Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/VJQt8qrXgilw2JTWLkeBaQ-Isj0.roa
File:                     VJQt8qrXgilw2JTWLkeBaQ-Isj0.roa (raw, json)
Hash identifier:          45ED/YEP2ktpr0PamqSaqUJvBxAL6keNEljq+Nlwugc=
Subject key identifier:   54:94:2D:F2:AA:D7:82:29:70:D8:94:D6:2E:47:81:69:0F:88:B2:3D
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0188F84A4625849350A15B82271086CC5B23
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/VJQt8qrXgilw2JTWLkeBaQ-Isj0.roa
Signing time:             Mon 26 Jun 2023 15:19:57 +0000
ROA not before:           Mon 26 Jun 2023 15:19:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61138
IP address blocks:        163.5.74.0/24 maxlen: 24
                          163.5.75.0/24 maxlen: 24
                          163.5.84.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 15 Jul 2023 17:18:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:f8:4a:46:25:84:93:50:a1:5b:82:27:10:86:cc:5b:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jun 26 15:19:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=54942df2aad7822970d894d62e4781690f88b23d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:ce:20:1c:a6:28:ea:c5:91:7f:d1:0f:73:06:
                    80:a1:b4:c5:f0:01:63:0d:78:ce:e0:f3:62:ed:21:
                    33:8b:fc:fe:fe:19:0e:da:c6:75:78:f7:2c:01:e6:
                    b0:b8:48:fd:37:33:fe:f3:7b:9d:1d:36:83:33:0a:
                    6f:64:96:46:60:5f:a6:b6:86:9a:c0:8f:e4:c9:bd:
                    dc:65:78:44:fa:ec:f9:26:bc:20:f3:56:4f:ea:40:
                    9b:4d:cb:64:bc:30:21:0a:52:19:d3:a5:3d:a2:76:
                    64:98:d9:80:79:58:38:a5:49:2b:db:04:06:30:b3:
                    e0:eb:bd:95:e8:15:6d:66:d6:8b:fd:67:a8:f1:aa:
                    85:c2:54:65:45:d9:2d:6c:d9:ea:c8:82:d0:30:14:
                    f2:81:08:af:f3:aa:95:32:77:a7:7d:bf:dd:84:88:
                    52:56:99:c2:2b:52:ae:4a:f9:6b:32:89:d9:95:8a:
                    09:0f:79:83:58:a3:ac:82:b2:f4:97:09:50:97:be:
                    1b:33:90:aa:f0:d6:f1:8b:d9:8d:55:ab:2a:4e:03:
                    b3:a8:f0:3e:3a:d1:c8:d2:3c:52:49:52:f7:1b:7b:
                    45:08:24:7f:ef:f1:f6:58:c3:74:53:d1:fb:94:f5:
                    5d:97:0a:20:48:30:eb:15:1a:db:bf:ef:7a:6e:c5:
                    bd:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:94:2D:F2:AA:D7:82:29:70:D8:94:D6:2E:47:81:69:0F:88:B2:3D
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/VJQt8qrXgilw2JTWLkeBaQ-Isj0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.74.0/23
                  163.5.84.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:e0:a3:1e:dd:5b:ef:5e:cc:e6:5b:67:73:8e:1c:4d:ba:74:
         e9:93:ef:91:a5:13:b1:74:1c:aa:d0:f2:30:04:ef:ec:33:62:
         54:e5:82:21:c7:5e:56:d6:08:3b:b4:fe:4c:fa:96:62:f4:81:
         8e:90:84:6b:57:ae:b8:52:a9:ac:e9:c6:3c:31:b7:63:ae:c5:
         75:a8:f6:73:c2:ce:2b:a3:b2:21:3b:03:b5:f8:82:fe:3f:40:
         0f:09:94:b1:cb:c7:1c:d1:69:37:38:ba:6d:f0:1f:35:eb:57:
         68:ff:6c:ea:87:95:eb:33:71:c5:8e:f1:35:9d:4e:08:7f:80:
         70:ad:06:e0:a3:33:16:67:2a:2d:49:26:38:5b:8e:31:13:eb:
         b5:60:97:d3:13:57:41:d8:cb:6f:51:b6:72:ee:9a:2b:d3:79:
         76:f6:13:f4:7e:16:89:95:fa:68:83:eb:a0:7e:00:de:fc:69:
         11:40:80:b8:cd:0e:59:35:a8:2b:f4:a7:e6:69:51:50:71:61:
         f8:42:39:f1:57:07:4f:c9:80:c0:fb:dd:1f:57:bc:8c:93:1e:
         e4:e2:47:23:7c:74:bb:80:fa:24:66:6a:2a:c3:7a:9a:14:9c:
         52:24:f6:df:23:3f:5f:06:42:1c:b5:9c:3e:f9:58:be:f9:1a:
         a1:aa:07:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYj4SkYlhJNQoVuCJxCGzFsjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNjI2MTUxOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDk0MmRmMmFhZDc4MjI5NzBkODk0ZDYyZTQ3ODE2OTBmODhiMjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgM4gHKYo6sWRf9EPcwaAobTF8AFj
DXjO4PNi7SEzi/z+/hkO2sZ1ePcsAeawuEj9NzP+83udHTaDMwpvZJZGYF+mtoaa
wI/kyb3cZXhE+uz5Jrwg81ZP6kCbTctkvDAhClIZ06U9onZkmNmAeVg4pUkr2wQG
MLPg672V6BVtZtaL/Weo8aqFwlRlRdktbNnqyILQMBTygQiv86qVMnenfb/dhIhS
VpnCK1KuSvlrMonZlYoJD3mDWKOsgrL0lwlQl74bM5Cq8Nbxi9mNVasqTgOzqPA+
OtHI0jxSSVL3G3tFCCR/7/H2WMN0U9H7lPVdlwogSDDrFRrbv+96bsW9GQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFSULfKq14IpcNiU1i5HgWkPiLI9MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVkpRdDhxclhnaWx3MkpUV0xrZUJhUS1Jc2owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBowVKAwQA
owVUMA0GCSqGSIb3DQEBCwUAA4IBAQCX4KMe3VvvXszmW2dzjhxNunTpk++RpROx
dByq0PIwBO/sM2JU5YIhx15W1gg7tP5M+pZi9IGOkIRrV664Uqms6cY8MbdjrsV1
qPZzws4ro7IhOwO1+IL+P0APCZSxy8cc0Wk3OLpt8B8161do/2zqh5XrM3HFjvE1
nU4If4BwrQbgozMWZyotSSY4W44xE+u1YJfTE1dB2MtvUbZy7por03l29hP0fhaJ
lfpog+ugfgDe/GkRQIC4zQ5ZNagr9KfmaVFQcWH4QjnxVwdPyYDA+90fV7yMkx7k
4kcjfHS7gPokZmoqw3qaFJxSJPbfIz9fBkIctZw++Vi++Rqhqgcv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org