Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mH0PXhmW92_olLod1mV6ANGueLs.roa
File:                     mH0PXhmW92_olLod1mV6ANGueLs.roa (raw, json)
Hash identifier:          E+l189Aif1maHfeQFg48dgbIUUApS0pRFjP79hAq5hk=
Subject key identifier:   98:7D:0F:5E:19:96:F7:6F:E8:94:BA:1D:D6:65:7A:00:D1:AE:78:BB
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01857042C95358F6EEB13654497235C9392E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mH0PXhmW92_olLod1mV6ANGueLs.roa
Signing time:             Mon 02 Jan 2023 02:15:03 +0000
ROA not before:           Mon 02 Jan 2023 02:15:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207459
IP address blocks:        163.5.101.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 11 Jan 2023 08:55:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:42:c9:53:58:f6:ee:b1:36:54:49:72:35:c9:39:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan  2 02:15:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=987d0f5e1996f76fe894ba1dd6657a00d1ae78bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:81:9f:fe:9a:08:89:4c:1a:5b:69:29:47:32:
                    24:a7:35:62:01:27:63:01:4a:d6:ca:d0:b7:3c:f0:
                    75:78:da:68:65:09:58:0a:46:44:72:24:47:7c:5a:
                    27:22:bd:e5:e9:b5:af:07:16:09:2a:b0:c4:42:d6:
                    f8:f2:f6:bf:8a:5e:87:54:6c:d4:41:4e:8a:e5:52:
                    c5:c6:62:dd:7d:c9:c4:ee:31:13:21:04:d4:13:d6:
                    8a:c5:c0:ac:7b:c1:79:ec:79:02:d6:8f:a7:44:96:
                    10:c4:70:2d:ec:3f:8d:11:f4:1d:b6:41:6b:d6:e4:
                    8c:8f:89:f2:51:8b:b6:ab:f9:b7:4f:a9:43:60:8c:
                    da:ea:b1:29:c8:f9:30:05:83:5a:e6:01:78:01:f4:
                    51:a7:c7:77:1f:81:83:51:90:7e:90:c2:3f:2d:70:
                    f0:48:1b:0a:0e:3c:1e:e2:48:70:47:3b:65:8b:5c:
                    e4:9d:c6:6d:e4:b0:47:73:2c:b1:1f:a3:d3:3c:ad:
                    cd:a4:9c:8c:f8:2d:a2:71:f6:8e:c2:95:4e:bf:74:
                    2b:d3:a1:76:9e:ad:2b:fd:97:f8:f7:dd:fb:26:b4:
                    24:83:e2:2d:b9:73:5a:84:0d:b9:81:92:80:c0:0a:
                    2a:08:b8:a1:c3:45:92:17:8f:61:3f:87:34:24:55:
                    14:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:7D:0F:5E:19:96:F7:6F:E8:94:BA:1D:D6:65:7A:00:D1:AE:78:BB
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mH0PXhmW92_olLod1mV6ANGueLs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:82:bc:b5:33:31:bd:20:86:79:ad:e1:16:78:4a:de:06:a6:
         5f:46:e2:55:fc:0b:13:1c:35:21:17:4c:3d:8c:64:42:5d:76:
         b3:d3:ba:f1:d6:7e:3e:ae:4f:f9:4e:83:7a:38:bb:ad:b3:e7:
         3b:81:ec:21:8d:b5:8b:2f:7e:23:6d:7e:99:5f:3a:61:8c:3d:
         7f:91:b6:83:d7:06:32:3b:0f:26:04:82:b3:0c:99:b5:da:81:
         33:2f:1b:02:ae:f7:51:60:0d:45:e5:4f:ef:52:0e:fa:56:94:
         f5:15:81:11:be:3d:9d:22:e0:f6:76:8e:92:22:b7:d5:45:d3:
         6a:76:a6:e6:74:41:2e:28:d0:ff:53:46:61:39:14:b2:62:f5:
         b3:7d:52:7c:86:a9:dd:02:fb:44:29:2d:c6:80:b0:5b:96:4c:
         37:92:b3:f2:7a:97:80:ee:9e:a3:1e:90:24:f9:7f:6b:29:6a:
         ed:d0:48:dd:d5:ff:f1:9b:05:bb:a5:72:97:d6:ac:16:08:65:
         77:bb:4c:81:b6:fd:5e:b0:35:5a:00:75:3a:e9:1d:fa:5f:e2:
         2e:65:26:d3:7b:f7:89:47:2c:13:ad:dc:4a:b3:b0:d4:a7:91:
         ac:d8:a0:e8:1a:1c:c0:e9:a0:ca:31:6f:4f:75:7a:1e:8e:a6:
         52:61:b6:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQslTWPbusTZUSXI1yTkuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTAyMDIxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODdkMGY1ZTE5OTZmNzZmZTg5NGJhMWRkNjY1N2EwMGQxYWU3OGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4Gf/poIiUwaW2kpRzIkpzViASdj
AUrWytC3PPB1eNpoZQlYCkZEciRHfFonIr3l6bWvBxYJKrDEQtb48va/il6HVGzU
QU6K5VLFxmLdfcnE7jETIQTUE9aKxcCse8F57HkC1o+nRJYQxHAt7D+NEfQdtkFr
1uSMj4nyUYu2q/m3T6lDYIza6rEpyPkwBYNa5gF4AfRRp8d3H4GDUZB+kMI/LXDw
SBsKDjwe4khwRztli1zkncZt5LBHcyyxH6PTPK3NpJyM+C2icfaOwpVOv3Qr06F2
nq0r/Zf49937JrQkg+ItuXNahA25gZKAwAoqCLihw0WSF49hP4c0JFUUmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJh9D14Zlvdv6JS6HdZlegDRrni7MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbUgwUFhobVc5Ml9vbExvZDFtVjZBTkd1ZUxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowVlMA0G
CSqGSIb3DQEBCwUAA4IBAQAjgry1MzG9IIZ5reEWeEreBqZfRuJV/AsTHDUhF0w9
jGRCXXaz07rx1n4+rk/5ToN6OLuts+c7gewhjbWLL34jbX6ZXzphjD1/kbaD1wYy
Ow8mBIKzDJm12oEzLxsCrvdRYA1F5U/vUg76VpT1FYERvj2dIuD2do6SIrfVRdNq
dqbmdEEuKND/U0ZhORSyYvWzfVJ8hqndAvtEKS3GgLBblkw3krPyepeA7p6jHpAk
+X9rKWrt0Ejd1f/xmwW7pXKX1qwWCGV3u0yBtv1esDVaAHU66R36X+IuZSbTe/eJ
RywTrdxKs7DUp5Gs2KDoGhzA6aDKMW9PdXoejqZSYbaj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:07 2024 by rpki-client on console-fra.rpki-client.org