Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/7q-cgl0WU7JWCmVUBRbjvafIo5s.roa
File:                     7q-cgl0WU7JWCmVUBRbjvafIo5s.roa (raw, json)
Hash identifier:          EWUDCh8VIw6EQydURyf6KWkaD6LRbY+JUbM8V7+MNJk=
Subject key identifier:   EE:AF:9C:82:5D:16:53:B2:56:0A:65:54:05:16:E3:BD:A7:C8:A3:9B
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018800FBEB4FF7E318578705F5B592D1B00B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/7q-cgl0WU7JWCmVUBRbjvafIo5s.roa
Signing time:             Tue 09 May 2023 14:48:09 +0000
ROA not before:           Tue 09 May 2023 14:48:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56913
IP address blocks:        163.5.70.0/24 maxlen: 24
                          163.5.77.0/24 maxlen: 24
                          163.5.78.0/24 maxlen: 24
                          163.5.72.0/24 maxlen: 24
                          163.5.89.0/24 maxlen: 24
                          163.5.88.0/24 maxlen: 24
                          163.5.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 31 May 2023 08:38:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:00:fb:eb:4f:f7:e3:18:57:87:05:f5:b5:92:d1:b0:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: May  9 14:48:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eeaf9c825d1653b2560a65540516e3bda7c8a39b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:af:1c:c7:79:90:10:3a:ad:0f:79:c8:17:97:
                    c4:fe:8b:64:b9:f1:41:2d:a8:06:e1:13:e6:9f:b7:
                    25:74:f7:16:e3:08:5f:2d:88:79:c5:9a:e6:5d:9c:
                    11:f9:78:7e:e1:8e:64:17:a2:74:55:37:7a:4d:8c:
                    0a:8e:39:05:6a:ad:cf:aa:46:96:8d:b0:c5:dd:ed:
                    80:95:b4:32:76:2f:d4:ce:04:87:30:98:7a:27:43:
                    33:98:66:60:a2:3b:7e:5e:fc:6d:4f:ba:92:2e:33:
                    96:01:87:e2:2f:7a:e8:83:25:e0:62:7b:46:1e:aa:
                    f6:b7:6c:27:cb:b2:ff:03:76:3b:d1:46:e6:ca:fe:
                    ff:ca:d3:9f:e0:9f:77:ff:d9:a3:17:8e:d5:b3:41:
                    1f:4a:cb:6b:2f:ea:4a:25:82:69:6c:3e:01:91:59:
                    41:43:7d:e2:6d:2b:08:32:b6:20:b1:b8:f8:66:bb:
                    50:e0:cb:76:17:58:94:19:36:ee:4e:70:ac:05:d0:
                    91:ed:42:51:af:b6:d4:5c:71:2e:b9:50:f8:c1:0f:
                    f3:6e:43:ae:fa:83:38:ff:6b:d2:92:f4:e7:09:fb:
                    61:d1:75:dd:b8:00:76:bb:b3:90:d0:77:03:fd:c9:
                    a3:72:9d:71:01:92:8c:4a:01:2a:78:6a:15:3a:60:
                    7e:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:AF:9C:82:5D:16:53:B2:56:0A:65:54:05:16:E3:BD:A7:C8:A3:9B
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/7q-cgl0WU7JWCmVUBRbjvafIo5s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.63.0/24
                  163.5.70.0/24
                  163.5.72.0/24
                  163.5.77.0-163.5.78.255
                  163.5.88.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8d:28:fc:ba:6d:af:1b:36:0d:e6:fe:c2:46:3e:a8:70:9c:82:
         68:c4:99:a6:6f:d0:68:1b:3a:c5:2f:a1:87:e4:4b:54:8c:56:
         b2:5b:b0:ae:14:a5:fe:8f:fa:0a:cd:b6:eb:ef:a6:fb:11:bd:
         b2:b9:7f:6f:cd:1f:1a:d8:7f:e5:45:cb:b7:33:1a:a8:1f:f4:
         29:11:1d:6e:ad:9c:3d:1e:8d:28:c2:60:a0:64:e1:6d:a2:65:
         4a:7f:db:89:09:8a:e7:e1:96:a2:dc:40:80:2d:19:8b:d6:02:
         99:0c:29:01:90:a9:74:20:b2:df:29:95:f0:88:3e:8e:f8:b5:
         56:3f:dc:dc:0f:5a:89:07:13:4c:98:17:04:f5:71:0b:3a:fc:
         90:54:ad:04:ad:f4:4c:70:13:ab:0f:fd:c5:03:04:7e:d5:06:
         97:b4:54:4e:4b:0c:37:ad:0f:53:27:f2:42:6c:8d:dc:86:1f:
         83:fa:0e:97:d7:66:22:f9:e4:3b:4a:0b:42:7f:18:07:a8:17:
         b6:31:60:f8:ec:e4:14:3a:5d:b0:b7:ce:12:3f:e0:39:e9:e7:
         fa:3e:55:c3:ca:49:02:77:93:bc:99:a4:ef:81:03:42:df:88:
         3b:97:53:fb:f9:a8:a9:e8:9f:d3:e5:c9:d4:81:35:b3:23:86:
         80:0d:5a:1e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYgA++tP9+MYV4cF9bWS0bALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNTA5MTQ0ODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWFmOWM4MjVkMTY1M2IyNTYwYTY1NTQwNTE2ZTNiZGE3YzhhMzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvq8cx3mQEDqtD3nIF5fE/otkufFB
LagG4RPmn7cldPcW4whfLYh5xZrmXZwR+Xh+4Y5kF6J0VTd6TYwKjjkFaq3PqkaW
jbDF3e2AlbQydi/UzgSHMJh6J0MzmGZgojt+XvxtT7qSLjOWAYfiL3rogyXgYntG
Hqr2t2wny7L/A3Y70Ubmyv7/ytOf4J93/9mjF47Vs0EfSstrL+pKJYJpbD4BkVlB
Q33ibSsIMrYgsbj4ZrtQ4Mt2F1iUGTbuTnCsBdCR7UJRr7bUXHEuuVD4wQ/zbkOu
+oM4/2vSkvTnCfth0XXduAB2u7OQ0HcD/cmjcp1xAZKMSgEqeGoVOmB+WwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFO6vnIJdFlOyVgplVAUW472nyKObMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvN3EtY2dsMFdVN0pXQ21WVUJSYmp2YWZJbzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAowU/AwQA
owVGAwQAowVIMAwDBACjBU0DBACjBU4DBAGjBVgwDQYJKoZIhvcNAQELBQADggEB
AI0o/Lptrxs2Deb+wkY+qHCcgmjEmaZv0GgbOsUvoYfkS1SMVrJbsK4Upf6P+grN
tuvvpvsRvbK5f2/NHxrYf+VFy7czGqgf9CkRHW6tnD0ejSjCYKBk4W2iZUp/24kJ
iufhlqLcQIAtGYvWApkMKQGQqXQgst8plfCIPo74tVY/3NwPWokHE0yYFwT1cQs6
/JBUrQSt9ExwE6sP/cUDBH7VBpe0VE5LDDetD1Mn8kJsjdyGH4P6DpfXZiL55DtK
C0J/GAeoF7YxYPjs5BQ6XbC3zhI/4Dnp5/o+VcPKSQJ3k7yZpO+BA0LfiDuXU/v5
qKnon9PlydSBNbMjhoANWh4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:03 2024 by rpki-client on console-fra.rpki-client.org