Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KeGe1NVCGfE4LSeDwTUQe1JKSvQ.roa
File:                     KeGe1NVCGfE4LSeDwTUQe1JKSvQ.roa (raw, json)
Hash identifier:          Pokzy7b6AUdWCs+Eo3U3kPvuxi5qr3xEtT7mCYMsONQ=
Subject key identifier:   29:E1:9E:D4:D5:42:19:F1:38:2D:27:83:C1:35:10:7B:52:4A:4A:F4
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0189F411B3D607416263FE53DB5A1832A02B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KeGe1NVCGfE4LSeDwTUQe1JKSvQ.roa
Signing time:             Mon 14 Aug 2023 12:42:28 +0000
ROA not before:           Mon 14 Aug 2023 12:42:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207992
IP address blocks:        163.5.121.0/24 maxlen: 24
                          163.5.159.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:f4:11:b3:d6:07:41:62:63:fe:53:db:5a:18:32:a0:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Aug 14 12:42:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=29e19ed4d54219f1382d2783c135107b524a4af4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:8a:88:93:50:9d:2c:93:eb:6b:56:4f:d6:a2:
                    f8:50:e7:80:08:14:29:21:f5:4a:c8:b6:01:eb:6c:
                    05:7c:9c:72:65:64:d0:af:46:c5:58:61:02:a8:43:
                    9e:b2:e8:67:92:9e:17:f5:a3:01:a3:10:9c:f5:7f:
                    d3:64:dc:0b:03:9e:69:9e:bb:4b:6f:35:e5:ed:3a:
                    a6:68:30:55:10:04:b2:32:5d:9d:f7:ad:3a:69:75:
                    ab:30:70:33:ad:2e:42:12:6e:ad:95:b3:09:17:dc:
                    dd:af:40:64:0e:ac:aa:d7:12:07:9f:63:54:59:b2:
                    93:56:bc:f4:e6:9a:0d:11:eb:43:ac:ab:8f:12:29:
                    3c:98:04:15:25:08:1d:fd:71:b6:0e:21:4f:be:73:
                    d7:38:96:6e:6e:3a:17:ef:67:3e:dd:7e:1b:0e:f7:
                    a8:5e:04:92:8b:19:1d:40:8e:5b:88:c8:1c:af:90:
                    86:30:4e:60:5f:5a:c7:9d:45:0a:99:fb:1c:ae:46:
                    07:1e:69:bd:8d:27:f9:ef:ad:99:b9:3a:b0:4a:01:
                    df:6b:37:0e:6c:4f:38:c3:53:af:61:a8:09:2c:b2:
                    b7:6b:e4:00:f4:be:19:30:eb:2a:fa:b8:47:7f:10:
                    90:4e:34:90:d7:6c:62:d5:74:b2:77:45:4a:5c:31:
                    f5:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:E1:9E:D4:D5:42:19:F1:38:2D:27:83:C1:35:10:7B:52:4A:4A:F4
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KeGe1NVCGfE4LSeDwTUQe1JKSvQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.121.0/24
                  163.5.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:90:84:33:97:f2:b3:56:60:a4:5d:f0:93:bb:20:bf:a3:9a:
         2e:6a:5c:10:fa:e0:b1:63:ff:b0:63:b8:a2:7c:ea:35:b9:36:
         4b:5b:1f:34:98:6f:22:61:dc:9d:bd:8a:ad:53:ee:f1:62:4a:
         a8:b3:c6:de:5b:ab:50:db:b8:1e:32:db:a5:fd:a7:4a:95:8e:
         fa:74:9e:20:e7:79:dc:d8:3d:c4:85:74:7b:0e:26:70:a8:c9:
         5c:b4:a7:90:b2:d0:bd:e3:bd:35:30:e9:c9:4c:08:32:5b:a4:
         ef:79:d2:b2:52:d3:ce:56:43:69:c4:e7:03:61:d3:0f:dd:09:
         f8:3d:d5:a5:59:19:91:cf:81:73:e4:bb:77:3d:be:dc:a0:5c:
         c6:fe:fa:fb:4a:f3:1e:b0:17:01:32:ea:da:af:a1:4d:a6:83:
         66:42:59:60:93:b5:65:69:f4:16:55:fd:e0:b7:9f:9c:7b:6c:
         02:e7:5a:a3:9e:17:03:d8:98:f2:ef:f2:52:71:11:97:01:e6:
         0a:b5:da:de:8a:c9:8e:69:8d:1e:cb:d1:ab:78:bc:ba:1e:50:
         b9:c8:7a:12:29:92:6c:22:af:1f:b7:f8:5f:5a:86:fa:d1:5e:
         fc:bf:12:52:8c:3e:47:c6:51:32:7c:75:11:fb:57:54:d2:86:
         1a:eb:93:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYn0EbPWB0FiY/5T21oYMqArMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwODE0MTI0MjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWUxOWVkNGQ1NDIxOWYxMzgyZDI3ODNjMTM1MTA3YjUyNGE0YWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIqIk1CdLJPra1ZP1qL4UOeACBQp
IfVKyLYB62wFfJxyZWTQr0bFWGECqEOesuhnkp4X9aMBoxCc9X/TZNwLA55pnrtL
bzXl7TqmaDBVEASyMl2d9606aXWrMHAzrS5CEm6tlbMJF9zdr0BkDqyq1xIHn2NU
WbKTVrz05poNEetDrKuPEik8mAQVJQgd/XG2DiFPvnPXOJZubjoX72c+3X4bDveo
XgSSixkdQI5biMgcr5CGME5gX1rHnUUKmfscrkYHHmm9jSf5762ZuTqwSgHfazcO
bE84w1OvYagJLLK3a+QA9L4ZMOsq+rhHfxCQTjSQ12xi1XSyd0VKXDH1EwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCnhntTVQhnxOC0ng8E1EHtSSkr0MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvS2VHZTFOVkNHZkU0TFNlRHdUVVFlMUpLU3ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowV5AwQA
owWfMA0GCSqGSIb3DQEBCwUAA4IBAQBWkIQzl/KzVmCkXfCTuyC/o5oualwQ+uCx
Y/+wY7iifOo1uTZLWx80mG8iYdydvYqtU+7xYkqos8beW6tQ27geMtul/adKlY76
dJ4g53nc2D3EhXR7DiZwqMlctKeQstC94701MOnJTAgyW6TvedKyUtPOVkNpxOcD
YdMP3Qn4PdWlWRmRz4Fz5Lt3Pb7coFzG/vr7SvMesBcBMurar6FNpoNmQllgk7Vl
afQWVf3gt5+ce2wC51qjnhcD2Jjy7/JScRGXAeYKtdreismOaY0ey9GreLy6HlC5
yHoSKZJsIq8ft/hfWob60V78vxJSjD5HxlEyfHUR+1dU0oYa65OF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:05 2024 by rpki-client on console-fra.rpki-client.org