Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/rQ2oAgkrl5KDe7nxLXqgKKlxsKU.roa
File:                     rQ2oAgkrl5KDe7nxLXqgKKlxsKU.roa (raw, json)
Hash identifier:          OdweiBgTQFX7CQ1fKPMmk0SLMgigfTnqYO8kD+Ny0t4=
Subject key identifier:   AD:0D:A8:02:09:2B:97:92:83:7B:B9:F1:2D:7A:A0:28:A9:71:B0:A5
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       0186C7F870B426FC31F0C0E18E8A35836487
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/rQ2oAgkrl5KDe7nxLXqgKKlxsKU.roa
Signing time:             Thu 09 Mar 2023 20:03:13 +0000
ROA not before:           Thu 09 Mar 2023 20:03:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213305
IP address blocks:        62.72.163.0/24 maxlen: 24
                          62.72.164.0/24 maxlen: 24
                          62.72.161.0/24 maxlen: 24
                          62.72.162.0/24 maxlen: 24
                          62.72.160.0/24 maxlen: 24
                          62.72.168.0/24 maxlen: 24
                          62.72.169.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 04 Apr 2023 07:15:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:c7:f8:70:b4:26:fc:31:f0:c0:e1:8e:8a:35:83:64:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Mar  9 20:03:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ad0da802092b9792837bb9f12d7aa028a971b0a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:da:95:3d:24:c6:6e:39:e5:b7:1e:64:10:90:
                    e2:f9:0c:a2:1e:72:40:4e:0d:bb:76:06:f5:9c:97:
                    82:27:b4:67:0c:4b:70:58:4b:81:02:ea:ae:81:14:
                    6b:07:13:60:d1:52:80:75:09:f4:6c:91:f2:2a:52:
                    c1:2a:ab:04:9c:c0:9d:61:dc:2a:5e:84:8d:56:4d:
                    26:1a:bd:7c:fa:70:74:a2:7d:db:ae:e9:77:71:51:
                    c1:55:6b:da:a2:69:07:a2:ac:31:03:de:28:17:69:
                    9c:62:9d:a7:21:eb:9a:19:7b:c7:eb:ce:b9:18:6f:
                    08:3c:bd:8d:ad:b4:04:a0:be:e5:3d:77:db:9f:12:
                    e2:3c:57:fc:80:24:0c:bd:a9:69:df:8b:dd:79:a3:
                    82:f0:85:5f:09:b7:f0:00:7f:a4:75:3c:a3:92:9c:
                    cb:e8:65:68:bc:4b:4c:ee:47:44:41:db:15:e4:56:
                    6c:ff:89:ec:cf:91:d6:95:dc:e4:f9:41:77:0f:2e:
                    95:68:35:07:6b:b2:05:3c:46:cf:8e:7f:ce:6f:f8:
                    cd:dd:0a:a8:d5:3b:64:9f:89:8b:d2:db:60:0f:9a:
                    78:0b:de:c7:48:ae:57:d8:2f:38:6e:fa:dc:ed:ab:
                    5c:81:cd:8b:0a:bf:8b:18:a5:87:9a:59:49:af:08:
                    cd:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:0D:A8:02:09:2B:97:92:83:7B:B9:F1:2D:7A:A0:28:A9:71:B0:A5
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/rQ2oAgkrl5KDe7nxLXqgKKlxsKU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.160.0-62.72.164.255
                  62.72.168.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ae:0e:c9:c6:1a:cf:9f:cb:e0:67:63:83:74:68:04:1a:49:a7:
         c9:35:9f:20:dd:cc:81:c8:91:cf:b2:a5:b1:7f:c9:0d:7e:3b:
         d9:0d:cb:6f:d5:e1:82:25:dc:2c:78:a4:88:2f:48:da:22:cf:
         a6:2f:23:10:a3:60:f4:56:14:38:45:84:ff:ca:23:18:2a:8d:
         64:16:94:f8:ca:0a:57:c5:da:6e:1f:d9:33:19:11:b5:a5:43:
         1b:28:20:e0:49:b1:56:ed:f3:8c:88:49:23:b1:e3:29:e4:20:
         b7:1d:17:8f:32:2e:16:dc:04:ce:fe:e5:a8:17:c5:53:40:d8:
         1f:d9:46:fa:9b:f0:2a:f2:23:d1:d3:39:71:90:fd:b7:56:4d:
         90:03:21:6b:02:33:74:07:d3:61:2c:9b:fc:3f:bd:41:cb:07:
         ff:8e:9e:9a:31:06:55:ec:2f:08:91:ff:be:b4:94:f3:bc:04:
         7a:c2:9d:49:64:48:c5:80:47:20:1f:ca:eb:02:00:f5:a3:15:
         82:56:84:fa:7d:c9:09:4e:f3:4c:a8:60:6b:c0:c2:03:27:d7:
         ad:36:97:6f:49:70:21:e3:66:5f:43:3e:b9:84:d1:8a:c2:38:
         a8:e7:95:c7:e6:f4:70:51:50:7c:4d:fe:6f:43:a0:5a:ce:02:
         a6:96:61:ea
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYbH+HC0Jvwx8MDhjoo1g2SHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwMzA5MjAwMzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDBkYTgwMjA5MmI5NzkyODM3YmI5ZjEyZDdhYTAyOGE5NzFiMGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9qVPSTGbjnltx5kEJDi+QyiHnJA
Tg27dgb1nJeCJ7RnDEtwWEuBAuqugRRrBxNg0VKAdQn0bJHyKlLBKqsEnMCdYdwq
XoSNVk0mGr18+nB0on3brul3cVHBVWvaomkHoqwxA94oF2mcYp2nIeuaGXvH6865
GG8IPL2NrbQEoL7lPXfbnxLiPFf8gCQMvalp34vdeaOC8IVfCbfwAH+kdTyjkpzL
6GVovEtM7kdEQdsV5FZs/4nsz5HWldzk+UF3Dy6VaDUHa7IFPEbPjn/Ob/jN3Qqo
1Ttkn4mL0ttgD5p4C97HSK5X2C84bvrc7atcgc2LCr+LGKWHmllJrwjNQQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFK0NqAIJK5eSg3u58S16oCipcbClMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvclEyb0Fna3JsNUtEZTdueExYcWdLS2x4c0tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAU+SKAD
BAA+SKQDBAE+SKgwDQYJKoZIhvcNAQELBQADggEBAK4OycYaz5/L4Gdjg3RoBBpJ
p8k1nyDdzIHIkc+ypbF/yQ1+O9kNy2/V4YIl3Cx4pIgvSNoiz6YvIxCjYPRWFDhF
hP/KIxgqjWQWlPjKClfF2m4f2TMZEbWlQxsoIOBJsVbt84yISSOx4ynkILcdF48y
LhbcBM7+5agXxVNA2B/ZRvqb8CryI9HTOXGQ/bdWTZADIWsCM3QH02Esm/w/vUHL
B/+OnpoxBlXsLwiR/760lPO8BHrCnUlkSMWARyAfyusCAPWjFYJWhPp9yQlO80yo
YGvAwgMn1602l29JcCHjZl9DPrmE0YrCOKjnlcfm9HBRUHxN/m9DoFrOAqaWYeo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:56 2024 by rpki-client on console-ams.rpki-client.org