Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-GLCVbAA71ccu642FnVjlz1pgt0.roa
File:                     1-GLCVbAA71ccu642FnVjlz1pgt0.roa (raw, json)
Hash identifier:          ZCH7QSbf2/p5qNheQNviXHOOGzKQljhLh6nZZm1h9Os=
Subject key identifier:   F8:62:C2:55:B0:00:EF:57:1C:BB:AE:36:16:75:63:97:3D:69:82:DD
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018CC4256AC8C3A280AA225D369CF4251FD5
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-GLCVbAA71ccu642FnVjlz1pgt0.roa
Signing time:             Mon 01 Jan 2024 08:30:35 +0000
ROA not before:           Mon 01 Jan 2024 08:30:35 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212815
IP address blocks:        163.5.83.0/24 maxlen: 24
                          163.5.99.0/24 maxlen: 24
                          163.5.31.0/24 maxlen: 24
                          163.5.35.0/24 maxlen: 24
                          163.5.62.0/24 maxlen: 24
                          163.5.59.0/24 maxlen: 24
                          163.5.192.0/24 maxlen: 24
                          163.5.193.0/24 maxlen: 24
                          163.5.213.0/24 maxlen: 24
                          163.5.215.0/24 maxlen: 24
                          163.5.214.0/24 maxlen: 24
                          163.5.221.0/24 maxlen: 24
                          163.5.144.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.142.0/24 maxlen: 24
                          163.5.154.0/24 maxlen: 24
                          185.253.54.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 04 Feb 2024 11:54:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:25:6a:c8:c3:a2:80:aa:22:5d:36:9c:f4:25:1f:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan  1 08:30:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f862c255b000ef571cbbae36167563973d6982dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:52:ca:dc:2f:b9:e6:0b:90:49:ff:63:9f:92:
                    48:73:41:90:ff:09:dd:22:60:ad:78:a6:27:b2:10:
                    78:8b:2f:b3:c5:fc:ba:2d:ed:7f:0a:52:17:2c:ab:
                    3d:74:79:a0:cd:90:33:b9:26:f4:9d:51:21:a3:23:
                    f6:3a:96:a0:5b:1b:f3:7e:dc:9f:45:1c:d0:45:70:
                    b8:74:48:cb:54:b7:2a:42:60:f8:17:dd:10:ed:80:
                    2a:40:a8:23:84:ae:b3:f6:3f:a6:8c:9e:8f:78:84:
                    ba:9a:49:be:41:84:a8:4d:c5:58:f6:40:df:6f:19:
                    af:ef:9b:b5:dd:42:e2:75:a8:69:a3:68:18:5e:65:
                    6b:14:d2:6a:47:07:22:65:d0:d2:b2:b6:f6:e5:5d:
                    ec:03:fc:51:e4:25:44:39:dd:0b:b4:06:f4:82:f2:
                    40:97:e7:78:ef:2e:05:ed:ef:52:19:b2:8c:3f:19:
                    45:32:e7:01:98:c0:24:46:37:7f:af:34:98:30:2e:
                    df:90:32:29:5b:bb:6f:00:9f:86:4d:52:a8:ef:c5:
                    ae:94:61:f3:ba:08:a7:98:62:b4:92:0f:bc:67:b2:
                    96:e2:a3:f3:c1:ba:09:e6:d3:8f:cf:27:ee:3c:f3:
                    a7:a2:56:32:72:8c:c6:d0:16:28:71:7a:98:de:e2:
                    93:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:62:C2:55:B0:00:EF:57:1C:BB:AE:36:16:75:63:97:3D:69:82:DD
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-GLCVbAA71ccu642FnVjlz1pgt0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.31.0/24
                  163.5.35.0/24
                  163.5.59.0/24
                  163.5.62.0/24
                  163.5.83.0/24
                  163.5.99.0/24
                  163.5.142.0-163.5.144.255
                  163.5.154.0/24
                  163.5.192.0/23
                  163.5.213.0-163.5.215.255
                  163.5.221.0/24
                  185.253.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:83:65:c8:f5:70:ce:75:25:47:e9:36:d1:45:aa:51:e8:18:
         3f:1a:b9:5b:d1:29:df:ab:2d:8d:92:4c:f5:b3:7b:db:d1:96:
         52:cd:00:bc:14:8f:d8:5b:de:6d:e6:13:2c:95:ea:6d:1f:47:
         97:f3:e3:dc:b6:b8:cd:0c:35:a2:11:de:ea:6c:3b:6a:fe:56:
         12:ef:7f:eb:e6:49:28:0a:50:3f:e8:5b:96:14:f8:ec:b1:49:
         02:f0:bb:5a:11:c8:e5:32:5b:12:32:b4:a4:3f:f4:17:ab:1e:
         82:c0:1d:89:e3:93:22:be:bb:82:09:c9:9c:5e:0b:5b:8e:9a:
         71:8d:6d:c6:e3:30:5e:69:4f:bf:24:7d:a8:73:22:0e:73:62:
         e9:ff:56:17:7a:49:51:74:1c:66:e2:2a:1a:18:22:52:23:99:
         62:cf:3d:b5:66:b6:2d:4d:1b:94:71:93:58:bf:fe:a6:a2:af:
         c5:fd:51:82:77:c0:1c:1d:34:6a:33:bc:35:af:e6:c2:fa:13:
         f4:16:15:df:6a:ea:f4:6b:91:0b:a6:1e:42:c6:0b:3d:2a:a4:
         80:0b:03:fb:24:5d:46:63:b3:6c:8d:4a:1e:ff:10:53:16:74:
         24:4a:1d:b7:88:a0:e4:89:c2:0b:c8:7d:dc:64:15:1a:90:a6:
         bf:a8:32:17
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAYzEJWrIw6KAqiJdNpz0JR/VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODYyYzI1NWIwMDBlZjU3MWNiYmFlMzYxNjc1NjM5NzNkNjk4MmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglLK3C+55guQSf9jn5JIc0GQ/wnd
ImCteKYnshB4iy+zxfy6Le1/ClIXLKs9dHmgzZAzuSb0nVEhoyP2OpagWxvzftyf
RRzQRXC4dEjLVLcqQmD4F90Q7YAqQKgjhK6z9j+mjJ6PeIS6mkm+QYSoTcVY9kDf
bxmv75u13ULidahpo2gYXmVrFNJqRwciZdDSsrb25V3sA/xR5CVEOd0LtAb0gvJA
l+d47y4F7e9SGbKMPxlFMucBmMAkRjd/rzSYMC7fkDIpW7tvAJ+GTVKo78WulGHz
uginmGK0kg+8Z7KW4qPzwboJ5tOPzyfuPPOnolYycozG0BYocXqY3uKTewIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFPhiwlWwAO9XHLuuNhZ1Y5c9aYLdMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMS1HTENWYkFBNzFjY3U2NDJGblZqbHoxcGd0MC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTMvZDAyZGZiLTk2NzMtNDlhOC05NzFjLTlmZTk0MTA4ZmYw
MS8xL0RPaFJ0dDFkTms3aG5nczRJQnMtamZKaVM4cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBxBggrBgEFBQcBBwEB/wRiMGAwXgQCAAEwWAMEAKMFHwME
AKMFIwMEAKMFOwMEAKMFPgMEAKMFUwMEAKMFYzAMAwQBowWOAwQAowWQAwQAowWa
AwQBowXAMAwDBACjBdUDBAOjBdADBACjBd0DBAC5/TYwDQYJKoZIhvcNAQELBQAD
ggEBACODZcj1cM51JUfpNtFFqlHoGD8auVvRKd+rLY2STPWze9vRllLNALwUj9hb
3m3mEyyV6m0fR5fz49y2uM0MNaIR3upsO2r+VhLvf+vmSSgKUD/oW5YU+OyxSQLw
u1oRyOUyWxIytKQ/9BerHoLAHYnjkyK+u4IJyZxeC1uOmnGNbcbjMF5pT78kfahz
Ig5zYun/Vhd6SVF0HGbiKhoYIlIjmWLPPbVmti1NG5Rxk1i//qair8X9UYJ3wBwd
NGozvDWv5sL6E/QWFd9q6vRrkQumHkLGCz0qpIALA/skXUZjs2yNSh7/EFMWdCRK
HbeIoOSJwgvIfdxkFRqQpr+oMhc=
-----END CERTIFICATE-----