185.0/24 maxlen: 24
                          62.72.189.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.4.0/22 maxlen: 24
                          81.21.8.0/24 maxlen: 24
                          81.21.9.0/24 maxlen: 24
                          81.21.10.0/23 maxlen: 23
                          81.21.11.0/24 maxlen: 24
                          81.21.12.0/22 maxlen: 24
                          81.21.12.0/24 maxlen: 24
                          81.21.14.0/23 maxlen: 24
                          81.21.14.0/24 maxlen: 24
                          81.21.15.0/24 maxlen: 24
                          176.57.53.0/24 maxlen: 24
                          176.57.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 04 Jun 2024 14:13:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:d9:24:06:b2:ac:1c:fc:2f:8e:8a:1b:98:45:e9:75:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Jun  2 13:29:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9a0d049a4cc602092ed8c37185cd0c9e1d18d15e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:74:ca:4d:11:bc:eb:6a:e7:15:a8:b0:83:bc:
                    b7:46:ab:e4:1b:fa:f9:50:a9:19:4a:5e:c5:77:90:
                    2e:a7:6b:95:51:39:cb:1f:c1:a4:e3:25:42:91:e9:
                    79:ff:49:32:4c:8a:7d:b2:63:8a:27:56:30:2f:a9:
                    b5:43:f2:cc:65:3a:26:71:71:9e:df:88:c7:46:78:
                    36:d8:e2:38:85:ab:e4:c2:b2:9a:73:97:56:67:5c:
                    4d:f4:0f:02:83:74:07:4d:5d:91:42:80:bc:22:19:
                    e1:9b:07:a1:21:0e:b4:af:df:73:06:94:4c:71:61:
                    be:4d:37:30:7a:dd:19:d4:35:a2:a0:63:0f:42:c4:
                    12:81:58:b4:20:2e:83:58:3f:1e:e0:19:1a:2a:da:
                    6f:8f:55:73:06:94:69:e4:5e:b3:5a:11:e8:0d:0e:
                    99:54:8d:1d:07:32:50:6e:29:75:b1:e9:75:3e:14:
                    ed:ec:6b:57:9c:8a:ed:79:9c:0f:09:28:b6:a0:2d:
                    dd:18:89:f8:bc:98:8f:48:b9:e3:cd:9a:44:45:fc:
                    eb:f4:0e:a9:83:54:e0:d6:f8:e5:a8:5a:25:b9:f9:
                    10:1a:68:32:02:59:69:26:8b:3c:07:a1:d1:d8:b6:
                    72:22:dc:5d:da:84:4d:55:4a:c3:46:8c:79:6b:2b:
                    a7:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:0D:04:9A:4C:C6:02:09:2E:D8:C3:71:85:CD:0C:9E:1D:18:D1:5E
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/mg0EmkzGAgku2MNxhc0Mnh0Y0V4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.162.0-62.72.167.255
                  62.72.183.0/24
                  62.72.185.0/24
                  62.72.189.0/24
                  81.21.2.0-81.21.15.255
                  176.57.53.0/24
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:b4:1a:f1:97:dd:9d:58:4a:b0:df:a2:64:c8:16:eb:83:f7:
         85:06:94:62:00:42:83:24:ae:48:72:a7:72:5e:61:34:0d:d8:
         e2:3e:6d:63:08:7b:7b:ac:89:57:a9:45:28:ac:ad:0c:f0:4e:
         e8:dd:c5:fd:29:b6:6e:e6:4b:08:3e:01:0b:73:4c:a0:49:eb:
         bb:c7:39:ae:c4:8e:b5:f2:85:94:29:2d:a8:e2:38:d0:0f:24:
         f7:2c:72:ad:c5:e4:70:97:0b:f8:00:b9:36:b8:f4:71:fc:46:
         14:e8:e1:d3:05:d5:e4:68:fc:53:f8:76:88:b1:c6:00:ee:ca:
         82:7f:44:43:0b:2b:51:07:d4:c1:47:dc:ee:62:12:92:42:f7:
         f2:85:8f:ee:01:68:b0:ac:24:3a:96:05:75:88:f9:5c:35:55:
         d2:3b:8b:e3:fc:62:f8:8c:0c:c7:4c:ac:3e:a1:f1:0d:6a:d8:
         f0:01:98:0f:67:cf:d4:7f:e4:7c:24:44:6a:9c:08:8d:ae:59:
         5d:4a:6c:f5:fb:2a:c8:bd:53:8d:30:b4:ff:a7:4e:5d:7a:44:
         28:0e:8f:e4:8a:fd:bc:88:f4:d8:84:19:39:fb:24:5d:40:04:
         54:af:f8:d5:9c:c3:ad:6e:bd:3e:c7:a0:14:a4:2d:b1:f9:1b:
         b8:59:d4:8f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAY/ZJAayrBz8L46KG5hF6XU9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwNjAyMTMyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTBkMDQ5YTRjYzYwMjA5MmVkOGMzNzE4NWNkMGM5ZTFkMThkMTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHTKTRG862rnFaiwg7y3RqvkG/r5
UKkZSl7Fd5Aup2uVUTnLH8Gk4yVCkel5/0kyTIp9smOKJ1YwL6m1Q/LMZTomcXGe
34jHRng22OI4havkwrKac5dWZ1xN9A8Cg3QHTV2RQoC8IhnhmwehIQ60r99zBpRM
cWG+TTcwet0Z1DWioGMPQsQSgVi0IC6DWD8e4BkaKtpvj1VzBpRp5F6zWhHoDQ6Z
VI0dBzJQbil1sel1PhTt7GtXnIrteZwPCSi2oC3dGIn4vJiPSLnjzZpERfzr9A6p
g1Tg1vjlqFolufkQGmgyAllpJos8B6HR2LZyItxd2oRNVUrDRox5ayuniQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFJoNBJpMxgIJLtjDcYXNDJ4dGNFeMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvbWcwRW1rekdBZ2t1Mk1OeGhjME1uaDBZMFY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6MAwDBAE+SKID
BAM+SKADBAA+SLcDBAA+SLkDBAA+SL0wDAMEAVEVAgMEBFEVAAMEALA5NQMEALA5
PzANBgkqhkiG9w0BAQsFAAOCAQEAU7Qa8ZfdnVhKsN+iZMgW64P3hQaUYgBCgySu
SHKncl5hNA3Y4j5tYwh7e6yJV6lFKKytDPBO6N3F/Sm2buZLCD4BC3NMoEnru8c5
rsSOtfKFlCktqOI40A8k9yxyrcXkcJcL+AC5Nrj0cfxGFOjh0wXV5Gj8U/h2iLHG
AO7Kgn9EQwsrUQfUwUfc7mISkkL38oWP7gFosKwkOpYFdYj5XDVV0juL4/xi+IwM
x0ysPqHxDWrY8AGYD2fP1H/kfCREapwIja5ZXUps9fsqyL1TjTC0/6dOXXpEKA6P
5Ir9vIj02IQZOfskXUAEVK/41ZzDrW69PsegFKQtsfkbuFnUjw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:56 2024 by rpki-client on console-ams.rpki-client.org