Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/yYMwS22mvP4Huv5jarcSmEeXGOk.roa
File:                     yYMwS22mvP4Huv5jarcSmEeXGOk.roa (raw, json)
Hash identifier:          hsFS9GEe/lQnf4Yb2fTFDm7M0D8XkmZ7MJLAM/OtGfs=
Subject key identifier:   C9:83:30:4B:6D:A6:BC:FE:07:BA:FE:63:6A:B7:12:98:47:97:18:E9
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0188CB6885B4C7D65D3FB54061EFA895CF97
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/yYMwS22mvP4Huv5jarcSmEeXGOk.roa
Signing time:             Sat 17 Jun 2023 22:10:04 +0000
ROA not before:           Sat 17 Jun 2023 22:10:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49999
IP address blocks:        163.5.175.0/24 maxlen: 24
                          163.5.91.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 02 Aug 2023 13:53:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:cb:68:85:b4:c7:d6:5d:3f:b5:40:61:ef:a8:95:cf:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jun 17 22:10:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c983304b6da6bcfe07bafe636ab71298479718e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:e7:52:93:c3:22:08:8a:96:fa:46:09:24:3a:
                    af:30:16:83:b7:d9:33:c9:bc:dd:68:26:f6:4c:8a:
                    1f:40:2e:d7:58:6d:61:0d:77:ce:f7:90:96:5f:10:
                    48:53:39:dd:8e:53:b7:a4:80:99:e7:94:e6:8c:6c:
                    a5:f2:ce:05:90:8a:d7:8d:ff:3d:ae:13:4d:34:58:
                    ac:b3:44:e6:e6:a0:7a:60:55:dc:08:42:a2:2a:9e:
                    68:41:17:2c:f0:5a:49:45:e2:bb:76:3c:70:26:e0:
                    f3:61:4a:60:79:60:bd:d6:4a:07:cc:df:d9:7b:2e:
                    3f:44:fe:f8:d3:5b:8b:cf:16:0e:d2:0e:e1:cd:08:
                    67:bb:d0:f8:5d:4d:98:38:db:64:f0:0a:6b:fe:0a:
                    9e:4b:87:f1:ae:d0:76:ef:73:36:50:e6:0a:9a:d6:
                    49:47:be:3f:89:f2:04:36:cd:65:84:bc:63:89:be:
                    fb:7b:76:f8:b2:65:17:90:19:a3:bb:7c:1c:a0:d4:
                    72:55:56:a5:20:64:b9:c7:3a:05:50:7a:92:74:0b:
                    b8:8f:e2:06:b7:5b:97:fb:9a:4f:3c:ef:25:0f:62:
                    86:4d:0f:c5:80:3d:ad:72:6c:b8:8f:4b:0f:59:35:
                    5b:09:66:52:db:b1:a1:27:90:ee:20:f0:52:0b:35:
                    18:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:83:30:4B:6D:A6:BC:FE:07:BA:FE:63:6A:B7:12:98:47:97:18:E9
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/yYMwS22mvP4Huv5jarcSmEeXGOk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.91.0/24
                  163.5.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:13:56:b7:9f:81:cd:53:ae:27:5f:73:a2:a8:e1:7e:c5:8a:
         25:d0:c5:6e:77:c8:ab:a5:68:77:97:f9:fb:5c:83:d7:76:61:
         4f:a6:d8:19:56:54:d6:98:2e:3d:79:21:f9:05:fe:c7:6a:61:
         df:f5:b5:47:8d:9b:93:97:f1:20:51:51:75:74:5b:9e:40:ec:
         72:37:0f:cd:32:eb:3d:4c:80:39:0b:9d:b8:86:d5:14:ab:ea:
         97:03:c5:53:b4:97:d9:a2:6b:7a:cd:3f:db:8b:d0:a8:3e:0b:
         fb:80:ff:ac:3b:40:0b:39:fd:8d:38:b9:fa:fc:3c:54:ac:cd:
         e4:e0:be:35:36:51:ed:63:99:08:54:07:39:cd:dc:1b:e3:36:
         6e:19:44:13:50:c6:c4:3d:36:76:8d:c4:b0:56:27:22:e0:a1:
         2a:b9:ac:48:f1:3e:6c:28:f9:72:be:14:12:37:77:d8:0a:d6:
         77:3c:44:22:58:55:5a:7a:ef:fb:d4:01:9a:8e:e8:6e:c9:c2:
         76:c3:82:c3:52:97:b7:f1:c1:e1:1d:32:31:66:59:a7:a6:3f:
         88:5d:9e:d0:5a:43:54:1a:04:df:e7:16:5a:16:3e:89:4a:38:
         41:bf:71:6e:45:1b:2a:77:21:44:02:c0:fa:77:c6:23:1f:81:
         6e:ec:6c:10
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYjLaIW0x9ZdP7VAYe+olc+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNjE3MjIxMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTgzMzA0YjZkYTZiY2ZlMDdiYWZlNjM2YWI3MTI5ODQ3OTcxOGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+dSk8MiCIqW+kYJJDqvMBaDt9kz
ybzdaCb2TIofQC7XWG1hDXfO95CWXxBIUzndjlO3pICZ55TmjGyl8s4FkIrXjf89
rhNNNFiss0Tm5qB6YFXcCEKiKp5oQRcs8FpJReK7djxwJuDzYUpgeWC91koHzN/Z
ey4/RP7401uLzxYO0g7hzQhnu9D4XU2YONtk8Apr/gqeS4fxrtB273M2UOYKmtZJ
R74/ifIENs1lhLxjib77e3b4smUXkBmju3wcoNRyVValIGS5xzoFUHqSdAu4j+IG
t1uX+5pPPO8lD2KGTQ/FgD2tcmy4j0sPWTVbCWZS27GhJ5DuIPBSCzUY9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMmDMEttprz+B7r+Y2q3EphHlxjpMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEveVlNd1MyMm12UDRIdXY1amFyY1NtRWVYR09rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowVbAwQA
owWvMA0GCSqGSIb3DQEBCwUAA4IBAQA5E1a3n4HNU64nX3OiqOF+xYol0MVud8ir
pWh3l/n7XIPXdmFPptgZVlTWmC49eSH5Bf7HamHf9bVHjZuTl/EgUVF1dFueQOxy
Nw/NMus9TIA5C524htUUq+qXA8VTtJfZomt6zT/bi9CoPgv7gP+sO0ALOf2NOLn6
/DxUrM3k4L41NlHtY5kIVAc5zdwb4zZuGUQTUMbEPTZ2jcSwVici4KEquaxI8T5s
KPlyvhQSN3fYCtZ3PEQiWFVaeu/71AGajuhuycJ2w4LDUpe38cHhHTIxZlmnpj+I
XZ7QWkNUGgTf5xZaFj6JSjhBv3FuRRsqdyFEAsD6d8YjH4Fu7GwQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:09 2024 by rpki-client on console-fra.rpki-client.org