Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uwm0VhIC-i5RgGjwhNf5H5XFe5s.roa
File:                     uwm0VhIC-i5RgGjwhNf5H5XFe5s.roa (raw, json)
Hash identifier:          YGZkm62BMp38HLjZdUfDMu/bgPIRtXtl5W7D+Q5VD/A=
Subject key identifier:   BB:09:B4:56:12:02:FA:2E:51:80:68:F0:84:D7:F9:1F:95:C5:7B:9B
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018CAD8F4B54968BDF787B14A46D8AA22A33
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uwm0VhIC-i5RgGjwhNf5H5XFe5s.roa
Signing time:             Wed 27 Dec 2023 23:14:58 +0000
ROA not before:           Wed 27 Dec 2023 23:14:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400893
IP address blocks:        163.5.254.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 28 Dec 2023 02:57:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ad:8f:4b:54:96:8b:df:78:7b:14:a4:6d:8a:a2:2a:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Dec 27 23:14:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bb09b4561202fa2e518068f084d7f91f95c57b9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:d8:bd:59:9f:af:03:3b:b8:4b:f0:d8:3b:19:
                    ac:37:6e:19:48:bb:5f:ed:96:83:d7:38:83:88:5c:
                    77:88:19:b2:41:b9:1c:c0:c4:cb:36:6c:3b:cb:fa:
                    1d:ed:47:f6:bb:aa:2b:b5:c2:cc:d4:81:4d:bb:81:
                    02:78:82:97:28:55:87:57:cf:c4:f9:d2:69:73:c2:
                    fc:83:78:55:b5:b2:00:c1:68:1e:46:b1:a6:ce:de:
                    a2:ae:1d:d5:9d:2f:a1:bd:6d:0a:ac:c8:26:8d:1f:
                    e4:06:b0:4c:ef:38:17:16:86:54:09:62:21:5a:9e:
                    4b:2f:1b:e6:88:cc:93:8e:32:4f:04:b5:67:83:35:
                    5e:e6:3b:f8:6d:42:42:f7:e9:2e:2d:fe:a8:0c:ba:
                    1f:40:38:61:de:aa:91:9e:61:68:da:3c:8c:bb:27:
                    a8:74:d1:4e:d9:86:ba:4b:d6:e9:a8:07:a3:89:ce:
                    5c:ff:0d:2b:bb:b6:24:86:6c:f2:18:0c:15:6d:9b:
                    d4:ad:c6:b0:52:50:5f:90:b1:8c:a1:be:f8:78:4e:
                    4d:62:d5:b2:81:0b:80:9c:7e:cb:67:a9:b4:aa:b4:
                    c8:8d:e9:96:eb:a0:0a:09:d5:e9:27:66:bf:ad:7f:
                    1b:c2:e1:a2:6d:f9:02:0e:1b:60:12:84:56:c4:da:
                    be:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:09:B4:56:12:02:FA:2E:51:80:68:F0:84:D7:F9:1F:95:C5:7B:9B
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uwm0VhIC-i5RgGjwhNf5H5XFe5s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:c4:01:09:e1:dd:20:cc:3d:44:d7:2b:9a:db:77:87:27:03:
         3f:ef:a9:21:d0:68:8b:45:cd:b5:52:7f:b0:41:60:14:e6:a6:
         b1:30:72:af:7e:05:a6:5e:7d:5c:aa:9c:09:ee:e0:c7:30:a2:
         f2:ea:3c:f0:84:9e:3c:8e:ed:dd:9f:08:dc:1e:77:6b:72:11:
         f5:4e:d6:a9:4f:fb:d0:1f:ba:e2:52:36:88:5c:c1:43:65:d3:
         fb:e3:f0:6a:92:b5:06:27:f2:81:48:8d:49:ba:fb:cd:1b:a0:
         40:82:4b:49:39:f4:7a:cf:8c:e1:2c:25:3b:12:74:e3:85:d1:
         fd:d5:9f:1c:78:fb:53:ab:f0:e3:29:43:99:11:8c:9c:ef:01:
         94:0d:59:f2:e1:72:7d:64:87:d8:cf:59:e8:8e:83:9f:16:53:
         ad:30:29:7a:13:ec:40:99:d5:87:96:7f:20:7a:70:9c:01:5c:
         6d:80:3d:50:3c:92:f4:9d:8e:da:8e:5e:e3:c9:2a:99:a0:76:
         04:88:45:45:e2:b4:f0:59:2d:77:79:f6:af:c4:83:0a:b2:88:
         87:75:ed:db:62:4a:b6:c6:b2:b0:b6:f2:67:98:12:54:bd:76:
         e7:ea:3a:fd:a5:fe:a8:ef:03:11:75:2f:8b:4f:e1:55:e2:6c:
         dd:4a:3d:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYytj0tUlovfeHsUpG2KoiozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMjI3MjMxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjA5YjQ1NjEyMDJmYTJlNTE4MDY4ZjA4NGQ3ZjkxZjk1YzU3YjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9i9WZ+vAzu4S/DYOxmsN24ZSLtf
7ZaD1ziDiFx3iBmyQbkcwMTLNmw7y/od7Uf2u6ortcLM1IFNu4ECeIKXKFWHV8/E
+dJpc8L8g3hVtbIAwWgeRrGmzt6irh3VnS+hvW0KrMgmjR/kBrBM7zgXFoZUCWIh
Wp5LLxvmiMyTjjJPBLVngzVe5jv4bUJC9+kuLf6oDLofQDhh3qqRnmFo2jyMuyeo
dNFO2Ya6S9bpqAejic5c/w0ru7YkhmzyGAwVbZvUrcawUlBfkLGMob74eE5NYtWy
gQuAnH7LZ6m0qrTIjemW66AKCdXpJ2a/rX8bwuGibfkCDhtgEoRWxNq+awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLsJtFYSAvouUYBo8ITX+R+VxXubMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdXdtMFZoSUMtaTVSZ0dqd2hOZjVINVhGZTVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowX+MA0G
CSqGSIb3DQEBCwUAA4IBAQBixAEJ4d0gzD1E1yua23eHJwM/76kh0GiLRc21Un+w
QWAU5qaxMHKvfgWmXn1cqpwJ7uDHMKLy6jzwhJ48ju3dnwjcHndrchH1TtapT/vQ
H7riUjaIXMFDZdP74/BqkrUGJ/KBSI1JuvvNG6BAgktJOfR6z4zhLCU7EnTjhdH9
1Z8cePtTq/DjKUOZEYyc7wGUDVny4XJ9ZIfYz1nojoOfFlOtMCl6E+xAmdWHln8g
enCcAVxtgD1QPJL0nY7ajl7jySqZoHYEiEVF4rTwWS13efavxIMKsoiHde3bYkq2
xrKwtvJnmBJUvXbn6jr9pf6o7wMRdS+LT+FV4mzdSj16
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:08 2024 by rpki-client on console-fra.rpki-client.org