Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/i_L8IPkKene7p7gBBswU4Dc3z5g.roa
File:                     i_L8IPkKene7p7gBBswU4Dc3z5g.roa (raw, json)
Hash identifier:          GUdLyR5EpGscn3eSDzVGEP1hQbswAYPvyDGNV47vepU=
Subject key identifier:   8B:F2:FC:20:F9:0A:7A:77:BB:A7:B8:01:06:CC:14:E0:37:37:CF:98
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01857042BCE01A04790C2D5A976AF43F1D55
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/i_L8IPkKene7p7gBBswU4Dc3z5g.roa
Signing time:             Mon 02 Jan 2023 02:15:00 +0000
ROA not before:           Mon 02 Jan 2023 02:15:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49581
IP address blocks:        163.5.108.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 06 Apr 2023 16:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:42:bc:e0:1a:04:79:0c:2d:5a:97:6a:f4:3f:1d:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan  2 02:15:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8bf2fc20f90a7a77bba7b80106cc14e03737cf98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:cb:ae:d9:97:d9:3c:b0:ad:e1:d7:66:00:16:
                    a5:d5:c9:fa:79:55:d0:f9:6e:9e:47:83:9e:dd:8c:
                    de:5d:d1:48:d1:7c:65:c9:39:7f:7f:74:82:fa:0a:
                    5a:23:5a:38:89:87:a1:52:8d:6b:df:30:ef:64:e6:
                    84:1f:b4:64:0a:91:3e:e4:07:f6:5a:09:03:6c:62:
                    51:c8:62:d4:b7:ae:b7:55:66:4e:90:3f:96:a8:29:
                    93:a8:95:36:c9:35:17:c6:1e:e9:4f:b4:0f:e9:d8:
                    79:d4:e4:2c:1b:ed:0f:9d:43:5d:89:33:9f:36:dc:
                    44:36:d6:16:c1:16:51:3e:a8:25:f5:ef:f3:ed:c4:
                    b6:e4:24:70:0c:51:64:08:9b:94:b5:98:bc:e9:c2:
                    32:51:22:a4:4e:5c:4d:0b:16:4c:b5:59:eb:3e:9d:
                    1c:a6:07:a7:a2:02:89:44:4d:61:c9:f0:f9:70:f8:
                    11:13:98:35:27:03:75:64:18:c3:2a:b7:d6:21:b5:
                    0c:be:87:9b:51:42:34:8e:51:15:5e:2f:42:7d:08:
                    1a:09:23:a0:e7:6b:0a:eb:92:e3:67:6a:cd:d4:80:
                    b2:87:61:61:8d:70:00:8d:b1:fe:64:b7:c3:a5:38:
                    a9:8c:a8:66:f3:e4:06:8e:63:e8:1f:01:82:9b:a5:
                    e0:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:F2:FC:20:F9:0A:7A:77:BB:A7:B8:01:06:CC:14:E0:37:37:CF:98
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/i_L8IPkKene7p7gBBswU4Dc3z5g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:ee:4a:9f:1f:ca:a8:af:42:0d:f0:88:da:bf:07:36:5b:61:
         ab:0a:de:e5:cc:2d:d0:ee:6a:fc:65:43:43:52:a3:00:b5:04:
         8a:dc:07:20:ae:0e:c7:79:97:64:80:28:9c:a0:66:9b:98:fb:
         2f:91:8d:6c:66:29:79:f5:26:00:49:e7:06:94:9f:e8:e4:90:
         ce:54:75:1e:56:51:7e:82:ef:ff:a5:cb:b6:21:93:b2:e4:4d:
         40:e9:c3:84:92:5b:86:33:6f:e2:b8:6e:46:5e:aa:6c:69:ab:
         d5:1d:bd:74:55:35:63:fe:ff:e0:86:d2:73:13:36:cf:76:52:
         94:01:45:d2:66:9c:a0:8a:fe:2e:96:1d:2c:dd:55:45:0d:4d:
         b1:fc:17:59:19:5e:3a:ae:9a:33:12:e1:35:52:16:01:ae:ea:
         97:4d:14:37:66:7c:ee:a6:2f:3f:57:b2:0f:9d:59:e6:eb:dc:
         c0:8a:3e:90:08:f6:51:70:ce:c5:eb:92:d5:5a:3d:91:76:83:
         45:a8:43:0e:b4:c1:ea:fd:11:0e:c6:10:fe:37:37:0d:5b:38:
         fb:b8:6c:88:02:4d:3c:7d:5c:71:27:52:d7:ea:5b:23:b6:7c:
         2d:1e:02:b3:1a:03:63:5a:68:c6:5f:a5:d9:26:2f:09:d6:18:
         cd:01:eb:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQrzgGgR5DC1al2r0Px1VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTAyMDIxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmYyZmMyMGY5MGE3YTc3YmJhN2I4MDEwNmNjMTRlMDM3MzdjZjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMuu2ZfZPLCt4ddmABal1cn6eVXQ
+W6eR4Oe3YzeXdFI0XxlyTl/f3SC+gpaI1o4iYehUo1r3zDvZOaEH7RkCpE+5Af2
WgkDbGJRyGLUt663VWZOkD+WqCmTqJU2yTUXxh7pT7QP6dh51OQsG+0PnUNdiTOf
NtxENtYWwRZRPqgl9e/z7cS25CRwDFFkCJuUtZi86cIyUSKkTlxNCxZMtVnrPp0c
pgenogKJRE1hyfD5cPgRE5g1JwN1ZBjDKrfWIbUMvoebUUI0jlEVXi9CfQgaCSOg
52sK65LjZ2rN1ICyh2FhjXAAjbH+ZLfDpTipjKhm8+QGjmPoHwGCm6Xg+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIvy/CD5Cnp3u6e4AQbMFOA3N8+YMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaV9MOElQa0tlbmU3cDdnQkJzd1U0RGMzejVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowVsMA0G
CSqGSIb3DQEBCwUAA4IBAQAv7kqfH8qor0IN8Ijavwc2W2GrCt7lzC3Q7mr8ZUND
UqMAtQSK3Acgrg7HeZdkgCicoGabmPsvkY1sZil59SYASecGlJ/o5JDOVHUeVlF+
gu//pcu2IZOy5E1A6cOEkluGM2/iuG5GXqpsaavVHb10VTVj/v/ghtJzEzbPdlKU
AUXSZpygiv4ulh0s3VVFDU2x/BdZGV46rpozEuE1UhYBruqXTRQ3Znzupi8/V7IP
nVnm69zAij6QCPZRcM7F65LVWj2RdoNFqEMOtMHq/REOxhD+NzcNWzj7uGyIAk08
fVxxJ1LX6lsjtnwtHgKzGgNjWmjGX6XZJi8J1hjNAesl
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:34 2024 by rpki-client on console-ams.rpki-client.org