Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/leII2bMLVt5_Gfy35noZNyNW6Pg.roa
File:                     leII2bMLVt5_Gfy35noZNyNW6Pg.roa (raw, json)
Hash identifier:          OsPD4jOufQZzBF3a2Q9jld//huiRXKoNE1TkOy02swg=
Subject key identifier:   95:E2:08:D9:B3:0B:56:DE:7F:19:FC:B7:E6:7A:19:37:23:56:E8:F8
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01881476CBE1BA373766C410E68E90644B64
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/leII2bMLVt5_Gfy35noZNyNW6Pg.roa
Signing time:             Sat 13 May 2023 09:35:09 +0000
ROA not before:           Sat 13 May 2023 09:35:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62068
IP address blocks:        163.5.170.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 30 Jun 2023 09:17:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:14:76:cb:e1:ba:37:37:66:c4:10:e6:8e:90:64:4b:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: May 13 09:35:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=95e208d9b30b56de7f19fcb7e67a19372356e8f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:7d:d4:a1:49:d9:5e:ed:00:2f:56:79:e4:ee:
                    c0:a3:9a:5d:67:32:55:22:49:62:29:5b:4b:df:2a:
                    23:63:44:89:52:de:fd:12:e9:c6:14:07:c1:cf:c0:
                    b0:8a:2c:27:d7:cf:51:55:3e:e3:50:6e:f6:05:d8:
                    20:28:a2:81:a4:6a:0c:5e:56:fd:f5:22:1d:f6:4f:
                    b3:da:2f:57:92:30:1b:e2:40:df:05:95:b8:ca:e3:
                    c1:7e:cc:4e:db:39:e9:0d:e8:3c:a3:8b:ad:ef:6c:
                    b1:a0:17:f9:da:27:ab:45:46:52:69:f0:56:d4:1c:
                    bb:77:74:b3:ea:1a:d0:d1:66:14:6f:87:9a:08:4b:
                    98:ef:9f:52:80:11:75:86:d9:bc:2f:aa:92:00:94:
                    c9:6b:a9:b3:1e:f2:a1:aa:88:cf:f8:5c:6a:ad:dc:
                    78:53:a6:b8:b4:69:c0:12:e8:07:29:2b:59:ca:54:
                    05:30:01:64:63:bc:91:03:c4:8c:e3:98:ac:4e:6b:
                    24:e3:18:cd:f3:3a:e1:34:bd:ee:37:c5:ab:ac:f6:
                    09:c4:77:3f:ff:b5:ac:a8:54:be:bf:34:cb:28:e1:
                    b7:1b:94:6d:9e:eb:81:48:95:f9:c3:cf:df:c2:ce:
                    da:00:cc:cb:61:ad:07:69:a4:d8:f0:20:f6:94:d2:
                    d1:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:E2:08:D9:B3:0B:56:DE:7F:19:FC:B7:E6:7A:19:37:23:56:E8:F8
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/leII2bMLVt5_Gfy35noZNyNW6Pg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.170.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:33:ed:1a:49:1e:8f:f4:6e:da:ae:8a:54:08:8b:7c:38:ba:
         c1:a1:46:d0:5e:72:7b:70:f1:01:0d:c2:a6:4a:c7:d3:1a:ab:
         49:94:71:cc:23:1b:4a:1f:30:01:7a:62:6e:38:47:35:1d:20:
         f0:ac:6a:e6:ea:09:72:e1:8c:8a:7c:fc:a3:6b:66:01:b2:16:
         5c:94:e6:29:ae:97:40:52:cc:19:8d:62:f3:db:49:a7:e7:86:
         6a:44:94:56:98:07:5d:60:c9:07:fb:03:3a:69:c0:8d:94:20:
         9e:cb:df:a0:27:c9:4f:8c:8a:92:92:61:c8:51:63:48:1b:8f:
         02:11:54:bf:7e:06:9b:23:a8:74:a8:88:68:32:20:90:3c:22:
         8a:cb:25:12:b0:47:ef:7f:f4:3c:8d:3e:8c:d8:68:5f:a6:d6:
         d3:01:46:57:b1:46:68:7b:37:74:cf:e0:57:a3:cf:49:d8:c9:
         23:47:cc:92:b2:27:ec:64:cb:db:08:71:15:37:30:64:c8:1f:
         d7:73:a7:1a:b9:da:c8:05:15:b8:09:03:bf:ae:a3:fc:a9:55:
         ec:1c:8e:7e:47:37:25:91:8c:a9:be:73:f9:83:3c:3d:4b:74:
         c0:de:6c:f7:15:a0:c6:9e:83:be:39:94:30:d9:6c:16:bb:82:
         c1:a7:94:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgUdsvhujc3ZsQQ5o6QZEtkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNTEzMDkzNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWUyMDhkOWIzMGI1NmRlN2YxOWZjYjdlNjdhMTkzNzIzNTZlOGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnH3UoUnZXu0AL1Z55O7Ao5pdZzJV
IkliKVtL3yojY0SJUt79EunGFAfBz8Cwiiwn189RVT7jUG72BdggKKKBpGoMXlb9
9SId9k+z2i9XkjAb4kDfBZW4yuPBfsxO2znpDeg8o4ut72yxoBf52ierRUZSafBW
1By7d3Sz6hrQ0WYUb4eaCEuY759SgBF1htm8L6qSAJTJa6mzHvKhqojP+Fxqrdx4
U6a4tGnAEugHKStZylQFMAFkY7yRA8SM45isTmsk4xjN8zrhNL3uN8WrrPYJxHc/
/7WsqFS+vzTLKOG3G5RtnuuBSJX5w8/fws7aAMzLYa0HaaTY8CD2lNLRqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJXiCNmzC1befxn8t+Z6GTcjVuj4MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbGVJSTJiTUxWdDVfR2Z5MzVub1pOeU5XNlBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowWqMA0G
CSqGSIb3DQEBCwUAA4IBAQAeM+0aSR6P9G7aropUCIt8OLrBoUbQXnJ7cPEBDcKm
SsfTGqtJlHHMIxtKHzABemJuOEc1HSDwrGrm6gly4YyKfPyja2YBshZclOYprpdA
UswZjWLz20mn54ZqRJRWmAddYMkH+wM6acCNlCCey9+gJ8lPjIqSkmHIUWNIG48C
EVS/fgabI6h0qIhoMiCQPCKKyyUSsEfvf/Q8jT6M2GhfptbTAUZXsUZoezd0z+BX
o89J2MkjR8ySsifsZMvbCHEVNzBkyB/Xc6caudrIBRW4CQO/rqP8qVXsHI5+Rzcl
kYypvnP5gzw9S3TA3mz3FaDGnoO+OZQw2WwWu4LBp5Q0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:07 2024 by rpki-client on console-fra.rpki-client.org