Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TVvfRzN2NyvNnSTbhKMoOGOnm9s.roa
File:                     TVvfRzN2NyvNnSTbhKMoOGOnm9s.roa (raw, json)
Hash identifier:          tbqzdmIOMDgL0auWZdIkRf0W6CTYfF3iNIsJgXf7fQI=
Subject key identifier:   4D:5B:DF:47:33:76:37:2B:CD:9D:24:DB:84:A3:28:38:63:A7:9B:DB
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0186D085777F0C69C9660C41A390128D6D1C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TVvfRzN2NyvNnSTbhKMoOGOnm9s.roa
Signing time:             Sat 11 Mar 2023 11:54:13 +0000
ROA not before:           Sat 11 Mar 2023 11:54:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399486
IP address blocks:        163.5.112.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 06 Jul 2023 18:57:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:d0:85:77:7f:0c:69:c9:66:0c:41:a3:90:12:8d:6d:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Mar 11 11:54:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4d5bdf473376372bcd9d24db84a3283863a79bdb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:3e:b3:d5:90:1d:16:18:84:16:83:5f:eb:4f:
                    c0:00:dc:77:3a:1d:61:c1:ea:34:18:ab:0d:1e:a5:
                    ca:0a:fd:7d:3a:fc:8d:d4:f9:32:06:dd:4d:b5:db:
                    f3:a1:99:49:54:35:a8:53:04:15:bb:a3:2e:85:3d:
                    01:51:ad:2c:ea:e2:c6:a2:2b:07:5d:b4:66:4f:19:
                    a9:5c:85:f0:8d:8d:19:64:bc:28:e5:92:46:5c:ce:
                    78:31:44:3a:2f:6c:2e:5b:34:62:76:5e:1c:5e:84:
                    7b:08:db:bf:07:72:30:98:bb:7e:5f:d2:75:94:9d:
                    b4:e1:ba:e2:06:9c:98:8c:9c:1e:9d:23:14:f2:f2:
                    31:89:8b:b0:48:f3:47:79:8b:ea:5d:1e:da:bb:3b:
                    9f:df:af:fe:d5:f0:9c:12:dd:2e:68:a4:7a:88:17:
                    b4:ea:a7:e2:9a:63:26:02:75:d9:2a:b8:2c:b8:64:
                    68:14:59:c3:32:0b:39:71:54:02:34:8e:39:48:b3:
                    6d:6a:70:3d:e7:47:4d:e5:4d:7c:7d:69:a9:73:b6:
                    f4:b6:37:86:d1:d7:84:cd:22:f6:16:84:6f:55:ab:
                    8a:3f:0d:40:06:50:0a:b2:89:6f:a7:73:d6:b0:f5:
                    ee:83:37:9a:1e:1c:e3:a5:b8:ec:2b:e2:bb:f5:45:
                    8a:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:5B:DF:47:33:76:37:2B:CD:9D:24:DB:84:A3:28:38:63:A7:9B:DB
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TVvfRzN2NyvNnSTbhKMoOGOnm9s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.112.0/24
                  163.5.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:93:01:96:a7:06:ec:60:a8:b0:6a:e6:07:43:e8:47:70:19:
         5f:c7:7e:8b:bc:75:c0:de:ed:b4:ba:e4:2d:1e:2c:b5:4a:59:
         e9:12:c7:94:0d:17:ef:08:44:f3:87:39:42:13:31:00:40:2e:
         80:1f:08:fb:70:f7:c4:49:d6:d4:b7:80:3a:7f:53:52:d8:d9:
         f0:5b:c1:72:79:ab:bf:3d:02:43:29:df:50:09:af:d9:a2:b3:
         7d:a9:0d:0b:07:d0:a1:5d:c7:85:1e:39:e3:19:10:2b:6b:16:
         7c:0e:a9:7a:c8:56:6a:c0:d9:5e:dc:d7:e7:a0:c7:55:c6:90:
         6c:8a:5a:33:3f:79:48:20:ff:04:8b:b6:fd:67:f7:d7:f7:78:
         37:6d:14:d1:c4:03:e5:81:72:e4:64:36:52:4f:3d:d3:c9:66:
         e7:3a:a4:84:78:3d:a9:e7:fd:a8:13:e7:ac:df:41:91:14:d9:
         86:6a:1b:42:ae:78:7c:31:6e:64:3d:3c:00:88:b0:29:34:c1:
         f4:fa:07:ec:76:83:e0:1e:20:d0:c7:e8:26:0f:93:a1:2f:30:
         29:7c:ee:8c:9e:11:c7:90:63:70:41:47:4f:a6:31:9c:54:2c:
         97:e3:94:42:1d:b9:b9:09:fd:f4:3a:a6:80:56:7c:2c:b3:6c:
         11:a4:b7:ef
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYbQhXd/DGnJZgxBo5ASjW0cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMzExMTE1NDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDViZGY0NzMzNzYzNzJiY2Q5ZDI0ZGI4NGEzMjgzODYzYTc5YmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoj6z1ZAdFhiEFoNf60/AANx3Oh1h
weo0GKsNHqXKCv19OvyN1PkyBt1NtdvzoZlJVDWoUwQVu6MuhT0BUa0s6uLGoisH
XbRmTxmpXIXwjY0ZZLwo5ZJGXM54MUQ6L2wuWzRidl4cXoR7CNu/B3IwmLt+X9J1
lJ204briBpyYjJwenSMU8vIxiYuwSPNHeYvqXR7auzuf36/+1fCcEt0uaKR6iBe0
6qfimmMmAnXZKrgsuGRoFFnDMgs5cVQCNI45SLNtanA950dN5U18fWmpc7b0tjeG
0deEzSL2FoRvVauKPw1ABlAKsolvp3PWsPXugzeaHhzjpbjsK+K79UWKCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE1b30czdjcrzZ0k24SjKDhjp5vbMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVFZ2ZlJ6TjJOeXZOblNUYmhLTW9PR09ubTlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowVwAwQA
owWgMA0GCSqGSIb3DQEBCwUAA4IBAQAakwGWpwbsYKiwauYHQ+hHcBlfx36LvHXA
3u20uuQtHiy1SlnpEseUDRfvCETzhzlCEzEAQC6AHwj7cPfESdbUt4A6f1NS2Nnw
W8Fyeau/PQJDKd9QCa/ZorN9qQ0LB9ChXceFHjnjGRAraxZ8Dql6yFZqwNle3Nfn
oMdVxpBsilozP3lIIP8Ei7b9Z/fX93g3bRTRxAPlgXLkZDZSTz3TyWbnOqSEeD2p
5/2oE+es30GRFNmGahtCrnh8MW5kPTwAiLApNMH0+gfsdoPgHiDQx+gmD5OhLzAp
fO6MnhHHkGNwQUdPpjGcVCyX45RCHbm5Cf30OqaAVnwss2wRpLfv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org