Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/37109d-1337-4b2d-bc1b-48dc88b56020/1/piygp2rZKPxPbwPRNRBQOCILnZQ.roa
File:                     piygp2rZKPxPbwPRNRBQOCILnZQ.roa (raw, json)
Hash identifier:          HkwIkTpZi5HIxLILef7bVGIXlloJpieFQysj7v/0Lxw=
Subject key identifier:   A6:2C:A0:A7:6A:D9:28:FC:4F:6F:03:D1:35:10:50:38:22:0B:9D:94
Certificate issuer:       /CN=08d79d20d76a9ddb075b94f9f00052ab218276b7
Certificate serial:       018CC56E162BC552A2CDF29EBB9B88BC39D8
Authority key identifier: 08:D7:9D:20:D7:6A:9D:DB:07:5B:94:F9:F0:00:52:AB:21:82:76:B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CNedINdqndsHW5T58ABSqyGCdrc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/37109d-1337-4b2d-bc1b-48dc88b56020/1/piygp2rZKPxPbwPRNRBQOCILnZQ.roa
Signing time:             Mon 01 Jan 2024 14:29:35 +0000
ROA not before:           Mon 01 Jan 2024 14:29:35 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8831
IP address blocks:        62.108.64.0/22 maxlen: 24
                          62.108.64.0/21 maxlen: 21
                          62.108.68.0/22 maxlen: 24
                          62.108.72.0/22 maxlen: 24
                          62.108.88.0/21 maxlen: 21
                          62.108.88.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Wed 03 Jul 2024 13:09:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:16:2b:c5:52:a2:cd:f2:9e:bb:9b:88:bc:39:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08d79d20d76a9ddb075b94f9f00052ab218276b7
        Validity
            Not Before: Jan  1 14:29:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a62ca0a76ad928fc4f6f03d135105038220b9d94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:e7:f7:dc:e0:1c:1d:33:cd:98:04:b7:11:0b:
                    6b:09:c2:1d:86:82:4d:ca:c7:e2:79:df:01:9f:bb:
                    42:88:3c:01:17:29:6f:92:ee:4e:bf:5c:61:9d:df:
                    6a:49:36:17:7f:3a:0e:6e:e3:57:98:45:f4:10:62:
                    8d:06:f8:8e:d0:2d:a7:9e:19:38:ac:dc:8d:41:aa:
                    1c:0f:00:43:2e:ee:2e:df:10:a1:df:70:89:c8:b4:
                    fd:00:dd:15:15:cb:fa:50:c6:f6:16:9a:0d:cb:46:
                    ae:ce:24:57:3a:48:00:46:59:13:30:e5:2e:d6:65:
                    78:03:5f:f9:9d:0f:b4:ca:86:ce:b6:df:4b:d3:3d:
                    55:45:75:90:db:72:81:4c:95:f1:98:f1:4d:93:52:
                    03:f7:fb:3a:bc:eb:ce:83:be:04:f9:b4:93:70:e4:
                    3c:21:fb:75:f4:e5:43:14:59:cb:14:43:23:ca:db:
                    50:bf:f6:b9:36:6e:74:45:ad:51:1e:a7:01:78:a2:
                    a1:40:65:14:49:7d:8e:27:61:2b:9c:05:d4:81:0f:
                    24:bb:d1:11:18:9b:6b:78:bf:7f:af:2b:f0:50:38:
                    d4:16:ae:de:e8:da:6d:b5:57:d6:85:01:6c:f0:4e:
                    35:ca:8b:d9:f7:55:f7:0a:0a:82:56:11:f1:ea:dd:
                    a7:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:2C:A0:A7:6A:D9:28:FC:4F:6F:03:D1:35:10:50:38:22:0B:9D:94
            X509v3 Authority Key Identifier:
                keyid:08:D7:9D:20:D7:6A:9D:DB:07:5B:94:F9:F0:00:52:AB:21:82:76:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNedINdqndsHW5T58ABSqyGCdrc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/37109d-1337-4b2d-bc1b-48dc88b56020/1/piygp2rZKPxPbwPRNRBQOCILnZQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/37109d-1337-4b2d-bc1b-48dc88b56020/1/CNedINdqndsHW5T58ABSqyGCdrc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.108.64.0-62.108.75.255
                  62.108.88.0/21

    Signature Algorithm: sha256WithRSAEncryption
         9a:d5:25:95:93:f6:dd:93:3c:56:a2:c3:ef:47:90:25:de:24:
         3c:c4:89:d1:ea:74:0b:60:06:f9:68:c8:f6:13:f6:00:69:20:
         bb:cf:92:82:f2:02:23:d9:17:af:bb:23:fc:dd:fc:85:23:f6:
         89:2d:d6:57:bf:a2:fa:10:42:46:bf:03:bb:bd:44:b8:b4:e5:
         3c:92:1a:b2:5b:d4:1e:30:f0:bf:96:7b:b7:ed:a2:15:27:91:
         46:b9:77:85:33:ad:d0:80:a5:3f:ea:a2:95:34:27:3b:96:2d:
         64:4a:cc:b2:56:f5:12:8f:c9:87:cc:f3:93:12:c5:d2:ad:1f:
         36:6b:46:89:99:48:b3:93:4a:26:42:20:07:33:ad:19:b8:57:
         dc:a5:63:b9:a8:f9:40:f2:18:a6:38:27:9a:bd:9e:58:c4:b9:
         6b:a0:38:31:32:c3:46:88:0a:3f:7a:48:50:22:d1:d3:b4:b4:
         6d:c9:f3:dc:dd:f7:91:6e:d1:d4:e3:a0:ac:79:ac:54:b3:b3:
         78:ea:94:ef:e1:76:b4:89:61:12:46:61:5d:52:ed:03:43:23:
         c0:72:70:d2:4e:f6:69:06:f5:00:20:84:3b:29:4d:5f:6f:81:
         8e:a4:d0:17:b4:e8:a2:41:31:ad:5d:97:59:ca:d0:83:df:c3:
         a1:ce:1e:b2
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzFbhYrxVKizfKeu5uIvDnYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZDc5ZDIwZDc2YTlkZGIwNzViOTRmOWYwMDA1MmFiMjE4
Mjc2YjcwHhcNMjQwMTAxMTQyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjJjYTBhNzZhZDkyOGZjNGY2ZjAzZDEzNTEwNTAzODIyMGI5ZDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAief33OAcHTPNmAS3EQtrCcIdhoJN
ysfied8Bn7tCiDwBFylvku5Ov1xhnd9qSTYXfzoObuNXmEX0EGKNBviO0C2nnhk4
rNyNQaocDwBDLu4u3xCh33CJyLT9AN0VFcv6UMb2FpoNy0auziRXOkgARlkTMOUu
1mV4A1/5nQ+0yobOtt9L0z1VRXWQ23KBTJXxmPFNk1ID9/s6vOvOg74E+bSTcOQ8
Ift19OVDFFnLFEMjyttQv/a5Nm50Ra1RHqcBeKKhQGUUSX2OJ2ErnAXUgQ8ku9ER
GJtreL9/ryvwUDjUFq7e6NpttVfWhQFs8E41yovZ91X3CgqCVhHx6t2nOQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKYsoKdq2Sj8T28D0TUQUDgiC52UMB8GA1UdIwQY
MBaAFAjXnSDXap3bB1uU+fAAUqshgna3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ05lZElOZHFuZHNIVzVUNThBQlNxeUdDZHJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8zNzEwOWQtMTMzNy00YjJkLWJjMWIt
NDhkYzg4YjU2MDIwLzEvcGl5Z3AyclpLUHhQYndQUk5SQlFPQ0lMblpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8zNzEwOWQtMTMzNy00YjJkLWJjMWItNDhkYzg4YjU2MDIw
LzEvQ05lZElOZHFuZHNIVzVUNThBQlNxeUdDZHJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAY+bEAD
BAI+bEgDBAM+bFgwDQYJKoZIhvcNAQELBQADggEBAJrVJZWT9t2TPFaiw+9HkCXe
JDzEidHqdAtgBvloyPYT9gBpILvPkoLyAiPZF6+7I/zd/IUj9okt1le/ovoQQka/
A7u9RLi05TySGrJb1B4w8L+We7ftohUnkUa5d4UzrdCApT/qopU0JzuWLWRKzLJW
9RKPyYfM85MSxdKtHzZrRomZSLOTSiZCIAczrRm4V9ylY7mo+UDyGKY4J5q9nljE
uWugODEyw0aICj96SFAi0dO0tG3J89zd95Fu0dTjoKx5rFSzs3jqlO/hdrSJYRJG
YV1S7QNDI8BycNJO9mkG9QAghDspTV9vgY6k0Be06KJBMa1dl1nK0IPfw6HOHrI=
-----END CERTIFICATE-----
Generated at Wed Jul 3 16:42:01 2024 by rpki-client on console-ams.rpki-client.org