Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-eUm8dgJVUYvoruZmozPzlx5ISo.roa
File:                     1-eUm8dgJVUYvoruZmozPzlx5ISo.roa (raw, json)
Hash identifier:          1FHjz1txI3BESP+Mh/79EgO+UUJkWeuAF0kbAC8en/g=
Subject key identifier:   F9:E5:26:F1:D8:09:55:46:2F:A2:BB:99:9A:8C:CF:CE:5C:79:21:2A
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018AE655D82812C314F98054BCF7533F1ABE
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-eUm8dgJVUYvoruZmozPzlx5ISo.roa
Signing time:             Sat 30 Sep 2023 13:45:00 +0000
ROA not before:           Sat 30 Sep 2023 13:45:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207508
IP address blocks:        2.56.109.0/24 maxlen: 24
                          45.138.183.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 30 Oct 2023 11:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:e6:55:d8:28:12:c3:14:f9:80:54:bc:f7:53:3f:1a:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Sep 30 13:45:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f9e526f1d80955462fa2bb999a8ccfce5c79212a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:dd:b3:8a:35:2f:01:30:04:7c:a3:d1:72:94:
                    5a:a5:3a:a6:23:3b:03:c4:66:66:00:48:4f:8f:3b:
                    0c:e9:2b:70:a7:98:b2:24:bf:1a:4a:32:d9:f9:00:
                    c9:03:43:0b:92:81:6e:21:55:d4:65:60:85:b5:1f:
                    e6:4f:6f:89:3c:fc:ee:1f:f0:91:6d:87:83:83:f2:
                    61:7a:2f:be:e3:61:78:06:24:5f:90:fb:71:ec:6b:
                    97:ed:d5:da:85:03:83:24:5f:0f:05:de:ca:54:06:
                    f3:c5:b4:1e:99:d2:6f:ff:0d:92:8b:b2:21:1e:cd:
                    70:37:e9:71:9f:22:79:04:46:cb:ea:40:65:7f:45:
                    39:73:89:a5:5e:3d:a7:fa:e5:69:05:c2:db:5b:4e:
                    02:bf:e6:4b:9c:83:db:95:c1:ac:9c:81:95:54:9d:
                    14:5f:55:9f:f1:77:ec:0c:e5:c0:de:98:17:bc:38:
                    ef:77:b7:41:73:e3:c6:1e:91:a9:62:16:7c:d2:36:
                    90:9f:40:73:c0:44:b0:47:19:0d:9d:cb:95:16:91:
                    9f:13:32:af:f2:a1:2d:fc:4f:5a:f2:66:c5:0c:2d:
                    7b:1f:95:e8:2a:51:a4:27:bd:19:43:a1:a7:f1:f2:
                    ef:8a:67:52:c0:50:08:85:c9:95:0d:22:e2:21:e5:
                    2f:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:E5:26:F1:D8:09:55:46:2F:A2:BB:99:9A:8C:CF:CE:5C:79:21:2A
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-eUm8dgJVUYvoruZmozPzlx5ISo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.109.0/24
                  45.138.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:ab:ef:e2:41:04:bd:55:85:1f:0e:a4:9c:34:b0:28:a9:a3:
         36:af:2b:d8:53:00:ce:38:64:b2:c4:43:6f:a8:b2:d3:3b:2e:
         52:3f:91:ed:32:13:35:d0:79:a4:21:43:24:67:e5:78:57:60:
         71:73:df:b9:4b:0b:51:55:35:35:db:07:81:87:07:d6:4b:20:
         89:45:bf:fe:42:f0:b8:2f:93:60:ba:6f:21:c2:92:6f:e5:e8:
         cf:22:44:c7:73:e0:1c:d6:25:9b:9e:36:f3:e9:94:6b:b7:cd:
         70:eb:34:9e:55:0a:62:ee:de:0b:b5:66:0d:b4:f5:5f:19:8b:
         fd:16:3a:fe:85:16:42:d4:20:93:c4:ce:b9:38:ae:5b:c8:98:
         d1:5e:c0:b6:f0:32:31:4b:42:4d:cf:1e:c5:c9:66:56:6f:75:
         ff:65:cb:ad:9d:29:24:87:64:aa:33:52:50:95:fb:f6:5c:95:
         cb:f5:ce:34:b6:0f:5c:b3:66:6d:f6:22:41:31:f6:74:3f:3b:
         bb:e1:6d:23:7b:e2:b8:af:24:4d:05:bc:cf:4e:77:20:20:2e:
         d7:5b:4a:9f:d4:ed:1e:53:9d:f1:bf:4d:37:a9:6b:5e:33:aa:
         2d:01:89:2b:fc:b3:3a:cb:ce:a3:6b:b1:94:c3:fb:78:9b:b0:
         b5:25:5a:18
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYrmVdgoEsMU+YBUvPdTPxq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTMwMTM0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWU1MjZmMWQ4MDk1NTQ2MmZhMmJiOTk5YThjY2ZjZTVjNzkyMTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7d2zijUvATAEfKPRcpRapTqmIzsD
xGZmAEhPjzsM6Stwp5iyJL8aSjLZ+QDJA0MLkoFuIVXUZWCFtR/mT2+JPPzuH/CR
bYeDg/Jhei++42F4BiRfkPtx7GuX7dXahQODJF8PBd7KVAbzxbQemdJv/w2Si7Ih
Hs1wN+lxnyJ5BEbL6kBlf0U5c4mlXj2n+uVpBcLbW04Cv+ZLnIPblcGsnIGVVJ0U
X1Wf8XfsDOXA3pgXvDjvd7dBc+PGHpGpYhZ80jaQn0BzwESwRxkNncuVFpGfEzKv
8qEt/E9a8mbFDC17H5XoKlGkJ70ZQ6Gn8fLvimdSwFAIhcmVDSLiIeUvcQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPnlJvHYCVVGL6K7mZqMz85ceSEqMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMS1lVW04ZGdKVlVZdm9ydVptb3pQemx4NUlTby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2
MC8xL25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAAI4bQME
AC2KtzANBgkqhkiG9w0BAQsFAAOCAQEAravv4kEEvVWFHw6knDSwKKmjNq8r2FMA
zjhkssRDb6iy0zsuUj+R7TITNdB5pCFDJGfleFdgcXPfuUsLUVU1NdsHgYcH1ksg
iUW//kLwuC+TYLpvIcKSb+XozyJEx3PgHNYlm5428+mUa7fNcOs0nlUKYu7eC7Vm
DbT1XxmL/RY6/oUWQtQgk8TOuTiuW8iY0V7AtvAyMUtCTc8exclmVm91/2XLrZ0p
JIdkqjNSUJX79lyVy/XONLYPXLNmbfYiQTH2dD87u+FtI3viuK8kTQW8z053ICAu
11tKn9TtHlOd8b9NN6lrXjOqLQGJK/yzOsvOo2uxlMP7eJuwtSVaGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org