Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/URHgnk5xzTeGR6qZNlLOypUMu_s.roa
File:                     URHgnk5xzTeGR6qZNlLOypUMu_s.roa (raw, json)
Hash identifier:          ScD6bJiwB/wJstX4+b5iPqWtNI/M1dIvQks/e9CbXvc=
Subject key identifier:   51:11:E0:9E:4E:71:CD:37:86:47:AA:99:36:52:CE:CA:95:0C:BB:FB
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018BECA29C20AD5C64E2CF6C90C32632B2B1
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/URHgnk5xzTeGR6qZNlLOypUMu_s.roa
Signing time:             Mon 20 Nov 2023 12:09:21 +0000
ROA not before:           Mon 20 Nov 2023 12:09:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15440
IP address blocks:        163.5.248.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 07 Dec 2023 17:43:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:ec:a2:9c:20:ad:5c:64:e2:cf:6c:90:c3:26:32:b2:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Nov 20 12:09:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5111e09e4e71cd378647aa993652ceca950cbbfb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:ca:18:8a:e3:20:88:78:0c:d4:7a:ca:4f:8b:
                    d6:85:06:8e:5b:6f:1f:85:02:44:43:4d:7d:5e:32:
                    13:73:b0:97:2e:df:5e:03:b5:9f:76:9a:60:bf:09:
                    af:e3:f4:81:5c:ab:40:9d:13:15:93:08:66:4b:26:
                    f3:5a:60:c4:50:6c:fb:53:4a:98:77:f9:9d:4c:95:
                    9e:89:3b:7a:98:32:a7:38:38:31:1a:e9:c5:07:23:
                    3b:ad:27:0b:c1:1b:21:97:bf:1e:e7:a9:a4:fa:8b:
                    37:95:d3:5a:5c:4e:e5:ab:f0:12:8e:93:a6:c3:8c:
                    c2:82:06:d0:5e:d4:7a:15:71:c5:d3:28:52:b2:87:
                    41:96:05:52:22:f0:e5:bc:12:93:66:47:ec:cf:52:
                    15:09:08:4d:be:cb:1f:d3:95:65:af:f7:0b:ae:e8:
                    bc:d7:fe:a4:a6:5e:54:ec:bc:22:37:d5:85:45:25:
                    84:34:a0:77:4d:fb:ca:de:46:af:fd:2e:4d:e1:60:
                    58:94:0a:2a:60:75:cc:9a:b9:ac:bd:d6:da:71:a6:
                    0a:a7:e4:1f:d7:9b:da:52:4d:0f:b1:8f:45:1f:b0:
                    cf:b1:06:7d:09:0b:ab:c1:a2:09:4d:2f:67:b4:cc:
                    8b:cd:23:cc:6c:62:21:e6:da:d6:4c:62:8e:d5:6b:
                    01:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:11:E0:9E:4E:71:CD:37:86:47:AA:99:36:52:CE:CA:95:0C:BB:FB
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/URHgnk5xzTeGR6qZNlLOypUMu_s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:d3:79:ed:67:9e:e6:99:52:67:28:3a:01:c9:63:ad:27:f8:
         c3:60:a7:0a:9f:fb:82:e3:dd:a1:7d:bc:bc:fc:27:41:ba:26:
         9c:c7:b2:77:0b:26:3f:75:a3:0e:dd:ab:48:67:d7:6f:98:cc:
         34:83:8f:d3:a6:2f:a0:bb:41:1e:7a:38:26:0d:2c:cb:e3:39:
         cb:55:da:9f:04:7e:55:c3:86:41:d4:a9:22:b3:2b:ae:db:77:
         90:64:9d:55:b4:86:4a:f5:30:33:84:d4:4a:2f:c5:8e:1d:64:
         ee:27:e5:8a:8b:28:2b:29:16:af:4d:01:cf:91:47:dc:13:8d:
         d6:49:3a:c5:74:09:26:9a:11:be:87:bb:53:0d:62:ea:18:1c:
         9e:38:f7:cb:72:5b:1e:0d:aa:52:df:e6:c2:79:fb:9f:fb:ad:
         8e:25:21:f9:e5:89:cd:0b:92:55:4f:9f:be:d2:30:62:84:8b:
         91:15:ea:99:cc:46:51:d9:49:d5:74:ee:46:8d:4b:be:e6:4e:
         a1:50:2b:4d:86:9f:6d:95:f0:c8:73:6b:c3:f1:d8:0d:53:b5:
         14:d1:36:e7:10:cb:a8:08:98:05:bc:e0:80:fa:83:ec:07:9a:
         65:2c:38:56:57:a4:74:22:e2:0d:09:f6:d8:60:41:fd:fd:a3:
         a4:d1:c3:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvsopwgrVxk4s9skMMmMrKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMTIwMTIwOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTExZTA5ZTRlNzFjZDM3ODY0N2FhOTkzNjUyY2VjYTk1MGNiYmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksoYiuMgiHgM1HrKT4vWhQaOW28f
hQJEQ019XjITc7CXLt9eA7Wfdppgvwmv4/SBXKtAnRMVkwhmSybzWmDEUGz7U0qY
d/mdTJWeiTt6mDKnODgxGunFByM7rScLwRshl78e56mk+os3ldNaXE7lq/ASjpOm
w4zCggbQXtR6FXHF0yhSsodBlgVSIvDlvBKTZkfsz1IVCQhNvssf05Vlr/cLrui8
1/6kpl5U7LwiN9WFRSWENKB3TfvK3kav/S5N4WBYlAoqYHXMmrmsvdbacaYKp+Qf
15vaUk0PsY9FH7DPsQZ9CQurwaIJTS9ntMyLzSPMbGIh5trWTGKO1WsBwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFER4J5Occ03hkeqmTZSzsqVDLv7MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVVJIZ25rNXh6VGVHUjZxWk5sTE95cFVNdV9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowX4MA0G
CSqGSIb3DQEBCwUAA4IBAQBm03ntZ57mmVJnKDoByWOtJ/jDYKcKn/uC492hfby8
/CdBuiacx7J3CyY/daMO3atIZ9dvmMw0g4/Tpi+gu0EeejgmDSzL4znLVdqfBH5V
w4ZB1Kkisyuu23eQZJ1VtIZK9TAzhNRKL8WOHWTuJ+WKiygrKRavTQHPkUfcE43W
STrFdAkmmhG+h7tTDWLqGByeOPfLclseDapS3+bCefuf+62OJSH55YnNC5JVT5++
0jBihIuRFeqZzEZR2UnVdO5GjUu+5k6hUCtNhp9tlfDIc2vD8dgNU7UU0TbnEMuo
CJgFvOCA+oPsB5plLDhWV6R0IuINCfbYYEH9/aOk0cMi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org