Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aWX1wxGFkhc__WXmfHtwTMd6x5A.roa
File:                     aWX1wxGFkhc__WXmfHtwTMd6x5A.roa (raw, json)
Hash identifier:          YIQUamDJEhgai9W+GgTWMdm+SCqESelQHTEGqkbbWIs=
Subject key identifier:   69:65:F5:C3:11:85:92:17:3F:FD:65:E6:7C:7B:70:4C:C7:7A:C7:90
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018955FFC5AD38F096ED027AED08A9A9AAD0
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aWX1wxGFkhc__WXmfHtwTMd6x5A.roa
Signing time:             Fri 14 Jul 2023 20:02:52 +0000
ROA not before:           Fri 14 Jul 2023 20:02:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205220
IP address blocks:        163.5.61.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 16 Aug 2023 14:03:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:55:ff:c5:ad:38:f0:96:ed:02:7a:ed:08:a9:a9:aa:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jul 14 20:02:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6965f5c3118592173ffd65e67c7b704cc77ac790
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:6e:ab:d5:8a:f6:ed:ab:a8:6d:81:0d:b7:57:
                    f4:0e:4a:22:c4:8e:2e:64:9b:5d:d9:4b:24:76:35:
                    02:6b:72:77:3d:3d:50:e1:84:4e:00:87:74:04:c2:
                    71:44:8c:eb:6c:90:78:36:d0:33:20:1f:b3:c3:d6:
                    cc:23:9e:03:43:03:83:c2:9e:af:b1:a5:c4:29:05:
                    2c:f7:d1:08:0b:1d:e0:f0:9b:ef:a8:4a:69:5b:60:
                    f6:45:b6:03:6e:88:29:35:d7:8b:04:0e:2e:0a:6b:
                    2e:1d:c3:d6:cd:7b:00:ce:d0:52:63:98:eb:22:04:
                    bb:d0:67:58:96:1d:89:39:7e:dc:88:43:87:50:c4:
                    56:17:43:88:88:f4:11:8f:a9:27:6b:00:cd:7d:83:
                    62:38:2a:53:8b:61:94:1d:66:36:47:20:9a:35:8e:
                    cf:e7:f2:9a:4f:cb:f4:db:27:a7:b3:d4:93:c3:c5:
                    2b:03:74:8b:e4:bc:7a:78:40:16:d8:54:b7:ab:96:
                    a2:6e:78:61:46:ce:db:65:89:6e:7c:cb:60:e8:64:
                    e2:26:f1:49:32:85:f6:d5:22:9a:cb:29:66:4c:9a:
                    0c:c0:88:ea:9e:2d:03:82:79:f6:ef:0f:1e:6a:93:
                    60:92:f4:62:1b:ec:ec:5d:90:e8:ea:69:f8:4e:04:
                    5a:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:65:F5:C3:11:85:92:17:3F:FD:65:E6:7C:7B:70:4C:C7:7A:C7:90
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/aWX1wxGFkhc__WXmfHtwTMd6x5A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:89:9f:62:97:4a:1e:16:ab:61:97:1f:b2:e8:58:3e:9d:15:
         9f:13:58:41:6f:79:92:c8:17:2f:94:94:db:bf:c0:57:bb:6a:
         dd:3f:bc:44:2e:ca:e3:95:f7:bf:d1:4b:9a:7b:e2:d8:13:c9:
         9f:95:b2:ce:04:94:8d:6f:b1:01:5d:7e:06:65:cd:64:b5:6d:
         2d:df:37:4c:32:d7:0e:da:2f:77:b6:84:ab:52:c4:c6:6c:45:
         32:51:92:ad:74:bd:d7:5f:63:f2:e0:b2:0f:f8:21:48:06:5f:
         70:e3:33:df:83:8a:72:92:d2:6c:4b:99:91:d0:d4:16:0b:84:
         98:d4:4d:4c:6a:7d:ab:26:20:07:d0:7d:a3:d9:89:3b:08:fb:
         a1:a4:f6:7b:54:fd:16:29:98:98:cd:61:6e:00:e7:ac:f0:f4:
         c6:d2:c6:7f:ff:6a:54:e7:e1:c3:7e:45:1e:70:c1:75:30:c9:
         ef:1d:9c:06:8a:dd:65:55:71:a5:45:df:6c:10:b8:48:6f:fa:
         84:e3:d8:11:d9:13:61:d9:81:f3:7c:e2:80:f9:11:31:37:bc:
         56:03:0c:83:13:7c:bd:e1:1a:82:4a:6c:e8:36:0b:9e:a1:2a:
         a9:4a:53:b3:a4:e7:3b:cb:c2:16:79:6a:5c:90:8a:f3:d9:85:
         97:6c:09:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlV/8WtOPCW7QJ67QipqarQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNzE0MjAwMjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTY1ZjVjMzExODU5MjE3M2ZmZDY1ZTY3YzdiNzA0Y2M3N2FjNzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtW6r1Yr27auobYENt1f0DkoixI4u
ZJtd2UskdjUCa3J3PT1Q4YROAId0BMJxRIzrbJB4NtAzIB+zw9bMI54DQwODwp6v
saXEKQUs99EICx3g8JvvqEppW2D2RbYDbogpNdeLBA4uCmsuHcPWzXsAztBSY5jr
IgS70GdYlh2JOX7ciEOHUMRWF0OIiPQRj6knawDNfYNiOCpTi2GUHWY2RyCaNY7P
5/KaT8v02yens9STw8UrA3SL5Lx6eEAW2FS3q5aibnhhRs7bZYlufMtg6GTiJvFJ
MoX21SKayylmTJoMwIjqni0Dgnn27w8eapNgkvRiG+zsXZDo6mn4TgRaBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGll9cMRhZIXP/1l5nx7cEzHeseQMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYVdYMXd4R0ZraGNfX1dYbWZIdHdUTWQ2eDVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowU9MA0G
CSqGSIb3DQEBCwUAA4IBAQCfiZ9il0oeFqthlx+y6Fg+nRWfE1hBb3mSyBcvlJTb
v8BXu2rdP7xELsrjlfe/0Uuae+LYE8mflbLOBJSNb7EBXX4GZc1ktW0t3zdMMtcO
2i93toSrUsTGbEUyUZKtdL3XX2Py4LIP+CFIBl9w4zPfg4pyktJsS5mR0NQWC4SY
1E1Man2rJiAH0H2j2Yk7CPuhpPZ7VP0WKZiYzWFuAOes8PTG0sZ//2pU5+HDfkUe
cMF1MMnvHZwGit1lVXGlRd9sELhIb/qE49gR2RNh2YHzfOKA+RExN7xWAwyDE3y9
4RqCSmzoNgueoSqpSlOzpOc7y8IWeWpckIrz2YWXbAnN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org