Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/5jn9G9lG5-30ydoqnFqyG4m99ww.roa
File:                     5jn9G9lG5-30ydoqnFqyG4m99ww.roa (raw, json)
Hash identifier:          JTE2RDh5Ghe4EPurkelAaP5L2vR0ndoOQ18WyTr8K6s=
Subject key identifier:   E6:39:FD:1B:D9:46:E7:ED:F4:C9:DA:2A:9C:5A:B2:1B:89:BD:F7:0C
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01874D5E920C30163206075D4501B1971458
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/5jn9G9lG5-30ydoqnFqyG4m99ww.roa
Signing time:             Tue 04 Apr 2023 17:44:16 +0000
ROA not before:           Tue 04 Apr 2023 17:44:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200131
IP address blocks:        163.5.196.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:4d:5e:92:0c:30:16:32:06:07:5d:45:01:b1:97:14:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Apr  4 17:44:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e639fd1bd946e7edf4c9da2a9c5ab21b89bdf70c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:3f:f1:72:55:cd:6a:56:43:d1:6f:c1:69:f5:
                    75:4b:30:eb:3d:ec:32:0b:93:d5:39:8d:8b:e4:01:
                    da:8e:e3:06:30:b7:34:e5:c8:35:82:31:ba:66:78:
                    ea:cb:8d:ed:eb:32:fd:fa:55:13:7b:d8:9a:8b:f1:
                    e7:2b:bd:8c:15:03:c6:4a:1c:4f:9e:7a:13:11:47:
                    7d:62:5c:ef:53:fd:77:eb:89:76:9e:b3:fc:a3:3a:
                    b4:99:c9:e8:74:6f:88:01:b6:02:d9:f6:4d:ef:d1:
                    ff:15:c2:f8:d9:13:3e:63:39:c4:32:39:5e:6c:72:
                    7e:d5:b5:6b:54:ff:ab:06:c7:ec:24:73:03:77:2f:
                    c6:4e:55:aa:ab:b7:ce:f4:cd:03:c2:22:d8:89:11:
                    2a:0c:c6:a0:06:0b:c6:4e:d3:79:41:24:91:ad:10:
                    da:91:7d:cc:e2:9e:ca:67:fe:8c:ed:01:e5:52:b7:
                    4e:ad:6e:10:3c:0d:6e:d3:24:f0:aa:6f:67:34:3a:
                    1b:b3:fe:81:bc:6d:71:7d:a0:d1:fa:15:c7:12:18:
                    7a:f4:48:85:b3:d4:2d:01:0e:a6:ba:ea:3f:03:54:
                    23:46:df:80:71:3c:d5:e7:37:f6:06:f6:b8:4b:46:
                    7c:f0:5c:26:af:d5:e2:fc:c2:58:84:71:8d:19:08:
                    cb:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:39:FD:1B:D9:46:E7:ED:F4:C9:DA:2A:9C:5A:B2:1B:89:BD:F7:0C
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/5jn9G9lG5-30ydoqnFqyG4m99ww.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:51:dd:49:9a:a5:d9:d1:d6:3a:8c:75:6c:fb:d0:f8:7a:1c:
         db:a2:fe:40:b6:68:46:95:ce:b0:d9:7a:da:f2:9f:e9:0a:e3:
         c9:a6:31:f5:54:24:e0:ef:20:56:63:1b:3b:e0:ac:35:6c:f4:
         e1:2a:57:b4:73:6c:a2:de:27:e9:c4:0d:5f:bd:30:53:a3:e3:
         93:32:67:51:e0:e9:8a:fd:01:60:5a:89:17:3f:23:61:44:41:
         5d:62:d9:91:65:c6:1b:ee:e7:5d:cf:56:c4:84:83:fe:c0:69:
         48:b3:e5:79:be:4c:7e:09:88:fb:bd:f6:48:8f:a0:ff:9c:e3:
         17:48:b0:3d:cb:cd:20:85:ba:33:80:8d:0a:54:c9:65:5d:7c:
         fa:29:8d:de:b6:88:a8:a5:2a:af:24:0f:ea:93:9c:70:b2:de:
         6c:3d:1a:5c:a3:6a:12:da:1e:4c:0e:c2:01:2d:8d:ce:24:2c:
         f9:76:04:a8:5a:4d:f9:36:ed:8d:1b:d1:63:6f:52:e1:db:3e:
         da:20:ba:bc:6f:84:03:d5:53:ee:83:56:a9:eb:15:4d:a5:84:
         a1:87:43:f8:de:f1:19:64:d1:8d:d2:af:bc:a9:a2:db:a6:7f:
         25:f5:49:f1:fe:bc:eb:d9:bf:a4:0b:0b:57:73:e4:b0:81:49:
         18:62:f7:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdNXpIMMBYyBgddRQGxlxRYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNDA0MTc0NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjM5ZmQxYmQ5NDZlN2VkZjRjOWRhMmE5YzVhYjIxYjg5YmRmNzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyz/xclXNalZD0W/BafV1SzDrPewy
C5PVOY2L5AHajuMGMLc05cg1gjG6Znjqy43t6zL9+lUTe9iai/HnK72MFQPGShxP
nnoTEUd9YlzvU/1364l2nrP8ozq0mcnodG+IAbYC2fZN79H/FcL42RM+YznEMjle
bHJ+1bVrVP+rBsfsJHMDdy/GTlWqq7fO9M0DwiLYiREqDMagBgvGTtN5QSSRrRDa
kX3M4p7KZ/6M7QHlUrdOrW4QPA1u0yTwqm9nNDobs/6BvG1xfaDR+hXHEhh69EiF
s9QtAQ6muuo/A1QjRt+AcTzV5zf2Bva4S0Z88Fwmr9Xi/MJYhHGNGQjLjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOY5/RvZRuft9MnaKpxashuJvfcMMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNWpuOUc5bEc1LTMweWRvcW5GcXlHNG05OXd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXEMA0G
CSqGSIb3DQEBCwUAA4IBAQBbUd1JmqXZ0dY6jHVs+9D4ehzbov5AtmhGlc6w2Xra
8p/pCuPJpjH1VCTg7yBWYxs74Kw1bPThKle0c2yi3ifpxA1fvTBTo+OTMmdR4OmK
/QFgWokXPyNhREFdYtmRZcYb7uddz1bEhIP+wGlIs+V5vkx+CYj7vfZIj6D/nOMX
SLA9y80ghbozgI0KVMllXXz6KY3etoiopSqvJA/qk5xwst5sPRpco2oS2h5MDsIB
LY3OJCz5dgSoWk35Nu2NG9Fjb1Lh2z7aILq8b4QD1VPug1ap6xVNpYShh0P43vEZ
ZNGN0q+8qaLbpn8l9Unx/rzr2b+kCwtXc+SwgUkYYvfa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:03 2024 by rpki-client on console-fra.rpki-client.org