Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FVFm4IyZX4X4ePGiaqhJA8nKyHs.roa
File:                     FVFm4IyZX4X4ePGiaqhJA8nKyHs.roa (raw, json)
Hash identifier:          X6xOrntEEQNEY0y/G5Hrcj5v9W1jEeWA/B+tVpw51kc=
Subject key identifier:   15:51:66:E0:8C:99:5F:85:F8:78:F1:A2:6A:A8:49:03:C9:CA:C8:7B
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0186322F55AB60D60D661E85C47496240134
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FVFm4IyZX4X4ePGiaqhJA8nKyHs.roa
Signing time:             Wed 08 Feb 2023 18:00:08 +0000
ROA not before:           Wed 08 Feb 2023 18:00:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2914
IP address blocks:        163.5.199.0/24 maxlen: 24
                          163.5.206.0/24 maxlen: 24
                          163.5.200.0/24 maxlen: 24
                          163.5.208.0/24 maxlen: 24
                          163.5.207.0/24 maxlen: 24
                          163.5.209.0/24 maxlen: 24
                          163.5.213.0/24 maxlen: 24
                          163.5.147.0/24 maxlen: 24
                          163.5.156.0/24 maxlen: 24
                          163.5.155.0/24 maxlen: 24
                          163.5.157.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 04 May 2023 09:14:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:32:2f:55:ab:60:d6:0d:66:1e:85:c4:74:96:24:01:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Feb  8 18:00:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=155166e08c995f85f878f1a26aa84903c9cac87b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:e7:35:91:d3:e0:7b:5b:45:c4:3e:01:41:b9:
                    15:01:d4:0a:dc:17:33:7e:64:43:0d:77:02:3a:c2:
                    8c:b1:47:b1:ad:f7:42:cd:15:1d:12:09:69:90:21:
                    50:e3:29:46:2c:6f:ee:9b:e4:8a:69:98:3a:a9:10:
                    94:47:83:c2:71:d8:bd:f3:5e:3e:5d:ba:10:23:99:
                    ab:e5:68:8b:b4:07:b5:5e:42:9d:0d:6e:82:f8:9b:
                    7d:e6:02:57:f3:e0:0d:cd:85:f8:3d:29:59:5f:ec:
                    73:40:1a:04:5e:56:08:21:9e:fb:7d:83:bb:ea:df:
                    99:a2:4e:38:41:dc:57:c9:55:df:6c:e5:17:d8:f3:
                    22:23:56:17:f2:71:f6:91:da:03:1d:68:67:bb:4f:
                    11:5d:ec:af:a3:8b:71:bf:fb:32:0d:10:ca:38:1d:
                    6c:7d:cc:53:05:b1:c0:96:c9:c7:b8:81:3c:a3:e9:
                    60:f1:f4:95:97:ec:fb:a5:ab:a1:3e:11:bd:1e:a9:
                    7f:21:53:00:65:14:d2:7e:54:85:c0:ad:26:86:15:
                    a5:1d:f3:af:77:ec:8b:ec:ec:73:e4:57:87:28:6f:
                    55:0c:20:53:b8:ea:ea:ce:c8:b5:89:89:79:1f:b5:
                    49:30:18:e4:9e:b4:e3:62:19:08:86:df:b9:1a:74:
                    68:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:51:66:E0:8C:99:5F:85:F8:78:F1:A2:6A:A8:49:03:C9:CA:C8:7B
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FVFm4IyZX4X4ePGiaqhJA8nKyHs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.147.0/24
                  163.5.155.0-163.5.157.255
                  163.5.199.0-163.5.200.255
                  163.5.206.0-163.5.209.255
                  163.5.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:2e:92:1a:74:49:64:1b:37:ab:d7:bd:74:27:55:8b:eb:82:
         a9:d3:7f:2b:d8:18:86:b5:03:c1:7e:25:27:1d:ed:a7:91:6d:
         cd:6e:cb:57:76:c2:2c:89:5e:da:e5:dc:a4:75:2e:15:0b:ca:
         99:02:e7:66:45:8e:1c:76:7b:f4:89:d9:5d:c6:6c:36:51:ff:
         df:df:f4:97:e9:d8:d3:28:6d:dc:06:69:ce:9b:5d:b7:90:aa:
         fc:df:ec:92:33:8d:c0:79:a6:df:0d:7b:bf:f9:3b:1a:69:9e:
         9c:69:6d:c5:11:4f:32:dc:ce:36:5c:de:fa:d6:03:69:0d:c7:
         26:3f:b5:8f:13:f0:79:f0:0d:25:8c:1e:26:c3:c1:7f:8c:3f:
         83:b6:74:a3:89:8f:a8:bf:c1:93:1a:19:82:94:6c:e9:63:b6:
         81:d0:d5:6a:29:1c:90:4d:4c:ab:9d:d3:ad:24:dd:21:0a:6c:
         ec:dc:db:17:12:fc:66:e1:bf:b9:2e:a1:be:9d:5f:e3:ff:43:
         05:26:dc:33:75:eb:85:d1:d3:ce:bf:74:bf:4b:ff:e2:bf:15:
         8c:b9:c2:cf:62:64:20:11:af:e9:a8:16:c1:6d:8f:43:c7:76:
         8f:d0:eb:98:cd:49:aa:9f:39:b3:6f:08:6e:95:2a:f2:eb:0a:
         4b:4f:d9:17
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYYyL1WrYNYNZh6FxHSWJAE0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMjA4MTgwMDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTUxNjZlMDhjOTk1Zjg1Zjg3OGYxYTI2YWE4NDkwM2M5Y2FjODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuc1kdPge1tFxD4BQbkVAdQK3Bcz
fmRDDXcCOsKMsUexrfdCzRUdEglpkCFQ4ylGLG/um+SKaZg6qRCUR4PCcdi9814+
XboQI5mr5WiLtAe1XkKdDW6C+Jt95gJX8+ANzYX4PSlZX+xzQBoEXlYIIZ77fYO7
6t+Zok44QdxXyVXfbOUX2PMiI1YX8nH2kdoDHWhnu08RXeyvo4txv/syDRDKOB1s
fcxTBbHAlsnHuIE8o+lg8fSVl+z7pauhPhG9Hql/IVMAZRTSflSFwK0mhhWlHfOv
d+yL7Oxz5FeHKG9VDCBTuOrqzsi1iYl5H7VJMBjknrTjYhkIht+5GnRozwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFBVRZuCMmV+F+HjxomqoSQPJysh7MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRlZGbTRJeVpYNFg0ZVBHaWFxaEpBOG5LeUhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAowWTMAwD
BACjBZsDBAGjBZwwDAMEAKMFxwMEAKMFyDAMAwQBowXOAwQBowXQAwQAowXVMA0G
CSqGSIb3DQEBCwUAA4IBAQA8LpIadElkGzer1710J1WL64Kp038r2BiGtQPBfiUn
He2nkW3NbstXdsIsiV7a5dykdS4VC8qZAudmRY4cdnv0idldxmw2Uf/f3/SX6djT
KG3cBmnOm123kKr83+ySM43AeabfDXu/+TsaaZ6caW3FEU8y3M42XN761gNpDccm
P7WPE/B58A0ljB4mw8F/jD+DtnSjiY+ov8GTGhmClGzpY7aB0NVqKRyQTUyrndOt
JN0hCmzs3NsXEvxm4b+5LqG+nV/j/0MFJtwzdeuF0dPOv3S/S//ivxWMucLPYmQg
Ea/pqBbBbY9Dx3aP0OuYzUmqnzmzbwhulSry6wpLT9kX
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:30 2024 by rpki-client on console-ams.rpki-client.org