Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-vvtkOnD8cWFsH05iS--gcG1Yu8.roa
File:                     1-vvtkOnD8cWFsH05iS--gcG1Yu8.roa (raw, json)
Hash identifier:          HPpmLHs85YUkNrO5qQdmQ1/SGaG9HovSWsEgTQBb04s=
Subject key identifier:   FA:FB:ED:90:E9:C3:F1:C5:85:B0:7D:39:89:2F:BE:81:C1:B5:62:EF
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01893A53628D5493E84D62AC1F1DAB7E3491
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-vvtkOnD8cWFsH05iS--gcG1Yu8.roa
Signing time:             Sun 09 Jul 2023 11:04:50 +0000
ROA not before:           Sun 09 Jul 2023 11:04:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206505
IP address blocks:        163.5.140.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 14 Sep 2023 20:48:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:3a:53:62:8d:54:93:e8:4d:62:ac:1f:1d:ab:7e:34:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jul  9 11:04:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fafbed90e9c3f1c585b07d39892fbe81c1b562ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:dd:9c:9e:ee:7d:32:b6:82:d9:9a:c6:4b:7f:
                    da:d8:38:20:cf:db:64:ec:86:f8:9c:1d:c7:38:75:
                    30:92:09:80:36:43:d2:3a:3d:ac:99:f5:c2:7f:cd:
                    4c:a2:6b:c0:ab:97:eb:92:88:c8:4a:9f:67:c4:d1:
                    11:24:80:40:c5:3c:47:6d:2c:54:3c:d4:b9:d5:97:
                    bb:21:8b:9c:0c:37:f7:08:69:04:2f:7a:17:40:70:
                    b5:09:46:49:0f:d1:cf:5c:88:e9:22:96:a6:fe:83:
                    a1:c0:0d:bc:65:d8:d5:40:1b:f2:02:ae:0f:58:9e:
                    f6:28:f7:1c:d4:83:f7:f2:66:06:49:a2:12:86:96:
                    fa:7e:ad:81:ca:e3:c5:a4:6d:e1:de:30:66:02:0c:
                    9e:af:b2:10:0e:c5:e5:f3:ed:75:dc:0c:7a:2d:88:
                    19:aa:5f:49:90:0c:78:cc:46:e7:a1:aa:b4:64:6f:
                    e3:19:bd:c1:30:51:54:5d:c9:76:df:36:d5:e2:a2:
                    9b:78:5d:46:55:bd:1b:c4:30:fd:9e:c9:49:31:fb:
                    c2:42:92:98:18:32:32:ae:8a:23:c3:1e:83:d6:c2:
                    71:0a:ca:ad:72:a7:c1:87:d6:26:08:0a:5f:10:09:
                    c1:0a:7d:96:4a:2b:ab:3a:87:65:cf:a9:29:22:1a:
                    c3:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:FB:ED:90:E9:C3:F1:C5:85:B0:7D:39:89:2F:BE:81:C1:B5:62:EF
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-vvtkOnD8cWFsH05iS--gcG1Yu8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:bd:ac:58:24:9b:c1:1f:50:e7:e3:14:46:1e:9b:ca:57:14:
         93:08:1b:b1:24:3f:e5:53:60:0e:64:51:4d:49:d3:9b:15:47:
         5a:5a:15:35:f7:39:82:ac:d3:b7:26:75:2c:5f:7e:a8:0c:d6:
         d8:a1:67:5b:75:1c:fe:56:df:7d:ce:ba:23:17:37:a3:96:37:
         4a:eb:70:eb:22:f3:b7:1b:3e:63:75:cb:45:95:15:65:a0:20:
         c7:ba:98:b3:44:27:16:2e:5d:c3:3e:c8:7a:ed:6f:1f:d6:9d:
         1b:1e:03:4c:28:f4:12:2d:3e:9e:1a:b2:1b:36:72:86:e1:6f:
         2a:bc:a1:2f:dc:d6:da:2d:1f:a1:60:ba:0f:f5:18:08:b5:2a:
         d1:40:e1:05:fe:50:e5:21:7c:09:23:fc:dd:0e:d1:23:1d:e8:
         f3:0d:8c:47:ca:51:6e:33:0d:04:ee:55:3d:d1:5a:8e:d5:2a:
         e7:43:01:46:43:d6:81:bf:a7:2f:58:c5:2c:9e:26:9c:27:e8:
         22:80:41:d4:00:8a:1f:c7:62:4c:bd:21:4d:09:10:5c:df:61:
         40:c5:d7:99:0b:21:c6:8b:01:2d:c8:7e:84:64:83:53:ad:5f:
         be:7c:5a:d1:95:a7:7f:eb:bd:52:b1:b7:c9:d2:03:c2:c8:71:
         93:28:31:34
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYk6U2KNVJPoTWKsHx2rfjSRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNzA5MTEwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWZiZWQ5MGU5YzNmMWM1ODViMDdkMzk4OTJmYmU4MWMxYjU2MmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqt2cnu59MraC2ZrGS3/a2Dggz9tk
7Ib4nB3HOHUwkgmANkPSOj2smfXCf81MomvAq5frkojISp9nxNERJIBAxTxHbSxU
PNS51Ze7IYucDDf3CGkEL3oXQHC1CUZJD9HPXIjpIpam/oOhwA28ZdjVQBvyAq4P
WJ72KPcc1IP38mYGSaIShpb6fq2ByuPFpG3h3jBmAgyer7IQDsXl8+113Ax6LYgZ
ql9JkAx4zEbnoaq0ZG/jGb3BMFFUXcl23zbV4qKbeF1GVb0bxDD9nslJMfvCQpKY
GDIyroojwx6D1sJxCsqtcqfBh9YmCApfEAnBCn2WSiurOodlz6kpIhrDiwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPr77ZDpw/HFhbB9OYkvvoHBtWLvMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMS12dnRrT25EOGNXRnNIMDVpUy0tZ2NHMVl1OC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTMvZDAyZGZiLTk2NzMtNDlhOC05NzFjLTlmZTk0MTA4ZmYw
MS8xL0RPaFJ0dDFkTms3aG5nczRJQnMtamZKaVM4cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKMFjDAN
BgkqhkiG9w0BAQsFAAOCAQEAPb2sWCSbwR9Q5+MURh6bylcUkwgbsSQ/5VNgDmRR
TUnTmxVHWloVNfc5gqzTtyZ1LF9+qAzW2KFnW3Uc/lbffc66Ixc3o5Y3Sutw6yLz
txs+Y3XLRZUVZaAgx7qYs0QnFi5dwz7Ieu1vH9adGx4DTCj0Ei0+nhqyGzZyhuFv
KryhL9zW2i0foWC6D/UYCLUq0UDhBf5Q5SF8CSP83Q7RIx3o8w2MR8pRbjMNBO5V
PdFajtUq50MBRkPWgb+nL1jFLJ4mnCfoIoBB1ACKH8diTL0hTQkQXN9hQMXXmQsh
xosBLch+hGSDU61fvnxa0ZWnf+u9UrG3ydIDwshxkygxNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:27 2024 by rpki-client on console-ams.rpki-client.org