Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OhXwc_dMcaoCGc1AwSnt52yp9_k.roa
File:                     OhXwc_dMcaoCGc1AwSnt52yp9_k.roa (raw, json)
Hash identifier:          EeImgsqhL+1wUO8TOPKYOxJHJV/Dl/S32UCEyGqQCbg=
Subject key identifier:   3A:15:F0:73:F7:4C:71:AA:02:19:CD:40:C1:29:ED:E7:6C:A9:F7:F9
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01891751B614DED9ECC1C4BA0E9D670680EB
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OhXwc_dMcaoCGc1AwSnt52yp9_k.roa
Signing time:             Sun 02 Jul 2023 15:56:18 +0000
ROA not before:           Sun 02 Jul 2023 15:56:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205320
IP address blocks:        163.5.208.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 18 Aug 2023 18:25:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:17:51:b6:14:de:d9:ec:c1:c4:ba:0e:9d:67:06:80:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jul  2 15:56:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3a15f073f74c71aa0219cd40c129ede76ca9f7f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:5b:89:60:e1:04:c1:e0:84:38:a2:73:1c:dd:
                    70:a8:a3:ad:e5:f3:bf:58:07:f6:bc:62:30:4a:9b:
                    d6:3f:0a:fb:a0:45:2b:91:c5:9b:36:6b:d3:b4:b8:
                    d1:ea:21:6b:fb:0e:23:01:98:ac:6d:ef:a5:a7:13:
                    6b:95:9f:92:9c:1b:ae:b2:b4:d6:4f:ab:80:62:fd:
                    b8:01:d2:80:2d:a3:4d:5e:e7:a7:0e:db:01:92:a6:
                    f6:7b:99:f8:e4:e4:dd:08:44:fd:13:a7:04:18:61:
                    6d:14:83:84:45:01:39:1d:1b:60:42:0f:c1:d5:90:
                    bf:29:a1:dc:87:6b:52:2a:1d:50:57:a4:1a:08:d0:
                    26:ba:56:1e:bc:27:dc:ff:62:f0:cf:29:4d:8c:b0:
                    be:cc:fa:b3:de:10:43:31:1f:f9:04:f9:d6:b8:f4:
                    fc:2c:97:bc:ce:7d:fb:59:c6:81:7d:e4:0e:75:83:
                    02:39:e5:21:bd:df:a5:07:64:e4:86:a6:fc:a6:bd:
                    fa:35:66:bc:7f:d4:bc:78:62:aa:c5:9e:fd:b7:04:
                    99:8c:98:b3:76:d2:9e:01:8c:82:68:72:60:33:65:
                    d7:fa:7c:d7:96:8e:cb:40:fe:03:78:15:84:3e:09:
                    37:19:19:25:7e:d4:70:78:0f:a1:e0:50:88:b0:79:
                    53:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:15:F0:73:F7:4C:71:AA:02:19:CD:40:C1:29:ED:E7:6C:A9:F7:F9
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/OhXwc_dMcaoCGc1AwSnt52yp9_k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:18:aa:20:d7:d3:a3:78:6b:5b:d2:8d:e5:61:0c:cb:9d:7b:
         4f:6b:cb:d9:8a:65:fa:18:09:0a:5e:94:c3:dc:f4:85:c5:29:
         88:83:85:d2:89:76:6a:18:2b:99:85:f5:1d:6d:86:57:02:09:
         e7:47:32:8a:ff:79:06:c8:87:93:72:cd:1d:20:6a:07:01:c8:
         ba:f3:85:01:92:54:8c:9b:da:0e:ac:0e:85:c2:04:b8:c3:8d:
         3f:5e:65:96:a6:1e:f4:40:c8:1f:da:87:82:39:87:aa:3a:b1:
         e5:e1:9b:90:83:d5:d3:ba:f0:e6:26:6b:78:91:ae:42:ae:55:
         c8:24:01:c4:e4:7f:36:92:22:b0:57:86:4d:b4:64:2f:17:61:
         ec:7b:2c:30:4f:75:69:dd:01:56:0d:81:2d:c8:fe:8f:2a:68:
         21:e7:6e:f8:a3:21:d8:34:e9:53:72:bf:13:a1:9e:cd:1b:77:
         a7:64:4a:ee:29:e0:5c:b5:ba:d3:08:e8:2a:27:81:1d:bf:8e:
         1b:55:87:ed:71:72:a2:f0:5f:a0:78:24:32:c9:26:68:97:16:
         48:f4:2c:60:74:42:05:a8:5e:27:0d:b9:0c:95:27:d9:0a:e2:
         94:40:5e:a4:0e:6c:ec:5a:cb:8a:0b:97:f6:a2:55:bb:6e:a8:
         77:bd:61:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkXUbYU3tnswcS6Dp1nBoDrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNzAyMTU1NjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTE1ZjA3M2Y3NGM3MWFhMDIxOWNkNDBjMTI5ZWRlNzZjYTlmN2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFuJYOEEweCEOKJzHN1wqKOt5fO/
WAf2vGIwSpvWPwr7oEUrkcWbNmvTtLjR6iFr+w4jAZisbe+lpxNrlZ+SnBuusrTW
T6uAYv24AdKALaNNXuenDtsBkqb2e5n45OTdCET9E6cEGGFtFIOERQE5HRtgQg/B
1ZC/KaHch2tSKh1QV6QaCNAmulYevCfc/2LwzylNjLC+zPqz3hBDMR/5BPnWuPT8
LJe8zn37WcaBfeQOdYMCOeUhvd+lB2Tkhqb8pr36NWa8f9S8eGKqxZ79twSZjJiz
dtKeAYyCaHJgM2XX+nzXlo7LQP4DeBWEPgk3GRklftRweA+h4FCIsHlTkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDoV8HP3THGqAhnNQMEp7edsqff5MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvT2hYd2NfZE1jYW9DR2MxQXdTbnQ1MnlwOV9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXQMA0G
CSqGSIb3DQEBCwUAA4IBAQAXGKog19OjeGtb0o3lYQzLnXtPa8vZimX6GAkKXpTD
3PSFxSmIg4XSiXZqGCuZhfUdbYZXAgnnRzKK/3kGyIeTcs0dIGoHAci684UBklSM
m9oOrA6FwgS4w40/XmWWph70QMgf2oeCOYeqOrHl4ZuQg9XTuvDmJmt4ka5CrlXI
JAHE5H82kiKwV4ZNtGQvF2HseywwT3Vp3QFWDYEtyP6PKmgh5274oyHYNOlTcr8T
oZ7NG3enZEruKeBctbrTCOgqJ4Edv44bVYftcXKi8F+geCQyySZolxZI9CxgdEIF
qF4nDbkMlSfZCuKUQF6kDmzsWsuKC5f2olW7bqh3vWHy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:05 2024 by rpki-client on console-fra.rpki-client.org