Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/rwRJ2JJ_8I9qMy6Zw4-eVcd3k_g.roa
File:                     rwRJ2JJ_8I9qMy6Zw4-eVcd3k_g.roa (raw, json)
Hash identifier:          +owtlhvaUyIZ7oZabE1LYo7J4vfGjhTebMPSEmjzbSo=
Subject key identifier:   AF:04:49:D8:92:7F:F0:8F:6A:33:2E:99:C3:8F:9E:55:C7:77:93:F8
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       0187796AE9B58637C2A5FAA7D135F5806EE1
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/rwRJ2JJ_8I9qMy6Zw4-eVcd3k_g.roa
Signing time:             Thu 13 Apr 2023 07:01:02 +0000
ROA not before:           Thu 13 Apr 2023 07:01:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        62.72.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 28 May 2023 07:54:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:79:6a:e9:b5:86:37:c2:a5:fa:a7:d1:35:f5:80:6e:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Apr 13 07:01:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=af0449d8927ff08f6a332e99c38f9e55c77793f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:f8:d2:fb:67:5b:7c:45:70:66:f5:24:dc:e9:
                    b0:e6:73:40:c1:c8:83:cb:68:14:7e:90:5b:c9:24:
                    32:b0:e0:64:cc:c4:2b:94:38:ac:30:bb:5a:7d:00:
                    87:55:23:bb:c1:24:4e:da:1a:bb:c0:d0:da:34:1a:
                    34:e3:ff:a0:49:a4:aa:fa:57:3e:13:e8:cc:ac:13:
                    50:b1:69:6d:ae:d7:45:b7:72:c1:7f:fe:b8:ff:e1:
                    ba:02:82:ba:69:b8:57:91:ff:66:26:1b:f6:53:bc:
                    df:84:58:03:0f:18:85:2c:d0:97:08:36:6e:75:21:
                    cf:c8:5a:33:7b:0a:88:a8:44:36:20:12:a9:d5:87:
                    ad:2b:8a:d7:6e:8b:ee:22:60:38:77:22:bd:a8:ce:
                    59:a6:0d:86:14:ab:ba:ff:33:24:71:4e:09:b2:29:
                    f1:c9:6c:7f:6b:d2:74:b3:4d:39:53:2d:bf:cd:b9:
                    28:c4:cc:d2:06:8b:bb:30:b5:25:39:8a:ab:f1:c9:
                    fa:15:60:d2:bc:a5:9c:53:f1:71:c6:06:55:88:b2:
                    5c:d9:75:50:34:ab:6b:84:03:b0:a7:05:f9:7f:12:
                    6a:94:4a:dc:33:7e:06:e2:e5:a7:d6:f8:18:48:53:
                    c7:1b:da:5e:06:09:92:0c:87:84:6f:46:3f:0a:cb:
                    85:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:04:49:D8:92:7F:F0:8F:6A:33:2E:99:C3:8F:9E:55:C7:77:93:F8
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/rwRJ2JJ_8I9qMy6Zw4-eVcd3k_g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:f9:52:6b:6c:ee:53:fb:5a:98:0d:2d:8a:6c:7e:26:9a:a9:
         eb:88:b9:75:21:24:a8:6a:fa:71:74:34:e6:47:f6:7b:7f:03:
         23:01:36:b8:5f:a8:1d:83:38:48:51:ff:97:1d:30:1e:ae:e5:
         36:c1:3b:9e:7c:9f:20:35:a8:90:bb:e7:35:bc:b4:a6:4c:09:
         9f:96:7e:30:b2:d8:e2:04:9c:27:3b:c9:55:02:88:34:e5:64:
         42:69:af:0a:95:4e:c5:69:6b:a8:21:9d:d1:48:41:09:ce:1a:
         91:16:c6:57:c8:17:b1:a0:df:bc:c8:f6:c0:a9:1d:ae:a2:ba:
         8c:45:8b:f9:fc:5a:ce:5d:8b:38:9b:72:72:e6:c3:65:14:d4:
         8c:50:71:9c:63:62:7f:4c:93:d1:6b:70:c2:4f:bb:1b:3e:a7:
         d7:5b:d6:53:4a:26:e3:39:d7:0e:c4:a4:c3:69:35:4f:51:60:
         c5:47:48:c6:d9:e7:c0:5a:d1:b4:54:9b:62:23:87:5e:ea:9a:
         17:10:39:be:8f:46:4a:36:f5:d3:4b:1b:ce:ed:35:95:83:98:
         2e:74:93:ed:0e:96:fa:f6:5e:46:cb:0d:16:5f:7a:c9:82:0f:
         f4:51:d6:20:73:13:2f:88:89:ac:5b:a2:35:f0:f2:11:25:e8:
         fd:7c:64:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd5aum1hjfCpfqn0TX1gG7hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwNDEzMDcwMTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjA0NDlkODkyN2ZmMDhmNmEzMzJlOTljMzhmOWU1NWM3Nzc5M2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfjS+2dbfEVwZvUk3Omw5nNAwciD
y2gUfpBbySQysOBkzMQrlDisMLtafQCHVSO7wSRO2hq7wNDaNBo04/+gSaSq+lc+
E+jMrBNQsWltrtdFt3LBf/64/+G6AoK6abhXkf9mJhv2U7zfhFgDDxiFLNCXCDZu
dSHPyFozewqIqEQ2IBKp1YetK4rXbovuImA4dyK9qM5Zpg2GFKu6/zMkcU4Jsinx
yWx/a9J0s005Uy2/zbkoxMzSBou7MLUlOYqr8cn6FWDSvKWcU/FxxgZViLJc2XVQ
NKtrhAOwpwX5fxJqlErcM34G4uWn1vgYSFPHG9peBgmSDIeEb0Y/CsuFLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK8ESdiSf/CPajMumcOPnlXHd5P4MB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvcndSSjJKSl84STlxTXk2Wnc0LWVWY2Qza19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkihMA0G
CSqGSIb3DQEBCwUAA4IBAQAt+VJrbO5T+1qYDS2KbH4mmqnriLl1ISSoavpxdDTm
R/Z7fwMjATa4X6gdgzhIUf+XHTAeruU2wTuefJ8gNaiQu+c1vLSmTAmfln4wstji
BJwnO8lVAog05WRCaa8KlU7FaWuoIZ3RSEEJzhqRFsZXyBexoN+8yPbAqR2uorqM
RYv5/FrOXYs4m3Jy5sNlFNSMUHGcY2J/TJPRa3DCT7sbPqfXW9ZTSibjOdcOxKTD
aTVPUWDFR0jG2efAWtG0VJtiI4de6poXEDm+j0ZKNvXTSxvO7TWVg5gudJPtDpb6
9l5Gyw0WX3rJgg/0UdYgcxMviImsW6I18PIRJej9fGQY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:55 2024 by rpki-client on console-fra.rpki-client.org