Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/x8Xpdug_nAO_EzuXtF4L_eeNTpk.roa
File:                     x8Xpdug_nAO_EzuXtF4L_eeNTpk.roa (raw, json)
Hash identifier:          Aa6EJhfSQOCp0QRd8JM+sur7Uxi00Mz6CattXT0q04I=
Subject key identifier:   C7:C5:E9:76:E8:3F:9C:03:BF:13:3B:97:B4:5E:0B:FD:E7:8D:4E:99
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0185816FBD5C321EAA54FA7253C34FD5A090
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/x8Xpdug_nAO_EzuXtF4L_eeNTpk.roa
Signing time:             Thu 05 Jan 2023 10:17:41 +0000
ROA not before:           Thu 05 Jan 2023 10:17:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     46844
IP address blocks:        163.5.231.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 31 Aug 2023 21:54:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:81:6f:bd:5c:32:1e:aa:54:fa:72:53:c3:4f:d5:a0:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan  5 10:17:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c7c5e976e83f9c03bf133b97b45e0bfde78d4e99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:fd:8e:82:91:ef:15:30:ba:9c:5c:e0:5f:40:
                    db:f0:54:1e:55:44:61:20:6c:18:44:d1:34:33:43:
                    5a:34:8d:36:1f:eb:cc:12:8b:91:17:5e:06:7b:91:
                    fd:ca:92:c1:82:d4:d2:3c:20:5c:6d:45:3b:f0:d4:
                    84:97:49:57:1b:35:eb:f4:2d:fb:49:7d:ce:2d:60:
                    69:74:ac:2d:10:99:7f:d8:f4:a6:6f:ff:15:48:99:
                    70:e5:bc:76:43:32:44:65:1e:4f:ee:3c:41:40:cc:
                    8c:aa:59:0e:d0:11:d3:52:80:0b:15:86:14:9b:5f:
                    02:b7:92:74:88:f4:2f:4d:2e:a4:ab:87:17:58:18:
                    8b:56:f3:9a:d3:47:b1:11:7d:23:47:c0:d9:8b:d9:
                    05:ed:52:65:76:0b:b2:f5:20:be:24:cf:32:d8:58:
                    c6:cd:f8:ec:bd:93:9e:96:0c:3b:27:a2:b3:3f:3b:
                    11:fb:17:ba:74:d1:10:d1:8b:0f:41:0f:51:d6:a0:
                    28:b4:7f:1c:74:79:23:73:c2:db:42:0c:e1:34:a9:
                    2f:1e:36:e8:9c:0d:f7:c5:9d:61:7b:a1:ed:9f:15:
                    d7:e6:70:f7:d1:77:ca:10:e9:01:a1:2a:1f:5a:f3:
                    49:32:08:98:50:76:8a:12:42:b5:13:01:22:35:d1:
                    45:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:C5:E9:76:E8:3F:9C:03:BF:13:3B:97:B4:5E:0B:FD:E7:8D:4E:99
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/x8Xpdug_nAO_EzuXtF4L_eeNTpk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:0c:66:26:a9:c0:c4:78:59:3d:d0:05:0c:31:77:c5:71:5e:
         6f:b3:67:40:a4:62:eb:16:c7:56:2e:50:1a:25:36:71:46:84:
         8f:3d:c1:c9:df:fc:db:c6:0d:37:87:45:49:f1:12:05:20:f9:
         d7:e0:38:6b:f4:b5:e8:d8:0e:0d:39:9a:36:45:cb:03:cc:78:
         d7:cc:47:ff:cf:3b:a1:d5:ec:8f:2e:76:95:2c:e7:c3:e3:88:
         72:f9:52:31:cd:a5:82:33:cf:54:2b:30:1c:b8:cf:86:d4:b4:
         58:fd:df:56:d2:07:13:e3:0c:6e:b5:60:0c:e2:65:ab:b4:98:
         e2:a3:f8:18:c2:9d:c4:f6:3d:ac:0b:aa:3f:73:bc:5b:cd:66:
         42:85:a0:8f:aa:95:09:96:fb:a7:a4:de:90:9f:73:6b:4c:a0:
         bf:7c:d8:a2:7c:b7:d3:b6:7e:99:90:af:d3:7c:b5:e8:61:2d:
         11:88:6e:f2:3b:4d:d0:a6:d2:47:52:23:ab:3c:80:2e:66:e4:
         9a:44:fd:a9:5c:2e:0f:b4:80:7c:45:ee:8d:c7:e4:75:32:11:
         d0:98:31:38:56:02:74:5c:f6:db:33:de:31:6b:a3:09:0d:83:
         25:07:06:31:a4:d9:d4:54:0b:6c:f6:2f:ab:9d:f2:eb:5f:3b:
         33:0c:0e:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWBb71cMh6qVPpyU8NP1aCQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTA1MTAxNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2M1ZTk3NmU4M2Y5YzAzYmYxMzNiOTdiNDVlMGJmZGU3OGQ0ZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmv2OgpHvFTC6nFzgX0Db8FQeVURh
IGwYRNE0M0NaNI02H+vMEouRF14Ge5H9ypLBgtTSPCBcbUU78NSEl0lXGzXr9C37
SX3OLWBpdKwtEJl/2PSmb/8VSJlw5bx2QzJEZR5P7jxBQMyMqlkO0BHTUoALFYYU
m18Ct5J0iPQvTS6kq4cXWBiLVvOa00exEX0jR8DZi9kF7VJldguy9SC+JM8y2FjG
zfjsvZOelgw7J6KzPzsR+xe6dNEQ0YsPQQ9R1qAotH8cdHkjc8LbQgzhNKkvHjbo
nA33xZ1he6HtnxXX5nD30XfKEOkBoSofWvNJMgiYUHaKEkK1EwEiNdFFcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMfF6XboP5wDvxM7l7ReC/3njU6ZMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEveDhYcGR1Z19uQU9fRXp1WHRGNExfZWVOVHBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXnMA0G
CSqGSIb3DQEBCwUAA4IBAQBVDGYmqcDEeFk90AUMMXfFcV5vs2dApGLrFsdWLlAa
JTZxRoSPPcHJ3/zbxg03h0VJ8RIFIPnX4Dhr9LXo2A4NOZo2RcsDzHjXzEf/zzuh
1eyPLnaVLOfD44hy+VIxzaWCM89UKzAcuM+G1LRY/d9W0gcT4wxutWAM4mWrtJji
o/gYwp3E9j2sC6o/c7xbzWZChaCPqpUJlvunpN6Qn3NrTKC/fNiifLfTtn6ZkK/T
fLXoYS0RiG7yO03QptJHUiOrPIAuZuSaRP2pXC4PtIB8Re6Nx+R1MhHQmDE4VgJ0
XPbbM94xa6MJDYMlBwYxpNnUVAts9i+rnfLrXzszDA79
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:36 2024 by rpki-client on console-ams.rpki-client.org