Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/WnBZUA9Irle1duNj7plRBQb0ytA.roa
File:                     WnBZUA9Irle1duNj7plRBQb0ytA.roa (raw, json)
Hash identifier:          h2hjpYJN8Qo8Lg0spXuML6Emx7ODHif/GWp0QBeKMBs=
Subject key identifier:   5A:70:59:50:0F:48:AE:57:B5:76:E3:63:EE:99:51:05:06:F4:CA:D0
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01857042B7E870D13C58D419B310540A798C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/WnBZUA9Irle1duNj7plRBQb0ytA.roa
Signing time:             Mon 02 Jan 2023 02:14:58 +0000
ROA not before:           Mon 02 Jan 2023 02:14:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     17447
IP address blocks:        163.5.149.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 06 Jan 2023 10:06:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:42:b7:e8:70:d1:3c:58:d4:19:b3:10:54:0a:79:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan  2 02:14:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5a7059500f48ae57b576e363ee99510506f4cad0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:07:6c:25:74:4f:78:8a:1e:2e:36:45:fc:c6:
                    67:d2:48:ca:6b:47:39:01:45:de:aa:73:f5:01:70:
                    3b:44:be:8a:d0:ec:3f:df:b1:c7:df:a4:d7:6c:50:
                    34:96:73:3a:dc:2a:61:21:0d:60:01:af:81:d3:1f:
                    83:75:ed:73:d4:8f:1c:84:18:e7:6e:70:2a:77:d3:
                    b9:5d:4e:67:a9:a9:0e:8c:45:ab:ba:45:ea:a2:65:
                    28:ea:60:3c:32:da:7c:9b:82:cb:78:2f:d6:4b:6f:
                    2b:67:b2:10:15:18:59:a8:43:7b:46:d3:6e:77:3d:
                    5d:3c:04:23:fd:5c:5d:d1:2f:55:ec:30:60:3c:f6:
                    ae:55:f0:a3:a6:fa:5b:6e:b0:92:54:ce:91:0b:bd:
                    8e:7e:83:cb:47:1b:da:21:0e:31:c8:45:da:e5:3e:
                    9c:be:8c:3e:af:21:4d:6e:71:88:da:ee:46:82:ae:
                    6e:5c:05:2f:52:8a:b8:18:9d:c6:9b:1e:e8:07:83:
                    0e:cd:c7:33:9b:b9:e2:a8:d5:0f:eb:e4:23:9f:33:
                    e8:3c:87:67:91:b6:65:08:a4:87:24:94:37:c7:0b:
                    9c:ae:c5:8a:6b:3a:30:33:2d:a5:e8:48:85:19:e0:
                    59:28:77:a8:42:7e:2e:bf:34:9f:57:18:75:31:21:
                    49:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:70:59:50:0F:48:AE:57:B5:76:E3:63:EE:99:51:05:06:F4:CA:D0
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/WnBZUA9Irle1duNj7plRBQb0ytA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.149.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:d6:77:74:6c:52:0a:e1:af:66:7f:cb:24:fc:5f:f9:15:b6:
         a8:f3:d4:7c:e7:17:96:cc:30:fe:c1:7a:04:01:82:8a:ca:74:
         e9:2f:47:65:70:d3:d6:07:17:16:37:65:60:db:60:23:3b:01:
         aa:01:9c:0f:c2:09:10:0c:d9:1b:7e:d1:5c:df:3a:69:d0:11:
         ef:33:7a:43:d1:cb:ae:47:78:58:31:c1:2c:0b:64:1d:cc:88:
         e0:c9:8b:ea:3a:0a:e9:38:1a:ca:22:8c:69:8a:e7:ad:d6:a2:
         0e:34:c8:9d:db:71:7a:99:3f:ec:f8:81:8a:cc:0e:d3:72:4d:
         2a:93:e9:94:c8:65:d7:94:31:42:63:a6:3b:6b:2b:7b:f1:c6:
         e6:26:04:80:82:18:58:ca:37:5e:ec:3f:26:4e:ce:01:45:10:
         61:63:4c:7e:9c:92:d4:23:49:3e:c3:38:96:14:1a:d4:48:f7:
         3f:73:2f:1b:32:05:09:53:14:22:d3:a0:c7:25:27:3a:e5:b8:
         6b:71:9d:83:54:06:83:2c:e4:42:17:ce:6b:d3:ce:00:28:42:
         59:93:c0:47:31:8d:a4:67:0d:30:61:52:0f:02:43:36:a6:74:
         06:01:58:83:36:33:8b:70:66:32:f1:f7:a5:da:d4:62:d3:8c:
         4f:c9:7d:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQrfocNE8WNQZsxBUCnmMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTAyMDIxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTcwNTk1MDBmNDhhZTU3YjU3NmUzNjNlZTk5NTEwNTA2ZjRjYWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwdsJXRPeIoeLjZF/MZn0kjKa0c5
AUXeqnP1AXA7RL6K0Ow/37HH36TXbFA0lnM63CphIQ1gAa+B0x+Dde1z1I8chBjn
bnAqd9O5XU5nqakOjEWrukXqomUo6mA8Mtp8m4LLeC/WS28rZ7IQFRhZqEN7RtNu
dz1dPAQj/Vxd0S9V7DBgPPauVfCjpvpbbrCSVM6RC72OfoPLRxvaIQ4xyEXa5T6c
vow+ryFNbnGI2u5Ggq5uXAUvUoq4GJ3Gmx7oB4MOzcczm7niqNUP6+QjnzPoPIdn
kbZlCKSHJJQ3xwucrsWKazowMy2l6EiFGeBZKHeoQn4uvzSfVxh1MSFJXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFpwWVAPSK5XtXbjY+6ZUQUG9MrQMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvV25CWlVBOUlybGUxZHVOajdwbFJCUWIweXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowWVMA0G
CSqGSIb3DQEBCwUAA4IBAQBc1nd0bFIK4a9mf8sk/F/5Fbao89R85xeWzDD+wXoE
AYKKynTpL0dlcNPWBxcWN2Vg22AjOwGqAZwPwgkQDNkbftFc3zpp0BHvM3pD0cuu
R3hYMcEsC2QdzIjgyYvqOgrpOBrKIoxpiuet1qIONMid23F6mT/s+IGKzA7Tck0q
k+mUyGXXlDFCY6Y7ayt78cbmJgSAghhYyjde7D8mTs4BRRBhY0x+nJLUI0k+wziW
FBrUSPc/cy8bMgUJUxQi06DHJSc65bhrcZ2DVAaDLORCF85r084AKEJZk8BHMY2k
Zw0wYVIPAkM2pnQGAViDNjOLcGYy8fel2tRi04xPyX0u
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:32 2024 by rpki-client on console-ams.rpki-client.org