Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/pzbOg4OFT8FdP3-VOiucfkZMVUI.roa
File:                     pzbOg4OFT8FdP3-VOiucfkZMVUI.roa (raw, json)
Hash identifier:          HCH2XLCoxl+65n1jIyLn3WvdeWwKUv2R0Of1JXXoVf0=
Subject key identifier:   A7:36:CE:83:83:85:4F:C1:5D:3F:7F:95:3A:2B:9C:7E:46:4C:55:42
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018C632B878EBF4C187B7701631936F7DD6C
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/pzbOg4OFT8FdP3-VOiucfkZMVUI.roa
Signing time:             Wed 13 Dec 2023 12:34:06 +0000
ROA not before:           Wed 13 Dec 2023 12:34:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198100
IP address blocks:        62.72.163.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:63:2b:87:8e:bf:4c:18:7b:77:01:63:19:36:f7:dd:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Dec 13 12:34:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a736ce8383854fc15d3f7f953a2b9c7e464c5542
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:63:2c:06:2e:52:e4:c2:48:37:4d:16:f0:06:
                    0f:f1:d2:99:8e:24:02:55:61:07:81:7c:2f:70:12:
                    75:7b:3d:be:e9:23:86:e8:47:29:e9:35:d5:3a:05:
                    17:41:15:2e:96:c4:d8:9e:1f:67:43:95:04:4b:ed:
                    9c:3c:f3:5c:57:aa:6c:5b:05:ad:53:ec:65:b3:18:
                    fc:6b:43:ff:3e:a5:a4:ad:d2:6c:ef:78:fc:b3:fa:
                    b5:18:00:b4:c5:43:6a:25:62:6d:fa:5f:0c:ed:dd:
                    c0:a0:6f:89:e0:2e:4b:a3:97:08:37:14:3f:9a:4f:
                    fe:cc:de:86:d0:2f:01:b9:8b:56:ad:37:8f:03:6a:
                    ef:33:d6:de:57:0b:68:d7:78:7f:bc:1d:b9:6a:33:
                    72:9d:19:f4:3b:37:38:b1:c2:66:8a:a8:f3:e5:fe:
                    3d:a0:e1:27:78:b0:47:c3:0b:53:c8:65:75:c7:aa:
                    1e:b8:c9:39:94:9d:39:9c:cf:97:3c:f3:57:9e:a9:
                    70:92:59:2a:41:c7:a7:e2:37:fb:a1:d9:ca:2c:9c:
                    8e:23:e5:91:95:e2:21:b0:ad:73:d4:a9:10:e0:0c:
                    1e:d8:ab:ba:a1:c3:54:ea:e0:6b:69:bc:e4:07:b7:
                    b9:25:81:62:38:5f:2c:a4:0f:42:96:f4:5d:1b:aa:
                    c7:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:36:CE:83:83:85:4F:C1:5D:3F:7F:95:3A:2B:9C:7E:46:4C:55:42
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/pzbOg4OFT8FdP3-VOiucfkZMVUI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c1:8b:de:8e:3e:15:a6:60:70:8c:f3:ed:16:35:b4:64:46:37:
         10:e2:e3:fb:eb:5b:ab:55:c8:2f:24:8e:4a:41:d5:32:83:4c:
         c6:24:5c:f2:01:9e:b6:fa:d3:55:ae:36:f6:ed:07:9a:98:ef:
         04:95:35:f2:b5:db:31:93:4c:5c:37:62:6d:69:89:0a:a8:61:
         49:b4:c7:19:8c:8b:54:06:13:b9:a6:a8:76:6f:54:9c:24:64:
         63:8a:04:78:4e:64:10:ba:83:33:4f:24:7f:53:3f:69:53:dd:
         78:a0:97:da:6b:c1:4f:cc:d7:dd:80:fd:ea:78:c1:55:1f:3e:
         8c:c5:64:28:81:f4:9e:ac:6c:75:ba:2d:1f:d9:5e:bf:fe:16:
         fc:73:d0:df:70:37:b8:c4:71:f4:99:fb:e5:87:2b:cc:62:a7:
         38:81:d0:93:6d:92:0a:d9:f9:fb:6e:45:e8:a9:e6:92:17:69:
         78:12:6c:88:69:e3:48:e0:1c:b1:9b:d9:ca:6e:f2:7b:b0:6f:
         33:58:d2:7d:bd:a6:ad:2a:ce:56:e1:19:22:0b:3f:0d:12:e0:
         d0:b9:b0:e6:7a:6c:0b:32:1c:83:72:0b:b2:e7:0b:c2:62:f9:
         2f:a4:b2:1d:27:01:f6:51:a2:5c:0a:0c:6e:96:7e:8b:ed:9d:
         45:1e:1c:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxjK4eOv0wYe3cBYxk2991sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMxMjEzMTIzNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzM2Y2U4MzgzODU0ZmMxNWQzZjdmOTUzYTJiOWM3ZTQ2NGM1NTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22MsBi5S5MJIN00W8AYP8dKZjiQC
VWEHgXwvcBJ1ez2+6SOG6Ecp6TXVOgUXQRUulsTYnh9nQ5UES+2cPPNcV6psWwWt
U+xlsxj8a0P/PqWkrdJs73j8s/q1GAC0xUNqJWJt+l8M7d3AoG+J4C5Lo5cINxQ/
mk/+zN6G0C8BuYtWrTePA2rvM9beVwto13h/vB25ajNynRn0Ozc4scJmiqjz5f49
oOEneLBHwwtTyGV1x6oeuMk5lJ05nM+XPPNXnqlwklkqQcen4jf7odnKLJyOI+WR
leIhsK1z1KkQ4Awe2Ku6ocNU6uBrabzkB7e5JYFiOF8spA9ClvRdG6rHqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKc2zoODhU/BXT9/lTornH5GTFVCMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvcHpiT2c0T0ZUOEZkUDMtVk9pdWNma1pNVlVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkijMA0G
CSqGSIb3DQEBCwUAA4IBAQDBi96OPhWmYHCM8+0WNbRkRjcQ4uP761urVcgvJI5K
QdUyg0zGJFzyAZ62+tNVrjb27QeamO8ElTXytdsxk0xcN2JtaYkKqGFJtMcZjItU
BhO5pqh2b1ScJGRjigR4TmQQuoMzTyR/Uz9pU914oJfaa8FPzNfdgP3qeMFVHz6M
xWQogfSerGx1ui0f2V6//hb8c9DfcDe4xHH0mfvlhyvMYqc4gdCTbZIK2fn7bkXo
qeaSF2l4EmyIaeNI4Byxm9nKbvJ7sG8zWNJ9vaatKs5W4RkiCz8NEuDQubDmemwL
MhyDcguy5wvCYvkvpLIdJwH2UaJcCgxuln6L7Z1FHhwr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:55 2024 by rpki-client on console-fra.rpki-client.org