Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/erCMfuNRd0ricVOjpFMSnZq_fv4.roa
File:                     erCMfuNRd0ricVOjpFMSnZq_fv4.roa (raw, json)
Hash identifier:          YaD9+a1dU1HqS0c3+QxarIQ4lbqDa2nXTTKErmGbwic=
Subject key identifier:   7A:B0:8C:7E:E3:51:77:4A:E2:71:53:A3:A4:53:12:9D:9A:BF:7E:FE
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0187D67060D77F5820E066D322A1758413B3
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/erCMfuNRd0ricVOjpFMSnZq_fv4.roa
Signing time:             Mon 01 May 2023 08:31:41 +0000
ROA not before:           Mon 01 May 2023 08:31:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60721
IP address blocks:        163.5.34.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 14 Jul 2023 16:15:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:d6:70:60:d7:7f:58:20:e0:66:d3:22:a1:75:84:13:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: May  1 08:31:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7ab08c7ee351774ae27153a3a453129d9abf7efe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:a0:22:f2:11:12:b1:e3:c2:a9:9c:5a:d7:49:
                    a8:9e:b0:22:19:85:32:c7:93:83:3c:c5:71:40:f5:
                    13:71:3d:19:a9:b5:6e:18:08:ab:4e:8d:b6:23:d9:
                    92:2b:d2:06:4e:00:c4:97:c0:cc:18:3a:71:ab:0a:
                    18:41:50:45:3d:8d:e0:f1:01:0f:f3:44:ab:d5:32:
                    31:84:a2:83:45:c0:1c:74:64:b9:68:86:83:b0:59:
                    45:c1:75:5e:ed:82:b3:56:1e:38:fe:b7:fa:b5:59:
                    50:86:8b:27:88:76:96:d6:17:93:f7:e6:c3:6b:a5:
                    7a:d0:5d:3e:35:9f:a2:0c:4b:2e:e6:f3:37:bc:95:
                    4f:10:f8:ee:26:de:cd:7b:b8:a8:42:38:72:a2:e2:
                    83:80:1b:78:6e:6c:86:8e:e2:32:4b:6f:02:7d:21:
                    03:90:b9:bd:87:76:71:5b:e1:95:73:8c:22:fb:6c:
                    c6:a3:e9:a8:a6:1d:94:8c:79:08:28:3d:b4:6a:a6:
                    38:9e:ad:e8:58:22:91:45:94:90:ba:f0:6d:0a:bc:
                    0b:3f:c8:80:02:a1:19:d8:e7:0e:30:62:a4:14:b8:
                    7c:2a:98:3f:63:89:b1:bd:0f:aa:f6:ed:a8:fb:f8:
                    ea:5b:22:c8:d2:59:98:a8:83:31:b9:40:44:b5:e1:
                    0e:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:B0:8C:7E:E3:51:77:4A:E2:71:53:A3:A4:53:12:9D:9A:BF:7E:FE
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/erCMfuNRd0ricVOjpFMSnZq_fv4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:fe:0a:7e:8b:68:9a:fd:00:2f:7c:09:12:d1:f6:8c:59:2c:
         da:16:85:44:cf:a8:bb:df:49:42:e0:ad:8f:e5:ba:5b:e8:a2:
         13:f6:75:56:c6:d3:aa:f4:3d:ab:65:3f:b6:a3:02:8a:1c:87:
         dc:00:e8:de:7c:64:3a:69:d5:05:44:1c:56:e3:8a:48:f3:08:
         cd:ad:95:8d:29:d7:a2:5b:09:8a:48:63:4b:3d:8b:fc:a8:f1:
         14:01:9f:7c:ed:5c:8e:78:3a:6f:9c:00:a8:69:8b:fc:2a:5a:
         2f:0c:9b:5b:0a:a9:37:a7:84:ea:e6:8e:87:93:87:76:b0:56:
         1c:43:3c:e8:af:e7:c7:5e:10:28:62:b9:ee:5a:1b:60:02:8e:
         78:19:76:05:d5:a1:03:1b:77:75:49:47:8f:b5:02:26:1d:17:
         66:1b:5e:59:42:8f:23:ee:24:93:d0:b2:57:21:e0:3c:8d:ab:
         57:e1:1c:da:7b:59:22:0d:d5:7a:31:20:d2:2a:b5:aa:e2:75:
         b7:24:7a:db:80:35:ad:df:c1:c5:6b:50:ad:ca:5a:7a:51:12:
         fd:dc:3e:c7:ff:45:1f:4b:fb:66:af:bd:29:76:ca:db:0d:eb:
         55:e4:a8:0a:b2:47:83:2e:0c:fa:db:b1:6a:c4:72:a5:9a:73:
         d1:f5:50:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfWcGDXf1gg4GbTIqF1hBOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNTAxMDgzMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWIwOGM3ZWUzNTE3NzRhZTI3MTUzYTNhNDUzMTI5ZDlhYmY3ZWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaAi8hESsePCqZxa10monrAiGYUy
x5ODPMVxQPUTcT0ZqbVuGAirTo22I9mSK9IGTgDEl8DMGDpxqwoYQVBFPY3g8QEP
80Sr1TIxhKKDRcAcdGS5aIaDsFlFwXVe7YKzVh44/rf6tVlQhosniHaW1heT9+bD
a6V60F0+NZ+iDEsu5vM3vJVPEPjuJt7Ne7ioQjhyouKDgBt4bmyGjuIyS28CfSED
kLm9h3ZxW+GVc4wi+2zGo+moph2UjHkIKD20aqY4nq3oWCKRRZSQuvBtCrwLP8iA
AqEZ2OcOMGKkFLh8Kpg/Y4mxvQ+q9u2o+/jqWyLI0lmYqIMxuUBEteEOYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHqwjH7jUXdK4nFTo6RTEp2av37+MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZXJDTWZ1TlJkMHJpY1ZPanBGTVNuWnFfZnY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowUiMA0G
CSqGSIb3DQEBCwUAA4IBAQCa/gp+i2ia/QAvfAkS0faMWSzaFoVEz6i730lC4K2P
5bpb6KIT9nVWxtOq9D2rZT+2owKKHIfcAOjefGQ6adUFRBxW44pI8wjNrZWNKdei
WwmKSGNLPYv8qPEUAZ987VyOeDpvnACoaYv8KlovDJtbCqk3p4Tq5o6Hk4d2sFYc
Qzzor+fHXhAoYrnuWhtgAo54GXYF1aEDG3d1SUePtQImHRdmG15ZQo8j7iST0LJX
IeA8jatX4Rzae1kiDdV6MSDSKrWq4nW3JHrbgDWt38HFa1Ctylp6URL93D7H/0Uf
S/tmr70pdsrbDetV5KgKskeDLgz627FqxHKlmnPR9VBp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:07 2024 by rpki-client on console-fra.rpki-client.org