Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/nhTPQUFfvk_7gryYHOTn6bNWbiM.roa
File:                     nhTPQUFfvk_7gryYHOTn6bNWbiM.roa (raw, json)
Hash identifier:          56VtR3v+kMxsLlWnGUueUD7Ke5PlKgASNkMUcQq4zek=
Subject key identifier:   9E:14:CF:41:41:5F:BE:4F:FB:82:BC:98:1C:E4:E7:E9:B3:56:6E:23
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       01914B9FA60472C2F8907DF473FBB3AE6414
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/nhTPQUFfvk_7gryYHOTn6bNWbiM.roa
Signing time:             Tue 13 Aug 2024 12:03:59 +0000
ROA not before:           Tue 13 Aug 2024 12:03:59 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        62.72.162.0/23 maxlen: 23
                          62.72.164.0/22 maxlen: 22
                          62.72.164.0/23 maxlen: 23
                          62.72.185.0/24 maxlen: 24
                          62.72.188.0/24 maxlen: 24
                          62.72.189.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.4.0/22 maxlen: 24
                          81.21.8.0/24 maxlen: 24
                          81.21.9.0/24 maxlen: 24
                          81.21.10.0/23 maxlen: 23
                          81.21.11.0/24 maxlen: 24
                          81.21.12.0/22 maxlen: 24
                          81.21.12.0/24 maxlen: 24
                          81.21.14.0/23 maxlen: 24
                          81.21.14.0/24 maxlen: 24
                          81.21.15.0/24 maxlen: 24
                          176.57.57.0/24 maxlen: 24
                          176.57.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 15 Aug 2024 15:53:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:4b:9f:a6:04:72:c2:f8:90:7d:f4:73:fb:b3:ae:64:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Aug 13 12:03:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9e14cf41415fbe4ffb82bc981ce4e7e9b3566e23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:46:19:ff:12:50:7c:42:71:d7:0f:13:5d:cb:
                    01:93:5f:a3:34:b4:2f:75:e7:33:3b:6c:6a:74:f0:
                    93:a7:70:bb:7f:2f:8e:c5:74:39:29:33:1b:1d:ca:
                    d4:90:55:39:c1:25:96:7b:a2:e1:34:16:ef:1f:3f:
                    e3:39:6a:7f:25:5e:81:24:17:8a:32:ff:35:0f:82:
                    4f:37:15:b0:2a:a6:4c:e7:5b:ee:de:db:8f:cf:6f:
                    53:f7:89:89:a6:81:df:c3:07:f8:43:06:0f:35:bb:
                    11:ef:cc:26:3f:24:ec:c6:dd:0c:81:d7:32:43:40:
                    2b:07:cf:d7:62:27:da:cb:00:9c:7d:ef:68:5e:39:
                    b6:ed:c7:a1:16:d4:c1:c8:1b:cf:3c:1c:92:26:8d:
                    b3:e2:dd:8c:59:d5:81:01:28:e4:bb:3a:07:af:55:
                    b6:ac:48:eb:e0:09:74:ff:b9:2f:9a:5d:af:b6:00:
                    77:74:cb:57:66:4b:4d:4f:63:76:af:8a:02:56:58:
                    ac:8c:27:75:3e:70:f1:e6:9b:e7:c3:e5:9d:c0:f0:
                    62:54:b2:fc:dd:85:70:f8:45:20:00:05:1b:8f:32:
                    0e:ac:80:52:93:5f:2a:a3:1c:ba:ba:e7:3d:3b:a1:
                    9d:0e:4f:33:35:ee:04:d5:47:0b:ee:1f:f8:7c:dc:
                    39:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:14:CF:41:41:5F:BE:4F:FB:82:BC:98:1C:E4:E7:E9:B3:56:6E:23
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/nhTPQUFfvk_7gryYHOTn6bNWbiM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.162.0-62.72.167.255
                  62.72.185.0/24
                  62.72.188.0/23
                  81.21.2.0-81.21.15.255
                  176.57.57.0/24
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b8:e9:06:7c:19:2c:d1:f3:68:b3:2e:c5:81:af:83:58:88:a6:
         92:fd:f9:a8:74:61:6f:95:3c:f8:7d:9a:19:51:dc:9a:53:fb:
         82:44:4e:19:2f:a1:97:ba:3e:6c:10:d7:a0:1e:88:73:1e:65:
         b3:a7:9c:36:3e:6c:9b:60:ea:d8:a2:47:ad:d7:43:d5:97:e8:
         41:9c:85:69:13:95:6c:66:59:17:6f:57:dc:9c:54:41:63:24:
         4b:a4:32:54:e8:2b:f9:3a:fa:76:36:92:5c:e0:01:35:00:76:
         9f:f1:19:a9:09:5d:9f:1d:14:ab:fb:65:c0:e9:60:5e:18:18:
         93:1f:e3:39:e5:2c:06:18:d9:36:3e:ca:c4:b1:cb:b2:9f:f8:
         a0:b6:01:3e:aa:b1:72:6a:ee:12:2b:8f:9c:00:db:4f:e1:8e:
         f1:4c:cc:59:69:79:bb:36:4e:56:61:a9:69:54:16:96:75:0e:
         33:36:1d:20:c0:90:41:fb:ea:31:1c:c5:13:b4:ba:f7:6b:26:
         2b:71:43:ec:45:e7:ca:67:cb:1e:70:91:8f:91:ad:1e:da:c2:
         c0:01:83:a9:48:d2:86:6a:be:27:1a:c6:7e:40:c0:e6:b4:b5:
         bd:0b:a9:62:18:09:ef:c7:86:b0:28:7c:c7:67:65:44:30:8d:
         76:45:5a:bb
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZFLn6YEcsL4kH30c/uzrmQUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwODEzMTIwMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTE0Y2Y0MTQxNWZiZTRmZmI4MmJjOTgxY2U0ZTdlOWIzNTY2ZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEYZ/xJQfEJx1w8TXcsBk1+jNLQv
deczO2xqdPCTp3C7fy+OxXQ5KTMbHcrUkFU5wSWWe6LhNBbvHz/jOWp/JV6BJBeK
Mv81D4JPNxWwKqZM51vu3tuPz29T94mJpoHfwwf4QwYPNbsR78wmPyTsxt0Mgdcy
Q0ArB8/XYifaywCcfe9oXjm27cehFtTByBvPPBySJo2z4t2MWdWBASjkuzoHr1W2
rEjr4Al0/7kvml2vtgB3dMtXZktNT2N2r4oCVlisjCd1PnDx5pvnw+WdwPBiVLL8
3YVw+EUgAAUbjzIOrIBSk18qoxy6uuc9O6GdDk8zNe4E1UcL7h/4fNw5kQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFJ4Uz0FBX75P+4K8mBzk5+mzVm4jMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvbmhUUFFVRmZ2a183Z3J5WUhPVG42Yk5XYmlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBAE+SKID
BAM+SKADBAA+SLkDBAE+SLwwDAMEAVEVAgMEBFEVAAMEALA5OQMEALA5PzANBgkq
hkiG9w0BAQsFAAOCAQEAuOkGfBks0fNosy7Fga+DWIimkv35qHRhb5U8+H2aGVHc
mlP7gkROGS+hl7o+bBDXoB6Icx5ls6ecNj5sm2Dq2KJHrddD1ZfoQZyFaROVbGZZ
F29X3JxUQWMkS6QyVOgr+Tr6djaSXOABNQB2n/EZqQldnx0Uq/tlwOlgXhgYkx/j
OeUsBhjZNj7KxLHLsp/4oLYBPqqxcmruEiuPnADbT+GO8UzMWWl5uzZOVmGpaVQW
lnUOMzYdIMCQQfvqMRzFE7S692smK3FD7EXnymfLHnCRj5GtHtrCwAGDqUjShmq+
JxrGfkDA5rS1vQupYhgJ78eGsCh8x2dlRDCNdkVauw==
-----END CERTIFICATE-----
Generated at Thu Aug 15 19:59:47 2024 by rpki-client on console-fra.rpki-client.org