Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rwb45w7F4TeFASEfB3VPvHDFJn8.roa
File:                     rwb45w7F4TeFASEfB3VPvHDFJn8.roa (raw, json)
Hash identifier:          ctwzNf6jo2dXPl9Dv+nNvEqo/UH8RlO97FMwoqzV62E=
Subject key identifier:   AF:06:F8:E7:0E:C5:E1:37:85:01:21:1F:07:75:4F:BC:70:C5:26:7F
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0188F8469C5AC3BE0A23C98D58C95F8A737D
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rwb45w7F4TeFASEfB3VPvHDFJn8.roa
Signing time:             Mon 26 Jun 2023 15:15:56 +0000
ROA not before:           Mon 26 Jun 2023 15:15:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211440
IP address blocks:        163.5.96.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:f8:46:9c:5a:c3:be:0a:23:c9:8d:58:c9:5f:8a:73:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jun 26 15:15:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=af06f8e70ec5e1378501211f07754fbc70c5267f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:61:ef:71:a3:bf:31:9c:62:a8:ec:e2:64:8d:
                    87:da:fe:c4:83:d8:97:fb:d1:18:e1:f1:cf:e5:b8:
                    77:bc:b8:9b:f1:29:a6:bb:16:f7:b8:16:9e:62:fa:
                    f7:eb:f7:a5:82:a5:66:64:11:7e:68:43:9c:c8:aa:
                    2f:99:95:73:7f:04:46:89:c4:93:c6:4a:52:3e:53:
                    07:61:25:c9:b3:d6:88:4f:e8:e8:69:2b:df:8e:81:
                    99:62:42:ef:58:71:c9:5a:e7:92:9f:81:42:22:bb:
                    eb:c0:74:62:2f:4a:39:6e:cb:f4:7c:1a:44:4d:dc:
                    85:a3:7e:b6:3f:48:55:17:a6:e1:99:4e:e9:b4:f1:
                    1c:d3:dc:a2:8a:17:d4:2c:bf:9b:7c:fe:3f:26:09:
                    57:f3:06:0b:0e:2a:0e:45:bc:b0:8f:ae:72:f4:ff:
                    35:60:45:9f:83:b3:c8:ce:67:0e:27:c4:a7:58:c9:
                    e3:71:7b:67:62:ee:cc:67:a0:31:39:43:af:d6:5f:
                    48:c2:70:aa:cd:3b:ec:8e:a7:71:af:02:78:9b:d6:
                    c8:7f:99:86:d1:d0:3b:a8:18:3c:de:12:0f:f9:85:
                    10:c5:cc:2d:71:7d:f5:49:f3:fd:43:0b:20:9b:93:
                    5b:d4:b2:77:2a:9f:65:ad:a9:6b:93:81:c0:72:ab:
                    44:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:06:F8:E7:0E:C5:E1:37:85:01:21:1F:07:75:4F:BC:70:C5:26:7F
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rwb45w7F4TeFASEfB3VPvHDFJn8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:25:8a:f0:97:7c:7b:a5:70:f7:39:f1:e5:7a:2c:7a:e2:ef:
         ec:9f:bb:f8:67:3b:9a:1d:12:57:fa:1a:c2:f3:dd:0f:8e:a0:
         7d:bf:b0:35:af:de:be:1b:da:00:39:07:f2:09:3f:3f:bf:df:
         b4:fd:e3:85:f4:c1:fa:69:ed:47:f3:15:26:34:50:6e:a5:d0:
         ef:62:46:a2:11:16:d6:ca:45:c6:a7:bd:b8:06:57:8c:08:31:
         fb:68:25:40:23:8e:99:1d:e6:33:02:79:f9:1e:66:7b:4d:ee:
         58:a3:82:a8:79:1b:1d:85:21:eb:08:69:66:e1:82:b4:b7:0c:
         e7:75:df:e2:b8:63:17:04:19:7e:af:94:42:69:df:89:23:6a:
         4e:f0:c0:07:87:46:5d:db:b6:cd:c3:ac:93:56:40:4b:1a:ca:
         35:29:7d:e7:fe:d8:2e:bd:15:6c:0e:23:87:34:ee:ef:b7:12:
         b4:a9:95:3d:f7:63:9a:c6:3f:4a:72:80:65:74:19:20:69:3e:
         75:3c:2a:f7:76:96:88:1f:f9:b3:b0:40:87:5a:e1:b0:f2:83:
         70:ee:21:d6:8f:9a:16:8f:e8:b0:5b:13:ff:f5:97:c3:64:5b:
         8f:a8:16:a7:b6:b3:d6:ea:a5:f6:58:8d:d8:8d:ec:27:0c:08:
         1a:16:2c:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYj4Rpxaw74KI8mNWMlfinN9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNjI2MTUxNTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjA2ZjhlNzBlYzVlMTM3ODUwMTIxMWYwNzc1NGZiYzcwYzUyNjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGHvcaO/MZxiqOziZI2H2v7Eg9iX
+9EY4fHP5bh3vLib8Smmuxb3uBaeYvr36/elgqVmZBF+aEOcyKovmZVzfwRGicST
xkpSPlMHYSXJs9aIT+joaSvfjoGZYkLvWHHJWueSn4FCIrvrwHRiL0o5bsv0fBpE
TdyFo362P0hVF6bhmU7ptPEc09yiihfULL+bfP4/JglX8wYLDioORbywj65y9P81
YEWfg7PIzmcOJ8SnWMnjcXtnYu7MZ6AxOUOv1l9IwnCqzTvsjqdxrwJ4m9bIf5mG
0dA7qBg83hIP+YUQxcwtcX31SfP9Qwsgm5Nb1LJ3Kp9lralrk4HAcqtEFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK8G+OcOxeE3hQEhHwd1T7xwxSZ/MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcndiNDV3N0Y0VGVGQVNFZkIzVlB2SERGSm44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowVgMA0G
CSqGSIb3DQEBCwUAA4IBAQBfJYrwl3x7pXD3OfHleix64u/sn7v4ZzuaHRJX+hrC
890PjqB9v7A1r96+G9oAOQfyCT8/v9+0/eOF9MH6ae1H8xUmNFBupdDvYkaiERbW
ykXGp724BleMCDH7aCVAI46ZHeYzAnn5HmZ7Te5Yo4KoeRsdhSHrCGlm4YK0twzn
dd/iuGMXBBl+r5RCad+JI2pO8MAHh0Zd27bNw6yTVkBLGso1KX3n/tguvRVsDiOH
NO7vtxK0qZU992Oaxj9KcoBldBkgaT51PCr3dpaIH/mzsECHWuGw8oNw7iHWj5oW
j+iwWxP/9ZfDZFuPqBantrPW6qX2WI3YjewnDAgaFiwI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:36 2024 by rpki-client on console-ams.rpki-client.org