Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CX4u0g6Y1J-h954zP379wv1hgmA.roa
File:                     CX4u0g6Y1J-h954zP379wv1hgmA.roa (raw, json)
Hash identifier:          XQupOQeW71ckvk/cZgXWxkGGYe+CBfhHYwD+pv7uJ8E=
Subject key identifier:   09:7E:2E:D2:0E:98:D4:9F:A1:F7:9E:33:3F:7E:FD:C2:FD:61:82:60
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018B96D09E7F37662779B10E2F7F42D24174
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CX4u0g6Y1J-h954zP379wv1hgmA.roa
Signing time:             Fri 03 Nov 2023 20:12:16 +0000
ROA not before:           Fri 03 Nov 2023 20:12:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399641
IP address blocks:        163.5.105.0/24 maxlen: 24
                          163.5.235.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:96:d0:9e:7f:37:66:27:79:b1:0e:2f:7f:42:d2:41:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Nov  3 20:12:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=097e2ed20e98d49fa1f79e333f7efdc2fd618260
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:37:07:10:ab:29:62:3f:a4:b6:28:ec:74:ce:
                    f3:50:ad:5e:d6:b3:2f:10:cc:73:b6:5d:3d:41:a3:
                    9f:12:ff:c8:4c:92:b2:a5:41:70:24:01:49:f9:56:
                    20:0b:ed:a4:35:9f:37:6e:8f:a5:b1:65:a5:df:74:
                    c1:0c:1f:29:c0:e1:67:47:80:0a:7d:20:2e:2d:d5:
                    49:07:51:5c:f4:b2:4d:f2:65:b6:fc:8b:77:ed:90:
                    54:49:82:2e:52:e1:3a:0a:8b:ea:0b:83:cc:61:00:
                    28:6a:6a:ba:e2:25:74:54:91:e2:4f:79:73:9d:ed:
                    ec:57:8a:90:c7:b8:a7:d5:ad:a5:73:63:d5:cd:b9:
                    c0:33:dc:7b:5a:1b:b7:d8:0f:e4:bf:72:d9:ac:36:
                    64:cf:81:af:72:d7:3e:a0:0c:47:07:81:29:8b:ba:
                    b4:08:9d:3d:22:f7:cc:08:96:2a:2c:e1:9d:1b:d1:
                    d6:ea:ac:e8:84:f5:7d:33:04:40:e0:e6:47:7b:67:
                    76:73:36:75:cf:6e:1a:f0:d8:4e:b0:d6:63:ce:bc:
                    6c:bd:4c:54:66:9c:b8:99:29:cc:7a:6f:04:90:47:
                    f6:eb:2f:cf:32:83:7b:6a:a0:c5:40:7e:f5:04:42:
                    21:3b:81:d8:23:30:99:6c:de:26:36:15:5c:2c:86:
                    c6:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:7E:2E:D2:0E:98:D4:9F:A1:F7:9E:33:3F:7E:FD:C2:FD:61:82:60
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CX4u0g6Y1J-h954zP379wv1hgmA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.105.0/24
                  163.5.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:0a:3b:1a:2b:74:be:71:8f:73:23:5b:0c:c0:15:42:95:08:
         d9:cc:9b:01:60:e9:69:c6:01:4a:1d:13:d2:8d:b4:40:5d:2f:
         3d:21:2a:d9:ef:3d:65:b5:5e:78:2e:43:2a:23:c2:d8:a0:21:
         2c:21:c2:f0:77:5e:4e:50:9d:b8:3d:48:53:fe:30:df:90:b0:
         89:09:b1:11:e4:ba:a5:e9:15:21:90:08:2c:d8:ab:4b:07:cb:
         0b:b2:6f:58:f7:cf:08:6a:c7:32:2f:89:7d:7d:27:f5:85:ae:
         41:73:28:ec:97:6f:c9:f2:e9:f1:f3:39:72:0f:b3:0b:c0:8c:
         89:4f:eb:3e:74:77:aa:4f:79:60:21:80:83:14:0a:b4:3c:0a:
         71:c4:f0:c0:a0:0b:73:f9:9b:a5:1b:b0:d0:d7:52:81:d2:78:
         41:5d:1d:fd:2e:17:af:97:ae:cd:3f:9c:66:6f:b4:72:7b:f3:
         8d:28:ce:b8:c7:26:ea:ae:ae:52:a0:51:4e:fe:f0:c5:4e:81:
         f0:04:3b:d5:b2:91:a1:84:7d:b5:28:08:1f:91:61:ed:d9:c3:
         a4:d2:8a:66:c9:2a:09:23:23:bb:e7:76:30:a5:fc:7b:7b:b0:
         24:12:7a:68:b4:7d:4f:7a:11:84:31:49:f0:ca:11:a4:9c:5f:
         81:d4:e5:d5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuW0J5/N2YnebEOL39C0kF0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMTAzMjAxMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTdlMmVkMjBlOThkNDlmYTFmNzllMzMzZjdlZmRjMmZkNjE4MjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTcHEKspYj+ktijsdM7zUK1e1rMv
EMxztl09QaOfEv/ITJKypUFwJAFJ+VYgC+2kNZ83bo+lsWWl33TBDB8pwOFnR4AK
fSAuLdVJB1Fc9LJN8mW2/It37ZBUSYIuUuE6CovqC4PMYQAoamq64iV0VJHiT3lz
ne3sV4qQx7in1a2lc2PVzbnAM9x7Whu32A/kv3LZrDZkz4Gvctc+oAxHB4Epi7q0
CJ09IvfMCJYqLOGdG9HW6qzohPV9MwRA4OZHe2d2czZ1z24a8NhOsNZjzrxsvUxU
Zpy4mSnMem8EkEf26y/PMoN7aqDFQH71BEIhO4HYIzCZbN4mNhVcLIbGxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAl+LtIOmNSfofeeMz9+/cL9YYJgMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQ1g0dTBnNlkxSi1oOTU0elAzNzl3djFoZ21BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowVpAwQA
owXrMA0GCSqGSIb3DQEBCwUAA4IBAQBiCjsaK3S+cY9zI1sMwBVClQjZzJsBYOlp
xgFKHRPSjbRAXS89ISrZ7z1ltV54LkMqI8LYoCEsIcLwd15OUJ24PUhT/jDfkLCJ
CbER5Lql6RUhkAgs2KtLB8sLsm9Y988IascyL4l9fSf1ha5Bcyjsl2/J8unx8zly
D7MLwIyJT+s+dHeqT3lgIYCDFAq0PApxxPDAoAtz+ZulG7DQ11KB0nhBXR39Lhev
l67NP5xmb7Rye/ONKM64xybqrq5SoFFO/vDFToHwBDvVspGhhH21KAgfkWHt2cOk
0opmySoJIyO753Ywpfx7e7AkEnpotH1PehGEMUnwyhGknF+B1OXV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:04 2024 by rpki-client on console-fra.rpki-client.org