Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/omXKf2zx9D0iCRpAbYUqvhmdRcs.roa
File:                     omXKf2zx9D0iCRpAbYUqvhmdRcs.roa (raw, json)
Hash identifier:          MGPpbaEWYTB6aTY/WRTFbDJBTgc1DdGly/ZrvqUKsNE=
Subject key identifier:   A2:65:CA:7F:6C:F1:F4:3D:22:09:1A:40:6D:85:2A:BE:19:9D:45:CB
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018F80FB01D9368DCE0DC735BA41D344C7AA
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/omXKf2zx9D0iCRpAbYUqvhmdRcs.roa
Signing time:             Thu 16 May 2024 10:38:04 +0000
ROA not before:           Thu 16 May 2024 10:38:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     199912
IP address blocks:        163.5.211.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 24 May 2024 20:24:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:80:fb:01:d9:36:8d:ce:0d:c7:35:ba:41:d3:44:c7:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: May 16 10:38:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a265ca7f6cf1f43d22091a406d852abe199d45cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:92:25:68:28:6d:b5:1f:7b:c3:31:4b:e6:82:
                    4b:c3:0c:ee:7b:f1:4d:3c:9f:80:4f:01:68:9b:51:
                    00:c4:d6:ed:6a:19:1b:39:62:6a:1d:eb:34:49:89:
                    b4:c3:be:1e:48:9e:14:bf:94:d5:7a:85:21:d0:78:
                    b2:34:32:23:8c:f6:03:2d:49:a0:cb:27:a2:8b:a6:
                    d1:04:f6:fe:48:4e:15:a8:90:ae:6b:96:0b:ae:38:
                    fd:70:ba:d5:0a:64:6a:54:16:a2:ae:e4:7c:25:e2:
                    91:32:19:a5:73:f3:fb:6c:26:0e:b5:61:3c:2e:96:
                    26:2f:b2:cb:5e:78:d8:d4:2a:79:11:c8:31:ed:16:
                    99:1d:e4:66:c3:41:5c:9a:b9:ff:25:a7:f6:65:37:
                    c9:65:a2:25:8c:79:d2:ff:48:ad:c5:52:a3:3d:3f:
                    2f:6e:b9:33:bd:9b:5b:c0:6b:66:39:65:7a:ff:86:
                    90:f7:22:7c:12:3d:e4:31:43:9a:82:18:37:9e:6e:
                    d4:94:1c:22:9a:e7:a9:38:f6:ba:c8:bc:df:99:c4:
                    74:32:0d:91:f6:43:b4:ac:38:9e:25:68:18:d4:06:
                    02:8b:7c:e8:7d:e6:5c:40:18:83:1b:16:61:71:a9:
                    3d:2a:cc:82:ff:eb:ca:41:14:2c:af:14:ea:11:70:
                    6d:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:65:CA:7F:6C:F1:F4:3D:22:09:1A:40:6D:85:2A:BE:19:9D:45:CB
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/omXKf2zx9D0iCRpAbYUqvhmdRcs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:1e:a5:c6:b8:ef:16:0f:30:ba:95:d6:38:23:9f:f9:dd:7e:
         7f:e3:42:74:8b:b9:de:e4:99:28:da:f5:26:c4:8e:5c:59:54:
         60:2f:17:1d:ff:c8:c8:3f:d8:eb:bb:49:3c:05:65:1a:68:f5:
         00:75:50:9c:88:d1:0c:72:80:e9:d8:c3:32:19:9b:92:2e:82:
         4f:35:9a:c3:8d:38:7a:b5:cf:2e:34:2b:25:bc:0d:1e:a0:af:
         6e:3b:9c:db:f3:af:d6:6f:d5:f6:45:00:49:56:fe:f9:a1:97:
         4f:f9:2c:6e:b6:c6:6c:e1:85:c1:ee:8e:b0:6b:ff:83:19:15:
         02:e8:39:ab:10:36:97:cc:23:16:cd:46:bd:94:2a:e5:21:c7:
         b0:cd:01:cf:e2:14:2f:09:0a:3c:52:c5:c6:80:0e:8b:93:12:
         e9:61:92:e6:78:37:89:93:94:a8:b3:15:bd:31:fa:cc:f7:19:
         14:e4:0f:58:96:f6:29:14:1a:2b:4b:a2:5d:47:ef:67:e6:80:
         34:0b:40:11:75:69:89:d9:eb:e6:61:33:fa:40:60:3c:49:fe:
         ac:aa:a7:a1:14:19:65:0c:d9:5e:14:9c:49:ce:ff:7a:8a:3b:
         5d:93:d2:1e:c6:a3:7d:4b:e7:6a:88:1b:8d:3d:5c:01:97:bf:
         57:58:f1:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+A+wHZNo3ODcc1ukHTRMeqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNTE2MTAzODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjY1Y2E3ZjZjZjFmNDNkMjIwOTFhNDA2ZDg1MmFiZTE5OWQ0NWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8JIlaChttR97wzFL5oJLwwzue/FN
PJ+ATwFom1EAxNbtahkbOWJqHes0SYm0w74eSJ4Uv5TVeoUh0HiyNDIjjPYDLUmg
yyeii6bRBPb+SE4VqJCua5YLrjj9cLrVCmRqVBairuR8JeKRMhmlc/P7bCYOtWE8
LpYmL7LLXnjY1Cp5Ecgx7RaZHeRmw0Fcmrn/Jaf2ZTfJZaIljHnS/0itxVKjPT8v
brkzvZtbwGtmOWV6/4aQ9yJ8Ej3kMUOaghg3nm7UlBwimuepOPa6yLzfmcR0Mg2R
9kO0rDieJWgY1AYCi3zofeZcQBiDGxZhcak9KsyC/+vKQRQsrxTqEXBtIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKJlyn9s8fQ9IgkaQG2FKr4ZnUXLMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvb21YS2Yyeng5RDBpQ1JwQWJZVXF2aG1kUmNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXTMA0G
CSqGSIb3DQEBCwUAA4IBAQCYHqXGuO8WDzC6ldY4I5/53X5/40J0i7ne5Jko2vUm
xI5cWVRgLxcd/8jIP9jru0k8BWUaaPUAdVCciNEMcoDp2MMyGZuSLoJPNZrDjTh6
tc8uNCslvA0eoK9uO5zb86/Wb9X2RQBJVv75oZdP+SxutsZs4YXB7o6wa/+DGRUC
6DmrEDaXzCMWzUa9lCrlIcewzQHP4hQvCQo8UsXGgA6LkxLpYZLmeDeJk5SosxW9
MfrM9xkU5A9YlvYpFBorS6JdR+9n5oA0C0ARdWmJ2evmYTP6QGA8Sf6sqqehFBll
DNleFJxJzv96ijtdk9IexqN9S+dqiBuNPVwBl79XWPHU
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:35 2024 by rpki-client on console-ams.rpki-client.org