Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/WQIpAi-ckpjYdW06t1DYBUYi_hQ.roa
File:                     WQIpAi-ckpjYdW06t1DYBUYi_hQ.roa (raw, json)
Hash identifier:          08gx9hpMhnco5/+Z4aWa0ml/GcSx6NjOIoG6cEhr8o0=
Subject key identifier:   59:02:29:02:2F:9C:92:98:D8:75:6D:3A:B7:50:D8:05:46:22:FE:14
Certificate issuer:       /CN=65179265803b7804d0fccf5962a8b163743e0d1e
Certificate serial:       018B228BEA3119987A7691D3844475B79E4F
Authority key identifier: 65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/WQIpAi-ckpjYdW06t1DYBUYi_hQ.roa
Signing time:             Thu 12 Oct 2023 06:21:16 +0000
ROA not before:           Thu 12 Oct 2023 06:21:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60117
IP address blocks:        160.214.113.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 13 Nov 2023 07:37:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:22:8b:ea:31:19:98:7a:76:91:d3:84:44:75:b7:9e:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65179265803b7804d0fccf5962a8b163743e0d1e
        Validity
            Not Before: Oct 12 06:21:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=590229022f9c9298d8756d3ab750d8054622fe14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:cd:46:80:78:78:96:05:df:8a:73:89:e6:82:
                    a9:9e:72:a1:30:ff:63:3a:4d:8c:6c:3b:46:42:05:
                    f8:78:c5:51:84:4a:ff:a9:86:29:b3:8f:c3:99:8e:
                    4a:68:21:48:05:e3:ad:98:3c:20:8e:4b:60:f6:b6:
                    84:ff:55:b6:ed:8d:7d:7e:e2:18:7e:b0:26:00:8b:
                    36:da:6b:3b:e7:4d:26:66:1f:ea:ea:f6:5b:e4:38:
                    20:bc:7d:cc:6f:75:ee:13:51:11:a7:24:34:bb:4b:
                    ab:09:bb:78:44:ad:59:c6:89:4d:7c:40:96:85:2d:
                    04:4e:ee:7d:4a:d8:22:68:b2:6c:74:ff:7b:e4:f6:
                    39:27:74:19:56:20:44:70:d3:23:84:dd:d7:59:9a:
                    53:64:42:5c:3c:0c:f8:ab:ff:c8:17:58:64:e8:a3:
                    5e:0d:ad:b4:d5:e6:a7:ad:6e:15:66:89:bf:2c:bf:
                    26:99:94:be:6f:02:69:4e:73:db:a1:3d:3c:c5:89:
                    a8:69:04:a2:c5:dd:f0:c0:33:60:c5:18:17:62:fc:
                    24:4e:aa:29:e7:09:f4:9f:a9:bd:a4:4f:f1:e2:09:
                    ac:eb:42:84:c2:5a:93:a4:0e:5f:f4:da:76:6f:2e:
                    3f:2e:49:ca:e0:fb:af:9e:04:7c:3d:73:34:3e:56:
                    fd:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:02:29:02:2F:9C:92:98:D8:75:6D:3A:B7:50:D8:05:46:22:FE:14
            X509v3 Authority Key Identifier:
                keyid:65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/WQIpAi-ckpjYdW06t1DYBUYi_hQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.214.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:51:53:e9:4c:07:bb:8d:98:f6:07:3b:75:2b:57:bd:c6:47:
         7c:51:88:bf:c0:06:4f:94:80:5d:4b:bf:85:0c:2f:f7:36:dc:
         01:89:3e:d1:52:cc:04:b6:67:3a:e0:03:64:84:32:9a:04:da:
         8c:cc:9c:a2:ef:b4:af:9d:2f:e6:a8:8e:18:19:eb:57:e2:cb:
         ad:5a:d6:43:5b:86:8e:d5:9f:bd:74:72:c6:b8:ee:cd:1d:d6:
         79:0c:14:ac:36:cb:10:f6:e9:cb:31:a6:34:1f:8c:a5:fc:ff:
         5d:6c:38:49:ee:38:42:94:72:8c:1a:fe:6f:58:5d:35:aa:ec:
         fa:85:0c:c2:34:1c:b8:94:97:ef:8a:11:b7:d0:49:48:4f:8a:
         6f:20:e1:53:55:9b:a4:42:0d:bf:28:ca:65:ed:3f:8e:b6:3b:
         1b:a8:18:7e:7f:08:4a:81:45:52:34:b2:21:05:15:df:7d:f1:
         bb:2a:27:94:7f:57:10:53:da:9f:57:ad:0e:0f:10:c8:99:1f:
         af:9a:a3:f9:63:18:a5:f0:a4:b8:9e:fe:78:5e:e3:41:a2:a3:
         c0:f9:33:0e:cc:bf:ce:6e:b6:99:bc:e2:90:4b:93:70:96:ff:
         2a:31:a4:d4:69:b1:b8:37:bb:66:98:29:3f:06:6a:4d:93:a4:
         13:46:c4:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsii+oxGZh6dpHThER1t55PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTc5MjY1ODAzYjc4MDRkMGZjY2Y1OTYyYThiMTYzNzQz
ZTBkMWUwHhcNMjMxMDEyMDYyMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTAyMjkwMjJmOWM5Mjk4ZDg3NTZkM2FiNzUwZDgwNTQ2MjJmZTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhs1GgHh4lgXfinOJ5oKpnnKhMP9j
Ok2MbDtGQgX4eMVRhEr/qYYps4/DmY5KaCFIBeOtmDwgjktg9raE/1W27Y19fuIY
frAmAIs22ms7500mZh/q6vZb5DggvH3Mb3XuE1ERpyQ0u0urCbt4RK1ZxolNfECW
hS0ETu59StgiaLJsdP975PY5J3QZViBEcNMjhN3XWZpTZEJcPAz4q//IF1hk6KNe
Da201eanrW4VZom/LL8mmZS+bwJpTnPboT08xYmoaQSixd3wwDNgxRgXYvwkTqop
5wn0n6m9pE/x4gms60KEwlqTpA5f9Np2by4/LknK4PuvngR8PXM0Plb9VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFkCKQIvnJKY2HVtOrdQ2AVGIv4UMB8GA1UdIwQY
MBaAFGUXkmWAO3gE0PzPWWKosWN0Pg0eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEt
ZjdiYjZkOWEzYmU4LzEvV1FJcEFpLWNrcGpZZFcwNnQxRFlCVVlpX2hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEtZjdiYjZkOWEzYmU4
LzEvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoNZxMA0G
CSqGSIb3DQEBCwUAA4IBAQA0UVPpTAe7jZj2Bzt1K1e9xkd8UYi/wAZPlIBdS7+F
DC/3NtwBiT7RUswEtmc64ANkhDKaBNqMzJyi77SvnS/mqI4YGetX4sutWtZDW4aO
1Z+9dHLGuO7NHdZ5DBSsNssQ9unLMaY0H4yl/P9dbDhJ7jhClHKMGv5vWF01quz6
hQzCNBy4lJfvihG30ElIT4pvIOFTVZukQg2/KMpl7T+OtjsbqBh+fwhKgUVSNLIh
BRXfffG7KieUf1cQU9qfV60ODxDImR+vmqP5Yxil8KS4nv54XuNBoqPA+TMOzL/O
braZvOKQS5Nwlv8qMaTUabG4N7tmmCk/BmpNk6QTRsQ1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:11 2024 by rpki-client on console-fra.rpki-client.org