Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/u0XIColDxyXZXygt3Pz8nvesiaY.roa
File:                     u0XIColDxyXZXygt3Pz8nvesiaY.roa (raw, json)
Hash identifier:          jtgw9aui2KUtQiDGNr4YyEBlpUqf8oXJQrcs1KZdF5M=
Subject key identifier:   BB:45:C8:0A:89:43:C7:25:D9:5F:28:2D:DC:FC:FC:9E:F7:AC:89:A6
Certificate issuer:       /CN=0c05ca111c0093b56514215be467b515dda56c06
Certificate serial:       01865F9F5D3FDAB134F4307A62D428CAB970
Authority key identifier: 0C:05:CA:11:1C:00:93:B5:65:14:21:5B:E4:67:B5:15:DD:A5:6C:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/u0XIColDxyXZXygt3Pz8nvesiaY.roa
Signing time:             Fri 17 Feb 2023 13:45:24 +0000
ROA not before:           Fri 17 Feb 2023 13:45:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209824
IP address blocks:        217.113.54.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Thu 23 Mar 2023 10:51:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:5f:9f:5d:3f:da:b1:34:f4:30:7a:62:d4:28:ca:b9:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c05ca111c0093b56514215be467b515dda56c06
        Validity
            Not Before: Feb 17 13:45:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bb45c80a8943c725d95f282ddcfcfc9ef7ac89a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:e0:fb:a2:17:fd:f5:83:92:de:bc:a0:dc:7d:
                    d0:22:b5:6f:98:d8:91:61:60:17:15:fc:ef:63:28:
                    f1:02:e5:91:27:6a:59:50:a5:b7:45:dc:56:3e:3b:
                    4b:4f:39:de:af:a8:7d:74:1a:b9:29:ad:b1:0b:88:
                    18:5b:4c:83:17:6a:da:c4:4f:79:e6:bd:f8:72:e3:
                    a0:cb:5a:0a:52:54:03:88:9f:a4:9a:9f:23:78:f8:
                    d0:bb:50:54:37:bf:e8:24:80:95:58:c0:01:33:bc:
                    2c:a6:b0:9b:be:60:3d:ff:02:c7:70:c7:4b:6a:00:
                    47:46:5a:5f:df:cc:9e:37:c0:9e:c5:46:ab:36:55:
                    bc:43:13:30:7c:11:10:b9:01:8d:4a:5b:b8:5d:75:
                    45:90:51:dc:2b:36:0d:1f:4c:07:44:48:c5:96:90:
                    e7:dc:c9:1b:8e:49:a7:f5:21:ff:0d:f8:86:8e:1b:
                    7a:c6:8c:f7:3f:c1:49:66:0e:2d:ff:30:b9:41:5b:
                    6c:53:8e:a1:d0:63:c3:d9:90:db:2c:62:5a:08:40:
                    ed:bc:e4:c3:c6:84:3f:e6:03:80:45:00:a6:b4:ae:
                    82:54:cd:10:d4:b9:96:2c:53:af:2c:f4:9c:ae:9d:
                    91:2b:ef:3d:68:f5:be:18:ab:fc:c8:83:6e:9d:34:
                    46:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:45:C8:0A:89:43:C7:25:D9:5F:28:2D:DC:FC:FC:9E:F7:AC:89:A6
            X509v3 Authority Key Identifier:
                keyid:0C:05:CA:11:1C:00:93:B5:65:14:21:5B:E4:67:B5:15:DD:A5:6C:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/u0XIColDxyXZXygt3Pz8nvesiaY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.113.54.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b6:5e:c2:2d:52:c1:b8:8d:02:26:d8:83:17:b2:27:35:55:5a:
         4f:5f:f9:63:8d:f3:67:4e:00:f8:39:cd:3a:89:6b:83:24:74:
         bd:df:31:9d:00:d9:73:c1:ce:7e:da:2f:e2:49:a7:d8:f6:84:
         3e:3a:16:9a:7c:4d:98:25:ca:34:fa:61:28:44:fa:20:35:79:
         5a:82:f2:f2:98:33:c4:1e:3c:5d:da:2f:be:55:3c:9c:80:54:
         48:62:fe:0e:9c:a5:3f:86:06:cd:a5:8b:c9:3d:82:52:28:17:
         ff:57:7e:a0:48:bb:10:b0:33:97:d9:15:58:dd:4d:22:62:58:
         c4:8f:30:57:66:c5:40:fd:48:b2:fc:75:32:20:1f:07:73:15:
         38:b6:31:4f:3f:42:a2:73:ed:9c:c2:4b:c0:b7:d0:68:e0:33:
         77:a1:ed:80:5d:19:42:b9:60:e5:88:9c:f5:e9:6a:0b:bb:c3:
         d6:61:08:ba:94:5d:51:56:43:c4:a7:cd:68:dc:2e:06:5d:dc:
         9b:6b:ba:97:02:bb:f8:81:1b:76:7b:42:5b:ee:48:c7:48:bd:
         22:b3:68:b4:35:e8:0b:f2:de:56:6a:58:ba:25:8f:cb:de:07:
         85:7b:21:89:fa:bb:9f:dc:0e:f7:6d:03:d0:00:3b:0c:b2:9f:
         f7:0d:2c:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZfn10/2rE09DB6YtQoyrlwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMDVjYTExMWMwMDkzYjU2NTE0MjE1YmU0NjdiNTE1ZGRh
NTZjMDYwHhcNMjMwMjE3MTM0NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjQ1YzgwYTg5NDNjNzI1ZDk1ZjI4MmRkY2ZjZmM5ZWY3YWM4OWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+D7ohf99YOS3ryg3H3QIrVvmNiR
YWAXFfzvYyjxAuWRJ2pZUKW3RdxWPjtLTzner6h9dBq5Ka2xC4gYW0yDF2raxE95
5r34cuOgy1oKUlQDiJ+kmp8jePjQu1BUN7/oJICVWMABM7wsprCbvmA9/wLHcMdL
agBHRlpf38yeN8CexUarNlW8QxMwfBEQuQGNSlu4XXVFkFHcKzYNH0wHREjFlpDn
3Mkbjkmn9SH/DfiGjht6xoz3P8FJZg4t/zC5QVtsU46h0GPD2ZDbLGJaCEDtvOTD
xoQ/5gOARQCmtK6CVM0Q1LmWLFOvLPScrp2RK+89aPW+GKv8yINunTRGEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLtFyAqJQ8cl2V8oLdz8/J73rImmMB8GA1UdIwQY
MBaAFAwFyhEcAJO1ZRQhW+RntRXdpWwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREFYS0VSd0FrN1ZsRkNGYjVHZTFGZDJsYkFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wZmJmNDgtNWRiNy00OWZlLWJmNDQt
NmEzNjcwNWJiYTZmLzEvdTBYSUNvbER4eVhaWHlndDNQejhudmVzaWFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wZmJmNDgtNWRiNy00OWZlLWJmNDQtNmEzNjcwNWJiYTZm
LzEvREFYS0VSd0FrN1ZsRkNGYjVHZTFGZDJsYkFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2XE2MA0G
CSqGSIb3DQEBCwUAA4IBAQC2XsItUsG4jQIm2IMXsic1VVpPX/ljjfNnTgD4Oc06
iWuDJHS93zGdANlzwc5+2i/iSafY9oQ+OhaafE2YJco0+mEoRPogNXlagvLymDPE
Hjxd2i++VTycgFRIYv4OnKU/hgbNpYvJPYJSKBf/V36gSLsQsDOX2RVY3U0iYljE
jzBXZsVA/Uiy/HUyIB8HcxU4tjFPP0Kic+2cwkvAt9Bo4DN3oe2AXRlCuWDliJz1
6WoLu8PWYQi6lF1RVkPEp81o3C4GXdyba7qXArv4gRt2e0Jb7kjHSL0is2i0NegL
8t5Wali6JY/L3geFeyGJ+ruf3A73bQPQADsMsp/3DSzV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:11 2024 by rpki-client on console-ams.rpki-client.org