Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Dh9icNIsG6XOyLvSQRkk2rPzEpk.roa
File:                     Dh9icNIsG6XOyLvSQRkk2rPzEpk.roa (raw, json)
Hash identifier:          Phor7BQqEZyaFPDgnfJO8dTDILeRiQiWt6xfrTUOUro=
Subject key identifier:   0E:1F:62:70:D2:2C:1B:A5:CE:C8:BB:D2:41:19:24:DA:B3:F3:12:99
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0185AAAC7AED36B44E962DA0F7D18BEE62BE
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Dh9icNIsG6XOyLvSQRkk2rPzEpk.roa
Signing time:             Fri 13 Jan 2023 10:28:28 +0000
ROA not before:           Fri 13 Jan 2023 10:28:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60721
IP address blocks:        163.5.91.0/24 maxlen: 24
                          163.5.97.0/24 maxlen: 24
                          163.5.114.0/24 maxlen: 24
                          163.5.131.0/24 maxlen: 24
                          163.5.249.0/24 maxlen: 24
                          163.5.33.0/24 maxlen: 24
                          163.5.34.0/24 maxlen: 24
                          163.5.38.0/24 maxlen: 24
                          163.5.152.0/24 maxlen: 24
                          163.5.169.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 15 Jan 2023 11:54:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:aa:ac:7a:ed:36:b4:4e:96:2d:a0:f7:d1:8b:ee:62:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan 13 10:28:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0e1f6270d22c1ba5cec8bbd2411924dab3f31299
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:33:9a:5f:02:bb:7b:b9:8d:f0:a6:1b:18:cd:
                    68:e1:f7:7d:85:6e:fd:db:f7:f3:42:9f:38:d7:01:
                    80:65:10:79:3f:b8:24:5a:14:72:9d:f2:43:0f:5e:
                    7d:22:7b:07:e1:4d:ea:77:63:1d:38:e9:45:10:23:
                    e2:58:7b:fe:dd:45:ad:3c:79:b4:6a:9a:63:56:97:
                    b0:e0:53:e0:20:0c:bb:aa:99:42:0d:b3:0d:75:04:
                    68:d4:e6:ce:32:1e:66:61:3b:28:50:0b:9a:a8:83:
                    a3:b5:76:bd:86:95:fe:a0:40:fc:d0:b0:87:a3:4e:
                    35:40:da:dd:10:b8:ab:af:d4:4e:ff:d7:9c:f6:49:
                    39:33:c9:de:c7:eb:a7:e0:1c:cb:7a:e5:85:51:6d:
                    87:8a:ed:9a:9a:54:b2:7c:2e:83:88:7c:92:04:a5:
                    f8:0b:6d:89:33:2e:49:20:76:eb:07:31:a9:2f:44:
                    67:f6:44:a1:0e:6c:f9:3b:2b:87:0d:c4:6e:e2:1f:
                    93:a9:0e:ea:7c:b7:61:3d:50:b3:9f:2a:0f:21:7e:
                    c0:07:e1:97:f1:1d:83:16:7f:4a:25:3d:cf:e2:a0:
                    f2:3c:74:42:ea:e1:66:80:28:6b:a4:47:f8:df:6b:
                    e9:56:55:31:c0:47:b0:73:34:25:d4:2f:f6:bc:45:
                    54:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:1F:62:70:D2:2C:1B:A5:CE:C8:BB:D2:41:19:24:DA:B3:F3:12:99
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Dh9icNIsG6XOyLvSQRkk2rPzEpk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.33.0-163.5.34.255
                  163.5.38.0/24
                  163.5.91.0/24
                  163.5.97.0/24
                  163.5.114.0/24
                  163.5.131.0/24
                  163.5.152.0/24
                  163.5.169.0/24
                  163.5.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b1:b8:fc:ac:fc:ba:23:60:33:79:8b:41:85:cb:f9:a4:4d:c2:
         fe:5f:73:fa:72:f9:6a:e2:2d:ad:9f:34:08:00:7c:96:4d:91:
         e1:d2:d8:1d:b1:ab:9d:54:65:6f:b4:00:b5:9f:ef:7c:97:a0:
         81:c3:11:ef:c9:36:bf:50:e8:4a:58:c6:1e:68:f5:c5:a5:b0:
         a2:30:93:78:36:df:73:5a:0c:3c:5d:d4:68:44:fd:78:43:d6:
         02:ee:07:5e:a4:47:7b:fc:a6:72:14:b6:fc:45:32:4d:91:a8:
         71:ec:7d:32:ba:f0:a9:fa:c2:b0:e9:49:bc:17:3e:78:aa:36:
         24:ac:98:77:a6:c8:98:d9:e6:cd:df:98:f8:73:93:54:c4:a4:
         5d:c8:f1:a4:65:0f:b0:f7:7a:a5:81:ce:eb:77:97:b1:0f:11:
         e3:a4:eb:0b:2b:1f:7a:b8:34:20:82:4b:f5:3d:1b:55:75:aa:
         f1:34:a7:11:15:d7:67:3d:79:7c:5c:38:0d:1b:02:73:b5:42:
         45:62:d9:33:31:53:1c:4b:f2:6c:d8:af:b3:a6:f7:a2:51:8c:
         58:1f:9b:d3:4e:cd:6e:6c:f9:33:4e:87:b0:be:f2:1f:da:d3:
         72:fc:06:b9:94:8d:bd:a8:bb:3a:f3:49:7c:16:36:d4:4c:6d:
         66:79:9a:d1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYWqrHrtNrROli2g99GL7mK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTEzMTAyODI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTFmNjI3MGQyMmMxYmE1Y2VjOGJiZDI0MTE5MjRkYWIzZjMxMjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTOaXwK7e7mN8KYbGM1o4fd9hW79
2/fzQp841wGAZRB5P7gkWhRynfJDD159InsH4U3qd2MdOOlFECPiWHv+3UWtPHm0
appjVpew4FPgIAy7qplCDbMNdQRo1ObOMh5mYTsoUAuaqIOjtXa9hpX+oED80LCH
o041QNrdELirr9RO/9ec9kk5M8nex+un4BzLeuWFUW2Hiu2amlSyfC6DiHySBKX4
C22JMy5JIHbrBzGpL0Rn9kShDmz5OyuHDcRu4h+TqQ7qfLdhPVCznyoPIX7AB+GX
8R2DFn9KJT3P4qDyPHRC6uFmgChrpEf432vpVlUxwEewczQl1C/2vEVUWQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFA4fYnDSLBulzsi70kEZJNqz8xKZMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRGg5aWNOSXNHNlhPeUx2U1FSa2syclB6RXBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+MAwDBACjBSED
BACjBSIDBACjBSYDBACjBVsDBACjBWEDBACjBXIDBACjBYMDBACjBZgDBACjBakD
BACjBfkwDQYJKoZIhvcNAQELBQADggEBALG4/Kz8uiNgM3mLQYXL+aRNwv5fc/py
+WriLa2fNAgAfJZNkeHS2B2xq51UZW+0ALWf73yXoIHDEe/JNr9Q6EpYxh5o9cWl
sKIwk3g233NaDDxd1GhE/XhD1gLuB16kR3v8pnIUtvxFMk2RqHHsfTK68Kn6wrDp
SbwXPniqNiSsmHemyJjZ5s3fmPhzk1TEpF3I8aRlD7D3eqWBzut3l7EPEeOk6wsr
H3q4NCCCS/U9G1V1qvE0pxEV12c9eXxcOA0bAnO1QkVi2TMxUxxL8mzYr7Om96JR
jFgfm9NOzW5s+TNOh7C+8h/a03L8BrmUjb2ouzrzSXwWNtRMbWZ5mtE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:04 2024 by rpki-client on console-fra.rpki-client.org