Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/AwKS1xbPrvzcH7CWtpBvvzocpUU.roa
File:                     AwKS1xbPrvzcH7CWtpBvvzocpUU.roa (raw, json)
Hash identifier:          /kInCMmYouoctHBuC9EcgdRYtc7v3oPI2ZPujoS0PYA=
Subject key identifier:   03:02:92:D7:16:CF:AE:FC:DC:1F:B0:96:B6:90:6F:BF:3A:1C:A5:45
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0187862D342F3E5D4390604460E0A0A94A43
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/AwKS1xbPrvzcH7CWtpBvvzocpUU.roa
Signing time:             Sat 15 Apr 2023 18:28:42 +0000
ROA not before:           Sat 15 Apr 2023 18:28:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207633
IP address blocks:        163.5.67.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 21 Apr 2023 15:48:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:86:2d:34:2f:3e:5d:43:90:60:44:60:e0:a0:a9:4a:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Apr 15 18:28:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=030292d716cfaefcdc1fb096b6906fbf3a1ca545
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:9b:d5:53:da:61:3d:5c:80:ee:ab:d1:9e:ef:
                    6b:0f:07:a1:4b:3a:a5:19:c2:3a:ce:7d:bc:c2:75:
                    4d:6f:41:e7:90:45:91:02:7e:f8:1e:cc:ab:f6:45:
                    b4:49:9e:ac:9f:4e:01:42:20:25:47:71:81:36:71:
                    a9:ec:a1:78:40:17:d7:60:73:c7:f4:b6:56:8b:7d:
                    a7:48:66:6a:bf:86:34:8a:6c:6c:91:9b:94:66:49:
                    06:b3:c4:6a:dd:d9:75:26:0d:14:6b:78:3b:ac:ed:
                    41:3d:c4:a5:d0:8f:11:c6:a5:62:e3:33:1f:36:e9:
                    dd:a5:36:94:de:c0:b3:74:5f:5c:03:c0:98:80:3a:
                    94:74:6c:16:96:b9:d5:a5:3b:03:fb:98:61:d1:86:
                    aa:a9:b0:58:c1:e3:ab:f7:c6:2a:82:4b:d7:c1:99:
                    f9:0b:57:3d:42:bb:58:f6:74:d6:26:cb:01:77:fe:
                    0b:7a:76:d5:ab:91:c1:c5:76:81:b1:db:b9:e1:79:
                    42:76:2c:e1:aa:ef:a7:94:dc:4e:68:b5:5f:1e:ee:
                    9c:ca:24:58:76:9f:fa:dc:b1:b2:ad:38:79:b8:c8:
                    a6:a8:fb:eb:3e:48:7b:58:44:09:94:b8:78:ee:55:
                    0d:14:c3:c7:b2:24:03:05:97:63:6a:03:8d:07:f5:
                    55:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:02:92:D7:16:CF:AE:FC:DC:1F:B0:96:B6:90:6F:BF:3A:1C:A5:45
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/AwKS1xbPrvzcH7CWtpBvvzocpUU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:b7:dc:80:45:61:7e:72:a5:a4:3f:fd:6b:e4:cd:91:31:4d:
         60:e2:ba:c5:da:6a:a6:ef:7d:18:b5:89:57:9a:74:b3:72:0b:
         4b:b5:4e:95:68:55:fd:b3:06:99:8e:a1:b1:1b:7f:61:91:2d:
         4b:c4:1f:6c:65:07:75:28:10:3a:86:ab:de:ae:23:f9:cd:53:
         db:75:89:bf:37:ba:89:54:2c:1e:ea:7f:f8:db:27:ea:54:e9:
         75:27:6e:40:ed:ec:68:04:3a:a0:de:cf:63:8e:de:2f:06:ad:
         7d:53:29:d0:d7:66:45:8f:c9:e0:4e:cb:2d:87:00:c2:4e:78:
         4b:7f:89:c1:52:97:5b:bb:03:f3:75:c7:f7:82:7f:48:92:c1:
         72:ab:1b:19:7a:bf:9d:83:39:08:6f:47:8c:88:45:f2:4e:82:
         02:37:e2:50:fd:6f:89:82:33:2b:e3:99:ee:82:f6:19:36:5b:
         a7:c3:19:e1:b7:b0:01:dc:dc:52:27:64:cd:2f:85:16:c0:29:
         9e:de:0d:fe:88:8a:bb:b3:6a:7c:1b:47:75:4d:8f:dd:f1:25:
         1f:35:50:74:2c:b6:58:a3:38:35:a3:24:43:83:89:6c:62:b2:
         51:4b:ff:7e:72:d1:01:a1:88:09:b5:95:38:16:61:71:12:bb:
         03:d5:ab:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeGLTQvPl1DkGBEYOCgqUpDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNDE1MTgyODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzAyOTJkNzE2Y2ZhZWZjZGMxZmIwOTZiNjkwNmZiZjNhMWNhNTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5vVU9phPVyA7qvRnu9rDwehSzql
GcI6zn28wnVNb0HnkEWRAn74Hsyr9kW0SZ6sn04BQiAlR3GBNnGp7KF4QBfXYHPH
9LZWi32nSGZqv4Y0imxskZuUZkkGs8Rq3dl1Jg0Ua3g7rO1BPcSl0I8RxqVi4zMf
NundpTaU3sCzdF9cA8CYgDqUdGwWlrnVpTsD+5hh0YaqqbBYweOr98YqgkvXwZn5
C1c9QrtY9nTWJssBd/4LenbVq5HBxXaBsdu54XlCdizhqu+nlNxOaLVfHu6cyiRY
dp/63LGyrTh5uMimqPvrPkh7WEQJlLh47lUNFMPHsiQDBZdjagONB/VV9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAMCktcWz6783B+wlraQb786HKVFMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQXdLUzF4YlBydnpjSDdDV3RwQnZ2em9jcFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowVDMA0G
CSqGSIb3DQEBCwUAA4IBAQCRt9yARWF+cqWkP/1r5M2RMU1g4rrF2mqm730YtYlX
mnSzcgtLtU6VaFX9swaZjqGxG39hkS1LxB9sZQd1KBA6hqveriP5zVPbdYm/N7qJ
VCwe6n/42yfqVOl1J25A7exoBDqg3s9jjt4vBq19UynQ12ZFj8ngTssthwDCTnhL
f4nBUpdbuwPzdcf3gn9IksFyqxsZer+dgzkIb0eMiEXyToICN+JQ/W+JgjMr45nu
gvYZNlunwxnht7AB3NxSJ2TNL4UWwCme3g3+iIq7s2p8G0d1TY/d8SUfNVB0LLZY
ozg1oyRDg4lsYrJRS/9+ctEBoYgJtZU4FmFxErsD1auC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:29 2024 by rpki-client on console-ams.rpki-client.org