Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xO1YpY9Xl7auFXycsTx5u4Uf-6c.roa
File:                     xO1YpY9Xl7auFXycsTx5u4Uf-6c.roa (raw, json)
Hash identifier:          hl54sXcx+IF9aOmP4B2zpfO82PYYwWMVd8ni3ngNmF0=
Subject key identifier:   C4:ED:58:A5:8F:57:97:B6:AE:15:7C:9C:B1:3C:79:BB:85:1F:FB:A7
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018857E46225B63C71E4339E1A59FCA1595E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xO1YpY9Xl7auFXycsTx5u4Uf-6c.roa
Signing time:             Fri 26 May 2023 11:49:25 +0000
ROA not before:           Fri 26 May 2023 11:49:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14445
IP address blocks:        163.5.206.0/24 maxlen: 24
                          163.5.200.0/24 maxlen: 24
                          163.5.29.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 13 Sep 2023 15:25:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:57:e4:62:25:b6:3c:71:e4:33:9e:1a:59:fc:a1:59:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: May 26 11:49:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c4ed58a58f5797b6ae157c9cb13c79bb851ffba7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:af:c5:79:6f:40:ed:09:f4:ea:93:e5:05:38:
                    50:06:a7:82:5b:6a:90:d8:3c:b2:f5:b8:89:ce:1a:
                    2e:f7:15:b2:46:0c:09:64:00:3e:ad:c4:81:47:00:
                    8a:40:be:6a:0e:5a:1d:2a:9b:ff:69:6b:73:ed:87:
                    1e:e2:87:87:a3:fb:14:b3:d5:5b:22:6c:32:79:e3:
                    ec:cb:d5:c7:c8:cf:cc:a9:d2:17:7b:b2:77:3e:a7:
                    e7:a3:f2:d7:5a:df:39:1d:ef:c9:b5:20:27:8d:20:
                    ac:15:4b:49:66:fb:72:48:01:0b:9a:3e:78:b9:96:
                    57:15:6c:e2:06:6e:2f:de:39:e9:1e:4c:a5:8f:bb:
                    53:d6:5c:fc:c2:60:11:98:c5:04:7a:77:2b:53:48:
                    81:5b:f5:db:80:a6:6a:6c:0e:aa:9c:99:c1:68:77:
                    62:6d:3a:95:9e:b5:2c:1a:48:e2:ab:0a:62:3a:ea:
                    cf:dd:32:98:18:49:e8:77:84:9b:40:32:c0:6c:2b:
                    27:74:d4:c0:f2:be:88:95:d0:e2:97:17:67:77:69:
                    47:62:f4:b2:34:eb:dc:29:86:8d:8b:fa:01:5f:4f:
                    6e:48:ad:3a:64:50:9b:24:64:9d:ba:e2:2a:6a:47:
                    0c:fd:f8:9d:e6:76:02:01:52:06:9e:37:bc:3b:f5:
                    a3:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:ED:58:A5:8F:57:97:B6:AE:15:7C:9C:B1:3C:79:BB:85:1F:FB:A7
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xO1YpY9Xl7auFXycsTx5u4Uf-6c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.29.0/24
                  163.5.200.0/24
                  163.5.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:45:ac:ff:a5:8f:ed:fa:3d:d4:0d:90:ac:9a:28:1c:7a:6c:
         a9:be:50:c7:c4:e9:ce:00:16:9e:ab:f9:9c:bb:14:2a:ef:b5:
         c7:4e:da:46:89:92:1c:88:48:0d:01:f0:e9:79:23:40:47:7f:
         87:2e:f3:e3:69:54:fa:b2:6d:07:32:98:b9:28:ce:2f:09:22:
         54:11:71:33:1f:9e:33:62:65:17:3d:a3:92:4e:cc:a6:a4:66:
         61:8d:75:1a:08:22:77:d2:24:c2:19:98:95:3a:10:27:4f:69:
         e3:6f:b0:da:1d:80:94:ed:e5:fc:63:b4:23:cd:17:11:ea:f8:
         0e:77:cf:3a:90:5e:b5:f1:76:ef:e6:d0:20:ad:26:cd:f9:6a:
         5c:51:e2:26:1b:bb:cb:4f:34:e5:48:09:e2:21:47:e6:a0:7e:
         5b:e8:72:67:b1:f6:ef:bb:ae:22:ee:b9:2f:72:90:90:ed:41:
         42:50:11:91:97:8f:a0:03:d9:8c:70:3d:03:98:38:41:f8:1a:
         f7:75:87:46:7b:d3:33:57:13:08:f5:33:17:c3:a3:34:08:40:
         4b:91:16:04:a8:47:b6:05:70:28:e0:7c:0a:e3:0f:16:ca:b2:
         29:db:0a:19:33:89:cb:54:da:f2:81:f9:1b:93:6d:85:8f:a2:
         44:1a:07:17
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYhX5GIltjxx5DOeGln8oVleMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNTI2MTE0OTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGVkNThhNThmNTc5N2I2YWUxNTdjOWNiMTNjNzliYjg1MWZmYmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgK/FeW9A7Qn06pPlBThQBqeCW2qQ
2Dyy9biJzhou9xWyRgwJZAA+rcSBRwCKQL5qDlodKpv/aWtz7Yce4oeHo/sUs9Vb
ImwyeePsy9XHyM/MqdIXe7J3Pqfno/LXWt85He/JtSAnjSCsFUtJZvtySAELmj54
uZZXFWziBm4v3jnpHkylj7tT1lz8wmARmMUEencrU0iBW/XbgKZqbA6qnJnBaHdi
bTqVnrUsGkjiqwpiOurP3TKYGEnod4SbQDLAbCsndNTA8r6IldDilxdnd2lHYvSy
NOvcKYaNi/oBX09uSK06ZFCbJGSduuIqakcM/fid5nYCAVIGnje8O/WjVwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMTtWKWPV5e2rhV8nLE8ebuFH/unMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEveE8xWXBZOVhsN2F1Rlh5Y3NUeDV1NFVmLTZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowUdAwQA
owXIAwQAowXOMA0GCSqGSIb3DQEBCwUAA4IBAQCFRaz/pY/t+j3UDZCsmigcemyp
vlDHxOnOABaeq/mcuxQq77XHTtpGiZIciEgNAfDpeSNAR3+HLvPjaVT6sm0HMpi5
KM4vCSJUEXEzH54zYmUXPaOSTsympGZhjXUaCCJ30iTCGZiVOhAnT2njb7DaHYCU
7eX8Y7QjzRcR6vgOd886kF618Xbv5tAgrSbN+WpcUeImG7vLTzTlSAniIUfmoH5b
6HJnsfbvu64i7rkvcpCQ7UFCUBGRl4+gA9mMcD0DmDhB+Br3dYdGe9MzVxMI9TMX
w6M0CEBLkRYEqEe2BXAo4HwK4w8WyrIp2woZM4nLVNrygfkbk22Fj6JEGgcX
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:36 2024 by rpki-client on console-ams.rpki-client.org