Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/q3RCCnxK9AYHJzF6Uk48PRVImwc.roa
File:                     q3RCCnxK9AYHJzF6Uk48PRVImwc.roa (raw, json)
Hash identifier:          Mdr2YnhzghfTou2H96VSMZTPBWksl+RUUvUB/W/FqfU=
Subject key identifier:   AB:74:42:0A:7C:4A:F4:06:07:27:31:7A:52:4E:3C:3D:15:48:9B:07
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01887620F8E34CF3C9349DE1D3D87C132EEF
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/q3RCCnxK9AYHJzF6Uk48PRVImwc.roa
Signing time:             Thu 01 Jun 2023 08:44:12 +0000
ROA not before:           Thu 01 Jun 2023 08:44:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212166
IP address blocks:        163.5.213.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 16 Aug 2023 14:04:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:76:20:f8:e3:4c:f3:c9:34:9d:e1:d3:d8:7c:13:2e:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jun  1 08:44:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ab74420a7c4af4060727317a524e3c3d15489b07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:c4:31:f7:30:b0:47:7b:48:1b:1e:de:eb:f0:
                    97:18:6a:3d:a3:35:16:6e:70:d3:d8:ea:ae:88:59:
                    71:20:23:a3:78:6e:60:36:03:99:f2:fa:17:2f:6e:
                    68:0d:04:31:f2:89:3d:f2:45:13:61:1a:0b:7e:fe:
                    f6:02:fc:94:25:77:81:7a:00:6d:ec:ea:d9:a3:b6:
                    3d:a4:89:b3:84:e8:36:c9:85:fa:48:ba:ca:b1:7d:
                    c5:39:6a:64:35:21:b2:c4:9f:32:8c:2f:2f:dc:db:
                    8a:d7:2c:69:10:59:08:eb:24:61:41:99:6a:a9:ad:
                    27:0a:98:f8:98:b8:87:04:05:ff:6b:eb:a8:df:cf:
                    d0:10:3c:73:94:07:8c:bc:c3:37:3c:06:dc:aa:8b:
                    94:a3:8c:81:43:11:f4:53:02:3a:03:40:d2:0c:04:
                    31:75:b3:21:65:ac:de:a2:ad:14:2c:cf:76:15:b8:
                    cd:4c:fd:c1:29:87:04:5b:8c:8b:93:1e:2a:d5:10:
                    bf:f6:a0:6c:69:42:56:fa:df:81:68:d4:18:e4:00:
                    b9:5a:42:bb:e5:50:f0:b8:c0:52:2e:7f:50:47:cb:
                    56:28:ad:4a:b6:df:d5:67:73:f0:0a:71:bd:80:63:
                    e0:06:b1:53:2a:49:18:91:e2:d0:3f:67:30:49:b2:
                    16:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:74:42:0A:7C:4A:F4:06:07:27:31:7A:52:4E:3C:3D:15:48:9B:07
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/q3RCCnxK9AYHJzF6Uk48PRVImwc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:e3:8f:7b:c4:c1:e1:9d:f0:a5:72:65:d7:6d:df:e2:1e:09:
         25:7c:cb:6d:1b:d5:17:32:38:d8:19:4f:fe:ed:2d:17:ad:a3:
         0e:7b:e1:49:3a:e3:3b:4c:b4:2f:c4:02:76:ae:d7:0e:68:94:
         c2:e3:a3:c4:50:48:49:a0:76:ea:e8:6f:09:9b:34:9e:ea:7f:
         6a:29:85:4a:c5:10:a6:34:0d:b7:d1:c2:56:ca:00:5f:8a:b1:
         3f:cf:47:81:8a:5e:14:45:d5:7d:84:cf:9f:34:ca:d6:a9:59:
         3d:1a:ce:9d:e8:4c:37:f0:2c:24:f9:2b:48:33:46:37:31:08:
         aa:04:a0:16:32:e9:11:45:44:0a:d5:87:77:db:fc:63:3a:a9:
         d1:f4:6c:2d:b5:3b:e9:eb:a7:65:0e:fc:0b:37:0a:e4:54:ac:
         40:40:5f:38:52:c4:b5:f3:d5:65:97:0c:cf:cc:65:ce:0d:65:
         22:3a:c7:80:c6:03:d2:98:cf:5a:60:90:37:8a:f9:91:66:1f:
         5f:d0:30:dd:12:4e:75:5b:84:e7:c5:c5:0e:f7:78:1d:b2:98:
         34:05:48:72:f6:a3:f2:68:b0:e5:84:2b:d0:a7:2d:ce:78:26:
         5c:75:5c:5b:7c:11:49:3f:c4:7e:88:46:b9:ed:c9:26:47:6d:
         b4:42:cc:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYh2IPjjTPPJNJ3h09h8Ey7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNjAxMDg0NDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjc0NDIwYTdjNGFmNDA2MDcyNzMxN2E1MjRlM2MzZDE1NDg5YjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8Qx9zCwR3tIGx7e6/CXGGo9ozUW
bnDT2OquiFlxICOjeG5gNgOZ8voXL25oDQQx8ok98kUTYRoLfv72AvyUJXeBegBt
7OrZo7Y9pImzhOg2yYX6SLrKsX3FOWpkNSGyxJ8yjC8v3NuK1yxpEFkI6yRhQZlq
qa0nCpj4mLiHBAX/a+uo38/QEDxzlAeMvMM3PAbcqouUo4yBQxH0UwI6A0DSDAQx
dbMhZazeoq0ULM92FbjNTP3BKYcEW4yLkx4q1RC/9qBsaUJW+t+BaNQY5AC5WkK7
5VDwuMBSLn9QR8tWKK1Ktt/VZ3PwCnG9gGPgBrFTKkkYkeLQP2cwSbIWpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKt0Qgp8SvQGBycxelJOPD0VSJsHMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcTNSQ0NueEs5QVlISnpGNlVrNDhQUlZJbXdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXVMA0G
CSqGSIb3DQEBCwUAA4IBAQAg4497xMHhnfClcmXXbd/iHgklfMttG9UXMjjYGU/+
7S0XraMOe+FJOuM7TLQvxAJ2rtcOaJTC46PEUEhJoHbq6G8JmzSe6n9qKYVKxRCm
NA230cJWygBfirE/z0eBil4URdV9hM+fNMrWqVk9Gs6d6Ew38Cwk+StIM0Y3MQiq
BKAWMukRRUQK1Yd32/xjOqnR9GwttTvp66dlDvwLNwrkVKxAQF84UsS189VllwzP
zGXODWUiOseAxgPSmM9aYJA3ivmRZh9f0DDdEk51W4TnxcUO93gdspg0BUhy9qPy
aLDlhCvQpy3OeCZcdVxbfBFJP8R+iEa57ckmR220Qszh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:35 2024 by rpki-client on console-ams.rpki-client.org