Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DVYMsCqrnxX3C7i-hMYK2_t0iIE.roa
File:                     DVYMsCqrnxX3C7i-hMYK2_t0iIE.roa (raw, json)
Hash identifier:          BPN7+mGhOAs+IBFKmJUusKezo0pOLog2TDBwgWBFo/w=
Subject key identifier:   0D:56:0C:B0:2A:AB:9F:15:F7:0B:B8:BE:84:C6:0A:DB:FB:74:88:81
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018ADD9905C5206B9D5A74D96906930121BD
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DVYMsCqrnxX3C7i-hMYK2_t0iIE.roa
Signing time:             Thu 28 Sep 2023 21:01:47 +0000
ROA not before:           Thu 28 Sep 2023 21:01:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        163.5.223.0/24 maxlen: 24
                          163.5.244.0/24 maxlen: 24
                          163.5.254.0/24 maxlen: 24
                          163.5.149.0/24 maxlen: 24
                          163.5.168.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 16 Oct 2023 10:46:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:dd:99:05:c5:20:6b:9d:5a:74:d9:69:06:93:01:21:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Sep 28 21:01:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0d560cb02aab9f15f70bb8be84c60adbfb748881
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:d2:72:86:e3:89:4b:ea:b0:6d:ff:30:92:48:
                    bf:bd:7d:77:91:cc:c9:e9:58:b3:47:b0:b7:09:5a:
                    0a:6a:df:c8:8a:3e:75:44:2d:92:2b:bc:64:02:11:
                    50:a7:7b:78:9f:eb:c8:21:fd:f6:a4:0f:85:f0:6c:
                    8d:53:e5:ea:fc:73:b5:87:30:b3:48:11:13:15:ff:
                    15:e8:73:ef:91:8d:a8:96:c4:4e:77:a8:b3:74:de:
                    8b:63:e0:dc:e7:69:22:b8:04:16:b0:d8:72:3b:8f:
                    b5:d9:31:11:eb:8a:ef:2c:57:24:27:5d:7c:b8:51:
                    7d:f6:2d:f9:5f:8f:10:20:2a:3a:cc:24:2a:ef:cf:
                    04:17:6e:ab:39:8c:96:b7:81:75:b1:b6:9a:90:6d:
                    b6:4f:ff:30:fe:f1:f3:b7:7d:21:ac:6d:f6:2a:d3:
                    ea:bc:fd:38:7d:81:56:66:98:17:cb:44:7d:c0:af:
                    a9:fa:e0:f8:5f:14:19:89:95:e2:05:20:b1:f7:19:
                    d0:c3:b1:2c:fe:e1:da:76:6b:26:8a:1c:a8:02:3c:
                    0e:c7:e3:ce:e9:95:67:75:c0:de:cb:23:d0:52:21:
                    fd:58:91:00:04:68:25:68:cf:0c:fc:23:13:1f:b2:
                    24:94:5d:b7:84:58:2d:11:26:eb:fa:f8:cb:8f:91:
                    11:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:56:0C:B0:2A:AB:9F:15:F7:0B:B8:BE:84:C6:0A:DB:FB:74:88:81
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DVYMsCqrnxX3C7i-hMYK2_t0iIE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.149.0/24
                  163.5.168.0/24
                  163.5.223.0/24
                  163.5.244.0/24
                  163.5.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:14:dc:25:2d:fd:ea:b4:09:54:0b:df:8a:0c:93:2f:62:50:
         20:a0:1c:d4:00:24:ca:57:22:13:67:ea:22:8f:20:38:3e:90:
         20:d3:9a:cc:f5:8e:9d:91:71:d7:d5:a7:b8:65:b6:45:50:ae:
         b2:f3:b5:b7:ea:3c:fa:73:c6:88:a4:ce:94:e3:5f:ad:51:ef:
         1e:bc:a2:46:9b:53:48:3d:e0:64:a5:9d:d4:70:2c:ee:1c:03:
         7a:48:e2:ee:85:fe:07:e0:35:cb:50:2e:8e:9c:f6:56:41:d3:
         99:b1:4f:5a:62:a8:b5:57:0e:5c:cd:00:ee:25:89:24:19:16:
         95:e2:35:0b:69:a9:83:7e:42:2f:8d:62:8d:04:13:d6:af:7e:
         a1:2d:c1:2a:b6:aa:60:03:28:40:19:33:2a:c5:b7:6c:a9:13:
         f5:7c:7d:94:07:57:bf:dc:a0:6c:a5:4b:b6:18:32:69:f0:0e:
         30:2b:a3:92:2b:f9:cd:be:af:d4:20:25:c7:9c:5e:05:24:3c:
         a7:6f:dc:40:70:67:16:90:75:d0:c3:83:94:75:03:74:df:db:
         c4:67:9a:5d:2b:31:53:c6:bd:71:78:72:14:02:e5:56:b2:c4:
         72:05:7f:c2:7e:07:07:f6:e4:63:58:da:84:8c:1b:b5:31:17:
         0d:71:c8:ca
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYrdmQXFIGudWnTZaQaTASG9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwOTI4MjEwMTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDU2MGNiMDJhYWI5ZjE1ZjcwYmI4YmU4NGM2MGFkYmZiNzQ4ODgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9JyhuOJS+qwbf8wkki/vX13kczJ
6VizR7C3CVoKat/Iij51RC2SK7xkAhFQp3t4n+vIIf32pA+F8GyNU+Xq/HO1hzCz
SBETFf8V6HPvkY2olsROd6izdN6LY+Dc52kiuAQWsNhyO4+12TER64rvLFckJ118
uFF99i35X48QICo6zCQq788EF26rOYyWt4F1sbaakG22T/8w/vHzt30hrG32KtPq
vP04fYFWZpgXy0R9wK+p+uD4XxQZiZXiBSCx9xnQw7Es/uHadmsmihyoAjwOx+PO
6ZVndcDeyyPQUiH9WJEABGglaM8M/CMTH7IklF23hFgtESbr+vjLj5ER5wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFA1WDLAqq58V9wu4voTGCtv7dIiBMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRFZZTXNDcXJueFgzQzdpLWhNWUsyX3QwaUlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowWVAwQA
owWoAwQAowXfAwQAowX0AwQAowX+MA0GCSqGSIb3DQEBCwUAA4IBAQCTFNwlLf3q
tAlUC9+KDJMvYlAgoBzUACTKVyITZ+oijyA4PpAg05rM9Y6dkXHX1ae4ZbZFUK6y
87W36jz6c8aIpM6U41+tUe8evKJGm1NIPeBkpZ3UcCzuHAN6SOLuhf4H4DXLUC6O
nPZWQdOZsU9aYqi1Vw5czQDuJYkkGRaV4jULaamDfkIvjWKNBBPWr36hLcEqtqpg
AyhAGTMqxbdsqRP1fH2UB1e/3KBspUu2GDJp8A4wK6OSK/nNvq/UICXHnF4FJDyn
b9xAcGcWkHXQw4OUdQN039vEZ5pdKzFTxr1xeHIUAuVWssRyBX/CfgcH9uRjWNqE
jBu1MRcNccjK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:04 2024 by rpki-client on console-fra.rpki-client.org