Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/vVsyzlBF_LkvGRJOFPILmJtds7I.roa
File:                     vVsyzlBF_LkvGRJOFPILmJtds7I.roa (raw, json)
Hash identifier:          37K82TyCvr/s/zkTz9DxqmaMVcNJa87xdNNdJeWotYo=
Subject key identifier:   BD:5B:32:CE:50:45:FC:B9:2F:19:12:4E:14:F2:0B:98:9B:5D:B3:B2
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018C86C4884D9D3DF611254A425595B48DF7
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/vVsyzlBF_LkvGRJOFPILmJtds7I.roa
Signing time:             Wed 20 Dec 2023 10:27:56 +0000
ROA not before:           Wed 20 Dec 2023 10:27:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        62.72.162.0/23 maxlen: 23
                          62.72.164.0/23 maxlen: 23
                          62.72.164.0/22 maxlen: 22
                          62.72.160.0/24 maxlen: 24
                          62.72.181.0/24 maxlen: 24
                          62.72.188.0/24 maxlen: 24
                          81.21.12.0/22 maxlen: 24
                          81.21.14.0/23 maxlen: 24
                          176.57.53.0/24 maxlen: 24
                          176.57.58.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.4.0/22 maxlen: 24
                          176.57.59.0/24 maxlen: 24
                          81.21.10.0/23 maxlen: 23
                          176.57.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 20 Dec 2023 13:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:86:c4:88:4d:9d:3d:f6:11:25:4a:42:55:95:b4:8d:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Dec 20 10:27:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bd5b32ce5045fcb92f19124e14f20b989b5db3b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:13:9f:cf:aa:d5:54:4d:9c:4c:43:68:b7:4e:
                    a5:7a:0b:f7:04:8b:7b:33:a7:0c:0d:ac:cb:8a:14:
                    6d:86:2b:6c:3d:2d:c7:d5:1b:cf:90:b8:b4:be:28:
                    3a:45:32:97:a8:90:2d:92:a7:a3:97:fc:62:96:c3:
                    05:2b:7a:e2:d1:9f:54:0d:d6:a1:8c:6e:1f:5c:2a:
                    9f:16:6c:c6:a6:c6:a6:96:89:4c:8c:5b:57:0e:b2:
                    00:1a:93:04:19:a5:bf:d4:c0:33:5e:18:48:ed:1e:
                    41:47:fb:6c:9a:ce:40:71:00:49:53:94:9b:f1:be:
                    f5:4a:0a:fb:37:36:13:e0:aa:12:58:1e:18:7a:5f:
                    8e:3c:b9:3d:d1:7c:5a:94:6e:78:4e:c3:75:7e:1f:
                    f7:5b:9d:18:92:f2:36:2e:f0:3e:25:21:ee:75:0a:
                    c7:e3:25:25:50:3b:0e:5f:31:8d:43:78:35:0e:fe:
                    00:a1:61:ac:f7:01:1a:75:35:9d:f3:cf:12:ef:c4:
                    9d:b4:a8:59:4c:c2:a6:fc:58:d5:29:d9:28:e3:1b:
                    3f:f4:b2:63:0f:92:9f:90:69:ef:13:30:ab:e4:8b:
                    d5:46:76:fa:02:f8:4e:3e:a8:f7:7d:59:f1:e6:55:
                    31:61:f5:66:7a:6b:03:bc:19:f4:1e:6c:39:2e:7f:
                    8c:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:5B:32:CE:50:45:FC:B9:2F:19:12:4E:14:F2:0B:98:9B:5D:B3:B2
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/vVsyzlBF_LkvGRJOFPILmJtds7I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.160.0/24
                  62.72.162.0-62.72.167.255
                  62.72.181.0/24
                  62.72.188.0/24
                  81.21.2.0-81.21.7.255
                  81.21.10.0-81.21.15.255
                  176.57.53.0/24
                  176.57.58.0/23
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:3a:e8:51:a8:6d:09:0b:30:eb:4a:dc:59:5e:52:5c:be:fd:
         9c:12:8c:71:91:75:32:4f:04:9e:29:e4:92:c6:07:aa:05:49:
         40:b8:2a:a5:f7:13:f2:9b:53:98:6f:41:70:51:d1:65:7b:b6:
         35:d1:84:67:19:37:7c:18:9c:91:dd:95:0e:c7:36:5c:57:65:
         63:29:b4:eb:de:41:0a:e5:9e:a1:a0:a3:bf:3b:0b:89:d8:22:
         c5:07:82:25:8c:86:d3:bf:c8:1c:4f:f4:a0:0c:5f:bb:3f:ac:
         95:6e:5e:d1:7b:3d:10:83:56:df:c8:60:bf:2e:4c:d4:10:03:
         7e:7e:a4:18:67:e1:92:ce:a9:3f:ad:e8:3c:46:b0:c2:a4:d6:
         5e:ef:09:59:9d:4d:e3:5d:46:78:ee:8c:3c:f1:1f:d9:81:6e:
         5b:74:88:8c:a7:64:76:18:7b:dc:4f:a6:1e:3d:89:52:a9:32:
         1a:b8:3a:ef:a3:25:7c:70:b7:0a:75:c4:5c:2c:0f:10:af:3c:
         46:c4:db:b0:db:58:14:77:3c:32:a2:5e:5c:d2:0a:f3:e2:51:
         ca:70:5b:ab:86:db:d4:67:c0:69:d9:52:e0:92:fc:fa:01:1d:
         60:dd:c5:66:48:39:c3:a7:6f:7c:0a:5f:3c:6c:54:47:5c:5d:
         d7:5f:27:5e
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYyGxIhNnT32ESVKQlWVtI33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMxMjIwMTAyNzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDViMzJjZTUwNDVmY2I5MmYxOTEyNGUxNGYyMGI5ODliNWRiM2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihOfz6rVVE2cTENot06legv3BIt7
M6cMDazLihRthitsPS3H1RvPkLi0vig6RTKXqJAtkqejl/xilsMFK3ri0Z9UDdah
jG4fXCqfFmzGpsamlolMjFtXDrIAGpMEGaW/1MAzXhhI7R5BR/tsms5AcQBJU5Sb
8b71Sgr7NzYT4KoSWB4Yel+OPLk90XxalG54TsN1fh/3W50YkvI2LvA+JSHudQrH
4yUlUDsOXzGNQ3g1Dv4AoWGs9wEadTWd888S78SdtKhZTMKm/FjVKdko4xs/9LJj
D5KfkGnvEzCr5IvVRnb6AvhOPqj3fVnx5lUxYfVmemsDvBn0Hmw5Ln+M/QIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFL1bMs5QRfy5LxkSThTyC5ibXbOyMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvdlZzeXpsQkZfTGt2R1JKT0ZQSUxtSnRkczdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAPkigMAwD
BAE+SKIDBAM+SKADBAA+SLUDBAA+SLwwDAMEAVEVAgMEA1EVADAMAwQBURUKAwQE
URUAAwQAsDk1AwQBsDk6AwQAsDk/MA0GCSqGSIb3DQEBCwUAA4IBAQBuOuhRqG0J
CzDrStxZXlJcvv2cEoxxkXUyTwSeKeSSxgeqBUlAuCql9xPym1OYb0FwUdFle7Y1
0YRnGTd8GJyR3ZUOxzZcV2VjKbTr3kEK5Z6hoKO/OwuJ2CLFB4IljIbTv8gcT/Sg
DF+7P6yVbl7Rez0Qg1bfyGC/LkzUEAN+fqQYZ+GSzqk/reg8RrDCpNZe7wlZnU3j
XUZ47ow88R/ZgW5bdIiMp2R2GHvcT6YePYlSqTIauDrvoyV8cLcKdcRcLA8QrzxG
xNuw21gUdzwyol5c0grz4lHKcFurhtvUZ8Bp2VLgkvz6AR1g3cVmSDnDp298Cl88
bFRHXF3XXyde
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:55 2024 by rpki-client on console-fra.rpki-client.org