Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CrBebOeY53nN7F_RyfgDjq9ot3k.roa
File:                     CrBebOeY53nN7F_RyfgDjq9ot3k.roa (raw, json)
Hash identifier:          esdKoweo8V0ZYfQ9YH7psCjcqamPCyCVMaoKaOOYbFU=
Subject key identifier:   0A:B0:5E:6C:E7:98:E7:79:CD:EC:5F:D1:C9:F8:03:8E:AF:68:B7:79
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018A85DF2D53F877FE5BB33DA020CB3925AF
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CrBebOeY53nN7F_RyfgDjq9ot3k.roa
Signing time:             Mon 11 Sep 2023 20:11:50 +0000
ROA not before:           Mon 11 Sep 2023 20:11:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57043
IP address blocks:        163.5.187.0/24 maxlen: 24
                          163.5.98.0/24 maxlen: 24
                          163.5.233.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 25 Sep 2023 17:55:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:85:df:2d:53:f8:77:fe:5b:b3:3d:a0:20:cb:39:25:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Sep 11 20:11:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0ab05e6ce798e779cdec5fd1c9f8038eaf68b779
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:2d:f0:f5:eb:37:5c:d3:62:c8:74:81:54:1b:
                    b3:b7:f4:d5:54:23:c4:66:84:8e:20:27:ca:f8:09:
                    13:e0:5f:8f:b7:4e:f9:17:8d:67:40:3d:2e:68:d4:
                    c7:78:4d:33:e7:ed:c1:db:12:d1:6b:c5:86:53:59:
                    3f:5d:0e:7c:3b:ab:6a:39:b1:ac:df:32:49:8c:3d:
                    a4:d5:13:60:0e:29:18:de:7a:bd:e5:4d:8f:6a:1a:
                    fa:13:4f:6b:e8:21:97:92:d3:63:55:ac:7c:52:1d:
                    61:17:95:81:25:de:0c:55:1b:d9:28:1d:ec:64:94:
                    53:f7:40:41:3c:08:c2:4d:e6:fd:41:52:9e:9c:c9:
                    a4:c6:74:bd:40:10:ff:b2:cd:21:2a:41:d9:26:60:
                    f2:12:14:81:2e:40:b8:50:7d:05:c2:4b:24:c8:3f:
                    45:90:10:3c:03:ea:f3:c0:55:b7:9d:b2:3f:7a:62:
                    be:16:4d:09:24:a5:02:a5:84:7b:c8:4c:0f:70:3a:
                    4b:01:ef:c9:b4:b8:81:4b:8f:1d:a6:07:f6:fa:53:
                    87:fc:2e:19:ca:98:d2:20:1c:11:f4:cd:e3:5a:df:
                    d7:ab:03:af:1b:87:53:7f:4d:8d:3d:32:3f:20:35:
                    a7:37:88:f3:e7:d0:c5:11:fa:8d:e1:40:81:6f:4b:
                    5e:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:B0:5E:6C:E7:98:E7:79:CD:EC:5F:D1:C9:F8:03:8E:AF:68:B7:79
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CrBebOeY53nN7F_RyfgDjq9ot3k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.98.0/24
                  163.5.187.0/24
                  163.5.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:22:ce:a5:d1:f1:7d:af:31:72:f3:5c:04:b8:6b:d3:7a:cd:
         46:9c:40:22:a4:e4:97:52:6b:6c:75:80:4e:2e:e6:19:6a:5a:
         c2:2d:0c:18:a8:9a:50:5c:84:3a:fa:f7:30:6b:dd:cc:ec:1e:
         0a:b9:c2:04:9b:60:d0:66:18:33:6f:2a:4b:d3:b0:c4:84:d1:
         7a:ae:86:dc:e8:17:27:07:46:4c:bb:4a:73:a1:d3:16:14:8b:
         7e:d1:08:a9:ce:39:e8:8b:c1:06:ec:f9:02:fb:b3:83:55:2b:
         81:5c:aa:0b:d7:ab:a2:de:7d:e6:37:64:bf:a1:6d:91:dd:bc:
         07:e3:01:7f:d2:a1:2e:4c:15:a5:99:ae:ed:fd:71:2a:35:c3:
         19:20:d9:2f:0d:f6:98:20:2a:69:d6:b4:82:72:ff:49:bb:95:
         da:6e:cb:7f:07:15:76:16:1c:84:23:2e:c3:ad:63:90:ba:61:
         55:fe:78:62:a3:4b:c8:e4:6e:59:3e:a7:55:35:8a:a2:f8:69:
         16:38:c0:73:0a:ef:0c:85:b2:85:f7:f9:d4:e9:ca:87:43:ff:
         58:78:0c:31:1b:e1:50:ad:9a:52:19:76:41:d8:97:27:79:b4:
         cb:78:79:ed:38:98:6e:48:d6:74:82:90:12:e1:54:f1:c2:54:
         1d:6f:fd:d8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqF3y1T+Hf+W7M9oCDLOSWvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwOTExMjAxMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWIwNWU2Y2U3OThlNzc5Y2RlYzVmZDFjOWY4MDM4ZWFmNjhiNzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoS3w9es3XNNiyHSBVBuzt/TVVCPE
ZoSOICfK+AkT4F+Pt075F41nQD0uaNTHeE0z5+3B2xLRa8WGU1k/XQ58O6tqObGs
3zJJjD2k1RNgDikY3nq95U2Pahr6E09r6CGXktNjVax8Uh1hF5WBJd4MVRvZKB3s
ZJRT90BBPAjCTeb9QVKenMmkxnS9QBD/ss0hKkHZJmDyEhSBLkC4UH0FwkskyD9F
kBA8A+rzwFW3nbI/emK+Fk0JJKUCpYR7yEwPcDpLAe/JtLiBS48dpgf2+lOH/C4Z
ypjSIBwR9M3jWt/XqwOvG4dTf02NPTI/IDWnN4jz59DFEfqN4UCBb0teRwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAqwXmznmOd5zexf0cn4A46vaLd5MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQ3JCZWJPZVk1M25ON0ZfUnlmZ0RqcTlvdDNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowViAwQA
owW7AwQAowXpMA0GCSqGSIb3DQEBCwUAA4IBAQA1Is6l0fF9rzFy81wEuGvTes1G
nEAipOSXUmtsdYBOLuYZalrCLQwYqJpQXIQ6+vcwa93M7B4KucIEm2DQZhgzbypL
07DEhNF6robc6BcnB0ZMu0pzodMWFIt+0Qipzjnoi8EG7PkC+7ODVSuBXKoL16ui
3n3mN2S/oW2R3bwH4wF/0qEuTBWlma7t/XEqNcMZINkvDfaYICpp1rSCcv9Ju5Xa
bst/BxV2FhyEIy7DrWOQumFV/nhio0vI5G5ZPqdVNYqi+GkWOMBzCu8MhbKF9/nU
6cqHQ/9YeAwxG+FQrZpSGXZB2JcnebTLeHntOJhuSNZ0gpAS4VTxwlQdb/3Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:04 2024 by rpki-client on console-fra.rpki-client.org