Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kUxOR2AKmJylglpugDOSVfWZrw0.roa
File:                     kUxOR2AKmJylglpugDOSVfWZrw0.roa (raw, json)
Hash identifier:          /iJGF7GKyeXGEXV9eciKLTslnVdg4jZJZ1/KmveAhxQ=
Subject key identifier:   91:4C:4E:47:60:0A:98:9C:A5:82:5A:6E:80:33:92:55:F5:99:AF:0D
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0187B16383300F71EE95886E89DAA1DFF7EB
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kUxOR2AKmJylglpugDOSVfWZrw0.roa
Signing time:             Mon 24 Apr 2023 03:51:41 +0000
ROA not before:           Mon 24 Apr 2023 03:51:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     40676
IP address blocks:        163.5.255.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 18 Aug 2023 18:22:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:b1:63:83:30:0f:71:ee:95:88:6e:89:da:a1:df:f7:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Apr 24 03:51:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=914c4e47600a989ca5825a6e80339255f599af0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:db:e6:5d:82:af:d0:b7:d1:81:fe:d6:9f:a1:
                    ca:c3:59:78:b5:16:ae:c3:1f:db:4c:ad:4d:53:c3:
                    93:d9:04:20:54:19:8e:c8:42:cc:5a:39:44:8e:8d:
                    bb:ed:1d:0c:d0:01:c2:fb:96:b4:e4:34:66:58:96:
                    10:b2:24:26:ca:1d:96:f9:4e:92:54:9c:e8:aa:06:
                    1e:49:f2:3b:d8:ee:50:e0:65:c3:2b:58:2f:2d:8f:
                    3b:2f:52:dc:ba:0a:00:4a:78:39:34:89:ca:d7:0c:
                    bb:9c:c5:89:c0:25:df:ae:0c:5a:b2:24:a8:43:4e:
                    03:3e:d7:82:88:34:ed:64:0e:01:59:b1:57:09:1d:
                    a9:fb:08:44:83:2d:59:06:63:33:25:c1:ff:33:51:
                    11:18:34:61:c3:73:28:7c:a2:68:39:bd:c8:70:a9:
                    0c:2d:3a:9c:d9:e4:99:85:ea:a1:56:dc:fd:32:5f:
                    21:23:e1:65:13:7d:2f:ef:11:ae:d4:64:10:90:16:
                    9e:35:65:6f:66:16:27:0d:35:30:aa:4a:28:78:76:
                    ae:94:e3:af:09:52:d1:1a:d5:3c:5d:13:ed:67:9d:
                    3a:34:a8:bb:f3:fe:52:d4:9f:ef:76:94:2a:08:e5:
                    5e:87:82:de:a4:6c:e4:4c:c5:66:67:66:15:2e:f8:
                    b7:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:4C:4E:47:60:0A:98:9C:A5:82:5A:6E:80:33:92:55:F5:99:AF:0D
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kUxOR2AKmJylglpugDOSVfWZrw0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:78:9c:a8:b0:55:ff:a4:9e:39:99:8d:db:99:27:6e:2e:e3:
         e4:ca:63:4f:3e:b8:c4:16:bb:f0:e7:17:0b:2d:66:1a:ca:9c:
         7c:6d:35:47:36:bf:53:ca:a1:7c:e4:7b:91:05:d9:15:d9:c1:
         8d:15:20:b0:99:ee:eb:a1:62:a1:15:cf:50:a9:7b:b9:e0:6d:
         92:e4:e1:64:ce:01:c9:69:67:85:57:a1:9e:6c:28:c7:48:d2:
         0c:3e:f6:8b:7e:0c:73:43:e3:78:e3:58:fd:75:24:90:04:b4:
         c7:ad:57:4e:dd:92:22:2a:18:ac:b7:f1:b7:0d:f9:47:64:c8:
         e9:8c:32:08:db:08:03:9a:3b:0b:17:cb:94:9f:e1:7c:c1:ca:
         02:2e:a7:c5:ef:2d:4a:36:a5:e1:50:c0:42:f8:59:f5:89:e2:
         de:2f:aa:59:00:6a:ed:78:16:4a:01:f2:58:f1:16:18:cb:ac:
         39:45:0f:e7:77:93:14:2b:aa:01:0b:ec:fa:c1:3d:95:74:0c:
         b9:95:cd:d6:b5:9a:13:30:74:10:0d:dd:c9:68:bc:e0:55:20:
         b1:f8:06:40:29:ba:94:12:9f:5b:91:1f:eb:21:48:37:6a:b5:
         11:6b:8b:a2:c4:c6:8c:41:98:78:c0:08:0e:bf:b3:ba:f8:fd:
         0d:dc:90:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYexY4MwD3HulYhuidqh3/frMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNDI0MDM1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTRjNGU0NzYwMGE5ODljYTU4MjVhNmU4MDMzOTI1NWY1OTlhZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotvmXYKv0LfRgf7Wn6HKw1l4tRau
wx/bTK1NU8OT2QQgVBmOyELMWjlEjo277R0M0AHC+5a05DRmWJYQsiQmyh2W+U6S
VJzoqgYeSfI72O5Q4GXDK1gvLY87L1LcugoASng5NInK1wy7nMWJwCXfrgxasiSo
Q04DPteCiDTtZA4BWbFXCR2p+whEgy1ZBmMzJcH/M1ERGDRhw3MofKJoOb3IcKkM
LTqc2eSZheqhVtz9Ml8hI+FlE30v7xGu1GQQkBaeNWVvZhYnDTUwqkooeHaulOOv
CVLRGtU8XRPtZ506NKi78/5S1J/vdpQqCOVeh4LepGzkTMVmZ2YVLvi30QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJFMTkdgCpicpYJaboAzklX1ma8NMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEva1V4T1IyQUttSnlsZ2xwdWdET1NWZldacncwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowX/MA0G
CSqGSIb3DQEBCwUAA4IBAQCjeJyosFX/pJ45mY3bmSduLuPkymNPPrjEFrvw5xcL
LWYaypx8bTVHNr9TyqF85HuRBdkV2cGNFSCwme7roWKhFc9QqXu54G2S5OFkzgHJ
aWeFV6GebCjHSNIMPvaLfgxzQ+N441j9dSSQBLTHrVdO3ZIiKhist/G3DflHZMjp
jDII2wgDmjsLF8uUn+F8wcoCLqfF7y1KNqXhUMBC+Fn1ieLeL6pZAGrteBZKAfJY
8RYYy6w5RQ/nd5MUK6oBC+z6wT2VdAy5lc3WtZoTMHQQDd3JaLzgVSCx+AZAKbqU
Ep9bkR/rIUg3arURa4uixMaMQZh4wAgOv7O6+P0N3JAc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:34 2024 by rpki-client on console-ams.rpki-client.org