Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FtN9feZ9L-e1cpN3c7RiSGEOgA4.roa
File:                     FtN9feZ9L-e1cpN3c7RiSGEOgA4.roa (raw, json)
Hash identifier:          jUPH8eH4LF7ZBR5J42A43VcC8DMddkgg1ek/3IeG6aA=
Subject key identifier:   16:D3:7D:7D:E6:7D:2F:E7:B5:72:93:77:73:B4:62:48:61:0E:80:0E
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018B8231AF83AF218F44DDBA759F051611A2
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FtN9feZ9L-e1cpN3c7RiSGEOgA4.roa
Signing time:             Mon 30 Oct 2023 20:06:16 +0000
ROA not before:           Mon 30 Oct 2023 20:06:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29802
IP address blocks:        163.5.118.0/24 maxlen: 24
                          163.5.153.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 20 Nov 2023 12:17:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:82:31:af:83:af:21:8f:44:dd:ba:75:9f:05:16:11:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Oct 30 20:06:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=16d37d7de67d2fe7b572937773b46248610e800e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:e7:42:79:f9:16:c6:67:9b:12:7a:3d:ff:13:
                    6e:88:1e:98:54:3f:b8:d7:ae:5c:6d:7f:af:6c:bb:
                    a4:6b:bb:ca:41:86:62:b0:26:e5:21:b1:86:7a:51:
                    9a:bb:00:3a:a1:2a:55:d2:7c:82:25:80:2b:12:4a:
                    99:0d:e8:a1:7d:00:69:ad:06:a7:d0:c9:f2:57:aa:
                    20:16:1f:14:a4:d6:90:38:7b:57:47:78:9e:0e:cb:
                    eb:2c:c9:7c:2e:79:1b:c6:23:24:19:a3:b4:5e:65:
                    a2:9f:d8:ad:c2:1d:4c:51:71:53:70:59:3f:01:15:
                    2a:72:62:c8:21:b7:f1:32:4d:18:32:65:9c:64:ef:
                    c5:d6:bf:27:9b:73:ae:a7:75:53:10:4d:95:b5:02:
                    bf:71:63:0e:fb:5f:08:50:c5:c1:94:a1:23:df:2e:
                    af:a0:a5:60:84:be:4d:33:32:44:8e:11:a5:64:6d:
                    66:e0:c4:bf:7d:e1:59:48:81:d7:58:35:69:5e:43:
                    c6:b3:a2:3b:e9:cb:bc:17:bf:a5:39:ff:89:cf:76:
                    8d:93:59:9d:90:02:e8:0e:08:ba:06:6a:6f:60:ce:
                    02:75:19:7d:93:9f:54:70:36:31:82:e3:32:6f:2a:
                    67:e5:4f:aa:dd:b7:82:55:a8:bf:b8:ad:7c:a9:00:
                    1f:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:D3:7D:7D:E6:7D:2F:E7:B5:72:93:77:73:B4:62:48:61:0E:80:0E
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FtN9feZ9L-e1cpN3c7RiSGEOgA4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.118.0/24
                  163.5.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:23:00:4f:fb:24:78:38:9f:80:a4:59:a1:5b:7e:99:72:3a:
         d5:fb:f5:ae:4c:2a:81:ae:2c:50:73:60:02:9c:12:b6:7e:0a:
         ea:f7:4f:b2:2d:1f:d5:e1:d8:58:e8:ad:b8:75:27:7e:eb:d4:
         d3:12:43:65:ab:b5:68:a8:f0:e5:7d:49:f3:34:5b:b6:f8:ee:
         eb:ea:82:ce:ea:2b:6a:68:9d:cd:46:1f:3d:82:73:7f:13:92:
         e5:72:4f:a0:69:b0:c7:20:dc:42:3d:0f:95:d9:4f:36:99:f8:
         f4:8b:94:28:df:c9:64:0a:d5:b7:39:a4:7f:97:cf:42:94:40:
         9c:3c:0e:6a:c4:68:8d:48:bc:27:13:ea:65:aa:1e:d3:7a:22:
         81:03:2a:35:79:79:8d:7e:2b:7b:3c:ee:1c:fd:9b:63:6f:26:
         75:38:52:c2:86:ba:18:9f:10:6a:30:ed:0d:f2:cf:ad:a3:3a:
         59:01:94:11:2e:ac:2f:fa:11:7b:cd:59:9d:8b:76:d7:dc:18:
         ab:d7:f5:3f:33:f6:fd:54:85:f1:2f:17:da:f0:9e:db:73:3b:
         d1:96:aa:d1:f4:c2:4e:cf:f2:33:98:60:71:cc:fd:45:2f:e9:
         fe:7c:96:7b:64:6f:07:60:88:03:ff:88:d9:12:bb:62:ea:93:
         02:ea:9f:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuCMa+DryGPRN26dZ8FFhGiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMDMwMjAwNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmQzN2Q3ZGU2N2QyZmU3YjU3MjkzNzc3M2I0NjI0ODYxMGU4MDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOdCefkWxmebEno9/xNuiB6YVD+4
165cbX+vbLuka7vKQYZisCblIbGGelGauwA6oSpV0nyCJYArEkqZDeihfQBprQan
0MnyV6ogFh8UpNaQOHtXR3ieDsvrLMl8LnkbxiMkGaO0XmWin9itwh1MUXFTcFk/
ARUqcmLIIbfxMk0YMmWcZO/F1r8nm3Oup3VTEE2VtQK/cWMO+18IUMXBlKEj3y6v
oKVghL5NMzJEjhGlZG1m4MS/feFZSIHXWDVpXkPGs6I76cu8F7+lOf+Jz3aNk1md
kALoDgi6BmpvYM4CdRl9k59UcDYxguMybypn5U+q3beCVai/uK18qQAftQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBbTfX3mfS/ntXKTd3O0YkhhDoAOMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRnROOWZlWjlMLWUxY3BOM2M3UmlTR0VPZ0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowV2AwQA
owWZMA0GCSqGSIb3DQEBCwUAA4IBAQAkIwBP+yR4OJ+ApFmhW36ZcjrV+/WuTCqB
rixQc2ACnBK2fgrq90+yLR/V4dhY6K24dSd+69TTEkNlq7VoqPDlfUnzNFu2+O7r
6oLO6itqaJ3NRh89gnN/E5Llck+gabDHINxCPQ+V2U82mfj0i5Qo38lkCtW3OaR/
l89ClECcPA5qxGiNSLwnE+plqh7TeiKBAyo1eXmNfit7PO4c/ZtjbyZ1OFLChroY
nxBqMO0N8s+tozpZAZQRLqwv+hF7zVmdi3bX3Bir1/U/M/b9VIXxLxfa8J7bczvR
lqrR9MJOz/IzmGBxzP1FL+n+fJZ7ZG8HYIgD/4jZErti6pMC6p+s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:04 2024 by rpki-client on console-fra.rpki-client.org