Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/huJfdNm0ceDIekMk69k0sF28zKY.roa
File:                     huJfdNm0ceDIekMk69k0sF28zKY.roa (raw, json)
Hash identifier:          ajWDv5gMPzc6FPMz15ChTHsQxN9sVyLeXJgX++gwZC0=
Subject key identifier:   86:E2:5F:74:D9:B4:71:E0:C8:7A:43:24:EB:D9:34:B0:5D:BC:CC:A6
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       0188BE4EEDA83EA5A6CD71FBD460A53FBBBD
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/huJfdNm0ceDIekMk69k0sF28zKY.roa
Signing time:             Thu 15 Jun 2023 09:07:03 +0000
ROA not before:           Thu 15 Jun 2023 09:07:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50225
IP address blocks:        2.56.108.0/24 maxlen: 24
                          2.56.109.0/24 maxlen: 24
                          2.56.110.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 19 Jun 2023 09:53:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:be:4e:ed:a8:3e:a5:a6:cd:71:fb:d4:60:a5:3f:bb:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Jun 15 09:07:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=86e25f74d9b471e0c87a4324ebd934b05dbccca6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:01:61:fa:a6:9a:54:35:4b:ad:4f:1b:1a:49:
                    0e:66:21:a3:6a:64:fa:7d:17:66:c7:6b:f3:c7:14:
                    d3:36:95:5b:55:68:ef:36:09:5d:81:0a:be:c5:3d:
                    c4:22:2c:4a:52:50:f7:cb:f0:9d:67:b7:85:21:25:
                    a5:79:f8:3d:fb:ee:55:fb:05:d3:11:00:6d:8e:c6:
                    a6:c0:74:d2:89:6b:07:85:cf:26:1b:0e:4d:e4:c8:
                    55:14:60:4b:11:93:ae:15:a9:98:18:2a:5e:2e:2c:
                    16:81:79:cf:d1:42:19:20:77:99:a3:c4:f8:0b:9e:
                    54:fe:21:b1:08:0a:2d:00:2d:53:7f:cc:97:00:89:
                    eb:3c:a2:2b:e6:5a:3b:a6:de:ea:c2:26:82:3f:dd:
                    a8:f9:10:ac:c4:13:8a:42:82:bb:8e:b8:4a:2b:c9:
                    35:20:3c:d9:e8:e4:22:18:a3:5c:bd:af:d6:b3:a2:
                    55:20:d0:64:98:8d:3c:36:2a:76:ee:b7:de:46:42:
                    5c:06:8a:f9:bb:64:78:5b:fa:21:13:65:fa:52:9a:
                    5a:0a:95:27:d6:1f:be:18:3d:0a:1e:02:01:e1:f1:
                    1f:cd:e9:4e:2a:3b:87:c7:75:2f:a8:d7:bd:4e:2e:
                    aa:9b:8d:12:b5:f0:76:03:be:56:2a:0f:0e:96:08:
                    6f:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:E2:5F:74:D9:B4:71:E0:C8:7A:43:24:EB:D9:34:B0:5D:BC:CC:A6
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/huJfdNm0ceDIekMk69k0sF28zKY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.108.0-2.56.110.255

    Signature Algorithm: sha256WithRSAEncryption
         87:80:27:ca:51:86:69:37:d9:90:92:9d:97:81:27:8a:92:03:
         18:de:5f:0a:c7:0e:38:2e:32:e3:54:ce:6a:b3:a4:06:27:39:
         88:07:a2:01:ed:fa:e2:16:6c:f6:76:32:a7:db:a5:94:38:54:
         22:94:de:3b:5b:75:b2:ba:fe:66:56:41:34:ef:e7:c5:aa:a1:
         ab:05:09:0e:cf:a8:84:f6:71:fd:26:53:8c:87:fd:05:e3:b5:
         51:a1:80:e5:95:f3:6b:ef:0f:47:28:ca:1a:b0:22:b1:ce:ee:
         22:74:d9:03:3e:d1:3e:29:51:0e:b8:8a:e7:77:d5:a0:9b:41:
         bc:de:a8:12:5c:78:b6:de:87:73:92:49:90:ab:be:49:4c:fb:
         e5:e7:8f:08:ae:c5:99:28:6f:c9:47:98:74:fb:9d:53:ec:03:
         12:9c:e9:06:f2:7a:22:01:bf:0e:e1:32:ac:71:e9:bb:cc:10:
         61:9c:c4:ad:19:71:84:fc:92:a1:03:d9:4c:f4:89:fb:be:83:
         e5:c5:00:12:f1:9f:be:9d:dd:e5:f9:bd:be:fc:f9:91:a8:02:
         55:9d:67:f1:39:63:6c:24:1e:5b:8c:5f:73:c7:e8:db:39:68:
         0e:ef:01:5a:89:0c:7d:44:66:9f:1e:a3:93:26:e8:1d:c8:09:
         d6:f7:51:26
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYi+Tu2oPqWmzXH71GClP7u9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNjE1MDkwNzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmUyNWY3NGQ5YjQ3MWUwYzg3YTQzMjRlYmQ5MzRiMDVkYmNjY2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAFh+qaaVDVLrU8bGkkOZiGjamT6
fRdmx2vzxxTTNpVbVWjvNgldgQq+xT3EIixKUlD3y/CdZ7eFISWlefg9++5V+wXT
EQBtjsamwHTSiWsHhc8mGw5N5MhVFGBLEZOuFamYGCpeLiwWgXnP0UIZIHeZo8T4
C55U/iGxCAotAC1Tf8yXAInrPKIr5lo7pt7qwiaCP92o+RCsxBOKQoK7jrhKK8k1
IDzZ6OQiGKNcva/Ws6JVINBkmI08Nip27rfeRkJcBor5u2R4W/ohE2X6UppaCpUn
1h++GD0KHgIB4fEfzelOKjuHx3UvqNe9Ti6qm40StfB2A75WKg8OlghvywIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIbiX3TZtHHgyHpDJOvZNLBdvMymMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvaHVKZmRObTBjZURJZWtNazY5azBzRjI4ektZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAICOGwD
BAACOG4wDQYJKoZIhvcNAQELBQADggEBAIeAJ8pRhmk32ZCSnZeBJ4qSAxjeXwrH
DjguMuNUzmqzpAYnOYgHogHt+uIWbPZ2MqfbpZQ4VCKU3jtbdbK6/mZWQTTv58Wq
oasFCQ7PqIT2cf0mU4yH/QXjtVGhgOWV82vvD0coyhqwIrHO7iJ02QM+0T4pUQ64
iud31aCbQbzeqBJceLbeh3OSSZCrvklM++XnjwiuxZkob8lHmHT7nVPsAxKc6Qby
eiIBvw7hMqxx6bvMEGGcxK0ZcYT8kqED2Uz0ifu+g+XFABLxn76d3eX5vb78+ZGo
AlWdZ/E5Y2wkHluMX3PH6Ns5aA7vAVqJDH1EZp8eo5Mm6B3ICdb3USY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org