Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vYhONooaEVpIvUd5K2Xybl-ays8.roa
File:                     vYhONooaEVpIvUd5K2Xybl-ays8.roa (raw, json)
Hash identifier:          GqvDYc8TfaqMoF/l6Y9e8nJs46UY9NDE+5A8QB0sAEs=
Subject key identifier:   BD:88:4E:36:8A:1A:11:5A:48:BD:47:79:2B:65:F2:6E:5F:9A:CA:CF
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018C99F6356B4DBAF3A624CD20945ECB78D7
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vYhONooaEVpIvUd5K2Xybl-ays8.roa
Signing time:             Sun 24 Dec 2023 03:54:58 +0000
ROA not before:           Sun 24 Dec 2023 03:54:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7029
IP address blocks:        163.5.223.0/24 maxlen: 24
                          163.5.244.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:99:f6:35:6b:4d:ba:f3:a6:24:cd:20:94:5e:cb:78:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Dec 24 03:54:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bd884e368a1a115a48bd47792b65f26e5f9acacf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:6a:46:36:a8:35:97:4c:86:88:a0:1e:07:4a:
                    16:a9:26:9a:dd:9b:e5:04:9a:bd:95:c1:b2:88:17:
                    c4:e9:e9:27:f8:64:97:c9:1a:bb:ee:d9:54:9f:64:
                    45:05:51:ca:89:17:ef:1d:1a:e6:48:da:10:53:3b:
                    6c:15:32:c4:5c:48:9d:7e:6b:f9:41:fb:f5:e9:d1:
                    fa:e0:b3:29:7d:60:62:73:cb:80:cb:ef:38:de:70:
                    c7:55:d2:cd:35:4c:4a:19:fd:80:21:30:32:3d:23:
                    a5:ee:81:d6:ae:e6:3c:b3:80:24:d4:7d:38:ed:4a:
                    23:93:05:d4:b9:91:03:72:d6:3c:61:c5:7a:ac:78:
                    16:c6:17:1d:5c:15:31:c8:41:e3:f5:29:55:8f:4f:
                    7e:3a:8c:97:5e:c5:e5:c7:76:82:ee:f7:83:db:68:
                    6e:5f:a3:34:d4:ed:33:fc:37:63:d7:e4:80:41:cc:
                    76:7b:cd:5d:a0:f7:ea:aa:f5:6d:32:e0:f7:de:e0:
                    c3:f9:4a:7f:d1:56:6c:d2:55:c5:25:3c:a2:b8:2a:
                    aa:f4:d0:2a:b2:3a:7d:aa:2c:eb:48:a1:35:43:f2:
                    25:86:d2:d5:b2:fb:bf:22:05:d9:e3:63:3d:10:25:
                    d7:04:4e:cf:c8:9a:20:d4:78:b7:fc:a6:ae:b1:98:
                    87:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:88:4E:36:8A:1A:11:5A:48:BD:47:79:2B:65:F2:6E:5F:9A:CA:CF
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vYhONooaEVpIvUd5K2Xybl-ays8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.223.0/24
                  163.5.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:c5:28:6e:15:aa:4e:77:fb:c8:1c:c2:75:11:4f:d6:8a:4e:
         08:98:9f:49:a1:50:6d:49:52:6e:d7:bd:e6:32:96:03:8c:8b:
         bf:0d:27:83:37:be:db:94:10:70:f6:1a:b7:2e:b4:8c:2f:53:
         19:2b:9e:c8:e3:68:25:d2:3e:61:a5:71:58:3c:16:f8:2f:c6:
         cd:30:e4:5f:c7:fb:22:b7:4c:4b:40:42:0d:83:34:12:a7:aa:
         20:d3:0c:d2:82:e3:92:5f:bb:c3:2c:5c:1a:e4:ef:91:3b:c0:
         b1:c9:f4:c3:d0:48:ad:34:0d:7a:7b:3c:88:fc:25:80:6a:8f:
         9f:77:5d:2d:40:e6:52:42:6e:8f:88:1f:64:3f:63:fa:4d:42:
         7c:19:2b:af:91:83:a9:38:60:10:a9:d2:33:cf:0d:54:61:45:
         f5:40:7f:e9:8a:ac:34:6c:40:0e:71:c8:75:ea:73:e4:32:3f:
         d5:b2:e9:aa:1f:87:03:ae:f5:04:87:c4:42:df:21:ea:22:ed:
         99:ef:28:31:ba:cb:2b:07:9f:29:f1:0a:d4:d8:5a:db:f4:6a:
         21:17:80:30:32:f0:fe:0c:69:46:aa:40:56:47:0b:e2:99:8f:
         2f:f7:32:92:90:3c:e8:48:06:37:ee:e6:5c:49:70:eb:58:15:
         62:46:4c:c6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyZ9jVrTbrzpiTNIJRey3jXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMjI0MDM1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDg4NGUzNjhhMWExMTVhNDhiZDQ3NzkyYjY1ZjI2ZTVmOWFjYWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2pGNqg1l0yGiKAeB0oWqSaa3Zvl
BJq9lcGyiBfE6ekn+GSXyRq77tlUn2RFBVHKiRfvHRrmSNoQUztsFTLEXEidfmv5
Qfv16dH64LMpfWBic8uAy+843nDHVdLNNUxKGf2AITAyPSOl7oHWruY8s4Ak1H04
7UojkwXUuZEDctY8YcV6rHgWxhcdXBUxyEHj9SlVj09+OoyXXsXlx3aC7veD22hu
X6M01O0z/Ddj1+SAQcx2e81doPfqqvVtMuD33uDD+Up/0VZs0lXFJTyiuCqq9NAq
sjp9qizrSKE1Q/IlhtLVsvu/IgXZ42M9ECXXBE7PyJog1Hi3/KausZiHKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL2ITjaKGhFaSL1HeStl8m5fmsrPMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdlloT05vb2FFVnBJdlVkNUsyWHlibC1heXM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowXfAwQA
owX0MA0GCSqGSIb3DQEBCwUAA4IBAQAsxShuFapOd/vIHMJ1EU/Wik4ImJ9JoVBt
SVJu173mMpYDjIu/DSeDN77blBBw9hq3LrSML1MZK57I42gl0j5hpXFYPBb4L8bN
MORfx/sit0xLQEINgzQSp6og0wzSguOSX7vDLFwa5O+RO8CxyfTD0EitNA16ezyI
/CWAao+fd10tQOZSQm6PiB9kP2P6TUJ8GSuvkYOpOGAQqdIzzw1UYUX1QH/piqw0
bEAOcch16nPkMj/VsumqH4cDrvUEh8RC3yHqIu2Z7ygxussrB58p8QrU2Frb9Goh
F4AwMvD+DGlGqkBWRwvimY8v9zKSkDzoSAY37uZcSXDrWBViRkzG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:08 2024 by rpki-client on console-fra.rpki-client.org