Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/163YU48aLAJyDYzDBYyGo4Gsd6s.roa
File:                     163YU48aLAJyDYzDBYyGo4Gsd6s.roa (raw, json)
Hash identifier:          El589hrMdy/FDv4EuVImgDMqN/ErDzq9vf20KUamtfc=
Subject key identifier:   D7:AD:D8:53:8F:1A:2C:02:72:0D:8C:C3:05:8C:86:A3:81:AC:77:AB
Certificate issuer:       /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial:       01856C6EFF6FAA0D07484A692665348184F4
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/163YU48aLAJyDYzDBYyGo4Gsd6s.roa
Signing time:             Sun 01 Jan 2023 08:24:51 +0000
ROA not before:           Sun 01 Jan 2023 08:24:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208485
IP address blocks:        84.247.23.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:6e:ff:6f:aa:0d:07:48:4a:69:26:65:34:81:84:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
        Validity
            Not Before: Jan  1 08:24:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d7add8538f1a2c02720d8cc3058c86a381ac77ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:f7:0b:4e:ce:e5:09:dc:2f:b7:38:de:bd:11:
                    8e:ca:88:d3:e9:3e:92:b0:33:88:48:c8:5e:69:f7:
                    48:25:c5:b1:1d:0b:15:3a:a4:1f:93:97:d5:28:4c:
                    40:5e:9e:89:35:ab:ab:d0:b0:d3:cc:da:81:ba:9c:
                    bb:d8:f7:71:23:a6:b4:36:43:31:cc:93:58:8c:ca:
                    ab:11:d3:12:e2:66:c2:99:e6:b6:49:db:fe:77:a0:
                    ad:16:f1:58:27:fe:f9:0f:50:35:24:ac:20:3e:11:
                    26:b3:11:ac:c5:77:53:98:fe:25:27:9c:25:a3:00:
                    5c:3d:de:b1:3a:6b:db:16:c7:a2:53:09:87:b4:24:
                    e2:ce:09:39:05:3c:52:31:3f:a7:38:72:6c:76:0e:
                    2d:4f:4b:7c:4d:89:f6:16:9a:d1:ec:cf:2f:92:80:
                    5b:54:21:60:69:e4:3e:1e:b7:26:00:87:af:ba:b6:
                    b2:f4:dd:85:ce:b7:62:a6:be:f4:c6:8e:84:f4:d9:
                    85:32:29:17:4b:bf:84:af:61:95:fc:6e:3b:d3:88:
                    6f:a6:37:52:1c:cc:6e:7d:29:4b:88:45:22:02:4e:
                    81:1f:92:76:a7:a0:f4:52:18:a8:86:b5:a5:20:22:
                    d4:33:57:f0:3e:5b:bf:dd:bf:e8:8e:97:09:3c:fc:
                    b5:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:AD:D8:53:8F:1A:2C:02:72:0D:8C:C3:05:8C:86:A3:81:AC:77:AB
            X509v3 Authority Key Identifier:
                keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/163YU48aLAJyDYzDBYyGo4Gsd6s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.247.23.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:40:99:65:b5:84:99:26:3a:91:05:2e:ad:9b:3b:89:52:44:
         1a:5b:3e:6f:bf:7f:33:ca:cc:c8:02:08:b8:35:78:ac:ef:68:
         2d:08:47:4d:df:b7:d6:40:ef:ca:a4:46:58:08:de:f3:2a:7b:
         7d:d2:6f:84:7e:24:d3:a5:cd:e6:87:7d:f3:d1:23:50:7f:80:
         e4:83:15:69:74:bd:b3:13:f6:05:ef:f7:1e:cf:f9:08:de:de:
         6b:d4:79:68:b5:c4:b5:87:76:eb:76:c1:d0:3b:e3:2e:ba:46:
         a8:64:6d:68:f4:da:72:11:ed:aa:2e:29:0f:2d:79:a7:07:3e:
         1e:23:5d:47:f9:28:6f:2d:31:7a:67:3b:fd:12:15:4e:51:3b:
         22:e1:3b:ac:af:cd:82:7c:dc:82:72:93:50:65:b4:81:e3:f7:
         b1:62:f5:73:25:24:e5:33:eb:90:cc:ac:71:79:65:06:df:e4:
         b8:ac:1d:39:6d:44:99:db:42:e9:9b:ed:4e:5b:5b:0c:44:ab:
         87:5f:df:88:d9:40:f0:28:40:fb:34:88:1f:84:88:a7:e7:07:
         c5:ee:a8:99:cd:ac:03:3c:3d:25:6b:93:a7:cc:a3:c4:72:8d:
         1c:a5:ef:31:4e:71:bb:ff:12:34:f1:56:96:e6:0b:d3:3d:77:
         3a:59:83:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbv9vqg0HSEppJmU0gYT0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjMwMTAxMDgyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2FkZDg1MzhmMWEyYzAyNzIwZDhjYzMwNThjODZhMzgxYWM3N2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/cLTs7lCdwvtzjevRGOyojT6T6S
sDOISMheafdIJcWxHQsVOqQfk5fVKExAXp6JNaur0LDTzNqBupy72PdxI6a0NkMx
zJNYjMqrEdMS4mbCmea2Sdv+d6CtFvFYJ/75D1A1JKwgPhEmsxGsxXdTmP4lJ5wl
owBcPd6xOmvbFseiUwmHtCTizgk5BTxSMT+nOHJsdg4tT0t8TYn2FprR7M8vkoBb
VCFgaeQ+HrcmAIevuray9N2Fzrdipr70xo6E9NmFMikXS7+Er2GV/G4704hvpjdS
HMxufSlLiEUiAk6BH5J2p6D0UhiohrWlICLUM1fwPlu/3b/ojpcJPPy1SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNet2FOPGiwCcg2MwwWMhqOBrHerMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvMTYzWVU0OGFMQUp5RFl6REJZeUdvNEdzZDZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVPcXMA0G
CSqGSIb3DQEBCwUAA4IBAQBQQJlltYSZJjqRBS6tmzuJUkQaWz5vv38zyszIAgi4
NXis72gtCEdN37fWQO/KpEZYCN7zKnt90m+EfiTTpc3mh33z0SNQf4DkgxVpdL2z
E/YF7/cez/kI3t5r1HlotcS1h3brdsHQO+MuukaoZG1o9NpyEe2qLikPLXmnBz4e
I11H+ShvLTF6Zzv9EhVOUTsi4Tusr82CfNyCcpNQZbSB4/exYvVzJSTlM+uQzKxx
eWUG3+S4rB05bUSZ20Lpm+1OW1sMRKuHX9+I2UDwKED7NIgfhIin5wfF7qiZzawD
PD0la5OnzKPEco0cpe8xTnG7/xI08VaW5gvTPXc6WYOS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:42 2024 by rpki-client on console-ams.rpki-client.org