Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Vl7bmJh0yBmOs7sXXsCz7Wgce98.roa
File:                     Vl7bmJh0yBmOs7sXXsCz7Wgce98.roa (raw, json)
Hash identifier:          hkOYHtJQAADg79JcrhMtpNZdQrTohl4zGo6eKvsINig=
Subject key identifier:   56:5E:DB:98:98:74:C8:19:8E:B3:BB:17:5E:C0:B3:ED:68:1C:7B:DF
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01874D5F297F1BBDBF26981D9EA3FB6EF1DB
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Vl7bmJh0yBmOs7sXXsCz7Wgce98.roa
Signing time:             Tue 04 Apr 2023 17:44:54 +0000
ROA not before:           Tue 04 Apr 2023 17:44:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212298
IP address blocks:        163.5.176.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 05 Aug 2023 12:07:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:4d:5f:29:7f:1b:bd:bf:26:98:1d:9e:a3:fb:6e:f1:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Apr  4 17:44:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=565edb989874c8198eb3bb175ec0b3ed681c7bdf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:84:85:c0:1b:82:d5:d5:5d:ee:90:1d:50:6c:
                    4d:06:35:11:65:8f:c6:0b:64:0e:22:ef:20:df:08:
                    fa:30:45:2d:e8:fd:30:e0:43:91:87:c2:e0:e8:40:
                    21:06:19:8d:5f:67:5a:06:61:e5:da:ed:1d:7c:7f:
                    aa:bf:5a:98:4d:19:0f:c0:5e:cc:45:9b:24:42:94:
                    35:81:31:13:4e:d2:97:b7:78:09:00:cc:9f:bf:26:
                    60:85:53:7d:d5:a1:e1:8a:1b:00:c7:6d:48:91:8b:
                    4c:39:8a:1f:71:17:7b:a0:84:f0:ed:92:f0:23:19:
                    97:9c:06:9e:55:32:ac:63:1a:e9:ab:63:4e:bd:a0:
                    14:b1:c5:86:d2:e3:c7:e4:45:ce:41:64:9e:ba:f4:
                    91:1c:97:70:60:58:a5:c1:2e:20:5e:82:82:81:db:
                    26:ff:84:9a:12:0a:e7:ba:3f:d5:f8:68:2d:22:b5:
                    ca:ec:5e:ce:ff:9e:ff:d0:f3:5f:2c:3f:bc:84:ab:
                    c1:31:8a:31:40:ab:63:26:71:3d:66:d0:83:51:fb:
                    9b:f6:40:17:51:73:07:f0:6c:92:73:cc:90:b7:6f:
                    65:35:73:df:2b:4f:a7:2f:12:b1:65:8d:ef:1c:45:
                    e0:17:9a:62:47:2c:16:bf:b2:52:75:3f:44:7f:78:
                    1b:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:5E:DB:98:98:74:C8:19:8E:B3:BB:17:5E:C0:B3:ED:68:1C:7B:DF
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Vl7bmJh0yBmOs7sXXsCz7Wgce98.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:54:c9:e5:03:6f:2d:9e:91:a4:d2:41:e4:e0:08:53:a4:26:
         ee:df:01:ff:f5:29:f7:98:c2:67:e6:ba:95:c0:fa:82:08:73:
         de:4e:8d:0a:d1:03:2f:c3:23:71:ee:37:91:57:eb:68:1d:f2:
         4d:b3:89:93:9a:76:68:58:59:af:5c:43:1d:13:34:ad:f7:6b:
         13:5d:85:8c:d1:c1:9a:9a:4a:1c:88:84:43:61:ad:2b:38:e2:
         0e:c6:c6:27:85:10:95:13:d4:82:d9:16:46:d7:7c:a9:89:82:
         b0:c4:20:da:b7:72:2d:c1:68:cb:ac:43:bf:9a:03:cd:8a:ee:
         56:2d:9e:8d:37:6a:1f:45:28:fc:07:b2:b6:d4:df:32:0e:4d:
         aa:4d:50:82:d8:55:89:d9:29:07:86:b0:46:d2:26:7a:96:ff:
         1d:d9:51:5f:12:1d:3b:a9:6f:68:b5:cf:8e:44:9e:77:3b:aa:
         c0:d5:d8:c3:e6:35:ac:21:65:d7:8e:00:1d:2b:f7:be:2e:5a:
         df:f3:fd:1b:61:75:05:2b:58:c5:b9:78:7b:27:9e:32:58:ae:
         08:85:f2:d4:61:c0:03:9f:46:2a:70:03:bb:b4:6b:11:d7:67:
         23:61:9a:df:3e:d0:e2:73:e8:ba:ee:3b:13:26:f8:f4:1e:66:
         f4:51:d6:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdNXyl/G72/JpgdnqP7bvHbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNDA0MTc0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjVlZGI5ODk4NzRjODE5OGViM2JiMTc1ZWMwYjNlZDY4MWM3YmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooSFwBuC1dVd7pAdUGxNBjURZY/G
C2QOIu8g3wj6MEUt6P0w4EORh8Lg6EAhBhmNX2daBmHl2u0dfH+qv1qYTRkPwF7M
RZskQpQ1gTETTtKXt3gJAMyfvyZghVN91aHhihsAx21IkYtMOYofcRd7oITw7ZLw
IxmXnAaeVTKsYxrpq2NOvaAUscWG0uPH5EXOQWSeuvSRHJdwYFilwS4gXoKCgdsm
/4SaEgrnuj/V+GgtIrXK7F7O/57/0PNfLD+8hKvBMYoxQKtjJnE9ZtCDUfub9kAX
UXMH8GySc8yQt29lNXPfK0+nLxKxZY3vHEXgF5piRywWv7JSdT9Ef3gbwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFZe25iYdMgZjrO7F17As+1oHHvfMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVmw3Ym1KaDB5Qm1PczdzWFhzQ3o3V2djZTk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowWwMA0G
CSqGSIb3DQEBCwUAA4IBAQBJVMnlA28tnpGk0kHk4AhTpCbu3wH/9Sn3mMJn5rqV
wPqCCHPeTo0K0QMvwyNx7jeRV+toHfJNs4mTmnZoWFmvXEMdEzSt92sTXYWM0cGa
mkociIRDYa0rOOIOxsYnhRCVE9SC2RZG13ypiYKwxCDat3ItwWjLrEO/mgPNiu5W
LZ6NN2ofRSj8B7K21N8yDk2qTVCC2FWJ2SkHhrBG0iZ6lv8d2VFfEh07qW9otc+O
RJ53O6rA1djD5jWsIWXXjgAdK/e+Llrf8/0bYXUFK1jFuXh7J54yWK4IhfLUYcAD
n0YqcAO7tGsR12cjYZrfPtDic+i67jsTJvj0Hmb0UdYa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org