Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/ra4CRh1OoJchQGq9HIgyqJyEVfs.roa
File:                     ra4CRh1OoJchQGq9HIgyqJyEVfs.roa (raw, json)
Hash identifier:          WX/xKh3pB3PN6APFOUWAL6Th1uAfIzOCka8vd7VbFp0=
Subject key identifier:   AD:AE:02:46:1D:4E:A0:97:21:40:6A:BD:1C:88:32:A8:9C:84:55:FB
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018FC32E0018535E9E7DA4F3F009D62F10FE
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/ra4CRh1OoJchQGq9HIgyqJyEVfs.roa
Signing time:             Wed 29 May 2024 07:08:42 +0000
ROA not before:           Wed 29 May 2024 07:08:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        62.72.162.0/23 maxlen: 23
                          62.72.164.0/22 maxlen: 22
                          62.72.164.0/23 maxlen: 23
                          62.72.176.0/24 maxlen: 24
                          62.72.183.0/24 maxlen: 24
                          62.72.185.0/24 maxlen: 24
                          62.72.189.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.4.0/22 maxlen: 24
                          81.21.8.0/24 maxlen: 24
                          81.21.9.0/24 maxlen: 24
                          81.21.10.0/23 maxlen: 23
                          81.21.11.0/24 maxlen: 24
                          81.21.12.0/22 maxlen: 24
                          81.21.12.0/24 maxlen: 24
                          81.21.14.0/23 maxlen: 24
                          81.21.14.0/24 maxlen: 24
                          81.21.15.0/24 maxlen: 24
                          176.57.53.0/24 maxlen: 24
                          176.57.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 02 Jun 2024 13:29:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:c3:2e:00:18:53:5e:9e:7d:a4:f3:f0:09:d6:2f:10:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: May 29 07:08:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=adae02461d4ea09721406abd1c8832a89c8455fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:33:cf:ec:5a:59:ed:c7:d1:3c:7b:37:5f:7c:
                    27:b5:66:56:ad:1b:d8:62:6d:70:dc:91:6c:44:7e:
                    0b:96:1a:d8:d4:4f:6e:02:46:9f:a4:75:87:3b:25:
                    91:f6:17:a8:59:98:3f:c4:b9:0c:dd:13:61:29:d5:
                    9c:e1:3e:b1:7e:7d:98:ab:99:c4:5b:bb:8a:b5:72:
                    bd:b4:a3:31:a0:4f:20:ef:0b:63:51:ec:2b:93:98:
                    cf:a7:81:3f:b4:ef:f4:72:94:34:cf:e9:8b:1e:5d:
                    31:52:e7:6b:1c:ed:0d:25:dd:2d:f2:98:f4:b1:83:
                    bf:a1:2e:c2:cd:3c:93:a1:33:ba:58:f8:fd:2d:e9:
                    a1:e5:d3:ba:a6:4c:26:29:46:8a:d0:9d:fc:29:91:
                    9a:a3:a5:03:78:e5:75:11:dc:0b:d7:c3:3b:00:32:
                    18:86:4b:13:a1:e6:31:36:8c:15:0b:1e:20:25:30:
                    4d:f8:97:63:29:4b:36:0f:46:c8:a7:83:97:0a:74:
                    6d:46:a4:7b:13:7a:ae:ee:ee:66:e6:be:17:ea:a5:
                    7d:0c:ec:fe:6b:07:ee:1d:a9:b7:65:38:35:2e:c2:
                    3b:13:76:4d:8c:5c:b7:a2:5f:ca:ec:7d:27:50:b2:
                    31:0c:83:a9:69:69:fb:28:de:b5:c7:81:8a:f5:29:
                    bc:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:AE:02:46:1D:4E:A0:97:21:40:6A:BD:1C:88:32:A8:9C:84:55:FB
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/ra4CRh1OoJchQGq9HIgyqJyEVfs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.162.0-62.72.167.255
                  62.72.176.0/24
                  62.72.183.0/24
                  62.72.185.0/24
                  62.72.189.0/24
                  81.21.2.0-81.21.15.255
                  176.57.53.0/24
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:19:92:38:5a:33:3b:41:cd:b7:a6:15:29:9c:30:2e:7b:89:
         d1:35:dd:70:b5:d9:70:34:96:d0:e6:43:eb:bd:2b:ca:d3:06:
         ff:cd:e3:e6:9f:27:81:3a:b0:46:d6:bf:2c:4f:d4:17:1b:60:
         34:6a:50:64:66:70:51:48:2d:2c:14:32:20:64:64:65:8d:f5:
         43:88:9c:43:69:4b:be:74:6f:a1:34:67:b1:03:f9:b2:43:3a:
         26:59:6d:95:49:e3:e8:d4:e0:5f:ce:d2:26:82:87:93:91:b4:
         a9:b8:00:26:5a:14:e5:c0:2d:f6:cf:49:5e:06:ee:93:a2:91:
         04:99:78:a8:8d:20:33:d4:dd:a1:17:39:f1:2a:ea:15:00:c1:
         5f:68:65:c4:21:0a:cf:3d:2f:c1:08:ae:8a:68:ec:28:50:3d:
         b7:b7:7e:cd:a7:b7:71:75:7d:ce:4a:9c:2e:2c:c1:6f:ea:c7:
         3c:6c:b1:83:6b:36:16:d1:63:49:f9:4d:96:19:4a:79:76:8d:
         2b:27:ed:64:35:20:28:f9:0b:e9:3a:ce:54:6c:c7:e4:92:82:
         94:f9:59:d3:f8:65:0a:5e:37:61:bd:dc:b3:57:42:8e:8e:06:
         58:7a:8b:24:25:4b:4b:94:5e:34:c1:1c:04:9e:6b:01:b4:0e:
         67:9e:28:e1
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAY/DLgAYU16efaTz8AnWLxD+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwNTI5MDcwODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGFlMDI0NjFkNGVhMDk3MjE0MDZhYmQxYzg4MzJhODljODQ1NWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzPP7FpZ7cfRPHs3X3wntWZWrRvY
Ym1w3JFsRH4LlhrY1E9uAkafpHWHOyWR9heoWZg/xLkM3RNhKdWc4T6xfn2Yq5nE
W7uKtXK9tKMxoE8g7wtjUewrk5jPp4E/tO/0cpQ0z+mLHl0xUudrHO0NJd0t8pj0
sYO/oS7CzTyToTO6WPj9Lemh5dO6pkwmKUaK0J38KZGao6UDeOV1EdwL18M7ADIY
hksToeYxNowVCx4gJTBN+JdjKUs2D0bIp4OXCnRtRqR7E3qu7u5m5r4X6qV9DOz+
awfuHam3ZTg1LsI7E3ZNjFy3ol/K7H0nULIxDIOpaWn7KN61x4GK9Sm8QwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFK2uAkYdTqCXIUBqvRyIMqichFX7MB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvcmE0Q1JoMU9vSmNoUUdxOUhJZ3lxSnlFVmZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAMAwDBAE+SKID
BAM+SKADBAA+SLADBAA+SLcDBAA+SLkDBAA+SL0wDAMEAVEVAgMEBFEVAAMEALA5
NQMEALA5PzANBgkqhkiG9w0BAQsFAAOCAQEAPBmSOFozO0HNt6YVKZwwLnuJ0TXd
cLXZcDSW0OZD670rytMG/83j5p8ngTqwRta/LE/UFxtgNGpQZGZwUUgtLBQyIGRk
ZY31Q4icQ2lLvnRvoTRnsQP5skM6JlltlUnj6NTgX87SJoKHk5G0qbgAJloU5cAt
9s9JXgbuk6KRBJl4qI0gM9TdoRc58SrqFQDBX2hlxCEKzz0vwQiuimjsKFA9t7d+
zae3cXV9zkqcLizBb+rHPGyxg2s2FtFjSflNlhlKeXaNKyftZDUgKPkL6TrOVGzH
5JKClPlZ0/hlCl43Yb3cs1dCjo4GWHqLJCVLS5ReNMEcBJ5rAbQOZ54o4Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:55 2024 by rpki-client on console-fra.rpki-client.org