Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/jjXaSgM4YdNTvBFtuXsWWHLWZCA.roa
File:                     jjXaSgM4YdNTvBFtuXsWWHLWZCA.roa (raw, json)
Hash identifier:          lKxZEa5TZhuV9k8Iv5r71dBsLfYb5WlAzRemOYkRcC8=
Subject key identifier:   8E:35:DA:4A:03:38:61:D3:53:BC:11:6D:B9:7B:16:58:72:D6:64:20
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01882E3E986BF741F58D5073520B021F394E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/jjXaSgM4YdNTvBFtuXsWWHLWZCA.roa
Signing time:             Thu 18 May 2023 09:43:54 +0000
ROA not before:           Thu 18 May 2023 09:43:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49999
IP address blocks:        163.5.175.0/24 maxlen: 24
                          163.5.64.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 17 Jun 2023 22:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:2e:3e:98:6b:f7:41:f5:8d:50:73:52:0b:02:1f:39:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: May 18 09:43:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8e35da4a033861d353bc116db97b165872d66420
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:e2:a5:ec:78:a9:0b:6b:4d:49:c8:26:0c:8f:
                    47:74:86:ad:33:30:3d:67:97:05:b0:0e:a7:12:db:
                    69:2d:e3:b7:68:fe:c5:cd:a5:97:6f:85:55:d8:87:
                    5b:da:ca:89:8c:f3:20:8a:54:43:58:86:15:f9:b2:
                    6b:1d:f0:a5:38:5e:91:c6:c6:58:34:88:ac:b9:58:
                    40:53:ff:d7:7c:bf:09:38:52:58:22:4f:5d:eb:66:
                    61:1c:c9:c8:aa:fb:e2:c4:cc:ae:03:72:ea:0a:6f:
                    ea:da:46:5a:90:ab:a7:99:50:1c:8e:06:67:63:fb:
                    2a:fd:7c:c5:80:ac:ef:de:98:d3:05:28:99:31:f1:
                    d9:4b:c6:5f:05:80:39:c8:b9:7f:6f:3c:d9:8a:7c:
                    e0:af:f9:c9:78:c3:56:79:61:79:b3:fd:02:34:76:
                    bf:f9:92:a9:7a:92:ac:16:de:4b:61:34:14:d5:9a:
                    ef:66:ea:cf:21:4d:9c:d6:a4:91:00:3a:e6:80:b3:
                    80:1f:41:0c:df:b9:0a:13:c0:5a:fc:00:50:ee:ce:
                    5c:17:c7:4d:72:03:52:86:f7:97:65:5b:12:ac:a8:
                    6e:43:79:9a:fb:80:ac:ea:6c:92:98:4b:b5:75:03:
                    fe:e2:d8:be:b8:e4:a2:b1:dc:84:08:70:cc:27:39:
                    6f:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:35:DA:4A:03:38:61:D3:53:BC:11:6D:B9:7B:16:58:72:D6:64:20
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/jjXaSgM4YdNTvBFtuXsWWHLWZCA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.64.0/24
                  163.5.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:f8:df:c8:09:7b:df:95:8d:83:37:9e:d4:f7:b6:c8:5c:ee:
         11:9d:df:d4:e8:d0:a6:65:ed:31:8f:7c:74:55:0a:d4:33:22:
         f9:e4:eb:f2:6c:1f:f6:23:20:9a:eb:e6:51:c1:35:31:b7:48:
         e1:c1:a3:f7:fc:7a:08:11:7b:fd:5b:f6:67:46:62:ce:81:68:
         81:15:a4:68:2e:23:f0:b8:54:39:f6:fe:35:9d:be:95:8b:44:
         12:c1:c7:53:14:28:75:33:8f:08:0a:47:b2:30:8c:d3:23:ca:
         13:24:74:1f:40:af:d4:15:54:81:65:93:76:f1:2c:3a:5a:62:
         82:82:b3:31:55:1a:be:d5:46:8b:e6:f0:fc:c4:19:59:54:1a:
         1e:00:f8:c0:76:f3:b3:0e:2d:fe:29:bf:37:a8:67:4a:9a:30:
         5a:d4:18:fd:7b:9f:33:51:7e:b8:53:b1:d3:85:50:57:9d:6d:
         af:ca:60:05:4c:ee:e6:cd:01:ab:c2:cb:e2:1e:54:87:15:49:
         f6:fd:ce:31:10:7b:80:a0:06:92:61:e1:1e:a8:ff:78:5b:af:
         76:61:03:33:04:22:3e:de:91:0f:05:64:5a:e5:0c:a1:3a:38:
         27:b9:7a:97:2a:a5:10:3a:9f:29:a5:b3:e2:4e:9a:14:9f:a9:
         5b:3d:cc:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYguPphr90H1jVBzUgsCHzlOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNTE4MDk0MzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTM1ZGE0YTAzMzg2MWQzNTNiYzExNmRiOTdiMTY1ODcyZDY2NDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOKl7HipC2tNScgmDI9HdIatMzA9
Z5cFsA6nEttpLeO3aP7FzaWXb4VV2Idb2sqJjPMgilRDWIYV+bJrHfClOF6RxsZY
NIisuVhAU//XfL8JOFJYIk9d62ZhHMnIqvvixMyuA3LqCm/q2kZakKunmVAcjgZn
Y/sq/XzFgKzv3pjTBSiZMfHZS8ZfBYA5yLl/bzzZinzgr/nJeMNWeWF5s/0CNHa/
+ZKpepKsFt5LYTQU1ZrvZurPIU2c1qSRADrmgLOAH0EM37kKE8Ba/ABQ7s5cF8dN
cgNShveXZVsSrKhuQ3ma+4Cs6mySmEu1dQP+4ti+uOSisdyECHDMJzlvUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI412koDOGHTU7wRbbl7Flhy1mQgMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvampYYVNnTTRZZE5UdkJGdHVYc1dXSExXWkNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowVAAwQA
owWvMA0GCSqGSIb3DQEBCwUAA4IBAQCa+N/ICXvflY2DN57U97bIXO4Rnd/U6NCm
Ze0xj3x0VQrUMyL55OvybB/2IyCa6+ZRwTUxt0jhwaP3/HoIEXv9W/ZnRmLOgWiB
FaRoLiPwuFQ59v41nb6Vi0QSwcdTFCh1M48ICkeyMIzTI8oTJHQfQK/UFVSBZZN2
8Sw6WmKCgrMxVRq+1UaL5vD8xBlZVBoeAPjAdvOzDi3+Kb83qGdKmjBa1Bj9e58z
UX64U7HThVBXnW2vymAFTO7mzQGrwsviHlSHFUn2/c4xEHuAoAaSYeEeqP94W692
YQMzBCI+3pEPBWRa5QyhOjgnuXqXKqUQOp8ppbPiTpoUn6lbPcw3
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:34 2024 by rpki-client on console-ams.rpki-client.org