Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/wTzB1qgUcXewFdnWRIa9VLq68AQ.roa
File:                     wTzB1qgUcXewFdnWRIa9VLq68AQ.roa (raw, json)
Hash identifier:          x0D1XcDq6z+tfsX0wJ55g7ZNvA7ck7zw/6tujwbQUPw=
Subject key identifier:   C1:3C:C1:D6:A8:14:71:77:B0:15:D9:D6:44:86:BD:54:BA:BA:F0:04
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       018C6EADB4751A3D10081A97F3086A28FDC2
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/wTzB1qgUcXewFdnWRIa9VLq68AQ.roa
Signing time:             Fri 15 Dec 2023 18:12:06 +0000
ROA not before:           Fri 15 Dec 2023 18:12:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     63023
IP address blocks:        62.72.171.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:6e:ad:b4:75:1a:3d:10:08:1a:97:f3:08:6a:28:fd:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Dec 15 18:12:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c13cc1d6a8147177b015d9d64486bd54babaf004
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:25:f9:14:23:ff:5a:27:6d:f2:ed:2b:0f:01:
                    a2:97:36:b9:44:61:1a:c2:89:0b:5c:97:34:30:38:
                    68:4c:63:c0:fe:64:2c:11:62:cd:c5:c8:8b:cf:f5:
                    97:e0:6e:34:14:52:37:2d:f5:cd:9e:dc:e5:2d:43:
                    7b:c0:b0:22:4f:92:d2:72:fe:a3:ba:2e:ba:74:be:
                    6c:ba:17:61:40:d8:3a:ac:88:8f:fc:5b:a0:6f:44:
                    b0:57:64:de:c5:33:ae:49:b3:f4:4b:d8:14:f0:fd:
                    19:fc:7e:7c:39:5a:b2:cf:c7:84:e2:85:57:28:ad:
                    99:aa:f9:f8:f3:af:08:9a:fe:38:74:b7:a2:45:2e:
                    df:50:b9:3b:88:13:59:31:de:15:87:33:36:46:c7:
                    63:c9:2b:08:1b:ab:49:b6:71:b1:15:d9:72:4a:a7:
                    54:f0:19:53:bc:80:11:aa:41:da:5a:cb:5c:7d:a9:
                    e7:05:72:59:6f:8c:47:19:9c:24:e1:33:77:86:b2:
                    d7:54:0f:10:d9:46:39:27:77:f6:7a:3c:2d:4f:c6:
                    36:cd:04:a9:e9:04:fe:3d:f8:21:d7:2a:5a:ae:af:
                    c7:0a:df:5e:24:dc:b5:e8:78:04:47:4f:4e:ce:91:
                    d1:9e:56:aa:75:66:04:de:03:b8:6f:1c:4a:17:74:
                    c1:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:3C:C1:D6:A8:14:71:77:B0:15:D9:D6:44:86:BD:54:BA:BA:F0:04
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/wTzB1qgUcXewFdnWRIa9VLq68AQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:42:3e:f0:57:0d:4f:72:74:5e:a0:65:79:78:5b:2a:bf:a5:
         0e:f1:a9:11:82:38:99:a6:d4:06:c1:28:4f:e8:f8:bc:26:4b:
         2b:cb:4f:c0:c2:97:62:04:ca:50:4c:2c:8e:a9:ab:6c:7d:77:
         4f:60:c8:3b:f8:a8:ff:1b:14:2e:af:9d:22:56:28:37:7f:cb:
         16:7e:9b:2d:3b:66:b4:f6:47:5d:60:72:60:1f:85:94:7c:9c:
         1a:3b:28:cc:9a:ca:15:c6:cb:20:36:ab:91:3c:ce:b5:e1:8a:
         72:67:08:83:09:19:a9:54:06:21:a4:d1:cc:4c:d5:62:0b:83:
         ae:1e:cb:66:d1:b3:8a:44:df:1c:c4:94:9e:39:c7:b0:80:87:
         da:7b:75:2d:72:da:c7:53:5d:2e:c3:a7:dd:16:a3:43:5d:45:
         2f:2e:2c:b9:78:49:aa:5c:38:14:ae:2a:22:db:b3:17:bf:cd:
         ef:c8:61:a6:6e:04:04:54:df:ed:36:13:60:26:8f:f6:9c:4f:
         d2:f1:45:49:74:4b:71:d6:d9:e7:e3:4a:1d:44:2e:2f:cf:d2:
         bb:2b:35:67:41:c6:27:d2:ec:a7:f7:ce:c7:88:ae:29:f5:81:
         94:81:5a:25:94:3b:fb:ab:46:6e:34:2e:ac:00:46:3c:92:78:
         57:b3:19:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxurbR1Gj0QCBqX8whqKP3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMxMjE1MTgxMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTNjYzFkNmE4MTQ3MTc3YjAxNWQ5ZDY0NDg2YmQ1NGJhYmFmMDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCX5FCP/Widt8u0rDwGilza5RGEa
wokLXJc0MDhoTGPA/mQsEWLNxciLz/WX4G40FFI3LfXNntzlLUN7wLAiT5LScv6j
ui66dL5suhdhQNg6rIiP/Fugb0SwV2TexTOuSbP0S9gU8P0Z/H58OVqyz8eE4oVX
KK2Zqvn4868Imv44dLeiRS7fULk7iBNZMd4VhzM2RsdjySsIG6tJtnGxFdlySqdU
8BlTvIARqkHaWstcfannBXJZb4xHGZwk4TN3hrLXVA8Q2UY5J3f2ejwtT8Y2zQSp
6QT+Pfgh1yparq/HCt9eJNy16HgER09OzpHRnlaqdWYE3gO4bxxKF3TBNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFME8wdaoFHF3sBXZ1kSGvVS6uvAEMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvd1R6QjFxZ1VjWGV3RmRuV1JJYTlWTHE2OEFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkirMA0G
CSqGSIb3DQEBCwUAA4IBAQBjQj7wVw1PcnReoGV5eFsqv6UO8akRgjiZptQGwShP
6Pi8Jksry0/AwpdiBMpQTCyOqatsfXdPYMg7+Kj/GxQur50iVig3f8sWfpstO2a0
9kddYHJgH4WUfJwaOyjMmsoVxssgNquRPM614YpyZwiDCRmpVAYhpNHMTNViC4Ou
Hstm0bOKRN8cxJSeOcewgIfae3UtctrHU10uw6fdFqNDXUUvLiy5eEmqXDgUrioi
27MXv83vyGGmbgQEVN/tNhNgJo/2nE/S8UVJdEtx1tnn40odRC4vz9K7KzVnQcYn
0uyn987HiK4p9YGUgVollDv7q0ZuNC6sAEY8knhXsxky
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:55 2024 by rpki-client on console-fra.rpki-client.org