Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aDSG86wgfDWixrlCWcRxJ5tnmEA.roa
File:                     aDSG86wgfDWixrlCWcRxJ5tnmEA.roa (raw, json)
Hash identifier:          X/km/bQ8W4mjuvm/LFeUPxNp/v3AbIUUXRMs2TupEbc=
Subject key identifier:   68:34:86:F3:AC:20:7C:35:A2:C6:B9:42:59:C4:71:27:9B:67:98:40
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01857042C0A9D958280B917408325594D451
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aDSG86wgfDWixrlCWcRxJ5tnmEA.roa
Signing time:             Mon 02 Jan 2023 02:15:00 +0000
ROA not before:           Mon 02 Jan 2023 02:15:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61003
IP address blocks:        163.5.134.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:42:c0:a9:d9:58:28:0b:91:74:08:32:55:94:d4:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan  2 02:15:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=683486f3ac207c35a2c6b94259c471279b679840
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:c0:d7:9a:2f:98:90:82:f2:33:c6:38:b4:22:
                    1f:27:5e:b9:1b:79:ba:ed:2c:c3:2f:7e:28:2a:dc:
                    51:d8:e3:e8:46:f9:30:44:c5:d6:6d:03:78:3b:cb:
                    7d:cc:9c:f6:9f:f9:e7:16:8d:a8:f1:8b:2f:a0:fb:
                    a6:b8:47:14:18:3a:0d:3d:22:34:1b:0f:34:ea:8f:
                    8c:fa:21:81:f7:e7:a4:7f:50:4f:4b:a9:96:46:47:
                    4d:31:95:b3:7b:80:92:97:38:8a:30:0c:8f:37:46:
                    b3:d9:45:72:ef:15:82:3a:1e:30:d0:12:96:46:55:
                    cf:41:10:d0:3c:a3:46:2e:b3:05:ac:d5:5b:82:3c:
                    27:29:53:0a:b5:b0:16:64:9a:e9:75:c7:61:68:b4:
                    b2:a3:2d:62:e7:f4:9c:56:e4:fd:32:d1:74:39:bb:
                    4c:79:1f:31:ab:c5:6c:55:53:81:2d:9b:a1:b8:8e:
                    b0:cc:7d:35:e5:b2:2a:a5:b9:84:ee:29:ca:24:7d:
                    28:84:3c:f2:c8:28:50:fc:44:5b:72:8c:1b:38:22:
                    20:12:d3:0c:cc:d7:1f:83:4c:30:1e:c7:27:12:f7:
                    b3:6b:52:e4:8e:03:cd:9a:da:b6:89:90:15:69:1f:
                    c8:a5:41:1a:ab:82:42:2b:38:f1:c0:0a:f2:de:44:
                    f9:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:34:86:F3:AC:20:7C:35:A2:C6:B9:42:59:C4:71:27:9B:67:98:40
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aDSG86wgfDWixrlCWcRxJ5tnmEA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.134.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:a7:dc:a5:7e:1d:b5:72:3f:1e:11:94:23:62:88:77:b0:2d:
         5c:e5:14:a8:0c:2e:93:13:e0:6d:dc:e4:cf:64:df:68:6b:ba:
         a0:2f:d3:81:ba:a7:fb:97:6c:36:56:c2:ad:98:0c:18:aa:46:
         b5:1d:84:6b:52:9e:27:4e:89:cd:4e:80:06:02:69:55:da:a2:
         78:70:d9:2f:c8:d6:60:a8:99:39:2d:75:c2:32:0c:b1:70:f6:
         6d:ce:ff:f0:28:69:40:ef:43:27:3d:89:97:c7:73:4e:b3:ef:
         44:44:4d:56:ea:72:b1:cd:f8:8d:2a:55:05:66:a0:98:07:6b:
         5f:9f:ea:a7:39:2d:b4:50:07:f6:ff:3b:33:ca:f2:a6:dd:b1:
         65:aa:83:7d:af:d2:4a:6e:22:f0:26:90:94:6e:9e:b5:95:02:
         65:59:bf:9f:47:4d:66:e2:2b:26:29:90:fc:70:19:65:ed:c8:
         05:f4:2a:97:7c:31:97:d6:6e:f3:1e:2b:30:40:d5:9c:2e:ee:
         c2:d7:7f:99:b6:52:5d:00:68:50:f1:41:4d:87:fb:ef:ae:c5:
         eb:0c:1d:0e:12:fe:ec:d4:c4:a1:b2:7e:38:f7:e6:a7:6b:31:
         8f:9a:ac:15:67:66:ff:39:25:fa:18:3f:5b:5f:e2:6b:01:eb:
         9c:a9:c6:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQsCp2VgoC5F0CDJVlNRRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTAyMDIxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODM0ODZmM2FjMjA3YzM1YTJjNmI5NDI1OWM0NzEyNzliNjc5ODQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMDXmi+YkILyM8Y4tCIfJ165G3m6
7SzDL34oKtxR2OPoRvkwRMXWbQN4O8t9zJz2n/nnFo2o8YsvoPumuEcUGDoNPSI0
Gw806o+M+iGB9+ekf1BPS6mWRkdNMZWze4CSlziKMAyPN0az2UVy7xWCOh4w0BKW
RlXPQRDQPKNGLrMFrNVbgjwnKVMKtbAWZJrpdcdhaLSyoy1i5/ScVuT9MtF0ObtM
eR8xq8VsVVOBLZuhuI6wzH015bIqpbmE7inKJH0ohDzyyChQ/ERbcowbOCIgEtMM
zNcfg0wwHscnEveza1LkjgPNmtq2iZAVaR/IpUEaq4JCKzjxwAry3kT5pQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGg0hvOsIHw1osa5QlnEcSebZ5hAMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYURTRzg2d2dmRFdpeHJsQ1djUnhKNXRubUVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowWGMA0G
CSqGSIb3DQEBCwUAA4IBAQCbp9ylfh21cj8eEZQjYoh3sC1c5RSoDC6TE+Bt3OTP
ZN9oa7qgL9OBuqf7l2w2VsKtmAwYqka1HYRrUp4nTonNToAGAmlV2qJ4cNkvyNZg
qJk5LXXCMgyxcPZtzv/wKGlA70MnPYmXx3NOs+9ERE1W6nKxzfiNKlUFZqCYB2tf
n+qnOS20UAf2/zszyvKm3bFlqoN9r9JKbiLwJpCUbp61lQJlWb+fR01m4ismKZD8
cBll7cgF9CqXfDGX1m7zHiswQNWcLu7C13+ZtlJdAGhQ8UFNh/vvrsXrDB0OEv7s
1MShsn449+anazGPmqwVZ2b/OSX6GD9bX+JrAeucqcYo
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:33 2024 by rpki-client on console-ams.rpki-client.org