Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/rh9WDoHyLIz0y1XfCcUM9MhI2Q8.roa
File:                     rh9WDoHyLIz0y1XfCcUM9MhI2Q8.roa (raw, json)
Hash identifier:          AMrryAp8ktA7BUlHsy3gPCzvmRpp+agrGtpeN5Pxhcc=
Subject key identifier:   AE:1F:56:0E:81:F2:2C:8C:F4:CB:55:DF:09:C5:0C:F4:C8:48:D9:0F
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       01875BF1BE462AE5CDE1EFD17FC609B9DEB3
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/rh9WDoHyLIz0y1XfCcUM9MhI2Q8.roa
Signing time:             Fri 07 Apr 2023 13:39:42 +0000
ROA not before:           Fri 07 Apr 2023 13:39:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        62.72.162.0/24 maxlen: 24
                          62.72.163.0/24 maxlen: 24
                          62.72.164.0/24 maxlen: 24
                          62.72.160.0/24 maxlen: 24
                          62.72.161.0/24 maxlen: 24
                          62.72.168.0/24 maxlen: 24
                          62.72.191.0/24 maxlen: 24
                          176.57.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 10 Apr 2023 09:05:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:5b:f1:be:46:2a:e5:cd:e1:ef:d1:7f:c6:09:b9:de:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Apr  7 13:39:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ae1f560e81f22c8cf4cb55df09c50cf4c848d90f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:fc:e4:c7:2c:a8:59:ef:2e:98:79:27:dd:9a:
                    27:a9:22:fc:68:7e:47:ba:80:37:05:42:67:ab:c7:
                    3f:29:6e:50:8a:de:58:51:ae:39:bb:0f:ce:d3:fb:
                    6b:e4:6b:4a:06:8f:04:78:a9:00:15:6c:91:5c:de:
                    8d:30:12:0c:ae:68:0a:68:c0:ee:bc:e9:a3:a9:11:
                    27:08:6f:e1:fa:84:c4:eb:f4:ac:03:c1:16:6a:12:
                    65:f5:83:6f:2f:42:61:c4:c3:c1:30:3e:79:f2:f6:
                    99:b2:3d:75:e5:9d:3a:7d:5f:fe:c8:a1:7a:dc:37:
                    7c:45:13:d6:0a:92:c2:68:00:19:f5:4b:54:f3:99:
                    13:33:53:0b:68:c5:50:89:d1:10:5f:03:86:8f:33:
                    b4:96:7c:27:64:e6:9f:be:bc:bf:53:ec:67:73:4e:
                    9f:d7:f9:82:5e:e5:5b:38:1e:d9:46:0c:66:85:e8:
                    06:d7:78:6a:7f:55:20:c4:25:9f:e1:bd:a1:40:3e:
                    80:0a:e3:33:65:34:32:24:19:2a:15:99:cf:d8:3c:
                    5c:37:d1:d3:0a:16:f3:a1:78:b0:de:c2:46:dd:37:
                    3c:60:21:78:39:30:84:26:20:67:73:e3:14:9d:08:
                    95:89:1e:45:f3:ef:3e:fd:6b:3a:8c:1b:29:a8:98:
                    04:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:1F:56:0E:81:F2:2C:8C:F4:CB:55:DF:09:C5:0C:F4:C8:48:D9:0F
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/rh9WDoHyLIz0y1XfCcUM9MhI2Q8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.160.0-62.72.164.255
                  62.72.168.0/24
                  62.72.191.0/24
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:ec:5b:2c:d3:eb:da:cb:d3:92:27:c0:1b:6f:93:10:cf:2a:
         07:8a:bf:84:a6:c5:7f:de:42:f7:eb:4c:6c:4f:b1:87:9b:3b:
         62:07:20:92:15:a0:d2:8e:b7:3e:7a:b4:cf:f0:dc:a6:71:85:
         c7:2d:c0:4a:2f:c4:49:d7:b7:55:71:ec:90:8d:a7:8b:38:5d:
         1a:6e:b6:cd:83:06:50:bb:2e:b2:9c:ea:dd:f0:d8:66:f6:94:
         7d:10:3e:05:96:f9:88:82:6b:4a:61:4b:fe:85:9a:c5:5e:20:
         3e:1e:9f:22:7f:42:6a:40:53:77:fb:0d:89:0a:47:0a:68:47:
         ae:97:85:d3:28:2a:9b:f7:86:13:c0:de:d3:e7:de:ba:47:d4:
         75:56:27:45:bd:3a:c2:3f:a7:c7:8b:35:10:54:7d:5f:40:d9:
         19:ab:44:fe:a0:cd:33:dc:1d:d1:f4:a6:5e:33:5d:56:2d:3c:
         a6:c3:20:b0:29:e6:47:4c:12:93:26:00:39:84:46:81:c4:99:
         68:a1:d3:99:22:a6:56:d3:c1:5b:19:f9:1c:17:e4:f6:6f:26:
         ca:f6:cc:a3:0d:6d:17:2f:a8:cb:5a:41:e4:5f:42:f1:f9:52:
         86:00:aa:60:a2:be:8e:99:55:34:8e:d7:3c:e7:15:ba:aa:88:
         92:f1:e2:dc
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYdb8b5GKuXN4e/Rf8YJud6zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwNDA3MTMzOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTFmNTYwZTgxZjIyYzhjZjRjYjU1ZGYwOWM1MGNmNGM4NDhkOTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPzkxyyoWe8umHkn3ZonqSL8aH5H
uoA3BUJnq8c/KW5Qit5YUa45uw/O0/tr5GtKBo8EeKkAFWyRXN6NMBIMrmgKaMDu
vOmjqREnCG/h+oTE6/SsA8EWahJl9YNvL0JhxMPBMD558vaZsj115Z06fV/+yKF6
3Dd8RRPWCpLCaAAZ9UtU85kTM1MLaMVQidEQXwOGjzO0lnwnZOafvry/U+xnc06f
1/mCXuVbOB7ZRgxmhegG13hqf1UgxCWf4b2hQD6ACuMzZTQyJBkqFZnP2DxcN9HT
ChbzoXiw3sJG3Tc8YCF4OTCEJiBnc+MUnQiViR5F8+8+/Ws6jBspqJgEswIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFK4fVg6B8iyM9MtV3wnFDPTISNkPMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvcmg5V0RvSHlMSXoweTFYZkNjVU05TWhJMlE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAU+SKAD
BAA+SKQDBAA+SKgDBAA+SL8DBACwOT8wDQYJKoZIhvcNAQELBQADggEBAEjsWyzT
69rL05InwBtvkxDPKgeKv4SmxX/eQvfrTGxPsYebO2IHIJIVoNKOtz56tM/w3KZx
hcctwEovxEnXt1Vx7JCNp4s4XRputs2DBlC7LrKc6t3w2Gb2lH0QPgWW+YiCa0ph
S/6FmsVeID4enyJ/QmpAU3f7DYkKRwpoR66XhdMoKpv3hhPA3tPn3rpH1HVWJ0W9
OsI/p8eLNRBUfV9A2RmrRP6gzTPcHdH0pl4zXVYtPKbDILAp5kdMEpMmADmERoHE
mWih05kiplbTwVsZ+RwX5PZvJsr2zKMNbRcvqMtaQeRfQvH5UoYAqmCivo6ZVTSO
1zznFbqqiJLx4tw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:56 2024 by rpki-client on console-ams.rpki-client.org