Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/doDiJ165hqzXAr4_fyX2xJu_deE.roa
File:                     doDiJ165hqzXAr4_fyX2xJu_deE.roa (raw, json)
Hash identifier:          VnhxB4o0hLFl5v0BUA61g1X4D7ftVEx/cZSTfpWb8JY=
Subject key identifier:   76:80:E2:27:5E:B9:86:AC:D7:02:BE:3F:7F:25:F6:C4:9B:BF:75:E1
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       019054FBAFDA81915E715356F3E774B4C37F
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/doDiJ165hqzXAr4_fyX2xJu_deE.roa
Signing time:             Wed 26 Jun 2024 14:38:19 +0000
ROA not before:           Wed 26 Jun 2024 14:38:19 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     63023
IP address blocks:        163.5.53.0/24 maxlen: 24
                          163.5.79.0/24 maxlen: 24
                          163.5.161.0/24 maxlen: 24
                          163.5.219.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 27 Nov 2024 07:53:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:54:fb:af:da:81:91:5e:71:53:56:f3:e7:74:b4:c3:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jun 26 14:38:19 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7680e2275eb986acd702be3f7f25f6c49bbf75e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:00:7c:35:43:59:4f:5c:0c:f7:8e:af:62:3a:
                    c4:9b:28:d1:f9:dc:31:b1:ac:91:96:fd:b6:76:81:
                    d9:06:42:8f:97:d0:03:87:b1:81:46:52:f5:dc:82:
                    33:4e:97:9e:c5:b6:1e:57:71:a5:77:d4:54:f8:13:
                    00:fc:32:ad:9c:5e:2d:80:80:8f:63:e5:28:cd:f7:
                    59:53:b5:05:9e:b5:63:07:f3:5f:9b:60:f4:db:02:
                    26:4a:86:8f:c6:85:98:0f:ed:19:a9:e2:d0:e3:bd:
                    36:46:77:e2:e3:cc:2c:37:62:d2:e4:04:eb:06:ca:
                    90:b6:6a:d7:45:77:84:45:0f:3a:ed:72:b7:02:37:
                    64:fa:e6:ee:d0:92:3b:8e:c9:fb:13:28:95:ba:3e:
                    38:6f:a9:cf:fa:cb:72:d4:aa:a2:c4:8a:bc:2b:e4:
                    b2:57:15:7b:82:8b:40:be:8c:22:cf:df:48:80:c8:
                    50:3a:57:82:8f:20:2e:d7:30:36:c1:1b:d1:1e:54:
                    e3:48:dd:45:3c:8c:ac:0f:99:50:26:a3:e5:78:21:
                    81:54:55:1f:5c:70:97:b3:25:c6:c7:11:c0:79:3b:
                    ec:a8:54:95:cb:ac:72:b0:ca:26:e5:8a:8a:cc:d2:
                    e9:48:0e:a0:0d:cb:ef:f9:21:84:c1:88:b5:bf:25:
                    c1:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:80:E2:27:5E:B9:86:AC:D7:02:BE:3F:7F:25:F6:C4:9B:BF:75:E1
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/doDiJ165hqzXAr4_fyX2xJu_deE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.53.0/24
                  163.5.79.0/24
                  163.5.161.0/24
                  163.5.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:c2:74:27:96:79:2b:3b:c3:2e:c9:3e:8f:a9:e9:81:1f:11:
         4b:9e:83:5f:3a:37:bd:b0:08:84:a6:bb:43:b5:de:de:e2:fa:
         55:01:56:e1:46:b7:9b:71:c9:ff:cc:7e:9a:18:00:7f:fb:8f:
         96:17:99:53:fe:e7:5f:8a:0e:59:8d:91:05:14:20:41:f6:58:
         c7:db:51:e8:e6:b6:ea:dd:b6:ff:ec:2b:e1:6e:5c:09:9f:81:
         90:0c:df:04:4b:81:cc:5c:ad:b3:a2:40:b2:c9:54:25:72:ac:
         36:9e:dc:27:c0:33:9b:51:f5:12:42:f2:cd:4e:7f:9c:b6:a8:
         a5:e1:9f:46:02:48:61:5e:20:cf:b5:05:38:ca:e5:09:80:01:
         af:6d:9e:84:76:b6:77:bf:9d:0c:7c:73:2e:7e:7f:d5:10:13:
         69:0f:e9:17:88:22:ae:6c:36:26:c6:3e:bc:ec:c0:63:7f:cc:
         04:5c:0e:06:62:08:02:0e:81:30:56:07:00:28:30:e8:01:ce:
         44:04:89:46:59:8a:89:30:c5:da:a9:4a:3c:2b:7a:ae:0e:d6:
         07:b3:8a:ae:0f:d7:6d:69:c8:7e:f2:f7:6c:6f:c8:f7:16:30:
         a0:9d:7c:1c:ee:a2:bf:64:11:c4:e0:f0:be:8c:28:ee:ce:27:
         cd:8d:0b:2b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZBU+6/agZFecVNW8+d0tMN/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNjI2MTQzODE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjgwZTIyNzVlYjk4NmFjZDcwMmJlM2Y3ZjI1ZjZjNDliYmY3NWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgB8NUNZT1wM946vYjrEmyjR+dwx
sayRlv22doHZBkKPl9ADh7GBRlL13IIzTpeexbYeV3Gld9RU+BMA/DKtnF4tgICP
Y+UozfdZU7UFnrVjB/Nfm2D02wImSoaPxoWYD+0ZqeLQ4702Rnfi48wsN2LS5ATr
BsqQtmrXRXeERQ867XK3Ajdk+ubu0JI7jsn7EyiVuj44b6nP+sty1KqixIq8K+Sy
VxV7gotAvowiz99IgMhQOleCjyAu1zA2wRvRHlTjSN1FPIysD5lQJqPleCGBVFUf
XHCXsyXGxxHAeTvsqFSVy6xysMom5YqKzNLpSA6gDcvv+SGEwYi1vyXBxwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHaA4ideuYas1wK+P38l9sSbv3XhMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZG9EaUoxNjVocXpYQXI0X2Z5WDJ4SnVfZGVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowU1AwQA
owVPAwQAowWhAwQAowXbMA0GCSqGSIb3DQEBCwUAA4IBAQBmwnQnlnkrO8MuyT6P
qemBHxFLnoNfOje9sAiEprtDtd7e4vpVAVbhRrebccn/zH6aGAB/+4+WF5lT/udf
ig5ZjZEFFCBB9ljH21Ho5rbq3bb/7CvhblwJn4GQDN8ES4HMXK2zokCyyVQlcqw2
ntwnwDObUfUSQvLNTn+ctqil4Z9GAkhhXiDPtQU4yuUJgAGvbZ6EdrZ3v50MfHMu
fn/VEBNpD+kXiCKubDYmxj687MBjf8wEXA4GYggCDoEwVgcAKDDoAc5EBIlGWYqJ
MMXaqUo8K3quDtYHs4quD9dtach+8vdsb8j3FjCgnXwc7qK/ZBHE4PC+jCjuzifN
jQsr
-----END CERTIFICATE-----
Generated at Wed Nov 27 10:50:50 2024 by rpki-client on console-fra.rpki-client.org