Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/RxKtVJdyeaK361RgfIVdOdhlvIc.roa
File:                     RxKtVJdyeaK361RgfIVdOdhlvIc.roa (raw, json)
Hash identifier:          Ni2SodfcO8CrWxZZBa1QP/TLp19UvetwP6OEPe9Nic8=
Subject key identifier:   47:12:AD:54:97:72:79:A2:B7:EB:54:60:7C:85:5D:39:D8:65:BC:87
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       01964F2B288CC766D178A24F48F8B555BA58
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/RxKtVJdyeaK361RgfIVdOdhlvIc.roa
Signing time:             Sat 19 Apr 2025 17:49:10 +0000
ROA not before:           Sat 19 Apr 2025 17:49:10 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     834
IP address blocks:        62.72.162.0/23 maxlen: 23
                          62.72.164.0/22 maxlen: 22
                          62.72.164.0/23 maxlen: 23
                          62.72.172.0/24 maxlen: 24
                          62.72.173.0/24 maxlen: 24
                          62.72.184.0/24 maxlen: 24
                          62.72.185.0/24 maxlen: 24
                          62.72.187.0/24 maxlen: 24
                          62.72.191.0/24 maxlen: 24
                          81.21.2.0/23 maxlen: 23
                          81.21.4.0/22 maxlen: 24
                          81.21.5.0/24 maxlen: 24
                          81.21.6.0/24 maxlen: 24
                          176.57.51.0/24 maxlen: 24
                          176.57.56.0/24 maxlen: 24
                          176.57.63.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Fri 25 Apr 2025 15:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:2b:28:8c:c7:66:d1:78:a2:4f:48:f8:b5:55:ba:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Apr 19 17:49:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=4712ad54977279a2b7eb54607c855d39d865bc87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:04:99:80:83:75:39:ea:ef:55:1d:59:26:6d:
                    4b:f6:92:93:81:bb:6a:c7:45:7f:cb:a2:8a:e0:d5:
                    0a:82:ab:e0:07:c5:81:34:c9:6c:60:ce:88:53:5e:
                    45:cb:fb:8e:46:bf:d0:03:f7:0e:f0:be:8f:5e:35:
                    80:07:51:e5:f7:6a:59:2d:d7:e9:87:1a:24:4e:10:
                    fb:49:b0:df:bd:a4:39:0f:2a:0a:46:79:e7:a0:6c:
                    1a:41:4f:e7:d3:c0:d1:16:e9:5d:ab:31:5c:37:0f:
                    7e:fe:a2:c3:a7:6a:3c:04:e5:b3:5d:0c:9c:ff:7c:
                    d4:90:27:a7:23:16:46:80:f9:89:34:8a:0d:50:33:
                    4a:15:37:66:89:0d:d4:ec:1d:5b:d6:7a:07:f0:1e:
                    6b:77:62:61:88:50:e3:0a:0a:22:d0:95:73:a3:50:
                    bb:d0:8f:cb:84:1d:5d:0d:02:c0:dc:87:0c:0e:23:
                    cf:28:da:36:ea:b5:f2:25:41:02:a2:55:0d:cb:7a:
                    54:3e:e4:42:77:73:ed:1c:85:34:ee:37:65:25:c1:
                    d0:2a:c5:17:43:56:c4:69:a8:e5:e6:74:1f:83:7b:
                    24:07:40:a7:b7:74:41:bf:e6:89:0c:86:2d:d9:94:
                    db:b3:ba:8d:75:4d:0d:30:6c:c4:54:07:bf:88:02:
                    86:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:12:AD:54:97:72:79:A2:B7:EB:54:60:7C:85:5D:39:D8:65:BC:87
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/RxKtVJdyeaK361RgfIVdOdhlvIc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.162.0-62.72.167.255
                  62.72.172.0/23
                  62.72.184.0/23
                  62.72.187.0/24
                  62.72.191.0/24
                  81.21.2.0-81.21.7.255
                  176.57.51.0/24
                  176.57.56.0/24
                  176.57.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:5a:0e:6d:01:83:19:f2:cd:ee:19:27:6c:19:d7:79:e5:63:
         20:86:80:7a:67:f9:d8:58:db:ee:d6:90:81:2a:bf:25:c6:1b:
         a8:90:b6:22:7f:10:31:cc:b3:9f:76:98:fc:f7:d4:f6:36:b5:
         ad:e7:1c:ab:7d:cf:36:e3:42:22:93:9e:dd:55:c4:e9:b8:8b:
         3e:f3:8d:86:3a:be:6b:07:2d:23:c2:7b:24:b0:16:77:27:6b:
         d6:34:bb:62:8b:72:ac:c6:15:c2:70:a4:9b:ba:bb:5c:fa:ca:
         ec:62:2c:25:3b:71:a8:3b:4c:1c:4e:a2:ee:ed:5a:2c:e0:15:
         b8:da:7a:5e:25:b7:62:b5:59:13:a9:a9:28:09:1c:e5:7d:f2:
         9d:52:50:93:a1:45:93:5d:9f:18:7a:d5:6a:d4:45:72:09:2b:
         5f:84:d7:20:7d:e8:16:e5:fc:3a:91:3c:b6:37:67:27:3a:dc:
         20:f3:9a:ca:c0:d0:0b:d5:3c:ae:dd:10:08:cb:85:f6:2e:b8:
         06:21:28:d5:01:0b:10:95:5a:96:d2:5e:a1:7d:59:ed:e2:c1:
         3e:6c:63:91:7f:fd:2a:b6:15:21:43:13:10:8a:0a:e7:50:5f:
         27:f6:bd:69:3f:38:32:49:8f:a9:20:5e:b5:cb:bb:d4:34:fd:
         bc:0b:0a:b9
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZZPKyiMx2bReKJPSPi1VbpYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjUwNDE5MTc0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzEyYWQ1NDk3NzI3OWEyYjdlYjU0NjA3Yzg1NWQzOWQ4NjViYzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQSZgIN1OervVR1ZJm1L9pKTgbtq
x0V/y6KK4NUKgqvgB8WBNMlsYM6IU15Fy/uORr/QA/cO8L6PXjWAB1Hl92pZLdfp
hxokThD7SbDfvaQ5DyoKRnnnoGwaQU/n08DRFuldqzFcNw9+/qLDp2o8BOWzXQyc
/3zUkCenIxZGgPmJNIoNUDNKFTdmiQ3U7B1b1noH8B5rd2JhiFDjCgoi0JVzo1C7
0I/LhB1dDQLA3IcMDiPPKNo26rXyJUEColUNy3pUPuRCd3PtHIU07jdlJcHQKsUX
Q1bEaajl5nQfg3skB0Cnt3RBv+aJDIYt2ZTbs7qNdU0NMGzEVAe/iAKG+QIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFEcSrVSXcnmit+tUYHyFXTnYZbyHMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvUnhLdFZKZHllYUszNjFSZ2ZJVmRPZGhsdkljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGMAwDBAE+SKID
BAM+SKADBAE+SKwDBAE+SLgDBAA+SLsDBAA+SL8wDAMEAVEVAgMEA1EVAAMEALA5
MwMEALA5OAMEALA5PzANBgkqhkiG9w0BAQsFAAOCAQEAIFoObQGDGfLN7hknbBnX
eeVjIIaAemf52Fjb7taQgSq/JcYbqJC2In8QMcyzn3aY/PfU9ja1reccq33PNuNC
IpOe3VXE6biLPvONhjq+awctI8J7JLAWdydr1jS7YotyrMYVwnCkm7q7XPrK7GIs
JTtxqDtMHE6i7u1aLOAVuNp6XiW3YrVZE6mpKAkc5X3ynVJQk6FFk12fGHrVatRF
cgkrX4TXIH3oFuX8OpE8tjdnJzrcIPOaysDQC9U8rt0QCMuF9i64BiEo1QELEJVa
ltJeoX1Z7eLBPmxjkX/9KrYVIUMTEIoK51BfJ/a9aT84MkmPqSBetcu71DT9vAsK
uQ==
-----END CERTIFICATE-----