Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aIR0FpkgzR9gqrMQUzl9GyCukn0.roa
File:                     aIR0FpkgzR9gqrMQUzl9GyCukn0.roa (raw, json)
Hash identifier:          aURcVG2hupH/5nTQ87TcO2RNZN96y6Lll0XVVPvF2I4=
Subject key identifier:   68:84:74:16:99:20:CD:1F:60:AA:B3:10:53:39:7D:1B:20:AE:92:7D
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018968B1C0CD3A6C9FD4F13E53DDB6ADA4FC
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aIR0FpkgzR9gqrMQUzl9GyCukn0.roa
Signing time:             Tue 18 Jul 2023 11:10:26 +0000
ROA not before:           Tue 18 Jul 2023 11:10:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208287
IP address blocks:        163.5.248.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 16 Aug 2023 14:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:68:b1:c0:cd:3a:6c:9f:d4:f1:3e:53:dd:b6:ad:a4:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jul 18 11:10:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=688474169920cd1f60aab31053397d1b20ae927d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:75:b8:45:16:6d:28:c5:23:47:8f:ef:23:32:
                    e9:06:3e:7b:71:98:6a:c1:3f:03:2d:2c:93:1f:19:
                    39:d1:e7:c4:63:a1:cf:01:e4:fe:08:1e:b5:f7:e7:
                    8d:af:17:5f:4f:06:d4:a6:88:6d:94:b3:0e:0f:d5:
                    2d:02:3c:36:ff:6c:38:32:57:50:e4:b4:c8:a8:c4:
                    ef:bb:82:01:79:28:2e:9b:5d:1e:44:2e:19:25:87:
                    bc:81:73:8f:6a:4c:af:ea:46:76:73:da:53:5c:71:
                    cf:c0:f7:47:73:0f:d6:0f:0e:4a:39:fd:91:5b:a4:
                    b0:6a:1e:d3:46:14:36:63:6f:c3:df:8e:d5:ba:0a:
                    43:30:99:76:4e:17:93:9b:9d:26:e6:0b:96:32:07:
                    40:32:d5:ae:32:59:44:8d:ee:ed:11:3c:19:a4:2b:
                    b9:56:17:6d:22:a5:f0:02:4f:b8:07:7b:32:97:b8:
                    4e:e3:a3:00:87:70:07:97:3e:0c:c4:f8:91:ef:99:
                    29:39:3b:d4:72:1d:72:a1:70:b3:19:89:26:5a:6d:
                    1e:b2:e5:db:ff:94:48:0c:2a:ab:4a:e5:7d:c2:6c:
                    24:9a:c5:e5:b7:f9:bf:29:d9:57:05:26:1d:b8:da:
                    10:a9:aa:b2:0e:6a:b6:ae:f3:1a:f5:72:24:41:b0:
                    8e:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:84:74:16:99:20:CD:1F:60:AA:B3:10:53:39:7D:1B:20:AE:92:7D
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aIR0FpkgzR9gqrMQUzl9GyCukn0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:94:9d:6a:5f:30:fd:31:1a:3a:f4:e8:76:f7:14:5c:27:03:
         a2:59:0b:73:8b:8d:41:cc:b7:56:c6:41:86:50:a2:4a:6a:c7:
         55:59:63:f5:a4:52:c0:72:90:49:e1:bf:d3:71:72:ae:81:ff:
         c9:97:8f:2b:9e:11:c1:16:de:6a:9c:a0:2e:1b:e0:60:2c:96:
         42:58:fe:9d:91:81:4b:e2:5b:a0:5b:20:e8:3a:15:34:bf:6f:
         02:1c:a9:59:ef:85:6f:99:03:1c:6c:55:aa:a8:5e:24:fa:ea:
         6e:ad:b0:66:e3:83:05:b1:2e:e2:37:b5:8c:ca:31:93:56:99:
         6d:bd:12:f9:fe:71:23:cd:d6:d3:d3:90:72:f3:15:fb:c0:f7:
         88:a4:4b:70:5d:3b:5e:3c:3b:f1:0a:a5:0e:02:3c:14:77:48:
         a0:34:53:59:39:b4:6b:e8:e1:9a:6c:94:52:3d:48:56:9e:41:
         90:88:9a:ec:74:f2:01:ce:79:df:45:05:b3:0c:f7:81:cf:25:
         06:e4:89:c4:09:25:f6:f2:47:c8:f6:79:bc:79:ed:b9:e6:6b:
         c7:db:0a:5f:f1:80:df:23:d8:28:22:bc:aa:b3:83:41:20:e1:
         a6:ee:7f:3d:bd:79:7b:2a:f2:de:2f:5a:95:f0:79:65:fb:91:
         ca:fd:73:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYloscDNOmyf1PE+U922raT8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNzE4MTExMDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODg0NzQxNjk5MjBjZDFmNjBhYWIzMTA1MzM5N2QxYjIwYWU5MjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3W4RRZtKMUjR4/vIzLpBj57cZhq
wT8DLSyTHxk50efEY6HPAeT+CB619+eNrxdfTwbUpohtlLMOD9UtAjw2/2w4MldQ
5LTIqMTvu4IBeSgum10eRC4ZJYe8gXOPakyv6kZ2c9pTXHHPwPdHcw/WDw5KOf2R
W6Swah7TRhQ2Y2/D347VugpDMJl2TheTm50m5guWMgdAMtWuMllEje7tETwZpCu5
VhdtIqXwAk+4B3syl7hO46MAh3AHlz4MxPiR75kpOTvUch1yoXCzGYkmWm0esuXb
/5RIDCqrSuV9wmwkmsXlt/m/KdlXBSYduNoQqaqyDmq2rvMa9XIkQbCOBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGiEdBaZIM0fYKqzEFM5fRsgrpJ9MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYUlSMEZwa2d6UjlncXJNUVV6bDlHeUN1a24wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowX4MA0G
CSqGSIb3DQEBCwUAA4IBAQAzlJ1qXzD9MRo69Oh29xRcJwOiWQtzi41BzLdWxkGG
UKJKasdVWWP1pFLAcpBJ4b/TcXKugf/Jl48rnhHBFt5qnKAuG+BgLJZCWP6dkYFL
4lugWyDoOhU0v28CHKlZ74VvmQMcbFWqqF4k+upurbBm44MFsS7iN7WMyjGTVplt
vRL5/nEjzdbT05By8xX7wPeIpEtwXTtePDvxCqUOAjwUd0igNFNZObRr6OGabJRS
PUhWnkGQiJrsdPIBznnfRQWzDPeBzyUG5InECSX28kfI9nm8ee255mvH2wpf8YDf
I9goIryqs4NBIOGm7n89vXl7KvLeL1qV8Hll+5HK/XPA
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:33 2024 by rpki-client on console-ams.rpki-client.org