Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/5P1406kar5bWUBZ6brh9e2W1nYc.roa
File:                     5P1406kar5bWUBZ6brh9e2W1nYc.roa (raw, json)
Hash identifier:          ejUa8bZE+RQAwbYvWhXTt+5G3JuciAL5puy/Z7UTDWI=
Subject key identifier:   E4:FD:78:D3:A9:1A:AF:96:D6:50:16:7A:6E:B8:7D:7B:65:B5:9D:87
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018B6FB8FCE7EDADEC52620253539E4BA30F
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/5P1406kar5bWUBZ6brh9e2W1nYc.roa
Signing time:             Fri 27 Oct 2023 06:01:16 +0000
ROA not before:           Fri 27 Oct 2023 06:01:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199058
IP address blocks:        163.5.207.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:6f:b8:fc:e7:ed:ad:ec:52:62:02:53:53:9e:4b:a3:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Oct 27 06:01:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e4fd78d3a91aaf96d650167a6eb87d7b65b59d87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:68:4e:22:cc:e5:79:9c:41:b1:b1:ef:25:e6:
                    76:80:5c:b9:98:5d:91:98:19:ec:10:7b:e5:e0:e3:
                    90:41:65:75:90:bb:ff:c1:0d:ff:9e:cf:8f:22:ec:
                    71:5f:08:ee:c6:9f:e4:c6:09:61:05:f5:71:da:cd:
                    89:5a:bb:99:bc:b4:cf:dc:3a:aa:2c:53:03:2a:cb:
                    d1:9e:38:1a:d8:6b:33:bc:34:b7:3f:60:d1:29:fc:
                    a1:31:53:80:f0:9a:7d:76:da:95:9b:1b:5a:af:02:
                    24:03:2c:76:9a:e1:e2:e6:af:b3:3c:a0:35:34:85:
                    3b:e6:e4:4a:18:6a:99:a7:31:90:8d:1b:35:e0:86:
                    8a:b4:77:90:25:67:91:d1:18:56:c2:87:8a:ec:34:
                    a9:aa:59:fc:b9:e6:0d:79:b7:a5:43:96:57:e7:0d:
                    19:bc:0c:9e:2c:5c:d5:1b:93:48:16:67:7c:6c:4d:
                    29:8a:8c:7a:04:24:2c:fd:2d:db:17:6d:28:78:86:
                    c4:7f:3a:23:ec:b5:62:31:7e:55:2c:91:96:15:36:
                    5f:4a:0e:72:eb:5e:b5:58:ea:e4:f0:56:df:90:31:
                    a8:ef:bc:39:c3:3e:a5:71:70:5b:7e:9a:b8:14:1f:
                    69:61:83:af:21:fc:35:69:8a:20:4a:44:57:c6:e6:
                    ec:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:FD:78:D3:A9:1A:AF:96:D6:50:16:7A:6E:B8:7D:7B:65:B5:9D:87
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/5P1406kar5bWUBZ6brh9e2W1nYc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.207.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:05:5f:bf:b6:0f:f2:9e:a8:fc:21:a6:69:5e:7e:b0:92:9b:
         28:ea:14:8b:45:96:a3:00:ca:28:88:6b:c2:46:8e:1b:b4:ba:
         c6:d3:75:86:45:3d:f4:7d:c1:d8:0d:99:7d:10:7d:98:8c:2f:
         3b:71:5f:c0:c5:c3:aa:7b:cb:29:10:d6:87:2e:11:3c:83:f9:
         a1:35:22:b8:d0:31:1c:e0:cf:34:e7:26:ec:ab:b7:69:a3:42:
         93:07:41:5d:40:02:f8:4e:09:47:4c:71:f1:43:b4:16:6c:ec:
         a6:e2:91:dc:c8:08:66:5f:af:80:18:8e:4d:77:3b:25:ac:71:
         e9:be:2a:1b:b9:8b:9b:97:db:52:cf:b9:b7:d8:0e:c0:44:81:
         14:51:26:df:f6:a1:66:f8:70:28:57:f5:e7:ed:df:37:cb:29:
         1a:fa:58:2d:ee:f6:8f:f8:76:75:b4:24:f4:06:55:e4:90:1f:
         4f:9e:f6:17:0e:54:a9:59:e1:0d:c5:f2:d2:11:94:78:91:da:
         c8:a5:69:ad:9f:28:21:a3:45:9d:3f:3b:49:f9:1c:5e:b3:d5:
         eb:c9:50:2b:a2:d7:17:26:b0:74:87:e4:8e:58:0e:80:01:28:
         84:5e:11:e5:38:b3:f5:06:dc:98:1e:14:34:04:db:7c:2e:fe:
         e0:ae:d6:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtvuPzn7a3sUmICU1OeS6MPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMDI3MDYwMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGZkNzhkM2E5MWFhZjk2ZDY1MDE2N2E2ZWI4N2Q3YjY1YjU5ZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mhOIszleZxBsbHvJeZ2gFy5mF2R
mBnsEHvl4OOQQWV1kLv/wQ3/ns+PIuxxXwjuxp/kxglhBfVx2s2JWruZvLTP3Dqq
LFMDKsvRnjga2GszvDS3P2DRKfyhMVOA8Jp9dtqVmxtarwIkAyx2muHi5q+zPKA1
NIU75uRKGGqZpzGQjRs14IaKtHeQJWeR0RhWwoeK7DSpqln8ueYNebelQ5ZX5w0Z
vAyeLFzVG5NIFmd8bE0piox6BCQs/S3bF20oeIbEfzoj7LViMX5VLJGWFTZfSg5y
6161WOrk8FbfkDGo77w5wz6lcXBbfpq4FB9pYYOvIfw1aYogSkRXxubsDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOT9eNOpGq+W1lAWem64fXtltZ2HMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNVAxNDA2a2FyNWJXVUJaNmJyaDllMlcxblljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXPMA0G
CSqGSIb3DQEBCwUAA4IBAQAQBV+/tg/ynqj8IaZpXn6wkpso6hSLRZajAMooiGvC
Ro4btLrG03WGRT30fcHYDZl9EH2YjC87cV/AxcOqe8spENaHLhE8g/mhNSK40DEc
4M805ybsq7dpo0KTB0FdQAL4TglHTHHxQ7QWbOym4pHcyAhmX6+AGI5NdzslrHHp
viobuYubl9tSz7m32A7ARIEUUSbf9qFm+HAoV/Xn7d83yyka+lgt7vaP+HZ1tCT0
BlXkkB9PnvYXDlSpWeENxfLSEZR4kdrIpWmtnygho0WdPztJ+Rxes9XryVArotcX
JrB0h+SOWA6AASiEXhHlOLP1BtyYHhQ0BNt8Lv7grtYF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:03 2024 by rpki-client on console-fra.rpki-client.org