Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8jFMSuMlm9b-91RSjRICCyYKYgU.roa
File:                     8jFMSuMlm9b-91RSjRICCyYKYgU.roa (raw, json)
Hash identifier:          2gLXXSvzaky58mN8AmlX9ereOVpkwMMdUYnIFhZ3r80=
Subject key identifier:   F2:31:4C:4A:E3:25:9B:D6:FE:F7:54:52:8D:12:02:0B:26:0A:62:05
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0188F16D5F23EEBC91DD3FFCEBA81702F4B7
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8jFMSuMlm9b-91RSjRICCyYKYgU.roa
Signing time:             Sun 25 Jun 2023 07:20:56 +0000
ROA not before:           Sun 25 Jun 2023 07:20:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        163.5.168.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 26 Sep 2023 19:44:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:f1:6d:5f:23:ee:bc:91:dd:3f:fc:eb:a8:17:02:f4:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jun 25 07:20:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f2314c4ae3259bd6fef754528d12020b260a6205
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:23:37:4d:6b:1b:1a:c0:4a:49:31:6e:49:a6:
                    7e:c6:d1:3a:20:03:e7:be:af:71:2d:39:6d:dd:41:
                    88:54:32:ce:1e:c6:4c:eb:a6:e2:64:c5:0e:49:8c:
                    1d:f0:db:df:ad:69:df:84:28:83:a8:b6:ab:a3:f3:
                    f1:4a:1f:b5:57:46:ef:61:af:aa:9d:d2:a8:ef:50:
                    45:78:ce:35:9a:06:6f:99:fa:c0:3d:a7:7f:99:b4:
                    88:30:f3:d9:f1:68:5f:21:84:33:1d:f8:ce:6e:79:
                    8b:97:31:40:4f:24:ee:fe:49:0b:88:bb:50:01:4a:
                    0b:27:59:fc:cf:c9:91:32:51:44:6f:dc:be:59:0f:
                    f1:ea:f6:b7:f1:41:00:6b:fd:29:2d:93:22:82:ef:
                    1f:a6:62:02:0f:64:0d:fd:62:d4:85:97:00:c9:c6:
                    2c:8d:38:33:a3:c7:5d:31:24:eb:46:04:9a:b4:41:
                    78:18:bc:3e:7b:3d:23:2c:7b:c0:f2:c8:b1:d1:bd:
                    1b:5a:1a:de:c0:fc:4d:12:2c:73:31:16:00:39:b3:
                    a9:b9:89:48:17:e4:25:e4:64:1f:e7:23:5d:f1:77:
                    4c:53:c8:5f:c3:ff:af:76:c4:de:2a:19:22:ce:4f:
                    e9:98:ae:ad:f4:73:ca:cd:e9:9e:8e:5e:c0:48:99:
                    a0:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:31:4C:4A:E3:25:9B:D6:FE:F7:54:52:8D:12:02:0B:26:0A:62:05
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8jFMSuMlm9b-91RSjRICCyYKYgU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.168.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:66:e7:8c:0f:58:1b:04:ac:68:44:6a:d0:b9:4c:d7:2b:10:
         65:c6:e8:44:52:4e:13:f1:7a:7b:7f:5f:4f:56:5f:c1:33:c1:
         01:fd:8f:d7:fd:7c:25:94:36:b3:e1:1a:cb:5e:a0:e1:19:8c:
         c4:d1:92:a3:80:4a:32:25:71:d7:f5:ac:0e:b9:e2:c9:d9:ed:
         30:20:4f:65:d4:f2:3c:8f:1c:05:ba:a3:e4:c0:93:02:11:59:
         ae:14:89:35:32:8f:f5:a8:79:6b:8d:2a:b8:d7:6c:3e:4e:6c:
         a0:1e:3d:14:9b:8d:5d:89:d8:7f:66:28:b7:1d:be:5c:97:18:
         36:c0:74:c9:d8:49:92:a3:07:be:e3:ee:3a:66:82:4e:3f:bf:
         ee:51:1e:e8:3f:77:2e:92:ed:89:b9:f8:7e:c7:8c:ad:d7:6f:
         32:9e:ac:a0:dd:3f:7c:66:69:63:54:5f:1d:58:c0:2e:7b:26:
         91:c1:d9:44:f6:8e:63:a8:63:34:17:60:6b:e9:00:7e:8f:f0:
         d1:fb:37:ee:8a:72:6e:9b:e2:5a:3d:b9:56:cb:73:f0:8b:2e:
         d6:5a:e5:5b:04:c5:c7:dd:52:21:97:82:7c:70:c8:90:8e:7a:
         80:06:2d:c8:5f:58:6e:57:00:94:fc:4d:32:69:e9:be:b3:87:
         f6:0f:93:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjxbV8j7ryR3T/866gXAvS3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNjI1MDcyMDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjMxNGM0YWUzMjU5YmQ2ZmVmNzU0NTI4ZDEyMDIwYjI2MGE2MjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+CM3TWsbGsBKSTFuSaZ+xtE6IAPn
vq9xLTlt3UGIVDLOHsZM66biZMUOSYwd8NvfrWnfhCiDqLaro/PxSh+1V0bvYa+q
ndKo71BFeM41mgZvmfrAPad/mbSIMPPZ8WhfIYQzHfjObnmLlzFATyTu/kkLiLtQ
AUoLJ1n8z8mRMlFEb9y+WQ/x6va38UEAa/0pLZMigu8fpmICD2QN/WLUhZcAycYs
jTgzo8ddMSTrRgSatEF4GLw+ez0jLHvA8six0b0bWhrewPxNEixzMRYAObOpuYlI
F+Ql5GQf5yNd8XdMU8hfw/+vdsTeKhkizk/pmK6t9HPKzemejl7ASJmgxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPIxTErjJZvW/vdUUo0SAgsmCmIFMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvOGpGTVN1TWxtOWItOTFSU2pSSUNDeVlLWWdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowWoMA0G
CSqGSIb3DQEBCwUAA4IBAQBgZueMD1gbBKxoRGrQuUzXKxBlxuhEUk4T8Xp7f19P
Vl/BM8EB/Y/X/XwllDaz4RrLXqDhGYzE0ZKjgEoyJXHX9awOueLJ2e0wIE9l1PI8
jxwFuqPkwJMCEVmuFIk1Mo/1qHlrjSq412w+TmygHj0Um41didh/Zii3Hb5clxg2
wHTJ2EmSowe+4+46ZoJOP7/uUR7oP3cuku2Jufh+x4yt128ynqyg3T98ZmljVF8d
WMAueyaRwdlE9o5jqGM0F2Br6QB+j/DR+zfuinJum+JaPblWy3Pwiy7WWuVbBMXH
3VIhl4J8cMiQjnqABi3IX1huVwCU/E0yaem+s4f2D5OI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:29 2024 by rpki-client on console-ams.rpki-client.org