Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kpp08qYiu8CWJcE7SMR3RvPMoAI.roa
File:                     kpp08qYiu8CWJcE7SMR3RvPMoAI.roa (raw, json)
Hash identifier:          hbR2oaChOIDrJIEPRtdNPctz3SVOd64g3pd0/f9dnf0=
Subject key identifier:   92:9A:74:F2:A6:22:BB:C0:96:25:C1:3B:48:C4:77:46:F3:CC:A0:02
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018653BCE29E68EADF5C4F40814BDC52B4DA
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kpp08qYiu8CWJcE7SMR3RvPMoAI.roa
Signing time:             Wed 15 Feb 2023 06:22:13 +0000
ROA not before:           Wed 15 Feb 2023 06:22:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209260
IP address blocks:        163.5.184.0/24 maxlen: 24
                          163.5.217.0/24 maxlen: 24
                          163.5.232.0/24 maxlen: 24
                          163.5.33.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 31 Mar 2023 03:47:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:53:bc:e2:9e:68:ea:df:5c:4f:40:81:4b:dc:52:b4:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Feb 15 06:22:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=929a74f2a622bbc09625c13b48c47746f3cca002
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:0a:ba:4b:99:3a:cd:76:9c:64:65:f5:a8:35:
                    4b:bd:21:52:61:2c:69:34:41:8c:42:d2:9c:30:c0:
                    fb:52:c3:8f:b8:39:84:a1:83:7f:1a:16:7e:93:04:
                    d7:71:aa:85:a3:b6:27:b9:a2:26:1a:c9:91:58:1a:
                    cd:2d:2a:46:df:7f:0c:93:17:cb:ec:60:13:1b:21:
                    0d:d0:c9:01:39:75:e9:4c:c5:95:96:dc:03:8e:c2:
                    97:f7:58:ca:0c:7d:51:f7:ee:9f:26:90:2d:98:ea:
                    3a:9a:c5:14:55:77:ec:01:00:a0:fb:15:f1:26:ae:
                    5d:51:a7:da:ff:fa:5c:42:2b:a4:49:d6:c3:45:17:
                    7a:9f:26:c9:63:97:8e:4c:2f:33:16:49:2c:ae:fd:
                    2b:cc:1d:81:74:7f:fa:ee:14:00:eb:13:e0:2a:90:
                    d1:7f:d2:bc:8c:b9:cd:74:d8:5d:e2:9a:0e:10:c2:
                    d0:9f:ac:a3:1e:04:e1:78:d7:85:f9:7d:97:a2:5f:
                    ab:56:22:03:66:7e:3a:5e:94:9e:81:50:53:75:83:
                    2f:c2:fc:31:1a:c4:f2:de:ba:f2:dc:0a:48:c2:8c:
                    fd:ff:77:73:08:fa:27:52:0f:d0:3e:aa:ad:b6:ac:
                    b3:b5:18:19:e4:e0:90:0f:d5:08:bd:88:72:51:ae:
                    05:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:9A:74:F2:A6:22:BB:C0:96:25:C1:3B:48:C4:77:46:F3:CC:A0:02
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/kpp08qYiu8CWJcE7SMR3RvPMoAI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.33.0/24
                  163.5.184.0/24
                  163.5.217.0/24
                  163.5.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:9e:3b:84:79:cd:f6:67:8e:02:4a:48:33:e1:36:62:e5:0f:
         fa:fe:73:d7:8d:a5:bb:d8:cc:ca:fd:e0:fb:03:9d:1c:4d:c9:
         13:51:f6:3d:32:f0:6f:9b:aa:62:4f:94:1a:5f:52:66:70:dd:
         8c:c2:f3:3c:a6:8b:fc:5f:71:f6:77:9c:a9:97:14:94:2a:36:
         03:60:6e:4b:32:e7:8c:dd:21:0f:91:00:72:36:f3:5d:c1:12:
         8d:1f:97:4f:34:a4:4f:6e:b2:7c:9d:73:04:a7:3f:7d:f8:6a:
         26:cf:cc:2f:b5:79:1e:33:45:ff:f1:28:69:42:ae:e7:96:dd:
         b8:22:28:8e:85:bc:aa:6d:cd:a5:3f:30:06:9e:1c:61:12:66:
         7c:08:0f:53:56:e1:4c:63:32:c9:af:25:9b:c5:fa:76:a2:d5:
         51:36:54:f6:6d:3e:c6:83:92:57:0d:48:82:f4:3b:f9:14:f7:
         0e:d7:ce:bd:8c:18:d9:f1:d4:1e:83:c2:c2:3b:f5:27:56:29:
         75:17:e6:13:a4:a5:61:30:9c:93:5c:83:54:54:bf:25:d5:f3:
         90:c7:d1:59:9d:58:5b:35:1d:98:00:34:f0:b3:a2:ac:25:8f:
         cf:d5:48:35:f5:b2:9e:31:6c:b6:ca:1c:17:aa:30:5b:5d:cf:
         b4:33:88:b9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYZTvOKeaOrfXE9AgUvcUrTaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMjE1MDYyMjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjlhNzRmMmE2MjJiYmMwOTYyNWMxM2I0OGM0Nzc0NmYzY2NhMDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQq6S5k6zXacZGX1qDVLvSFSYSxp
NEGMQtKcMMD7UsOPuDmEoYN/GhZ+kwTXcaqFo7YnuaImGsmRWBrNLSpG338MkxfL
7GATGyEN0MkBOXXpTMWVltwDjsKX91jKDH1R9+6fJpAtmOo6msUUVXfsAQCg+xXx
Jq5dUafa//pcQiukSdbDRRd6nybJY5eOTC8zFkksrv0rzB2BdH/67hQA6xPgKpDR
f9K8jLnNdNhd4poOEMLQn6yjHgTheNeF+X2Xol+rViIDZn46XpSegVBTdYMvwvwx
GsTy3rry3ApIwoz9/3dzCPonUg/QPqqttqyztRgZ5OCQD9UIvYhyUa4FTQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJKadPKmIrvAliXBO0jEd0bzzKACMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEva3BwMDhxWWl1OENXSmNFN1NNUjNSdlBNb0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowUhAwQA
owW4AwQAowXZAwQAowXoMA0GCSqGSIb3DQEBCwUAA4IBAQABnjuEec32Z44CSkgz
4TZi5Q/6/nPXjaW72MzK/eD7A50cTckTUfY9MvBvm6piT5QaX1JmcN2MwvM8pov8
X3H2d5yplxSUKjYDYG5LMueM3SEPkQByNvNdwRKNH5dPNKRPbrJ8nXMEpz99+Gom
z8wvtXkeM0X/8ShpQq7nlt24IiiOhbyqbc2lPzAGnhxhEmZ8CA9TVuFMYzLJryWb
xfp2otVRNlT2bT7Gg5JXDUiC9Dv5FPcO1869jBjZ8dQeg8LCO/UnVil1F+YTpKVh
MJyTXINUVL8l1fOQx9FZnVhbNR2YADTws6KsJY/P1Ug19bKeMWy2yhwXqjBbXc+0
M4i5
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:35 2024 by rpki-client on console-ams.rpki-client.org