Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/JB27hUZoMnrqkA6zPtYnPTXg83w.roa
File:                     JB27hUZoMnrqkA6zPtYnPTXg83w.roa (raw, json)
Hash identifier:          Bbqv45RSI83jUkBkWWbflw8mmV5JmPwUv8yF0S9pIe4=
Subject key identifier:   24:1D:BB:85:46:68:32:7A:EA:90:0E:B3:3E:D6:27:3D:35:E0:F3:7C
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0187B847BC9D30B5FAF247C869286571ECAE
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/JB27hUZoMnrqkA6zPtYnPTXg83w.roa
Signing time:             Tue 25 Apr 2023 11:58:41 +0000
ROA not before:           Tue 25 Apr 2023 11:58:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14445
IP address blocks:        163.5.172.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 26 Apr 2023 12:11:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:b8:47:bc:9d:30:b5:fa:f2:47:c8:69:28:65:71:ec:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Apr 25 11:58:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=241dbb854668327aea900eb33ed6273d35e0f37c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:2d:df:5d:66:df:e3:b7:b9:8a:8c:5a:7d:d7:
                    2c:9f:f1:8f:66:0c:e1:48:f8:c7:11:8c:d3:69:bd:
                    7d:c3:f9:75:0c:91:17:5c:0b:f4:a6:13:f1:ea:0b:
                    be:dd:a3:46:68:89:68:88:7b:c2:b5:f9:03:37:17:
                    b3:a5:f7:ab:80:e2:5a:e4:96:2b:52:58:5a:c7:be:
                    d9:88:0b:f7:3d:ad:06:99:d9:43:e2:95:4a:ca:d8:
                    49:00:0c:c4:21:33:d6:67:c7:35:31:fe:6a:66:bb:
                    0e:0a:4b:70:81:e2:cb:66:07:a6:be:b0:b7:e4:a8:
                    b7:02:a5:1a:d3:e2:89:79:c1:7b:a5:86:b2:7e:21:
                    7d:7c:02:8f:07:03:08:fe:bf:e1:f7:6e:c3:e5:22:
                    34:02:a7:7e:b6:41:9d:c9:25:29:e4:48:ee:1f:3f:
                    69:28:8b:d3:d2:b1:ac:b1:c5:b2:8f:3b:6d:2d:f2:
                    af:0a:23:23:a3:a1:21:41:32:52:ca:b2:21:bc:89:
                    be:74:0a:b4:b0:94:03:8e:e4:d1:40:84:57:ee:20:
                    b3:56:be:b6:60:2d:bb:c2:fd:be:e2:0b:f3:88:3f:
                    bf:e5:7d:a7:1b:b4:be:fc:0f:35:c9:ed:d1:67:10:
                    32:ec:58:3f:b4:55:c7:72:30:a3:a2:ba:e4:23:71:
                    46:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:1D:BB:85:46:68:32:7A:EA:90:0E:B3:3E:D6:27:3D:35:E0:F3:7C
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/JB27hUZoMnrqkA6zPtYnPTXg83w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:29:a2:7f:5c:6a:c3:6d:25:ac:91:18:91:42:1a:e3:a4:ad:
         f6:92:d1:48:1c:16:2e:6a:a9:60:29:f7:35:eb:9e:cd:b5:ad:
         64:00:c9:b3:b7:2c:9a:39:21:7d:bc:e9:53:73:cc:0f:89:cb:
         87:31:22:5b:c2:a3:0e:44:26:8b:dc:63:ad:21:7a:66:74:67:
         cd:d8:da:8f:33:78:6e:13:04:b8:b8:28:e0:5d:29:ba:8b:aa:
         47:ab:09:d3:da:9c:1b:be:b1:eb:91:78:51:76:5e:24:16:4d:
         8d:53:47:f5:05:53:8e:bd:6f:ec:03:d1:6b:8f:1d:22:99:ad:
         ad:03:8f:e0:a9:8a:2a:d8:8f:7c:99:cf:7e:1d:13:ef:50:74:
         3c:8c:0d:d6:37:70:1e:19:6b:6f:fe:00:2f:00:d0:5e:07:e8:
         f1:a9:fc:75:eb:0a:d7:17:16:d1:e0:cb:27:9e:5d:15:ce:be:
         38:4c:5f:8f:66:12:36:65:fc:94:33:76:66:03:f0:d3:18:e7:
         3b:c8:d6:b1:18:52:87:3c:2f:d2:ba:2b:97:77:72:9b:47:48:
         8b:a2:df:38:66:07:5c:01:19:2d:f8:d5:9b:38:9d:c6:82:ff:
         ee:2c:15:58:0c:ed:59:50:2b:21:ef:6d:0a:21:85:ec:01:1f:
         c6:9c:5a:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe4R7ydMLX68kfIaShlceyuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNDI1MTE1ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDFkYmI4NTQ2NjgzMjdhZWE5MDBlYjMzZWQ2MjczZDM1ZTBmMzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvS3fXWbf47e5ioxafdcsn/GPZgzh
SPjHEYzTab19w/l1DJEXXAv0phPx6gu+3aNGaIloiHvCtfkDNxezpfergOJa5JYr
Ulhax77ZiAv3Pa0GmdlD4pVKythJAAzEITPWZ8c1Mf5qZrsOCktwgeLLZgemvrC3
5Ki3AqUa0+KJecF7pYayfiF9fAKPBwMI/r/h927D5SI0Aqd+tkGdySUp5EjuHz9p
KIvT0rGsscWyjzttLfKvCiMjo6EhQTJSyrIhvIm+dAq0sJQDjuTRQIRX7iCzVr62
YC27wv2+4gvziD+/5X2nG7S+/A81ye3RZxAy7Fg/tFXHcjCjorrkI3FGEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCQdu4VGaDJ66pAOsz7WJz014PN8MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSkIyN2hVWm9NbnJxa0E2elB0WW5QVFhnODN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowWsMA0G
CSqGSIb3DQEBCwUAA4IBAQApKaJ/XGrDbSWskRiRQhrjpK32ktFIHBYuaqlgKfc1
657Nta1kAMmztyyaOSF9vOlTc8wPicuHMSJbwqMORCaL3GOtIXpmdGfN2NqPM3hu
EwS4uCjgXSm6i6pHqwnT2pwbvrHrkXhRdl4kFk2NU0f1BVOOvW/sA9Frjx0ima2t
A4/gqYoq2I98mc9+HRPvUHQ8jA3WN3AeGWtv/gAvANBeB+jxqfx16wrXFxbR4Msn
nl0Vzr44TF+PZhI2ZfyUM3ZmA/DTGOc7yNaxGFKHPC/SuiuXd3KbR0iLot84Zgdc
ARkt+NWbOJ3Ggv/uLBVYDO1ZUCsh720KIYXsAR/GnFq7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:30 2024 by rpki-client on console-ams.rpki-client.org