Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/C-l5Xv61xiG-sEh1A3nlyUguGa4.roa
File:                     C-l5Xv61xiG-sEh1A3nlyUguGa4.roa (raw, json)
Hash identifier:          b4VXKvsFZwPnbw0iG7p0iSBEgt9AcAnN/+PWguWSmpY=
Subject key identifier:   0B:E9:79:5E:FE:B5:C6:21:BE:B0:48:75:03:79:E5:C9:48:2E:19:AE
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018AEF90D1B431A1B4B7186C7F1877A567B1
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/C-l5Xv61xiG-sEh1A3nlyUguGa4.roa
Signing time:             Mon 02 Oct 2023 08:46:00 +0000
ROA not before:           Mon 02 Oct 2023 08:46:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212238
IP address blocks:        163.5.95.0/24 maxlen: 24
                          163.5.219.0/24 maxlen: 24
                          163.5.36.0/24 maxlen: 24
                          163.5.37.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 24 Oct 2023 14:34:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:ef:90:d1:b4:31:a1:b4:b7:18:6c:7f:18:77:a5:67:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Oct  2 08:46:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0be9795efeb5c621beb048750379e5c9482e19ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:1b:45:3c:8a:a1:1d:b1:42:9d:09:36:3b:b2:
                    94:4b:15:e0:41:b3:82:1b:e9:ba:04:65:40:a1:a5:
                    63:0a:e5:1e:bb:da:76:31:b4:24:cd:7b:4c:b6:72:
                    e4:f8:9b:82:f2:b3:60:5c:06:79:1d:78:dc:22:67:
                    3c:9f:1e:2f:5f:f5:84:2f:39:d0:e5:99:6c:f6:14:
                    23:c7:d9:fc:94:6b:de:d8:8f:48:00:d2:46:77:98:
                    d9:e3:75:95:93:e3:2d:43:40:3a:ce:cd:63:cc:c4:
                    b9:95:35:45:5d:9d:64:8b:58:9d:4e:56:fd:32:1a:
                    48:f4:0b:c6:86:81:5f:ff:26:55:db:f6:13:2f:62:
                    6d:86:10:5a:8d:a6:e8:43:96:89:66:43:3a:41:02:
                    02:b0:a1:e8:ba:96:ab:4b:be:9b:75:98:c1:4c:93:
                    1e:93:8f:60:aa:c3:a0:bf:ad:03:91:77:60:c5:42:
                    41:46:3b:e2:62:f5:ed:44:18:65:8c:85:d4:81:b8:
                    18:0c:f7:66:62:90:a2:66:a9:c2:5c:30:7d:74:f0:
                    3c:c8:73:45:dd:88:f0:6a:96:b6:b9:0f:cd:df:0e:
                    65:72:a2:c7:ce:74:79:6f:74:52:09:8a:06:de:97:
                    bf:d6:d5:fb:be:80:35:e4:34:ec:84:00:db:7f:29:
                    ab:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:E9:79:5E:FE:B5:C6:21:BE:B0:48:75:03:79:E5:C9:48:2E:19:AE
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/C-l5Xv61xiG-sEh1A3nlyUguGa4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.36.0/23
                  163.5.95.0/24
                  163.5.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:bc:c8:c4:57:6d:bf:7b:55:b7:d4:03:fd:77:a8:32:fb:58:
         32:44:05:b7:be:07:e5:9a:d5:75:de:80:94:88:d9:23:b5:80:
         ae:80:0a:90:a2:a7:c9:8b:38:63:6d:b4:36:d1:5b:51:a7:ad:
         c7:16:7f:ea:36:af:42:e9:a3:c2:ce:ec:cb:11:dd:c5:57:08:
         01:f4:11:ee:2a:cb:1b:64:c6:47:72:16:b9:59:4c:ab:06:5d:
         06:0f:1a:7a:63:b9:1b:47:cf:8d:d5:85:8a:bc:d5:52:29:17:
         1f:4f:28:cd:30:d0:f9:c0:c8:87:2c:fb:35:7b:20:b3:27:62:
         c1:bb:ac:2b:c1:40:31:e1:54:55:4b:39:aa:29:a2:1e:46:2a:
         f6:fc:30:95:da:16:73:0c:d3:c5:f8:ac:49:5e:c9:d6:21:8d:
         26:92:0b:78:a5:e7:a1:d3:c8:1d:11:85:40:fb:d3:89:1e:ad:
         6d:f2:bb:ff:e3:15:14:2a:b2:b2:18:9d:8e:21:3c:9d:bf:22:
         ee:49:94:6c:96:83:62:5d:4f:f7:75:c3:fe:97:ad:b5:6d:30:
         96:d3:d6:76:ce:21:d4:76:88:5e:71:d9:f0:63:93:ec:b8:3e:
         c4:ca:e3:ad:10:cb:49:5b:4e:27:75:16:0e:ac:25:aa:c9:d4:
         77:83:d8:a4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYrvkNG0MaG0txhsfxh3pWexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMDAyMDg0NjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmU5Nzk1ZWZlYjVjNjIxYmViMDQ4NzUwMzc5ZTVjOTQ4MmUxOWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxtFPIqhHbFCnQk2O7KUSxXgQbOC
G+m6BGVAoaVjCuUeu9p2MbQkzXtMtnLk+JuC8rNgXAZ5HXjcImc8nx4vX/WELznQ
5Zls9hQjx9n8lGve2I9IANJGd5jZ43WVk+MtQ0A6zs1jzMS5lTVFXZ1ki1idTlb9
MhpI9AvGhoFf/yZV2/YTL2JthhBajaboQ5aJZkM6QQICsKHouparS76bdZjBTJMe
k49gqsOgv60DkXdgxUJBRjviYvXtRBhljIXUgbgYDPdmYpCiZqnCXDB9dPA8yHNF
3Yjwapa2uQ/N3w5lcqLHznR5b3RSCYoG3pe/1tX7voA15DTshADbfymrawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAvpeV7+tcYhvrBIdQN55clILhmuMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQy1sNVh2NjF4aUctc0VoMUEzbmx5VWd1R2E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBowUkAwQA
owVfAwQAowXbMA0GCSqGSIb3DQEBCwUAA4IBAQADvMjEV22/e1W31AP9d6gy+1gy
RAW3vgflmtV13oCUiNkjtYCugAqQoqfJizhjbbQ20VtRp63HFn/qNq9C6aPCzuzL
Ed3FVwgB9BHuKssbZMZHcha5WUyrBl0GDxp6Y7kbR8+N1YWKvNVSKRcfTyjNMND5
wMiHLPs1eyCzJ2LBu6wrwUAx4VRVSzmqKaIeRir2/DCV2hZzDNPF+KxJXsnWIY0m
kgt4peeh08gdEYVA+9OJHq1t8rv/4xUUKrKyGJ2OITydvyLuSZRsloNiXU/3dcP+
l621bTCW09Z2ziHUdohecdnwY5PsuD7EyuOtEMtJW04ndRYOrCWqydR3g9ik
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:29 2024 by rpki-client on console-ams.rpki-client.org