Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/T6yOfl4cG5P3zG94DrxCtzk6dBQ.roa
File:                     T6yOfl4cG5P3zG94DrxCtzk6dBQ.roa (raw, json)
Hash identifier:          kFkX1Ii+x0CUIPO4Bb3kHISM2rSOXSos28pFUZfIIVw=
Subject key identifier:   4F:AC:8E:7E:5E:1C:1B:93:F7:CC:6F:78:0E:BC:42:B7:39:3A:74:14
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01881BC7F64386D03D983F49D642F945E5BB
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/T6yOfl4cG5P3zG94DrxCtzk6dBQ.roa
Signing time:             Sun 14 May 2023 19:41:09 +0000
ROA not before:           Sun 14 May 2023 19:41:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14445
IP address blocks:        163.5.29.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 26 May 2023 10:50:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:1b:c7:f6:43:86:d0:3d:98:3f:49:d6:42:f9:45:e5:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: May 14 19:41:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4fac8e7e5e1c1b93f7cc6f780ebc42b7393a7414
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:04:1b:2a:ef:c1:e0:87:da:ef:51:b6:fe:b1:
                    36:cc:f9:d5:85:8e:ac:55:b5:5e:70:23:fc:a2:59:
                    de:d9:5e:89:6a:4a:39:0b:a7:68:d9:27:2e:58:63:
                    87:6f:98:0b:83:e0:5d:6e:55:94:23:bb:cc:10:91:
                    68:90:b0:d5:00:1e:60:60:38:8b:82:16:29:89:ac:
                    cf:4f:6b:ca:a6:15:ac:e3:80:13:f6:16:0d:1f:09:
                    df:25:b4:53:ba:d3:55:f3:f3:e3:5a:0c:de:8a:92:
                    62:7c:2e:de:0e:83:6b:d6:ed:41:d0:92:4d:45:64:
                    d1:fa:73:90:6b:7d:6b:6c:e8:3a:11:dd:e8:37:4f:
                    e2:ff:d5:fc:e3:6d:20:c2:01:93:f0:62:67:bf:70:
                    a6:f9:9f:44:a4:30:05:60:2a:f2:24:94:20:08:f3:
                    8d:72:1c:14:af:be:5d:89:84:78:06:70:d2:5a:55:
                    90:4c:5f:7d:9e:c8:67:a3:6d:a9:1a:d6:76:a5:e2:
                    48:2d:8a:6f:b2:af:12:aa:57:9d:06:a5:46:88:d0:
                    41:7c:f5:ad:cd:b8:f3:a6:0e:4a:26:24:c9:47:05:
                    6a:ee:a4:53:7d:0d:0d:46:c8:07:e7:a6:50:4e:f9:
                    84:8a:de:89:8d:8e:20:25:69:6a:3b:c0:14:73:f9:
                    0d:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:AC:8E:7E:5E:1C:1B:93:F7:CC:6F:78:0E:BC:42:B7:39:3A:74:14
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/T6yOfl4cG5P3zG94DrxCtzk6dBQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:65:20:68:51:3f:87:13:39:98:33:12:b7:4c:e9:28:05:8c:
         09:17:84:12:14:b5:a5:c4:9b:7b:6e:5c:ad:98:0a:83:94:1f:
         d9:13:e0:40:3c:c6:c1:61:e9:6b:88:82:32:59:4f:25:97:76:
         e7:fc:5c:a6:95:12:d6:c8:39:46:e4:ec:e6:83:df:64:e0:52:
         60:19:80:e2:16:e8:bd:ca:30:69:98:f7:1b:c2:47:81:b7:b8:
         96:2b:23:b0:c0:a1:74:41:f1:82:d0:42:db:93:73:fc:5b:5c:
         42:26:20:f9:11:70:dc:4f:16:ac:2c:cc:51:c4:9c:0c:8f:59:
         7a:3d:a9:bd:99:94:ad:af:7a:94:40:84:7e:0b:61:50:b7:3e:
         92:54:bc:a3:45:cd:be:7c:ac:07:fd:10:91:b2:75:ea:a3:06:
         f5:e9:c9:23:b9:6e:12:a7:05:a8:a4:73:97:89:2a:28:f4:b1:
         ce:20:2d:eb:42:bc:14:09:65:b2:c4:d2:34:81:3d:f0:5f:57:
         d3:c5:02:79:ae:8c:40:0b:ae:13:0e:93:2b:27:e0:e6:9f:2d:
         50:26:e5:21:ce:14:fd:68:29:74:91:37:f7:19:76:bb:f9:20:
         29:3a:72:65:30:6c:e8:cf:bc:d5:e3:a9:0e:2a:cc:df:73:03:
         d0:c1:6e:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgbx/ZDhtA9mD9J1kL5ReW7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNTE0MTk0MTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmFjOGU3ZTVlMWMxYjkzZjdjYzZmNzgwZWJjNDJiNzM5M2E3NDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowQbKu/B4Ifa71G2/rE2zPnVhY6s
VbVecCP8olne2V6Jako5C6do2ScuWGOHb5gLg+BdblWUI7vMEJFokLDVAB5gYDiL
ghYpiazPT2vKphWs44AT9hYNHwnfJbRTutNV8/PjWgzeipJifC7eDoNr1u1B0JJN
RWTR+nOQa31rbOg6Ed3oN0/i/9X8420gwgGT8GJnv3Cm+Z9EpDAFYCryJJQgCPON
chwUr75diYR4BnDSWlWQTF99nshno22pGtZ2peJILYpvsq8SqledBqVGiNBBfPWt
zbjzpg5KJiTJRwVq7qRTfQ0NRsgH56ZQTvmEit6JjY4gJWlqO8AUc/kNcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE+sjn5eHBuT98xveA68Qrc5OnQUMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVDZ5T2ZsNGNHNVAzekc5NERyeEN0ems2ZEJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowUdMA0G
CSqGSIb3DQEBCwUAA4IBAQCLZSBoUT+HEzmYMxK3TOkoBYwJF4QSFLWlxJt7blyt
mAqDlB/ZE+BAPMbBYelriIIyWU8ll3bn/FymlRLWyDlG5Ozmg99k4FJgGYDiFui9
yjBpmPcbwkeBt7iWKyOwwKF0QfGC0ELbk3P8W1xCJiD5EXDcTxasLMxRxJwMj1l6
Pam9mZStr3qUQIR+C2FQtz6SVLyjRc2+fKwH/RCRsnXqowb16ckjuW4SpwWopHOX
iSoo9LHOIC3rQrwUCWWyxNI0gT3wX1fTxQJ5roxAC64TDpMrJ+Dmny1QJuUhzhT9
aCl0kTf3GXa7+SApOnJlMGzoz7zV46kOKszfcwPQwW4/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:05 2024 by rpki-client on console-fra.rpki-client.org