Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/y5mV85UYRqm93jdka6BbfxQi0FI.roa
File:                     y5mV85UYRqm93jdka6BbfxQi0FI.roa (raw, json)
Hash identifier:          hON7lJtjNMmtb03A/bw1tDSEqfo8bw/MG8sA7LE+0ng=
Subject key identifier:   CB:99:95:F3:95:18:46:A9:BD:DE:37:64:6B:A0:5B:7F:14:22:D0:52
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018D13D7F5A62591AF6126A917DB5B07C060
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/y5mV85UYRqm93jdka6BbfxQi0FI.roa
Signing time:             Tue 16 Jan 2024 19:55:36 +0000
ROA not before:           Tue 16 Jan 2024 19:55:36 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     58061
IP address blocks:        2.56.243.0/24 maxlen: 24
                          193.47.41.0/24 maxlen: 24
                          194.147.88.0/24 maxlen: 24
                          194.156.94.0/24 maxlen: 24
                          194.169.86.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 25 Apr 2024 13:14:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:13:d7:f5:a6:25:91:af:61:26:a9:17:db:5b:07:c0:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jan 16 19:55:36 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cb9995f3951846a9bdde37646ba05b7f1422d052
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:48:bf:1f:da:c1:24:cd:80:af:84:aa:56:5d:
                    c9:2c:27:ec:b1:07:53:24:51:bd:87:ee:57:16:b9:
                    f0:fb:95:1b:dc:9a:06:0c:39:a6:fb:a3:bd:20:c8:
                    91:9b:6d:eb:71:c4:66:19:ed:95:b0:a0:f5:f3:dd:
                    d4:15:d5:f7:ab:e8:af:61:1e:83:f3:09:f4:ae:d7:
                    24:89:ee:b5:05:ee:63:0e:fc:98:19:8d:6b:1f:c4:
                    9a:58:ad:83:7e:5e:9e:df:c4:90:12:8f:a6:e5:0a:
                    20:ef:66:34:68:c0:29:be:57:97:24:23:8b:06:92:
                    9f:14:e7:11:c7:37:d3:77:ce:2b:37:d2:fa:90:d9:
                    d7:3d:cb:24:21:c4:93:e3:9c:d2:8b:c7:c1:dd:97:
                    15:dc:89:e5:27:3c:df:3a:af:e3:4d:31:7c:be:82:
                    6c:c8:d4:8f:26:91:90:50:e9:61:48:a0:94:2c:bf:
                    d4:d2:9d:fd:85:59:68:74:d5:60:d7:76:15:94:a1:
                    6d:e7:6c:96:c7:0b:aa:fc:50:ad:e8:71:d1:06:de:
                    08:4c:fc:cb:78:71:32:05:fb:18:84:6e:e4:52:29:
                    4d:d2:51:46:04:06:44:8d:48:e2:1a:d0:5e:a9:91:
                    48:fc:fb:e8:c6:ef:e3:68:19:58:e2:f7:3d:2d:8d:
                    9e:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:99:95:F3:95:18:46:A9:BD:DE:37:64:6B:A0:5B:7F:14:22:D0:52
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/y5mV85UYRqm93jdka6BbfxQi0FI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.243.0/24
                  193.47.41.0/24
                  194.147.88.0/24
                  194.156.94.0/24
                  194.169.86.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:4c:d1:dd:aa:78:81:cf:9e:c6:66:25:62:6c:3a:8f:66:44:
         b3:89:33:81:07:bf:87:93:68:e2:86:51:52:d3:e4:e0:78:d1:
         91:40:56:7f:26:e7:36:08:a8:24:b9:6e:25:99:49:dd:02:e1:
         08:1e:72:4b:76:8f:8f:e5:ba:80:3b:49:34:e1:c5:a4:ff:94:
         9e:21:ad:59:e3:fd:a1:bd:e4:30:f5:c1:b7:e0:60:6e:50:88:
         59:24:cc:b7:51:e9:ea:54:e0:33:e4:3e:79:9a:6f:b4:bc:db:
         a3:be:4a:b2:41:bf:22:bc:73:fb:e0:07:0c:5e:56:7a:30:05:
         5c:c6:4a:5a:c2:15:40:56:3e:4a:96:40:fb:15:25:cc:04:0a:
         15:0d:78:47:fa:74:56:38:55:41:c3:be:9b:2f:be:48:6a:05:
         03:8a:57:bb:a3:c4:72:ef:e9:8c:38:90:72:f9:18:3b:48:b0:
         c1:09:e8:ae:6b:13:d0:eb:95:d5:63:ea:fc:79:c6:b8:b1:bc:
         e3:7c:86:c2:b2:6e:bd:11:b0:e9:30:75:26:02:b6:c8:33:c8:
         cb:ce:06:87:b8:e9:45:42:4b:5d:84:47:51:e4:0f:53:a9:d4:
         0e:d5:f6:e8:34:da:e2:6f:36:23:cf:95:a5:9d:be:fe:93:49:
         74:23:5c:8f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY0T1/WmJZGvYSapF9tbB8BgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMTE2MTk1NTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjk5OTVmMzk1MTg0NmE5YmRkZTM3NjQ2YmEwNWI3ZjE0MjJkMDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkki/H9rBJM2Ar4SqVl3JLCfssQdT
JFG9h+5XFrnw+5Ub3JoGDDmm+6O9IMiRm23rccRmGe2VsKD1893UFdX3q+ivYR6D
8wn0rtckie61Be5jDvyYGY1rH8SaWK2Dfl6e38SQEo+m5Qog72Y0aMApvleXJCOL
BpKfFOcRxzfTd84rN9L6kNnXPcskIcST45zSi8fB3ZcV3InlJzzfOq/jTTF8voJs
yNSPJpGQUOlhSKCULL/U0p39hVlodNVg13YVlKFt52yWxwuq/FCt6HHRBt4ITPzL
eHEyBfsYhG7kUilN0lFGBAZEjUjiGtBeqZFI/Pvoxu/jaBlY4vc9LY2ecQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMuZlfOVGEapvd43ZGugW38UItBSMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEveTVtVjg1VVlScW05M2pka2E2QmJmeFFpMEZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjjzAwQA
wS8pAwQAwpNYAwQAwpxeAwQAwqlWMA0GCSqGSIb3DQEBCwUAA4IBAQCETNHdqniB
z57GZiVibDqPZkSziTOBB7+Hk2jihlFS0+TgeNGRQFZ/Juc2CKgkuW4lmUndAuEI
HnJLdo+P5bqAO0k04cWk/5SeIa1Z4/2hveQw9cG34GBuUIhZJMy3UenqVOAz5D55
mm+0vNujvkqyQb8ivHP74AcMXlZ6MAVcxkpawhVAVj5KlkD7FSXMBAoVDXhH+nRW
OFVBw76bL75IagUDile7o8Ry7+mMOJBy+Rg7SLDBCeiuaxPQ65XVY+r8eca4sbzj
fIbCsm69EbDpMHUmArbIM8jLzgaHuOlFQktdhEdR5A9TqdQO1fboNNribzYjz5Wl
nb7+k0l0I1yP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org