Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/56bFlF5C9UicLmrRCc4IXPCEsDY.roa
File:                     56bFlF5C9UicLmrRCc4IXPCEsDY.roa (raw, json)
Hash identifier:          KlXuPM6NnxhMdMZSgIPvnvpEpD0q6eTLKqPJNh4Aqgs=
Subject key identifier:   E7:A6:C5:94:5E:42:F5:48:9C:2E:6A:D1:09:CE:08:5C:F0:84:B0:36
Certificate issuer:       /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial:       018571F103B42E751CF82CEB4A8B3CDFD91B
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/56bFlF5C9UicLmrRCc4IXPCEsDY.roa
Signing time:             Mon 02 Jan 2023 10:04:58 +0000
ROA not before:           Mon 02 Jan 2023 10:04:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203499
IP address blocks:        5.154.98.0/24 maxlen: 24
                          151.237.198.0/24 maxlen: 24
                          109.167.46.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:f1:03:b4:2e:75:1c:f8:2c:eb:4a:8b:3c:df:d9:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
        Validity
            Not Before: Jan  2 10:04:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e7a6c5945e42f5489c2e6ad109ce085cf084b036
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:8d:87:2b:c7:be:ac:57:6b:0e:1d:bc:69:9b:
                    bf:af:1c:c1:79:ca:ac:47:6a:dd:f7:1c:59:32:ba:
                    60:3e:d3:b8:33:6a:dd:48:47:0b:d4:a3:82:ee:0a:
                    87:5a:6e:6f:a6:17:fe:26:47:1e:d2:7f:01:49:01:
                    54:6d:08:1e:71:05:36:51:2c:39:8c:db:a8:e2:83:
                    6f:0a:20:31:51:41:0b:92:57:82:8f:71:56:26:02:
                    78:28:15:cc:55:57:c8:be:26:5c:ed:24:a5:ea:e2:
                    53:6c:e4:8d:bd:55:a1:c8:89:91:f2:ee:c9:ed:da:
                    c1:1d:dd:13:8f:ca:f8:75:11:d2:b7:07:23:c7:c9:
                    53:cb:71:5d:01:fe:52:d4:9d:e5:ef:f4:cd:20:96:
                    cf:6b:a3:92:53:a7:af:d3:03:0a:e0:3a:78:9f:db:
                    f9:f7:f8:a3:8e:f0:f6:e1:e4:4e:34:c7:78:f4:ef:
                    02:06:4f:86:b2:c3:2f:44:f1:a4:b4:54:7b:62:f4:
                    00:4e:ee:e4:28:92:d9:65:6f:9f:c0:65:fa:d1:d1:
                    7a:f3:98:28:54:b8:a6:b4:eb:dd:ea:11:1f:e0:55:
                    41:65:32:0c:d5:09:76:94:07:c5:08:89:65:fd:98:
                    71:47:52:a8:73:b6:a0:12:1b:f6:67:88:3f:ab:86:
                    5e:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:A6:C5:94:5E:42:F5:48:9C:2E:6A:D1:09:CE:08:5C:F0:84:B0:36
            X509v3 Authority Key Identifier:
                keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/56bFlF5C9UicLmrRCc4IXPCEsDY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.154.98.0/24
                  109.167.46.0/24
                  151.237.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:ac:cf:02:17:06:34:f7:e9:fd:a5:d9:65:0e:34:fd:b9:ec:
         1a:b9:b4:51:a4:11:f6:63:4b:f0:dd:ee:df:65:4a:ea:d1:17:
         4f:d2:d8:64:e5:0c:5a:f5:63:60:3f:45:2d:00:e2:74:20:84:
         c4:45:62:ca:be:2c:ac:fd:4d:e6:12:98:2d:09:8e:79:a5:d6:
         04:55:d8:a1:9e:b0:36:47:d6:de:4a:92:02:cf:8f:5e:8b:d5:
         e6:74:25:33:cc:04:bb:95:37:60:77:1c:d7:ef:cc:d3:40:77:
         55:4e:3b:f2:6f:20:c4:59:e4:26:2f:24:11:de:22:68:7f:b0:
         0e:86:95:b6:46:0e:7a:0e:d2:ca:4b:27:3c:97:1f:28:87:e0:
         2a:1b:a4:f1:47:93:5d:bc:f5:29:ae:f6:3b:b7:07:c4:c8:40:
         85:5d:9f:b7:f8:f6:88:90:b9:1a:95:da:6e:f1:3a:f7:36:0c:
         23:c2:05:0e:51:02:05:42:5c:87:38:90:c0:e9:c5:5d:0a:9a:
         58:ba:48:10:94:4e:a8:03:bc:3f:76:02:1c:30:17:7e:03:f9:
         69:c8:e2:e2:a5:cd:a4:68:b4:a0:59:0c:13:da:bc:5c:65:e9:
         39:70:df:6d:7c:17:41:bb:08:a5:2e:68:c2:92:43:b3:8a:9e:
         d3:91:1e:db
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVx8QO0LnUc+CzrSos839kbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwMTAyMTAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2E2YzU5NDVlNDJmNTQ4OWMyZTZhZDEwOWNlMDg1Y2YwODRiMDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm42HK8e+rFdrDh28aZu/rxzBecqs
R2rd9xxZMrpgPtO4M2rdSEcL1KOC7gqHWm5vphf+Jkce0n8BSQFUbQgecQU2USw5
jNuo4oNvCiAxUUELkleCj3FWJgJ4KBXMVVfIviZc7SSl6uJTbOSNvVWhyImR8u7J
7drBHd0Tj8r4dRHStwcjx8lTy3FdAf5S1J3l7/TNIJbPa6OSU6ev0wMK4Dp4n9v5
9/ijjvD24eRONMd49O8CBk+GssMvRPGktFR7YvQATu7kKJLZZW+fwGX60dF685go
VLimtOvd6hEf4FVBZTIM1Ql2lAfFCIll/ZhxR1Koc7agEhv2Z4g/q4ZeAwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOemxZReQvVInC5q0QnOCFzwhLA2MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvNTZiRmxGNUM5VWljTG1yUkNjNElYUENFc0RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABZpiAwQA
bacuAwQAl+3GMA0GCSqGSIb3DQEBCwUAA4IBAQAhrM8CFwY09+n9pdllDjT9uewa
ubRRpBH2Y0vw3e7fZUrq0RdP0thk5Qxa9WNgP0UtAOJ0IITERWLKviys/U3mEpgt
CY55pdYEVdihnrA2R9beSpICz49ei9XmdCUzzAS7lTdgdxzX78zTQHdVTjvybyDE
WeQmLyQR3iJof7AOhpW2Rg56DtLKSyc8lx8oh+AqG6TxR5NdvPUprvY7twfEyECF
XZ+3+PaIkLkaldpu8Tr3NgwjwgUOUQIFQlyHOJDA6cVdCppYukgQlE6oA7w/dgIc
MBd+A/lpyOLipc2kaLSgWQwT2rxcZek5cN9tfBdBuwilLmjCkkOzip7TkR7b
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:01 2024 by rpki-client on console-ams.rpki-client.org