Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QU5GQQxoMKu4On0p2T5OUPQfCcc.roa
File:                     QU5GQQxoMKu4On0p2T5OUPQfCcc.roa (raw, json)
Hash identifier:          1clhU9tkd2xgqE4ADY4hM3d9q/WB2DObNLWK1N9wb84=
Subject key identifier:   41:4E:46:41:0C:68:30:AB:B8:3A:7D:29:D9:3E:4E:50:F4:1F:09:C7
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018CC42566FE24E38E8EA9246D6E313730BA
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QU5GQQxoMKu4On0p2T5OUPQfCcc.roa
Signing time:             Mon 01 Jan 2024 08:30:34 +0000
ROA not before:           Mon 01 Jan 2024 08:30:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210122
IP address blocks:        163.5.181.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 07 Jan 2024 12:19:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:25:66:fe:24:e3:8e:8e:a9:24:6d:6e:31:37:30:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan  1 08:30:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=414e46410c6830abb83a7d29d93e4e50f41f09c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:c2:2c:64:78:ba:19:e0:a6:25:d7:f1:cb:99:
                    e9:68:b1:44:43:34:84:d9:a6:e0:01:f1:f6:38:95:
                    a6:f3:21:17:fd:ce:2a:f0:49:ca:1d:be:4f:a6:7a:
                    11:b8:99:cf:83:af:84:a7:b4:0f:1b:72:27:b5:41:
                    46:a5:c0:8e:81:1c:04:0a:ff:73:be:4f:0a:7f:6d:
                    51:30:a0:3e:53:76:29:d6:fd:f3:bb:6b:2d:a8:ad:
                    fd:81:14:c6:95:2b:5b:19:42:ec:90:10:2d:11:28:
                    1e:6d:ce:19:1c:5b:c5:ec:68:98:a4:55:4c:c7:3b:
                    c7:de:f2:32:ce:b4:a0:7c:6b:45:e4:38:94:8a:cb:
                    a1:d8:76:da:43:95:23:03:99:7b:9c:d3:52:a1:f1:
                    46:fd:d9:76:7c:c1:7e:98:f2:2c:47:a6:e9:c1:e5:
                    f6:6d:ed:3a:db:52:47:97:3c:01:ae:5e:9f:cb:bd:
                    23:f0:cf:dd:5e:2f:5f:05:5d:19:1b:4a:fb:33:33:
                    2e:31:08:c2:48:85:d1:50:a1:45:5e:46:1c:80:f7:
                    e6:35:a4:29:ff:39:d9:39:5c:7c:a3:9f:e2:48:04:
                    5b:34:ed:67:ce:f5:a7:7a:95:ba:14:f4:8c:f3:a2:
                    71:e2:04:bf:e6:91:aa:16:33:c9:43:89:7b:2e:19:
                    73:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:4E:46:41:0C:68:30:AB:B8:3A:7D:29:D9:3E:4E:50:F4:1F:09:C7
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QU5GQQxoMKu4On0p2T5OUPQfCcc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:39:39:3f:d6:1a:1d:af:cf:51:53:d4:8f:73:cc:2b:ee:1e:
         55:f9:b5:97:a5:89:94:e4:90:67:16:29:d7:bc:86:e7:47:27:
         64:75:dc:bb:12:0f:29:14:c9:aa:bb:d9:4c:9a:78:df:69:7c:
         38:a5:d8:13:2a:64:8c:b5:c4:7b:ba:b2:a8:07:01:95:9a:17:
         e5:9a:d5:54:dd:48:03:29:12:48:01:c7:b8:7f:14:2a:31:b5:
         3c:67:a1:a1:79:f0:9e:7a:e4:9a:65:ea:37:8a:56:e0:a7:ef:
         5b:16:5d:02:9c:db:55:fc:62:5e:bb:d0:23:bb:58:de:58:48:
         f6:5b:04:7d:3e:bc:54:ac:ec:2f:23:c2:ed:64:15:fb:9e:fc:
         cd:dc:13:87:ee:1a:43:e2:37:3a:3c:8e:66:0b:34:d0:bd:a4:
         36:e7:2c:80:21:a0:57:cb:ab:12:34:ee:88:47:62:2b:3c:1e:
         a8:02:d4:4e:d0:ee:8b:5f:84:8f:83:68:cd:7f:27:05:70:3f:
         24:f3:4b:04:2b:4f:09:7a:03:aa:68:12:0c:08:1a:c3:46:17:
         73:ff:7d:30:82:21:e6:67:2f:e7:dc:a0:51:11:80:81:e3:89:
         68:00:5c:cc:ee:94:d0:a9:51:11:c3:9e:16:98:93:dc:1e:ef:
         23:29:cb:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJWb+JOOOjqkkbW4xNzC6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTRlNDY0MTBjNjgzMGFiYjgzYTdkMjlkOTNlNGU1MGY0MWYwOWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8IsZHi6GeCmJdfxy5npaLFEQzSE
2abgAfH2OJWm8yEX/c4q8EnKHb5PpnoRuJnPg6+Ep7QPG3IntUFGpcCOgRwECv9z
vk8Kf21RMKA+U3Yp1v3zu2stqK39gRTGlStbGULskBAtESgebc4ZHFvF7GiYpFVM
xzvH3vIyzrSgfGtF5DiUisuh2HbaQ5UjA5l7nNNSofFG/dl2fMF+mPIsR6bpweX2
be0621JHlzwBrl6fy70j8M/dXi9fBV0ZG0r7MzMuMQjCSIXRUKFFXkYcgPfmNaQp
/znZOVx8o5/iSARbNO1nzvWnepW6FPSM86Jx4gS/5pGqFjPJQ4l7LhlzBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEFORkEMaDCruDp9Kdk+TlD0HwnHMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUVU1R1FReG9NS3U0T24wcDJUNU9VUFFmQ2NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowW1MA0G
CSqGSIb3DQEBCwUAA4IBAQBNOTk/1hodr89RU9SPc8wr7h5V+bWXpYmU5JBnFinX
vIbnRydkddy7Eg8pFMmqu9lMmnjfaXw4pdgTKmSMtcR7urKoBwGVmhflmtVU3UgD
KRJIAce4fxQqMbU8Z6GhefCeeuSaZeo3ilbgp+9bFl0CnNtV/GJeu9Aju1jeWEj2
WwR9PrxUrOwvI8LtZBX7nvzN3BOH7hpD4jc6PI5mCzTQvaQ25yyAIaBXy6sSNO6I
R2IrPB6oAtRO0O6LX4SPg2jNfycFcD8k80sEK08JegOqaBIMCBrDRhdz/30wgiHm
Zy/n3KBREYCB44loAFzM7pTQqVERw54WmJPcHu8jKcvz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:05 2024 by rpki-client on console-fra.rpki-client.org