Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uhGQqgEglHFS3SzIYbHKfYZIyMo.roa
File:                     uhGQqgEglHFS3SzIYbHKfYZIyMo.roa (raw, json)
Hash identifier:          w8akvYDRVU6s0zkyCqgagLv7qraUrTZP2hC2MI+11kc=
Subject key identifier:   BA:11:90:AA:01:20:94:71:52:DD:2C:C8:61:B1:CA:7D:86:48:C8:CA
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018CC4254EA1BA81215DBA913A5720FD617A
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uhGQqgEglHFS3SzIYbHKfYZIyMo.roa
Signing time:             Mon 01 Jan 2024 08:30:28 +0000
ROA not before:           Mon 01 Jan 2024 08:30:28 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     3320
IP address blocks:        163.5.186.0/24 maxlen: 24
                          163.5.220.0/24 maxlen: 24
                          163.5.156.0/24 maxlen: 24
                          163.5.168.0/24 maxlen: 24
                          163.5.170.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:27:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:25:4e:a1:ba:81:21:5d:ba:91:3a:57:20:fd:61:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan  1 08:30:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ba1190aa0120947152dd2cc861b1ca7d8648c8ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:7f:ba:8f:ec:7d:3f:b3:7f:2a:72:cf:63:31:
                    5b:0b:11:5a:43:69:42:5d:83:5a:1a:a0:68:f4:1a:
                    f0:f7:18:ae:74:03:81:ae:fa:c0:ba:87:fa:17:60:
                    c9:8b:69:45:79:72:a9:d9:df:6c:57:f7:03:3a:68:
                    58:b1:4c:37:09:67:8c:96:f7:33:cc:4b:60:f6:07:
                    fb:07:7e:46:a7:24:c2:08:e3:02:39:e3:63:da:e2:
                    89:0f:61:87:d8:0f:2c:be:53:c4:99:5e:c1:c8:81:
                    16:f9:50:d2:42:0d:cf:61:b0:a5:63:12:70:b1:ad:
                    6d:17:cf:8f:43:4d:33:14:15:66:ad:11:b5:85:7e:
                    8b:b0:8e:01:52:6f:10:4b:35:2e:8e:a2:c2:77:75:
                    4f:d3:4c:fc:b7:5e:d0:3e:9d:ee:62:60:7c:eb:6e:
                    89:82:b7:51:ac:9f:22:35:ca:27:53:24:b9:68:61:
                    5b:ac:73:ad:e4:32:b9:12:db:06:5e:a5:8f:99:2c:
                    21:d6:7d:17:d3:44:71:5c:99:7c:c5:d3:1f:ba:c6:
                    a8:89:7e:af:31:c5:aa:e8:33:9a:91:7b:13:d6:ca:
                    f7:84:91:cc:41:f5:b8:62:fc:a2:9a:29:17:7f:61:
                    f2:c2:72:5a:11:09:e0:38:56:9b:69:1d:92:1f:4a:
                    1a:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:11:90:AA:01:20:94:71:52:DD:2C:C8:61:B1:CA:7D:86:48:C8:CA
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uhGQqgEglHFS3SzIYbHKfYZIyMo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.156.0/24
                  163.5.168.0/24
                  163.5.170.0/24
                  163.5.186.0/24
                  163.5.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:a2:28:14:cc:2a:6d:b5:cb:04:5c:a9:33:b8:ca:52:c8:ad:
         51:5d:f1:2c:04:e0:42:39:c0:60:dc:6c:77:a3:14:12:f1:28:
         75:26:19:ed:e1:8e:e7:60:35:b5:84:9c:f7:76:16:d8:72:bd:
         08:d7:94:27:63:60:f0:80:f0:26:7c:34:72:4e:c8:92:21:65:
         8b:42:a6:c4:02:bd:13:fa:f3:be:57:1f:3e:f6:dc:53:db:2b:
         de:2b:81:cf:9b:4b:6d:26:92:9f:96:26:f4:91:b5:a4:ba:a1:
         79:e0:b9:8f:17:24:b3:19:23:9c:b7:5f:68:c5:93:8f:46:50:
         f0:bb:2b:97:b3:2f:28:1c:6d:dd:8a:8d:b5:7a:d8:32:bc:94:
         f6:5d:bc:46:58:b4:c8:44:74:4d:c7:04:4f:ce:28:1d:8d:47:
         fb:f1:2c:90:33:07:f5:a2:d1:20:ed:a9:82:dd:bd:4d:cc:59:
         b9:ac:03:1b:26:aa:8a:89:7a:a8:95:df:10:b6:ed:e1:4c:ad:
         60:e9:1e:b3:71:dd:a6:51:f4:47:66:5f:1a:f8:17:a2:58:53:
         62:df:cb:e3:76:64:79:a9:0b:b0:98:1f:af:f1:92:fa:89:6d:
         06:d1:c5:da:ed:42:8c:ce:89:13:f7:15:21:af:d3:8e:67:d6:
         71:aa:b8:10
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzEJU6huoEhXbqROlcg/WF6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTExOTBhYTAxMjA5NDcxNTJkZDJjYzg2MWIxY2E3ZDg2NDhjOGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnH+6j+x9P7N/KnLPYzFbCxFaQ2lC
XYNaGqBo9Brw9xiudAOBrvrAuof6F2DJi2lFeXKp2d9sV/cDOmhYsUw3CWeMlvcz
zEtg9gf7B35GpyTCCOMCOeNj2uKJD2GH2A8svlPEmV7ByIEW+VDSQg3PYbClYxJw
sa1tF8+PQ00zFBVmrRG1hX6LsI4BUm8QSzUujqLCd3VP00z8t17QPp3uYmB8626J
grdRrJ8iNconUyS5aGFbrHOt5DK5EtsGXqWPmSwh1n0X00RxXJl8xdMfusaoiX6v
McWq6DOakXsT1sr3hJHMQfW4YvyimikXf2HywnJaEQngOFabaR2SH0oaBwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLoRkKoBIJRxUt0syGGxyn2GSMjKMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdWhHUXFnRWdsSEZTM1N6SVliSEtmWVpJeU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowWcAwQA
owWoAwQAowWqAwQAowW6AwQAowXcMA0GCSqGSIb3DQEBCwUAA4IBAQCgoigUzCpt
tcsEXKkzuMpSyK1RXfEsBOBCOcBg3Gx3oxQS8Sh1Jhnt4Y7nYDW1hJz3dhbYcr0I
15QnY2DwgPAmfDRyTsiSIWWLQqbEAr0T+vO+Vx8+9txT2yveK4HPm0ttJpKflib0
kbWkuqF54LmPFySzGSOct19oxZOPRlDwuyuXsy8oHG3dio21etgyvJT2XbxGWLTI
RHRNxwRPzigdjUf78SyQMwf1otEg7amC3b1NzFm5rAMbJqqKiXqold8Qtu3hTK1g
6R6zcd2mUfRHZl8a+BeiWFNi38vjdmR5qQuwmB+v8ZL6iW0G0cXa7UKMzokT9xUh
r9OOZ9ZxqrgQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:36 2024 by rpki-client on console-ams.rpki-client.org