Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/reF9iRvfayE684BmSWWVFZMAV3A.roa
File:                     reF9iRvfayE684BmSWWVFZMAV3A.roa (raw, json)
Hash identifier:          8RomVy5S5GccPdRVZ+hUTCtVG5txQSP0RsUEFtBEHjs=
Subject key identifier:   AD:E1:7D:89:1B:DF:6B:21:3A:F3:80:66:49:65:95:15:93:00:57:70
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018B09B2554824F8E0530FDBC687AB878C84
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/reF9iRvfayE684BmSWWVFZMAV3A.roa
Signing time:             Sat 07 Oct 2023 10:32:43 +0000
ROA not before:           Sat 07 Oct 2023 10:32:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29802
IP address blocks:        163.5.153.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 30 Oct 2023 20:06:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:09:b2:55:48:24:f8:e0:53:0f:db:c6:87:ab:87:8c:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Oct  7 10:32:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ade17d891bdf6b213af380664965951593005770
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:06:82:1d:4e:01:b2:90:39:f7:85:b0:de:87:
                    ba:01:27:48:e9:63:35:ea:b3:43:e1:f8:ef:34:a8:
                    f1:52:b9:b6:b9:37:5f:cc:f6:d6:ee:17:f5:f0:4a:
                    8c:6c:89:a2:8d:4d:f3:f6:15:ce:b4:8e:f6:8f:47:
                    a5:b0:0b:b4:0b:41:6c:8b:4b:9d:9f:ae:24:e0:c2:
                    0e:a8:a5:f3:57:56:b6:85:35:ef:d7:8d:cc:5c:ab:
                    99:64:6c:2f:3e:40:f6:8c:c0:6b:9b:6d:8e:cb:de:
                    97:c2:ba:36:9a:cc:4a:a5:4b:f6:8e:99:ac:f9:f4:
                    5f:ec:78:af:9d:93:a1:ea:c5:15:30:b6:b0:4f:c3:
                    59:c2:1c:20:82:09:19:3e:fb:cd:45:12:7e:3d:01:
                    4a:2d:93:cd:d7:15:6b:4b:84:4a:f6:46:c0:e1:00:
                    a0:bb:0d:e9:f5:72:ba:e5:e1:1e:e5:d6:3d:99:c1:
                    4b:0a:9d:1d:aa:6a:a8:55:d9:e8:9d:79:ce:73:a2:
                    08:b2:ce:1c:4d:cf:c6:7e:8d:a9:1c:e1:b2:cf:05:
                    b5:d7:1c:41:1f:5a:50:07:9a:59:2a:fd:1a:89:10:
                    78:85:44:60:a7:69:a0:f2:d8:85:e6:51:d4:4f:5e:
                    8e:ca:59:c4:ae:a4:ed:c9:3e:54:1b:d3:58:07:dc:
                    b2:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:E1:7D:89:1B:DF:6B:21:3A:F3:80:66:49:65:95:15:93:00:57:70
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/reF9iRvfayE684BmSWWVFZMAV3A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:ff:b4:5a:1c:d9:42:80:66:5a:0a:3a:66:80:ea:d4:5d:63:
         0e:7e:28:0b:a9:dd:21:c9:d6:be:1c:87:58:69:a9:25:93:f5:
         e5:bf:76:b5:73:53:f6:82:36:97:eb:76:54:8d:23:b1:6e:98:
         61:8d:21:fd:49:51:c7:dc:e0:ac:50:5e:b2:36:d6:c9:f3:31:
         93:52:0f:71:6c:5d:ff:ea:52:0b:3c:17:7c:1a:57:97:a9:41:
         5b:15:a7:0c:0f:c1:00:b9:75:7c:51:ca:be:e4:df:a6:17:37:
         61:16:bc:3e:34:53:e0:c4:ca:8a:c6:04:0f:39:49:59:78:9c:
         8b:2b:52:59:70:2b:87:56:da:63:ad:80:b4:91:ba:7d:ab:1b:
         e8:08:02:bf:91:ae:ad:88:86:2e:ee:28:91:ba:53:55:49:46:
         5b:94:48:da:f5:e4:2e:59:21:fe:3d:44:94:e0:84:03:2b:4b:
         3c:cd:44:e4:ed:23:7c:91:19:59:89:a4:28:8e:be:2c:58:06:
         64:47:ba:15:2d:e0:9c:82:1c:3c:89:02:14:bb:9c:2c:43:69:
         5e:fb:77:d0:c9:71:fd:4b:cf:3a:fd:f1:b1:fa:a4:c1:a2:a5:
         4d:33:dc:af:cd:0c:25:9d:c0:ea:a3:d8:fd:c5:f6:fc:1c:f1:
         de:89:34:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsJslVIJPjgUw/bxoerh4yEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMDA3MTAzMjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGUxN2Q4OTFiZGY2YjIxM2FmMzgwNjY0OTY1OTUxNTkzMDA1NzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngaCHU4BspA594Ww3oe6ASdI6WM1
6rND4fjvNKjxUrm2uTdfzPbW7hf18EqMbImijU3z9hXOtI72j0elsAu0C0Fsi0ud
n64k4MIOqKXzV1a2hTXv143MXKuZZGwvPkD2jMBrm22Oy96Xwro2msxKpUv2jpms
+fRf7HivnZOh6sUVMLawT8NZwhwgggkZPvvNRRJ+PQFKLZPN1xVrS4RK9kbA4QCg
uw3p9XK65eEe5dY9mcFLCp0dqmqoVdnonXnOc6IIss4cTc/Gfo2pHOGyzwW11xxB
H1pQB5pZKv0aiRB4hURgp2mg8tiF5lHUT16OylnErqTtyT5UG9NYB9yy2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK3hfYkb32shOvOAZklllRWTAFdwMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcmVGOWlSdmZheUU2ODRCbVNXV1ZGWk1BVjNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowWZMA0G
CSqGSIb3DQEBCwUAA4IBAQCa/7RaHNlCgGZaCjpmgOrUXWMOfigLqd0hyda+HIdY
aaklk/Xlv3a1c1P2gjaX63ZUjSOxbphhjSH9SVHH3OCsUF6yNtbJ8zGTUg9xbF3/
6lILPBd8GleXqUFbFacMD8EAuXV8Ucq+5N+mFzdhFrw+NFPgxMqKxgQPOUlZeJyL
K1JZcCuHVtpjrYC0kbp9qxvoCAK/ka6tiIYu7iiRulNVSUZblEja9eQuWSH+PUSU
4IQDK0s8zUTk7SN8kRlZiaQojr4sWAZkR7oVLeCcghw8iQIUu5wsQ2le+3fQyXH9
S886/fGx+qTBoqVNM9yvzQwlncDqo9j9xfb8HPHeiTT+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:35 2024 by rpki-client on console-ams.rpki-client.org