Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DzkvDENzM3HDQvao82lHtsN6C-o.roa
File:                     DzkvDENzM3HDQvao82lHtsN6C-o.roa (raw, json)
Hash identifier:          2S4ScZLgMPJssVYy07C2DHcctETctUiurZHktEXbtLc=
Subject key identifier:   0F:39:2F:0C:43:73:33:71:C3:42:F6:A8:F3:69:47:B6:C3:7A:0B:EA
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01899BED8E11A0EF1F595A034210B788FA0D
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DzkvDENzM3HDQvao82lHtsN6C-o.roa
Signing time:             Fri 28 Jul 2023 09:56:24 +0000
ROA not before:           Fri 28 Jul 2023 09:56:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197644
IP address blocks:        163.5.58.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 02 Aug 2023 13:55:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:9b:ed:8e:11:a0:ef:1f:59:5a:03:42:10:b7:88:fa:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jul 28 09:56:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0f392f0c43733371c342f6a8f36947b6c37a0bea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:20:82:a6:3a:f9:c6:a4:29:ba:82:da:e2:bd:
                    55:df:2d:bc:ae:bd:8d:6c:06:8c:37:59:59:71:f1:
                    a1:fc:3b:0c:89:88:c2:f9:97:d0:46:0a:36:3b:47:
                    98:18:7b:91:16:41:a8:3b:1c:7c:9f:f4:4c:a0:42:
                    98:32:76:92:b3:11:b2:47:2b:58:ee:c4:d7:7c:46:
                    99:2e:40:ac:a0:00:6b:ef:70:70:4a:90:89:e9:25:
                    0d:97:89:9d:cf:ad:79:43:d1:55:dc:50:55:43:b4:
                    dc:83:5e:8d:d9:5a:8a:4b:ce:38:99:26:75:45:9a:
                    10:ac:4b:1d:7d:69:49:91:0a:d6:fa:62:fa:36:1e:
                    64:c4:e3:69:c4:38:11:77:a7:e6:98:f4:af:48:94:
                    19:a5:9c:34:ef:39:73:89:27:83:38:99:6a:3f:56:
                    2e:d5:dd:86:c2:86:fb:f1:ab:2e:48:07:e5:63:4b:
                    fd:20:b5:0c:1c:35:41:ab:4c:db:65:c2:b1:ff:24:
                    52:c6:ef:64:d0:b6:ac:74:4c:a2:52:c4:93:33:df:
                    49:e3:04:49:5e:dc:36:a9:fa:b0:a3:c0:46:0a:dc:
                    f7:0f:ae:01:01:a2:3c:1e:93:be:98:bd:7e:46:dc:
                    e4:6a:76:cd:3f:c0:a9:e5:cd:6a:6e:cf:10:30:2b:
                    7e:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:39:2F:0C:43:73:33:71:C3:42:F6:A8:F3:69:47:B6:C3:7A:0B:EA
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DzkvDENzM3HDQvao82lHtsN6C-o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.58.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:a4:f0:3f:34:07:d6:fa:14:5b:ce:70:33:0f:36:ee:e3:c2:
         99:e7:d1:d5:b4:25:2b:ba:d4:c5:64:87:59:8a:73:4b:4d:60:
         62:23:d8:43:b4:a8:fc:fe:8c:b8:3a:49:c1:69:05:e8:a5:80:
         93:4d:ba:c5:fc:20:6f:ee:63:dd:d4:4d:55:b0:1c:b6:48:36:
         fc:d8:1f:f1:18:3d:28:79:ea:8b:29:8f:aa:9c:e6:49:0b:38:
         13:e5:65:f6:0d:b7:77:04:d6:7b:58:d2:27:c0:74:b7:fc:4d:
         7f:a2:65:e7:91:52:11:89:25:14:76:5f:80:07:da:2a:80:19:
         53:79:68:bb:33:22:7c:e0:6e:b6:e4:ed:2f:4f:66:d9:2d:d0:
         b1:ff:6c:79:1b:ad:0b:40:c4:55:22:7d:fe:35:ce:bd:72:b3:
         95:35:55:13:e8:f7:91:5d:05:7a:76:b9:e4:f9:bc:17:34:15:
         0f:dd:06:20:db:83:73:d3:17:be:da:35:b6:84:b3:67:58:41:
         0e:4f:21:2a:c3:76:12:c3:3c:f1:03:04:85:14:be:6c:f8:17:
         b7:08:7d:ad:66:c9:db:b6:72:f1:55:3a:1f:37:58:b5:4b:1e:
         60:b7:54:72:85:ae:fa:e8:69:2a:5f:45:a8:ac:b6:26:8b:42:
         c4:56:be:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmb7Y4RoO8fWVoDQhC3iPoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNzI4MDk1NjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjM5MmYwYzQzNzMzMzcxYzM0MmY2YThmMzY5NDdiNmMzN2EwYmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiCCpjr5xqQpuoLa4r1V3y28rr2N
bAaMN1lZcfGh/DsMiYjC+ZfQRgo2O0eYGHuRFkGoOxx8n/RMoEKYMnaSsxGyRytY
7sTXfEaZLkCsoABr73BwSpCJ6SUNl4mdz615Q9FV3FBVQ7Tcg16N2VqKS844mSZ1
RZoQrEsdfWlJkQrW+mL6Nh5kxONpxDgRd6fmmPSvSJQZpZw07zlziSeDOJlqP1Yu
1d2Gwob78asuSAflY0v9ILUMHDVBq0zbZcKx/yRSxu9k0LasdEyiUsSTM99J4wRJ
Xtw2qfqwo8BGCtz3D64BAaI8HpO+mL1+RtzkanbNP8Cp5c1qbs8QMCt+XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA85LwxDczNxw0L2qPNpR7bDegvqMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRHprdkRFTnpNM0hEUXZhbzgybEh0c042Qy1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowU6MA0G
CSqGSIb3DQEBCwUAA4IBAQAwpPA/NAfW+hRbznAzDzbu48KZ59HVtCUrutTFZIdZ
inNLTWBiI9hDtKj8/oy4OknBaQXopYCTTbrF/CBv7mPd1E1VsBy2SDb82B/xGD0o
eeqLKY+qnOZJCzgT5WX2Dbd3BNZ7WNInwHS3/E1/omXnkVIRiSUUdl+AB9oqgBlT
eWi7MyJ84G625O0vT2bZLdCx/2x5G60LQMRVIn3+Nc69crOVNVUT6PeRXQV6drnk
+bwXNBUP3QYg24Nz0xe+2jW2hLNnWEEOTyEqw3YSwzzxAwSFFL5s+Be3CH2tZsnb
tnLxVTofN1i1Sx5gt1Ryha766GkqX0WorLYmi0LEVr5/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:29 2024 by rpki-client on console-ams.rpki-client.org