Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DU5KLyzJRP7ublLHIIhzS2_FKuc.roa
File:                     DU5KLyzJRP7ublLHIIhzS2_FKuc.roa (raw, json)
Hash identifier:          iy/W+RE/UZhDk5UoJzlmynt96d5cSU984qRkFTZrhIo=
Subject key identifier:   0D:4E:4A:2F:2C:C9:44:FE:EE:6E:52:C7:20:88:73:4B:6F:C5:2A:E7
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018E953950A121227B675DA7639903E2BCFD
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DU5KLyzJRP7ublLHIIhzS2_FKuc.roa
Signing time:             Sun 31 Mar 2024 15:55:45 +0000
ROA not before:           Sun 31 Mar 2024 15:55:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210164
IP address blocks:        163.5.65.0/24 maxlen: 24
                          163.5.73.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 Apr 2024 08:54:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:95:39:50:a1:21:22:7b:67:5d:a7:63:99:03:e2:bc:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Mar 31 15:55:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0d4e4a2f2cc944feee6e52c72088734b6fc52ae7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:cf:b9:4d:a0:ce:68:cf:1f:49:83:e5:36:34:
                    d5:b5:78:51:5f:25:ec:ec:d8:71:da:8e:26:86:0f:
                    af:68:8b:33:db:28:88:07:53:9b:36:e8:14:36:9a:
                    0c:77:92:2b:17:9f:86:e4:48:49:c6:48:a7:c1:cd:
                    e9:1a:da:ff:12:9e:9f:ec:e5:e3:d7:79:77:8d:a4:
                    79:e3:7a:44:7b:6a:18:b5:a1:e5:da:68:51:92:8e:
                    c1:0d:da:50:1f:8d:d2:7d:6b:c7:4f:19:73:f2:70:
                    0a:a2:d4:84:b0:66:74:d9:46:78:0f:37:f5:80:e1:
                    41:8c:5b:13:6b:f1:1b:43:59:6c:91:e4:af:b7:b6:
                    7a:08:9f:12:45:fc:14:ad:f9:58:dc:63:e7:ca:82:
                    03:25:0d:7f:27:92:5a:04:8c:76:24:2e:80:af:5e:
                    31:fa:d7:d7:0b:8d:d3:c2:bc:b2:ee:e2:28:8e:5b:
                    e3:09:9f:19:19:e4:cc:ad:cd:46:26:36:81:b3:12:
                    5f:6f:d3:5c:76:1c:d9:d4:f0:f4:ef:82:d0:c5:49:
                    60:96:22:81:73:ad:00:7c:38:99:a7:80:85:c6:9f:
                    71:4e:07:a6:5f:d0:bb:88:fb:72:84:f0:8a:d0:d4:
                    ce:da:57:7d:d4:3c:18:f0:66:7e:8d:2f:c8:f8:a3:
                    b6:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:4E:4A:2F:2C:C9:44:FE:EE:6E:52:C7:20:88:73:4B:6F:C5:2A:E7
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DU5KLyzJRP7ublLHIIhzS2_FKuc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.65.0/24
                  163.5.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:2a:73:23:4d:f9:e3:7d:63:cb:59:50:0d:3a:68:d1:31:b1:
         88:61:52:bf:69:0e:70:19:0e:56:c3:bd:50:04:92:1b:4d:06:
         d7:44:b3:b2:a3:09:2d:ae:17:b6:ea:e0:c3:67:57:ee:87:09:
         79:d1:fa:bf:52:2a:3e:92:aa:a1:04:83:b2:58:ab:0e:b4:a8:
         9a:fd:b6:5b:48:8a:a8:3e:15:bf:27:51:d8:bf:88:ce:77:e9:
         b1:08:44:62:cb:d0:c9:13:a5:8c:58:50:bf:3c:c0:3a:20:b5:
         2a:8b:be:1f:ca:ef:2d:5a:b5:41:08:45:4b:5e:d4:88:07:63:
         09:fd:83:dd:2e:64:ac:70:bc:89:75:74:0b:f1:df:65:88:df:
         81:d1:66:67:4e:89:a5:f1:48:f1:0b:17:2a:b6:b0:fe:1e:16:
         72:f7:d9:13:e0:93:59:75:df:3d:cf:7f:7c:b2:d4:a1:ce:7c:
         4e:83:c4:17:f6:87:a6:e0:d1:dc:6c:1c:68:23:a1:0b:f0:26:
         12:77:4c:a5:7c:3f:61:20:da:6c:7a:07:8f:af:9a:25:36:c5:
         8b:d8:38:0a:fb:3f:65:ea:18:37:6c:0a:b5:e7:f5:8e:16:dd:
         42:bb:3d:4d:45:b5:ec:b7:94:2f:a4:7d:14:ec:61:bb:a0:7e:
         e5:74:97:84
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6VOVChISJ7Z12nY5kD4rz9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMzMxMTU1NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDRlNGEyZjJjYzk0NGZlZWU2ZTUyYzcyMDg4NzM0YjZmYzUyYWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4c+5TaDOaM8fSYPlNjTVtXhRXyXs
7Nhx2o4mhg+vaIsz2yiIB1ObNugUNpoMd5IrF5+G5EhJxkinwc3pGtr/Ep6f7OXj
13l3jaR543pEe2oYtaHl2mhRko7BDdpQH43SfWvHTxlz8nAKotSEsGZ02UZ4Dzf1
gOFBjFsTa/EbQ1lskeSvt7Z6CJ8SRfwUrflY3GPnyoIDJQ1/J5JaBIx2JC6Ar14x
+tfXC43Twryy7uIojlvjCZ8ZGeTMrc1GJjaBsxJfb9NcdhzZ1PD074LQxUlgliKB
c60AfDiZp4CFxp9xTgemX9C7iPtyhPCK0NTO2ld91DwY8GZ+jS/I+KO2pwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA1OSi8syUT+7m5SxyCIc0tvxSrnMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRFU1S0x5ekpSUDd1YmxMSElJaHpTMl9GS3VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowVBAwQA
owVJMA0GCSqGSIb3DQEBCwUAA4IBAQBmKnMjTfnjfWPLWVANOmjRMbGIYVK/aQ5w
GQ5Ww71QBJIbTQbXRLOyowktrhe26uDDZ1fuhwl50fq/Uio+kqqhBIOyWKsOtKia
/bZbSIqoPhW/J1HYv4jOd+mxCERiy9DJE6WMWFC/PMA6ILUqi74fyu8tWrVBCEVL
XtSIB2MJ/YPdLmSscLyJdXQL8d9liN+B0WZnToml8UjxCxcqtrD+HhZy99kT4JNZ
dd89z398stShznxOg8QX9oem4NHcbBxoI6EL8CYSd0ylfD9hINpsegePr5olNsWL
2DgK+z9l6hg3bAq15/WOFt1Cuz1NRbXst5QvpH0U7GG7oH7ldJeE
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:29 2024 by rpki-client on console-ams.rpki-client.org