Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/vFqob1Oert_-XdDnAEi0Xr7jgvk.roa
File:                     vFqob1Oert_-XdDnAEi0Xr7jgvk.roa (raw, json)
Hash identifier:          x88ly+8DgpRlPQ2CydcTVnV3gMVULR/lLc78lmxseyk=
Subject key identifier:   BC:5A:A8:6F:53:9E:AE:DF:FE:5D:D0:E7:00:48:B4:5E:BE:E3:82:F9
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018B9E32442723DC8433FE53A94E36D0234C
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/vFqob1Oert_-XdDnAEi0Xr7jgvk.roa
Signing time:             Sun 05 Nov 2023 06:36:16 +0000
ROA not before:           Sun 05 Nov 2023 06:36:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        81.21.12.0/22 maxlen: 24
                          81.21.14.0/23 maxlen: 24
                          176.57.51.0/24 maxlen: 24
                          176.57.53.0/24 maxlen: 24
                          176.57.58.0/24 maxlen: 24
                          176.57.59.0/24 maxlen: 24
                          176.57.63.0/24 maxlen: 24
                          62.72.162.0/24 maxlen: 24
                          62.72.162.0/23 maxlen: 23
                          62.72.163.0/24 maxlen: 24
                          62.72.164.0/23 maxlen: 23
                          62.72.164.0/24 maxlen: 24
                          62.72.165.0/24 maxlen: 24
                          62.72.164.0/22 maxlen: 22
                          62.72.166.0/24 maxlen: 24
                          62.72.169.0/24 maxlen: 24
                          62.72.168.0/22 maxlen: 22
                          62.72.170.0/24 maxlen: 24
                          62.72.167.0/24 maxlen: 24
                          62.72.168.0/24 maxlen: 24
                          62.72.179.0/24 maxlen: 24
                          62.72.173.0/24 maxlen: 24
                          62.72.174.0/23 maxlen: 23
                          62.72.174.0/24 maxlen: 24
                          62.72.175.0/24 maxlen: 24
                          62.72.185.0/24 maxlen: 24
                          62.72.186.0/24 maxlen: 24
                          62.72.180.0/23 maxlen: 23
                          62.72.184.0/22 maxlen: 22
                          62.72.181.0/24 maxlen: 24
                          62.72.182.0/24 maxlen: 24
                          62.72.191.0/24 maxlen: 24
                          62.72.187.0/24 maxlen: 24
                          62.72.188.0/24 maxlen: 24
                          62.72.189.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.4.0/22 maxlen: 24
                          81.21.9.0/24 maxlen: 24
                          81.21.10.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 07 Nov 2023 10:29:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:9e:32:44:27:23:dc:84:33:fe:53:a9:4e:36:d0:23:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Nov  5 06:36:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bc5aa86f539eaedffe5dd0e70048b45ebee382f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:03:6c:6b:67:25:0d:76:fb:65:0d:77:c1:ba:
                    c7:0c:9f:87:03:5c:2f:5c:a8:f7:05:08:c9:76:56:
                    19:31:c5:30:ec:c7:36:68:fb:23:2d:85:94:79:4d:
                    0d:7d:94:ef:64:c9:e4:e8:a2:d3:bb:5b:a2:07:08:
                    c9:67:41:15:20:bd:07:ae:e1:b3:44:15:a3:6b:a7:
                    c9:e2:ac:f2:e6:ab:65:2c:81:fa:52:18:0b:d8:14:
                    c6:ce:0a:50:4b:7b:41:f7:70:b5:1c:07:1d:ee:a7:
                    02:7f:1d:34:30:4d:ae:67:d2:35:3b:fc:f3:2d:4e:
                    d6:04:02:54:df:5a:6c:ed:bd:09:fc:0e:6b:b2:f2:
                    00:aa:4c:46:d8:11:b9:bd:c1:de:4a:65:0b:89:11:
                    02:cd:e9:32:9a:01:d7:76:e9:e1:9a:6c:3c:af:f3:
                    c1:29:0a:2b:26:83:90:4b:5b:12:de:e6:e4:22:b9:
                    2d:b7:21:a4:d3:6d:97:5b:81:4e:9e:cf:15:43:a0:
                    a9:bb:a0:5e:44:a8:89:06:b1:cb:0b:de:b6:3f:ff:
                    0e:a6:f6:d3:52:e8:b7:9f:a2:db:24:12:b3:a3:1c:
                    b7:56:fb:e6:bf:d0:5a:cd:4e:70:47:90:90:d6:50:
                    f5:99:7f:e9:ff:ab:fa:cf:b7:ad:65:63:f9:aa:71:
                    9e:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:5A:A8:6F:53:9E:AE:DF:FE:5D:D0:E7:00:48:B4:5E:BE:E3:82:F9
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/vFqob1Oert_-XdDnAEi0Xr7jgvk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.162.0-62.72.171.255
                  62.72.173.0-62.72.175.255
                  62.72.179.0-62.72.182.255
                  62.72.184.0-62.72.189.255
                  62.72.191.0/24
                  81.21.2.0-81.21.7.255
                  81.21.9.0-81.21.15.255
                  176.57.51.0/24
                  176.57.53.0/24
                  176.57.58.0/23
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:e1:f7:0a:02:8b:2c:2c:27:21:63:25:32:d6:d1:64:07:41:
         de:07:77:9e:f1:66:26:a6:40:6f:fa:64:89:32:fc:6b:d1:18:
         90:85:fd:de:b4:89:d1:af:fd:b3:f7:19:c0:a7:6d:08:d6:18:
         38:ce:ea:2f:75:ef:21:0a:6d:86:33:60:b6:81:ee:16:7b:9f:
         c9:b9:98:11:0f:36:87:ad:78:ef:30:cd:00:77:b0:ed:45:5c:
         b8:a3:ec:c5:e8:9a:45:00:ee:c7:f7:b5:dd:ba:d6:58:6d:32:
         31:3d:14:d1:4e:ba:93:8e:41:5a:e9:3c:82:5f:61:b6:f3:53:
         43:d3:15:b8:ec:94:b9:15:c1:45:41:41:a7:35:1a:1d:c8:6a:
         5a:1e:48:c2:7c:fd:c0:e2:f2:2b:4d:f3:8c:84:d4:3b:84:a7:
         db:9d:fa:33:00:57:81:c0:fe:38:7a:28:33:fe:a0:14:4a:16:
         95:f5:14:3d:ab:cd:9d:8b:2e:35:ac:27:4b:4e:82:13:57:0c:
         af:31:88:8d:e6:c6:bc:52:32:cf:53:91:a3:af:5d:6d:e6:fd:
         8a:82:53:61:12:a3:b9:ce:4e:95:af:52:91:a5:4b:31:e7:e9:
         33:6b:62:47:35:0f:a9:c9:10:83:f3:6a:26:ea:86:d1:1b:3e:
         b9:0a:79:e8
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYueMkQnI9yEM/5TqU420CNMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMxMTA1MDYzNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzVhYTg2ZjUzOWVhZWRmZmU1ZGQwZTcwMDQ4YjQ1ZWJlZTM4MmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgNsa2clDXb7ZQ13wbrHDJ+HA1wv
XKj3BQjJdlYZMcUw7Mc2aPsjLYWUeU0NfZTvZMnk6KLTu1uiBwjJZ0EVIL0HruGz
RBWja6fJ4qzy5qtlLIH6UhgL2BTGzgpQS3tB93C1HAcd7qcCfx00ME2uZ9I1O/zz
LU7WBAJU31ps7b0J/A5rsvIAqkxG2BG5vcHeSmULiRECzekymgHXdunhmmw8r/PB
KQorJoOQS1sS3ubkIrkttyGk022XW4FOns8VQ6Cpu6BeRKiJBrHLC962P/8OpvbT
Uui3n6LbJBKzoxy3Vvvmv9BazU5wR5CQ1lD1mX/p/6v6z7etZWP5qnGetwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFLxaqG9Tnq7f/l3Q5wBItF6+44L5MB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvdkZxb2IxT2VydF8tWGREbkFFaTBYcjdqZ3ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcjAMAwQBPkii
AwQCPkioMAwDBAA+SK0DBAQ+SKAwDAMEAD5IswMEAD5ItjAMAwQDPki4AwQBPki8
AwQAPki/MAwDBAFRFQIDBANRFQAwDAMEAFEVCQMEBFEVAAMEALA5MwMEALA5NQME
AbA5OgMEALA5PzANBgkqhkiG9w0BAQsFAAOCAQEArOH3CgKLLCwnIWMlMtbRZAdB
3gd3nvFmJqZAb/pkiTL8a9EYkIX93rSJ0a/9s/cZwKdtCNYYOM7qL3XvIQpthjNg
toHuFnufybmYEQ82h6147zDNAHew7UVcuKPsxeiaRQDux/e13brWWG0yMT0U0U66
k45BWuk8gl9htvNTQ9MVuOyUuRXBRUFBpzUaHchqWh5Iwnz9wOLyK03zjITUO4Sn
2536MwBXgcD+OHooM/6gFEoWlfUUPavNnYsuNawnS06CE1cMrzGIjebGvFIyz1OR
o69dbeb9ioJTYRKjuc5Ola9SkaVLMefpM2tiRzUPqckQg/NqJuqG0Rs+uQp56A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:56 2024 by rpki-client on console-ams.rpki-client.org