Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/ec0453-7e8f-41b1-85d1-1cb1a8f80238/1/y-Q-jGhfgG7YR91YJGIBUFz-BOc.roa
File:                     y-Q-jGhfgG7YR91YJGIBUFz-BOc.roa (raw, json)
Hash identifier:          PagShREJOfldmUN7zPqyT+QXvwZeK/o4EHPp3EXiHQo=
Subject key identifier:   CB:E4:3E:8C:68:5F:80:6E:D8:47:DD:58:24:62:01:50:5C:FE:04:E7
Certificate issuer:       /CN=696c67867e0e202248e7f5e3cbd574bd1a32fe3f
Certificate serial:       018A2162D64AB4391FFFC5BC8B680A897CB9
Authority key identifier: 69:6C:67:86:7E:0E:20:22:48:E7:F5:E3:CB:D5:74:BD:1A:32:FE:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aWxnhn4OICJI5_Xjy9V0vRoy_j8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/ec0453-7e8f-41b1-85d1-1cb1a8f80238/1/y-Q-jGhfgG7YR91YJGIBUFz-BOc.roa
Signing time:             Wed 23 Aug 2023 07:54:00 +0000
ROA not before:           Wed 23 Aug 2023 07:54:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     786
IP address blocks:        163.119.0.0/17 maxlen: 17

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:21:62:d6:4a:b4:39:1f:ff:c5:bc:8b:68:0a:89:7c:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=696c67867e0e202248e7f5e3cbd574bd1a32fe3f
        Validity
            Not Before: Aug 23 07:54:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cbe43e8c685f806ed847dd58246201505cfe04e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:3f:51:91:6d:f2:15:95:ea:d7:cc:0b:dc:1c:
                    95:1d:44:10:02:12:ac:55:84:ab:e3:23:3b:12:d6:
                    a5:b5:26:df:dc:8d:a0:9e:85:21:ae:8f:66:97:00:
                    d2:28:1b:15:8e:99:f1:2a:22:4f:9a:8a:16:20:c5:
                    a8:01:26:f0:d3:df:36:6d:18:c5:bb:25:2a:ac:5c:
                    9f:fa:26:78:ad:21:8c:e3:83:b9:58:e2:dd:3e:ff:
                    b0:ad:7f:47:9b:d0:6a:a5:2e:6a:36:d4:30:12:5c:
                    af:94:92:ea:d5:10:f2:dc:9b:9b:be:82:56:03:cc:
                    a6:ad:06:35:ce:a0:0e:f4:3a:52:8e:a6:f3:98:5c:
                    be:15:f7:8b:8e:15:db:d8:4e:99:e0:a1:51:de:0e:
                    bc:56:ab:c2:5f:d4:79:47:49:bb:f4:f1:a1:d3:f1:
                    cf:6c:4e:a7:67:d2:aa:c7:63:db:d6:e5:34:2c:f9:
                    48:78:8b:ce:26:50:7b:0f:56:f2:3a:25:a4:86:39:
                    65:58:98:ff:d0:bf:88:39:33:c7:af:69:a1:1f:63:
                    54:5f:4c:d1:99:d1:f5:b3:f4:f7:86:65:fd:9e:56:
                    18:ba:b1:ef:4f:6c:90:5d:af:27:2a:32:b7:62:d2:
                    0e:42:c3:a8:7b:e5:fd:66:7f:a0:10:64:e6:c2:81:
                    40:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:E4:3E:8C:68:5F:80:6E:D8:47:DD:58:24:62:01:50:5C:FE:04:E7
            X509v3 Authority Key Identifier:
                keyid:69:6C:67:86:7E:0E:20:22:48:E7:F5:E3:CB:D5:74:BD:1A:32:FE:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aWxnhn4OICJI5_Xjy9V0vRoy_j8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/ec0453-7e8f-41b1-85d1-1cb1a8f80238/1/y-Q-jGhfgG7YR91YJGIBUFz-BOc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/ec0453-7e8f-41b1-85d1-1cb1a8f80238/1/aWxnhn4OICJI5_Xjy9V0vRoy_j8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.119.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         16:8e:6f:e2:ac:d6:c7:59:73:f4:96:19:08:38:9b:e2:e9:3a:
         ff:22:46:90:8e:a9:3e:f1:8f:95:07:ab:ad:00:bc:20:25:7c:
         34:36:e5:dc:1a:a4:e4:19:d6:74:67:af:a0:95:8c:89:6e:c7:
         ff:a4:9c:19:29:e2:76:51:ad:3d:52:aa:61:cf:90:5f:3e:c6:
         3f:49:3f:34:b6:f0:ad:36:66:1c:49:fe:3e:b8:2e:8d:67:c9:
         a5:bb:ed:3e:7f:60:9a:5e:17:0c:42:35:64:03:03:24:89:82:
         be:2e:cb:a2:1c:9f:50:03:cb:f2:0c:06:35:07:80:2d:42:23:
         a8:36:2b:68:32:5a:cd:71:7a:86:bd:d3:6a:0a:b9:0a:0b:a4:
         4c:cf:9d:70:7d:57:2f:51:fa:83:1c:8c:1f:a5:11:f6:7a:4c:
         af:45:c3:72:2b:58:70:89:01:8b:0f:6b:11:14:4f:0b:92:65:
         50:05:3f:df:f3:33:bb:07:98:05:0e:26:fb:13:17:01:83:e4:
         81:af:6c:bc:9f:af:79:8f:eb:ef:bd:4a:24:14:a1:19:e5:7e:
         b2:d2:7d:40:0c:98:9d:6e:8b:4b:de:1c:8d:1b:00:2d:d4:a8:
         22:12:27:6b:00:37:14:46:48:0b:07:b8:42:96:ef:26:85:b1:
         5f:fb:a0:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYohYtZKtDkf/8W8i2gKiXy5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NmM2Nzg2N2UwZTIwMjI0OGU3ZjVlM2NiZDU3NGJkMWEz
MmZlM2YwHhcNMjMwODIzMDc1NDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmU0M2U4YzY4NWY4MDZlZDg0N2RkNTgyNDYyMDE1MDVjZmUwNGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqj9RkW3yFZXq18wL3ByVHUQQAhKs
VYSr4yM7EtaltSbf3I2gnoUhro9mlwDSKBsVjpnxKiJPmooWIMWoASbw0982bRjF
uyUqrFyf+iZ4rSGM44O5WOLdPv+wrX9Hm9BqpS5qNtQwElyvlJLq1RDy3JubvoJW
A8ymrQY1zqAO9DpSjqbzmFy+FfeLjhXb2E6Z4KFR3g68VqvCX9R5R0m79PGh0/HP
bE6nZ9Kqx2Pb1uU0LPlIeIvOJlB7D1byOiWkhjllWJj/0L+IOTPHr2mhH2NUX0zR
mdH1s/T3hmX9nlYYurHvT2yQXa8nKjK3YtIOQsOoe+X9Zn+gEGTmwoFAnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMvkPoxoX4Bu2EfdWCRiAVBc/gTnMB8GA1UdIwQY
MBaAFGlsZ4Z+DiAiSOf148vVdL0aMv4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVd4bmhuNE9JQ0pJNV9Yank5VjB2Um95X2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lYzA0NTMtN2U4Zi00MWIxLTg1ZDEt
MWNiMWE4ZjgwMjM4LzEveS1RLWpHaGZnRzdZUjkxWUpHSUJVRnotQk9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lYzA0NTMtN2U4Zi00MWIxLTg1ZDEtMWNiMWE4ZjgwMjM4
LzEvYVd4bmhuNE9JQ0pJNV9Yank5VjB2Um95X2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHo3cAMA0G
CSqGSIb3DQEBCwUAA4IBAQAWjm/irNbHWXP0lhkIOJvi6Tr/IkaQjqk+8Y+VB6ut
ALwgJXw0NuXcGqTkGdZ0Z6+glYyJbsf/pJwZKeJ2Ua09Uqphz5BfPsY/ST80tvCt
NmYcSf4+uC6NZ8mlu+0+f2CaXhcMQjVkAwMkiYK+LsuiHJ9QA8vyDAY1B4AtQiOo
NitoMlrNcXqGvdNqCrkKC6RMz51wfVcvUfqDHIwfpRH2ekyvRcNyK1hwiQGLD2sR
FE8LkmVQBT/f8zO7B5gFDib7ExcBg+SBr2y8n695j+vvvUokFKEZ5X6y0n1ADJid
botL3hyNGwAt1KgiEidrADcURkgLB7hClu8mhbFf+6DR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:19 2024 by rpki-client on console-ams.rpki-client.org