Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/5dk6PX5m584DkOn6mDqH78gFWo0.roa
File:                     5dk6PX5m584DkOn6mDqH78gFWo0.roa (raw, json)
Hash identifier:          fkCrtUPKry6X6iAmDgaLqruEAxeHO3A9b14GN75uwu4=
Subject key identifier:   E5:D9:3A:3D:7E:66:E7:CE:03:90:E9:FA:98:3A:87:EF:C8:05:5A:8D
Certificate issuer:       /CN=65179265803b7804d0fccf5962a8b163743e0d1e
Certificate serial:       018C396515D4D5C6DE441F1F812D96112D2A
Authority key identifier: 65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/5dk6PX5m584DkOn6mDqH78gFWo0.roa
Signing time:             Tue 05 Dec 2023 09:52:55 +0000
ROA not before:           Tue 05 Dec 2023 09:52:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     215906
IP address blocks:        160.214.111.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Dec 2023 14:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:39:65:15:d4:d5:c6:de:44:1f:1f:81:2d:96:11:2d:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65179265803b7804d0fccf5962a8b163743e0d1e
        Validity
            Not Before: Dec  5 09:52:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e5d93a3d7e66e7ce0390e9fa983a87efc8055a8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:4a:d0:66:4c:a7:f5:d2:57:92:31:5f:27:8f:
                    c2:d2:80:b0:11:1c:73:7b:14:88:d0:fc:e0:9b:41:
                    3c:7f:aa:00:73:1f:c5:24:93:9d:27:33:34:6b:49:
                    10:0a:5d:af:66:9d:14:00:ca:a4:f1:3d:c1:2a:96:
                    a2:c8:c6:30:93:60:13:8d:72:b0:39:f0:cc:56:bd:
                    f1:b2:d7:99:38:de:88:e2:3a:8c:3a:0a:1c:e8:2a:
                    c8:73:ee:79:23:53:51:e1:e8:ec:d4:23:29:9a:37:
                    b1:7a:92:74:27:40:8b:64:1c:69:97:36:49:72:98:
                    f7:b3:af:92:80:29:a9:74:e4:96:9a:c4:49:da:76:
                    a7:e4:c4:53:e5:b0:23:ce:b6:f4:41:eb:4b:a1:8b:
                    f6:79:67:2d:f6:ca:a6:f0:33:46:6f:96:f4:43:a8:
                    4d:46:5f:e2:15:df:cc:5b:b7:50:ee:3b:08:71:8a:
                    3c:2a:fd:f2:74:6e:c2:3f:33:49:74:e5:a0:28:fc:
                    14:04:af:30:2b:b4:7c:e0:02:22:c8:d8:15:28:84:
                    c2:88:91:ca:e5:1d:04:a3:3f:b4:ef:c1:0d:3c:63:
                    d0:49:52:ed:7b:e3:4b:76:f0:87:ca:70:dc:9e:c4:
                    31:b6:e6:ff:61:3a:21:47:0e:d6:8a:26:eb:00:f5:
                    74:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:D9:3A:3D:7E:66:E7:CE:03:90:E9:FA:98:3A:87:EF:C8:05:5A:8D
            X509v3 Authority Key Identifier:
                keyid:65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/5dk6PX5m584DkOn6mDqH78gFWo0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.214.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:9f:04:24:d9:7c:16:c8:7d:ce:25:21:9f:0e:68:aa:26:b8:
         e6:21:8d:2b:01:c5:7a:97:0b:87:ca:d5:ff:fa:2c:e5:67:ec:
         d0:07:69:e2:fc:42:97:fc:88:71:5b:1a:90:11:67:3c:1f:0e:
         e0:c0:c6:a3:e8:a2:82:d4:0a:22:c8:6a:1f:ac:4c:83:93:82:
         62:ff:d5:bf:d0:8d:bd:99:33:95:1c:1d:b7:46:89:24:d7:63:
         4a:01:ba:1a:2c:31:03:90:a7:76:1c:fd:40:ae:45:a7:a2:ca:
         18:06:ca:f2:06:6c:06:1f:d6:bd:33:12:1f:9c:2b:83:71:ff:
         7b:51:31:a2:79:25:3d:b1:0a:cf:3f:bd:de:0e:ce:e6:68:53:
         9b:07:df:f8:12:4d:a6:f8:91:60:7d:b6:58:18:0a:a8:8e:de:
         6e:ab:70:94:72:b7:15:3c:74:c0:32:66:7b:bd:98:d9:21:8e:
         94:a5:f9:ae:e6:6d:c5:20:28:9c:b1:f9:7a:98:0c:2e:4c:f2:
         cc:42:59:44:5d:bc:10:02:ae:f3:dd:76:43:72:38:5f:5d:52:
         e0:64:f2:30:b1:1b:4f:71:ad:ec:42:b3:66:73:4a:d3:cd:bd:
         0a:ff:0c:91:f0:ec:89:d0:c2:73:aa:f4:bf:7d:af:7d:40:98:
         e0:7d:35:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw5ZRXU1cbeRB8fgS2WES0qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTc5MjY1ODAzYjc4MDRkMGZjY2Y1OTYyYThiMTYzNzQz
ZTBkMWUwHhcNMjMxMjA1MDk1MjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWQ5M2EzZDdlNjZlN2NlMDM5MGU5ZmE5ODNhODdlZmM4MDU1YThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkrQZkyn9dJXkjFfJ4/C0oCwERxz
exSI0Pzgm0E8f6oAcx/FJJOdJzM0a0kQCl2vZp0UAMqk8T3BKpaiyMYwk2ATjXKw
OfDMVr3xsteZON6I4jqMOgoc6CrIc+55I1NR4ejs1CMpmjexepJ0J0CLZBxplzZJ
cpj3s6+SgCmpdOSWmsRJ2nan5MRT5bAjzrb0QetLoYv2eWct9sqm8DNGb5b0Q6hN
Rl/iFd/MW7dQ7jsIcYo8Kv3ydG7CPzNJdOWgKPwUBK8wK7R84AIiyNgVKITCiJHK
5R0Eoz+078ENPGPQSVLte+NLdvCHynDcnsQxtub/YTohRw7WiibrAPV0UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOXZOj1+ZufOA5Dp+pg6h+/IBVqNMB8GA1UdIwQY
MBaAFGUXkmWAO3gE0PzPWWKosWN0Pg0eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEt
ZjdiYjZkOWEzYmU4LzEvNWRrNlBYNW01ODREa09uNm1EcUg3OGdGV28wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEtZjdiYjZkOWEzYmU4
LzEvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoNZvMA0G
CSqGSIb3DQEBCwUAA4IBAQARnwQk2XwWyH3OJSGfDmiqJrjmIY0rAcV6lwuHytX/
+izlZ+zQB2ni/EKX/IhxWxqQEWc8Hw7gwMaj6KKC1AoiyGofrEyDk4Ji/9W/0I29
mTOVHB23Rokk12NKAboaLDEDkKd2HP1ArkWnosoYBsryBmwGH9a9MxIfnCuDcf97
UTGieSU9sQrPP73eDs7maFObB9/4Ek2m+JFgfbZYGAqojt5uq3CUcrcVPHTAMmZ7
vZjZIY6Upfmu5m3FICicsfl6mAwuTPLMQllEXbwQAq7z3XZDcjhfXVLgZPIwsRtP
ca3sQrNmc0rTzb0K/wyR8OyJ0MJzqvS/fa99QJjgfTWI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:11 2024 by rpki-client on console-fra.rpki-client.org