Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4Vnos1ONtMdgQMUL3RB1OuIcxUA.roa
File:                     4Vnos1ONtMdgQMUL3RB1OuIcxUA.roa (raw, json)
Hash identifier:          tkxoboGDpp91yfX+vevDUZvOKyysIFQOewtxiipxBVo=
Subject key identifier:   E1:59:E8:B3:53:8D:B4:C7:60:40:C5:0B:DD:10:75:3A:E2:1C:C5:40
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018CC425509DCC9F46BF5FD97006555F4BB7
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4Vnos1ONtMdgQMUL3RB1OuIcxUA.roa
Signing time:             Mon 01 Jan 2024 08:30:28 +0000
ROA not before:           Mon 01 Jan 2024 08:30:28 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     9009
IP address blocks:        163.5.74.0/24 maxlen: 24
                          163.5.151.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 06 Feb 2024 12:45:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:25:50:9d:cc:9f:46:bf:5f:d9:70:06:55:5f:4b:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan  1 08:30:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e159e8b3538db4c76040c50bdd10753ae21cc540
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:fd:63:a0:f0:af:16:bb:45:27:e1:19:f8:63:
                    52:6d:52:b3:a4:88:63:25:ca:72:78:c6:b6:6a:ee:
                    6e:1b:c8:1a:17:fe:46:4d:29:d8:fc:04:d3:ad:6d:
                    8f:45:d9:bb:16:42:de:54:41:96:91:c6:3a:92:93:
                    8d:39:b9:46:5f:7e:13:e6:c9:02:57:e1:d8:63:2b:
                    f8:37:8b:b7:3a:5e:ea:e3:3f:c9:72:c5:a0:3b:7c:
                    18:e2:5d:b0:fe:d7:64:03:b3:96:e3:7a:d7:1e:3e:
                    d7:6b:a7:59:7a:20:d1:ef:e3:3a:1b:e7:6c:d1:b9:
                    1a:94:73:5a:4d:c3:d9:9a:b9:3d:02:7e:63:76:2d:
                    e5:af:55:59:b7:dd:97:cc:3e:88:3b:e6:b4:72:e7:
                    46:1a:39:c0:2f:f2:ae:78:00:e1:d1:57:ff:75:69:
                    46:88:03:b4:c5:81:fc:a2:e4:7f:b3:0d:82:a3:ef:
                    04:06:0b:6b:fd:82:53:0d:8c:d0:03:03:d7:3f:e9:
                    72:90:00:46:6a:3f:45:68:ea:ca:99:df:6b:bd:aa:
                    a6:04:e0:0b:4a:fc:66:69:06:48:db:45:61:0a:ba:
                    af:8b:d7:7b:8c:29:cb:ac:c5:6f:2f:5c:e7:f0:a2:
                    06:12:c6:af:ad:c9:da:f4:4a:81:9d:63:19:78:f3:
                    d8:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:59:E8:B3:53:8D:B4:C7:60:40:C5:0B:DD:10:75:3A:E2:1C:C5:40
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4Vnos1ONtMdgQMUL3RB1OuIcxUA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.74.0/24
                  163.5.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:ee:f0:6f:6a:f0:37:bf:d4:1f:5b:1d:23:1a:47:f3:2c:c0:
         87:87:66:e9:f9:d6:c7:f7:6d:51:8f:ee:c2:69:24:fc:81:b1:
         df:90:6a:b4:c6:1a:c5:25:36:48:65:e3:15:2f:20:ca:03:cf:
         5f:3d:83:fc:0a:09:b9:e9:9e:fa:2c:37:bf:be:d6:8e:da:95:
         31:89:d3:c1:f7:45:05:19:e3:b5:f8:22:7b:fb:9b:2d:f4:59:
         c4:74:08:43:74:27:ae:f5:34:91:09:07:92:97:26:b1:66:41:
         0e:06:d0:50:c1:c5:15:2a:74:9f:94:00:4b:40:0c:44:0f:21:
         e6:8a:c1:17:06:14:4f:16:fb:10:41:27:40:63:26:96:64:5b:
         7f:96:35:41:8a:cc:3a:e4:d8:ab:97:43:db:cf:16:bd:70:31:
         5d:7d:e2:5f:e7:86:64:ac:bc:48:80:26:01:10:b5:26:b8:7a:
         8d:31:e4:f7:97:04:da:a6:68:27:b7:f3:75:dc:8c:4f:fe:09:
         9a:75:8c:77:3c:38:8e:1a:23:ec:64:9f:b9:47:d7:73:22:77:
         fd:8d:3d:37:0b:1f:81:aa:8e:18:63:f8:d0:21:cc:0c:f2:fb:
         98:96:73:76:c8:48:80:9a:08:f6:de:0d:c7:05:a2:2b:d1:0b:
         b5:ff:54:39
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJVCdzJ9Gv1/ZcAZVX0u3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTU5ZThiMzUzOGRiNGM3NjA0MGM1MGJkZDEwNzUzYWUyMWNjNTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/1joPCvFrtFJ+EZ+GNSbVKzpIhj
JcpyeMa2au5uG8gaF/5GTSnY/ATTrW2PRdm7FkLeVEGWkcY6kpONOblGX34T5skC
V+HYYyv4N4u3Ol7q4z/JcsWgO3wY4l2w/tdkA7OW43rXHj7Xa6dZeiDR7+M6G+ds
0bkalHNaTcPZmrk9An5jdi3lr1VZt92XzD6IO+a0cudGGjnAL/KueADh0Vf/dWlG
iAO0xYH8ouR/sw2Co+8EBgtr/YJTDYzQAwPXP+lykABGaj9FaOrKmd9rvaqmBOAL
SvxmaQZI20VhCrqvi9d7jCnLrMVvL1zn8KIGEsavrcna9EqBnWMZePPYiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOFZ6LNTjbTHYEDFC90QdTriHMVAMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNFZub3MxT050TWRnUU1VTDNSQjFPdUljeFVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowVKAwQA
owWXMA0GCSqGSIb3DQEBCwUAA4IBAQCD7vBvavA3v9QfWx0jGkfzLMCHh2bp+dbH
921Rj+7CaST8gbHfkGq0xhrFJTZIZeMVLyDKA89fPYP8Cgm56Z76LDe/vtaO2pUx
idPB90UFGeO1+CJ7+5st9FnEdAhDdCeu9TSRCQeSlyaxZkEOBtBQwcUVKnSflABL
QAxEDyHmisEXBhRPFvsQQSdAYyaWZFt/ljVBisw65Nirl0Pbzxa9cDFdfeJf54Zk
rLxIgCYBELUmuHqNMeT3lwTapmgnt/N13IxP/gmadYx3PDiOGiPsZJ+5R9dzInf9
jT03Cx+Bqo4YY/jQIcwM8vuYlnN2yEiAmgj23g3HBaIr0Qu1/1Q5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:03 2024 by rpki-client on console-fra.rpki-client.org