Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/oh1g_SSZf2Acq1ow2Z6-qGcZ9_U.roa
File:                     oh1g_SSZf2Acq1ow2Z6-qGcZ9_U.roa (raw, json)
Hash identifier:          VqV34jREUahA973mCwuWycrUPgxeev6gTNxurLSO6XU=
Subject key identifier:   A2:1D:60:FD:24:99:7F:60:1C:AB:5A:30:D9:9E:BE:A8:67:19:F7:F5
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018AAD9E183AF86825F888A33B1D0F52A956
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/oh1g_SSZf2Acq1ow2Z6-qGcZ9_U.roa
Signing time:             Tue 19 Sep 2023 13:25:33 +0000
ROA not before:           Tue 19 Sep 2023 13:25:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        81.21.12.0/22 maxlen: 24
                          176.57.51.0/24 maxlen: 24
                          176.57.53.0/24 maxlen: 24
                          176.57.58.0/24 maxlen: 24
                          176.57.59.0/24 maxlen: 24
                          176.57.62.0/24 maxlen: 24
                          176.57.63.0/24 maxlen: 24
                          62.72.162.0/24 maxlen: 24
                          62.72.162.0/23 maxlen: 23
                          62.72.163.0/24 maxlen: 24
                          62.72.164.0/23 maxlen: 23
                          62.72.164.0/24 maxlen: 24
                          62.72.165.0/24 maxlen: 24
                          62.72.161.0/24 maxlen: 24
                          62.72.169.0/24 maxlen: 24
                          62.72.168.0/22 maxlen: 22
                          62.72.170.0/24 maxlen: 24
                          62.72.168.0/24 maxlen: 24
                          62.72.177.0/24 maxlen: 24
                          62.72.179.0/24 maxlen: 24
                          62.72.173.0/24 maxlen: 24
                          62.72.174.0/23 maxlen: 23
                          62.72.174.0/24 maxlen: 24
                          62.72.175.0/24 maxlen: 24
                          62.72.184.0/24 maxlen: 24
                          62.72.185.0/24 maxlen: 24
                          62.72.186.0/24 maxlen: 24
                          62.72.180.0/24 maxlen: 24
                          62.72.184.0/22 maxlen: 22
                          62.72.181.0/24 maxlen: 24
                          62.72.182.0/24 maxlen: 24
                          62.72.191.0/24 maxlen: 24
                          62.72.187.0/24 maxlen: 24
                          62.72.188.0/24 maxlen: 24
                          62.72.189.0/24 maxlen: 24
                          81.21.2.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.3.0/24 maxlen: 24
                          81.21.4.0/22 maxlen: 24
                          81.21.1.0/24 maxlen: 24
                          81.21.10.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 25 Sep 2023 09:44:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:ad:9e:18:3a:f8:68:25:f8:88:a3:3b:1d:0f:52:a9:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Sep 19 13:25:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a21d60fd24997f601cab5a30d99ebea86719f7f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:50:34:e3:38:e0:f2:96:a7:0f:bf:36:c7:54:
                    d2:7b:d1:16:c3:93:3f:9a:e1:9e:7e:7c:8f:18:4b:
                    be:6f:e1:79:a2:cf:73:e4:4a:2f:0f:64:55:ed:d6:
                    e2:b1:81:cc:89:f6:5a:4a:28:1c:2e:81:c6:02:5b:
                    c3:19:02:f9:92:ca:ef:59:6e:1f:7e:ae:a1:ca:58:
                    23:fe:b9:0f:96:79:ca:21:48:d8:28:63:6e:4f:a6:
                    5d:51:55:67:93:d2:f8:e9:e0:78:3a:de:57:37:91:
                    50:fc:f9:bd:26:17:be:ee:47:1d:30:70:fa:d9:2d:
                    96:aa:5f:7f:b9:d1:14:a9:46:13:85:34:10:a2:aa:
                    60:d6:c2:27:e6:09:a7:2b:02:83:f2:56:f6:ba:9b:
                    30:f0:b1:29:8f:36:57:a4:4a:c4:a8:44:c9:ba:64:
                    15:e2:3f:37:89:bb:a7:cb:c4:4b:80:83:56:e6:81:
                    d8:bd:e6:8d:b9:f0:21:7d:73:a1:01:e5:de:7d:58:
                    81:d8:cd:52:00:7d:7b:44:10:d6:92:10:5d:7f:88:
                    04:a8:d9:7f:54:52:7e:4e:59:a5:d6:02:92:f4:f2:
                    4a:8b:53:db:9b:2a:79:f8:53:eb:18:97:c7:ed:c3:
                    43:73:31:c7:63:70:6e:90:8a:a0:1c:49:77:67:3e:
                    04:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:1D:60:FD:24:99:7F:60:1C:AB:5A:30:D9:9E:BE:A8:67:19:F7:F5
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/oh1g_SSZf2Acq1ow2Z6-qGcZ9_U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.161.0-62.72.165.255
                  62.72.168.0/22
                  62.72.173.0-62.72.175.255
                  62.72.177.0/24
                  62.72.179.0-62.72.182.255
                  62.72.184.0-62.72.189.255
                  62.72.191.0/24
                  81.21.1.0-81.21.7.255
                  81.21.10.0-81.21.15.255
                  176.57.51.0/24
                  176.57.53.0/24
                  176.57.58.0/23
                  176.57.62.0/23

    Signature Algorithm: sha256WithRSAEncryption
         77:f7:4c:df:f8:f4:d6:4a:9d:7a:d6:00:83:de:a5:f2:53:e9:
         d5:d3:37:bf:49:c0:8e:26:59:49:d5:8e:bb:ed:68:32:5f:22:
         62:8a:d6:4f:c2:f5:72:85:b7:be:89:9a:e7:92:f5:e2:a6:15:
         cc:26:ba:3f:89:d6:57:75:f3:2b:37:73:12:ad:eb:88:c7:3b:
         45:b9:a1:db:7b:76:68:4f:3f:39:4a:90:3e:9a:21:89:e3:29:
         ea:23:0c:df:03:9d:f3:87:af:74:fb:f6:ed:c4:0a:f4:db:c8:
         3c:28:52:c1:93:8e:00:d2:f6:19:ad:15:cb:99:0b:9b:14:5a:
         18:e7:9e:03:ca:e5:05:b9:6d:12:59:03:a2:93:a3:52:ed:40:
         d4:13:8f:f2:47:c6:44:40:b9:23:23:39:1e:26:dc:49:b8:a6:
         29:69:7d:43:2a:25:e5:ce:8a:b4:f3:a2:89:50:8f:c7:d7:64:
         fe:e1:1d:97:89:ea:58:6b:46:6e:07:67:d1:13:06:48:18:db:
         71:1a:66:b8:05:c2:2c:17:29:73:0d:de:46:ee:ed:c9:84:eb:
         1d:31:06:08:b4:34:1f:7c:bb:bb:f2:3a:80:71:1b:d0:a2:35:
         ca:58:75:18:21:de:ff:a9:d0:3e:dd:81:cb:5a:0a:18:e2:a2:
         f4:e8:ca:a2
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYqtnhg6+Ggl+IijOx0PUqlWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwOTE5MTMyNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjFkNjBmZDI0OTk3ZjYwMWNhYjVhMzBkOTllYmVhODY3MTlmN2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVA04zjg8panD782x1TSe9EWw5M/
muGefnyPGEu+b+F5os9z5EovD2RV7dbisYHMifZaSigcLoHGAlvDGQL5ksrvWW4f
fq6hylgj/rkPlnnKIUjYKGNuT6ZdUVVnk9L46eB4Ot5XN5FQ/Pm9Jhe+7kcdMHD6
2S2Wql9/udEUqUYThTQQoqpg1sIn5gmnKwKD8lb2upsw8LEpjzZXpErEqETJumQV
4j83ibuny8RLgINW5oHYveaNufAhfXOhAeXefViB2M1SAH17RBDWkhBdf4gEqNl/
VFJ+Tlml1gKS9PJKi1Pbmyp5+FPrGJfH7cNDczHHY3BukIqgHEl3Zz4E5wIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFKIdYP0kmX9gHKtaMNmevqhnGff1MB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvb2gxZ19TU1pmMkFjcTFvdzJaNi1xR2NaOV9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfjAMAwQA
PkihAwQBPkikAwQCPkioMAwDBAA+SK0DBAQ+SKADBAA+SLEwDAMEAD5IswMEAD5I
tjAMAwQDPki4AwQBPki8AwQAPki/MAwDBABRFQEDBANRFQAwDAMEAVEVCgMEBFEV
AAMEALA5MwMEALA5NQMEAbA5OgMEAbA5PjANBgkqhkiG9w0BAQsFAAOCAQEAd/dM
3/j01kqdetYAg96l8lPp1dM3v0nAjiZZSdWOu+1oMl8iYorWT8L1coW3voma55L1
4qYVzCa6P4nWV3XzKzdzEq3riMc7Rbmh23t2aE8/OUqQPpohieMp6iMM3wOd84ev
dPv27cQK9NvIPChSwZOOANL2Ga0Vy5kLmxRaGOeeA8rlBbltElkDopOjUu1A1BOP
8kfGREC5IyM5HibcSbimKWl9Qyol5c6KtPOiiVCPx9dk/uEdl4nqWGtGbgdn0RMG
SBjbcRpmuAXCLBcpcw3eRu7tyYTrHTEGCLQ0H3y7u/I6gHEb0KI1ylh1GCHe/6nQ
Pt2By1oKGOKi9OjKog==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:55 2024 by rpki-client on console-fra.rpki-client.org