Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/YWFvMDzHuTN2RFiE4sNs2-mDuBE.roa
File:                     YWFvMDzHuTN2RFiE4sNs2-mDuBE.roa (raw, json)
Hash identifier:          n5RNeNjSpwhQcieaDtXEZQ/0PdUEHPcDyEnQdpayCww=
Subject key identifier:   61:61:6F:30:3C:C7:B9:33:76:44:58:84:E2:C3:6C:DB:E9:83:B8:11
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0187C75AAEF228096C3A8D745CC249948BA2
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/YWFvMDzHuTN2RFiE4sNs2-mDuBE.roa
Signing time:             Fri 28 Apr 2023 10:13:41 +0000
ROA not before:           Fri 28 Apr 2023 10:13:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60721
IP address blocks:        163.5.34.0/24 maxlen: 24
                          163.5.39.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 May 2023 08:31:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:c7:5a:ae:f2:28:09:6c:3a:8d:74:5c:c2:49:94:8b:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Apr 28 10:13:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=61616f303cc7b93376445884e2c36cdbe983b811
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:0d:bf:66:d1:31:cf:ef:34:45:90:3c:c6:e5:
                    27:96:7a:6f:a7:eb:f8:20:78:fd:f8:1a:d6:54:5d:
                    d4:62:0c:c6:2c:40:fe:bf:71:a2:4f:bc:98:8b:6a:
                    a9:5f:d7:39:57:f9:09:1b:d3:bd:a4:04:64:43:02:
                    34:3e:82:a7:d4:e3:35:2a:de:a4:7e:a2:f3:91:36:
                    91:df:d7:0f:72:85:e5:c7:c2:35:1a:8c:13:eb:c2:
                    0b:7d:a9:b0:d6:d5:ff:20:21:f7:23:bc:0b:c4:a2:
                    c0:00:4a:38:a0:f2:f1:8a:f4:9f:a9:cf:ac:f7:77:
                    d1:26:08:c3:e8:01:84:8b:7a:12:70:ab:88:bb:ec:
                    99:6b:fa:f2:0a:40:7b:df:1d:e6:b3:5e:8f:fb:cc:
                    d8:22:ea:5b:06:b5:26:7e:9d:e6:d7:83:fd:8c:10:
                    91:ea:c9:fd:f8:10:b4:80:28:69:a0:e3:8e:94:95:
                    bd:51:9d:0f:0e:80:f4:a3:26:d3:59:3b:51:ca:21:
                    58:50:47:5c:a4:bb:b2:6a:0e:2a:91:17:ff:b7:2f:
                    5f:c9:ff:e5:ff:24:b1:d7:a6:e0:ad:e6:d6:07:eb:
                    6f:a0:f1:3c:a7:3a:35:1e:5c:d1:7e:95:07:22:ce:
                    00:2a:19:37:b4:cc:3d:29:c5:eb:ee:60:77:cd:df:
                    25:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:61:6F:30:3C:C7:B9:33:76:44:58:84:E2:C3:6C:DB:E9:83:B8:11
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/YWFvMDzHuTN2RFiE4sNs2-mDuBE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.34.0/24
                  163.5.39.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:6d:d0:18:67:53:86:9e:87:26:7f:e9:0b:21:73:01:28:11:
         e0:dc:c5:21:0e:62:80:24:9e:67:67:a4:43:24:98:26:3f:77:
         47:ac:aa:b0:e3:ea:6f:ff:ad:b8:b9:89:96:30:e1:5b:d1:9e:
         90:37:c2:7c:10:6d:5c:67:aa:a9:8e:7d:a7:b0:ed:22:a4:5b:
         0d:84:a6:15:a3:13:98:17:b3:ec:21:27:c3:81:65:57:de:15:
         ec:08:8c:b1:5d:37:29:c6:8b:68:19:31:a4:ae:62:42:54:7c:
         df:41:1e:a3:60:2f:45:56:05:04:5d:36:0a:97:33:b8:18:3e:
         59:ee:b5:49:7b:33:bc:cb:d3:4e:1b:45:56:98:5c:95:bf:c3:
         cc:9c:0e:20:b4:64:5c:8f:71:40:7e:a4:e1:3d:5b:19:f7:8e:
         ab:36:77:62:1b:d3:ef:8c:be:b1:3a:0b:1a:41:d7:5b:a6:f1:
         9c:e5:a6:38:71:96:31:cd:c1:f5:a2:f8:f8:62:41:71:18:fd:
         65:1c:28:f4:98:ce:20:d6:f2:12:45:c6:71:bb:02:a6:46:49:
         2b:93:e8:7c:9b:c1:2c:ac:66:6d:47:eb:6a:cb:cf:90:8e:36:
         f7:41:d9:9f:0f:b4:e1:95:92:8f:9e:15:8f:1a:98:8f:b8:19:
         34:22:76:5d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfHWq7yKAlsOo10XMJJlIuiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNDI4MTAxMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTYxNmYzMDNjYzdiOTMzNzY0NDU4ODRlMmMzNmNkYmU5ODNiODExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQ2/ZtExz+80RZA8xuUnlnpvp+v4
IHj9+BrWVF3UYgzGLED+v3GiT7yYi2qpX9c5V/kJG9O9pARkQwI0PoKn1OM1Kt6k
fqLzkTaR39cPcoXlx8I1GowT68ILfamw1tX/ICH3I7wLxKLAAEo4oPLxivSfqc+s
93fRJgjD6AGEi3oScKuIu+yZa/ryCkB73x3ms16P+8zYIupbBrUmfp3m14P9jBCR
6sn9+BC0gChpoOOOlJW9UZ0PDoD0oybTWTtRyiFYUEdcpLuyag4qkRf/ty9fyf/l
/ySx16bgrebWB+tvoPE8pzo1HlzRfpUHIs4AKhk3tMw9KcXr7mB3zd8lCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGFhbzA8x7kzdkRYhOLDbNvpg7gRMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvWVdGdk1Eekh1VE4yUkZpRTRzTnMyLW1EdUJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowUiAwQA
owUnMA0GCSqGSIb3DQEBCwUAA4IBAQCUbdAYZ1OGnocmf+kLIXMBKBHg3MUhDmKA
JJ5nZ6RDJJgmP3dHrKqw4+pv/624uYmWMOFb0Z6QN8J8EG1cZ6qpjn2nsO0ipFsN
hKYVoxOYF7PsISfDgWVX3hXsCIyxXTcpxotoGTGkrmJCVHzfQR6jYC9FVgUEXTYK
lzO4GD5Z7rVJezO8y9NOG0VWmFyVv8PMnA4gtGRcj3FAfqThPVsZ946rNndiG9Pv
jL6xOgsaQddbpvGc5aY4cZYxzcH1ovj4YkFxGP1lHCj0mM4g1vISRcZxuwKmRkkr
k+h8m8EsrGZtR+tqy8+Qjjb3QdmfD7ThlZKPnhWPGpiPuBk0InZd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org