Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4ehbW2DGEgThTefXqnmkAxO3geo.roa
File:                     4ehbW2DGEgThTefXqnmkAxO3geo.roa (raw, json)
Hash identifier:          v4LZ6he9iDuM8yItLN7w3qMSZZYT8IM90eZVJMbZuRA=
Subject key identifier:   E1:E8:5B:5B:60:C6:12:04:E1:4D:E7:D7:AA:79:A4:03:13:B7:81:EA
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018CC42562868F0B9DD3C090258208540A5A
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4ehbW2DGEgThTefXqnmkAxO3geo.roa
Signing time:             Mon 01 Jan 2024 08:30:33 +0000
ROA not before:           Mon 01 Jan 2024 08:30:33 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203728
IP address blocks:        163.5.150.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 11 Feb 2024 15:38:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:25:62:86:8f:0b:9d:d3:c0:90:25:82:08:54:0a:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan  1 08:30:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e1e85b5b60c61204e14de7d7aa79a40313b781ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:a8:33:05:a3:f2:29:a0:63:f5:f4:84:91:f3:
                    7d:26:b2:72:92:27:bc:4c:dd:6d:ef:bb:cf:5b:6d:
                    29:26:f2:ab:d1:d2:d2:42:ce:50:cb:7b:44:ae:cd:
                    f0:22:40:82:84:ac:a3:8c:75:c2:d5:da:b3:34:45:
                    ee:16:74:ee:90:4e:ef:6a:c7:63:08:be:d0:d2:ae:
                    f7:fe:6b:40:ee:50:b5:bd:7a:41:c9:e0:a6:f4:a0:
                    c6:4f:77:87:c4:01:bf:08:99:5a:be:f0:77:0a:51:
                    df:e3:5d:c4:31:37:66:99:95:cf:fa:0c:7f:33:cb:
                    f7:c0:a6:b1:27:10:32:8f:73:8c:8b:60:48:18:4f:
                    b7:19:f2:f2:18:42:ce:4d:fa:d6:10:a4:5a:8e:02:
                    a2:64:8d:cd:cb:41:8c:76:e1:d4:ad:7a:5d:1c:5c:
                    fb:a0:fe:3a:cd:bb:ec:b9:9c:15:80:1a:17:2f:04:
                    da:14:be:56:05:8d:4c:92:e8:51:62:03:1c:01:5b:
                    8a:88:2c:57:a5:10:24:eb:b9:69:a5:fb:bc:79:5c:
                    fe:97:8b:97:86:36:04:99:17:04:07:40:19:f1:fd:
                    d8:1f:f3:ed:1e:7f:e7:e2:93:15:83:dd:16:9c:12:
                    a9:1b:8d:13:00:5c:f6:c6:84:5c:50:08:e6:3b:7a:
                    a7:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:E8:5B:5B:60:C6:12:04:E1:4D:E7:D7:AA:79:A4:03:13:B7:81:EA
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4ehbW2DGEgThTefXqnmkAxO3geo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:cc:c3:55:b8:26:f7:89:9f:7e:d8:e7:b7:52:38:c7:41:4b:
         5d:b2:4f:e3:1f:e3:2c:7e:0a:7f:1f:c9:96:e5:17:f5:11:2a:
         72:25:a0:b4:13:4a:32:3e:b4:ad:cb:d4:96:3b:9c:ec:00:a8:
         8e:8a:86:2d:7a:b5:b4:27:7d:fa:dd:c8:78:60:7f:9c:98:ad:
         ba:7d:a6:5b:0d:73:d4:b2:8f:37:6b:25:f0:dd:7e:e5:22:eb:
         46:1e:52:da:5d:92:15:70:c5:59:b3:9b:4a:fd:d9:7e:1c:65:
         af:6f:1e:b9:c2:7d:7e:1b:04:80:7a:f2:bc:fe:d7:d7:c7:20:
         90:44:d8:c6:4b:44:1d:a2:f1:73:8c:8e:1a:a8:1a:05:da:0e:
         c2:90:97:1d:c7:3c:e7:9e:07:44:67:8e:93:72:b7:11:57:64:
         08:b8:fa:59:2a:40:7a:ca:05:1f:a2:09:29:cb:4e:9c:e9:3a:
         5c:d8:43:89:e7:48:01:d7:1d:a4:b0:8c:ad:d6:a1:36:b6:3f:
         c1:b4:2a:74:ba:d4:e8:6e:e2:c6:da:c6:d4:6b:23:a2:e6:4e:
         67:c9:94:7f:c4:28:71:81:54:1f:00:70:1a:df:6e:13:7e:47:
         8c:a8:91:e4:3c:f2:73:7a:a4:80:ee:be:4c:54:2d:b5:59:c9:
         c7:26:c3:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJWKGjwud08CQJYIIVApaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWU4NWI1YjYwYzYxMjA0ZTE0ZGU3ZDdhYTc5YTQwMzEzYjc4MWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4qgzBaPyKaBj9fSEkfN9JrJykie8
TN1t77vPW20pJvKr0dLSQs5Qy3tErs3wIkCChKyjjHXC1dqzNEXuFnTukE7vasdj
CL7Q0q73/mtA7lC1vXpByeCm9KDGT3eHxAG/CJlavvB3ClHf413EMTdmmZXP+gx/
M8v3wKaxJxAyj3OMi2BIGE+3GfLyGELOTfrWEKRajgKiZI3Ny0GMduHUrXpdHFz7
oP46zbvsuZwVgBoXLwTaFL5WBY1MkuhRYgMcAVuKiCxXpRAk67lppfu8eVz+l4uX
hjYEmRcEB0AZ8f3YH/PtHn/n4pMVg90WnBKpG40TAFz2xoRcUAjmO3qnawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOHoW1tgxhIE4U3n16p5pAMTt4HqMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNGVoYlcyREdFZ1RoVGVmWHFubWtBeE8zZ2VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowWWMA0G
CSqGSIb3DQEBCwUAA4IBAQAFzMNVuCb3iZ9+2Oe3UjjHQUtdsk/jH+Msfgp/H8mW
5Rf1ESpyJaC0E0oyPrSty9SWO5zsAKiOioYterW0J3363ch4YH+cmK26faZbDXPU
so83ayXw3X7lIutGHlLaXZIVcMVZs5tK/dl+HGWvbx65wn1+GwSAevK8/tfXxyCQ
RNjGS0QdovFzjI4aqBoF2g7CkJcdxzznngdEZ46TcrcRV2QIuPpZKkB6ygUfogkp
y06c6Tpc2EOJ50gB1x2ksIyt1qE2tj/BtCp0utTobuLG2sbUayOi5k5nyZR/xChx
gVQfAHAa324TfkeMqJHkPPJzeqSA7r5MVC21WcnHJsMm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:28 2024 by rpki-client on console-ams.rpki-client.org