Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Fv6UFZxL8uFKaG2J7qv520-4pWg.roa
File:                     Fv6UFZxL8uFKaG2J7qv520-4pWg.roa (raw, json)
Hash identifier:          HNnMnrzq/h85gx6X+5XBMU6PCKWifd6gY53oam5D1RY=
Subject key identifier:   16:FE:94:15:9C:4B:F2:E1:4A:68:6D:89:EE:AB:F9:DB:4F:B8:A5:68
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018C2693113DBE7C8A7D5F247A425549413C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Fv6UFZxL8uFKaG2J7qv520-4pWg.roa
Signing time:             Fri 01 Dec 2023 18:10:21 +0000
ROA not before:           Fri 01 Dec 2023 18:10:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212815
IP address blocks:        163.5.83.0/24 maxlen: 24
                          163.5.99.0/24 maxlen: 24
                          163.5.31.0/24 maxlen: 24
                          163.5.35.0/24 maxlen: 24
                          163.5.62.0/24 maxlen: 24
                          163.5.59.0/24 maxlen: 24
                          163.5.192.0/24 maxlen: 24
                          163.5.193.0/24 maxlen: 24
                          163.5.213.0/24 maxlen: 24
                          163.5.215.0/24 maxlen: 24
                          163.5.214.0/24 maxlen: 24
                          163.5.221.0/24 maxlen: 24
                          163.5.144.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.142.0/24 maxlen: 24
                          163.5.154.0/24 maxlen: 24
                          185.253.54.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:26:93:11:3d:be:7c:8a:7d:5f:24:7a:42:55:49:41:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Dec  1 18:10:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=16fe94159c4bf2e14a686d89eeabf9db4fb8a568
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:51:52:3b:96:b3:1f:59:7c:06:80:cd:c4:d7:
                    27:e0:6b:f0:c6:a5:40:43:c3:90:47:e9:64:30:32:
                    3c:b0:1b:d0:ae:6d:cd:24:b5:b5:5d:fb:4e:67:3c:
                    ce:8f:ba:01:99:d0:f1:0a:f5:04:06:c1:1b:09:eb:
                    68:e8:9e:31:fe:67:a3:9e:14:16:1c:ba:f8:d7:cd:
                    b7:db:b2:55:cf:1b:f2:c8:1b:a2:90:51:72:0a:2e:
                    81:75:35:33:20:4e:a7:2a:5a:9d:e9:56:db:e4:f5:
                    5b:ff:a7:51:01:65:57:79:14:71:1a:d2:a9:47:7a:
                    38:07:b8:c1:2d:48:6e:39:65:d6:7b:f1:f5:85:4e:
                    6b:4f:f9:1a:ca:15:fc:15:99:36:7f:d7:4a:14:1d:
                    a9:6c:54:65:25:3c:ce:a4:6b:5f:3f:e1:24:6c:4d:
                    48:0c:c5:d3:9f:71:91:e7:76:10:da:5d:47:61:81:
                    fe:f0:2c:e5:60:a6:4e:9f:a2:79:35:ed:b7:c5:31:
                    81:57:0c:99:db:7d:c1:3c:1e:b2:45:92:4e:93:40:
                    56:14:f8:69:40:a5:72:83:f7:1a:c4:ed:f1:52:6e:
                    46:d0:7d:a1:a1:47:7c:64:90:c1:98:13:66:7a:04:
                    8c:80:e8:52:8c:a7:08:e9:2c:4f:35:e9:27:b1:e9:
                    10:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:FE:94:15:9C:4B:F2:E1:4A:68:6D:89:EE:AB:F9:DB:4F:B8:A5:68
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Fv6UFZxL8uFKaG2J7qv520-4pWg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.31.0/24
                  163.5.35.0/24
                  163.5.59.0/24
                  163.5.62.0/24
                  163.5.83.0/24
                  163.5.99.0/24
                  163.5.142.0-163.5.144.255
                  163.5.154.0/24
                  163.5.192.0/23
                  163.5.213.0-163.5.215.255
                  163.5.221.0/24
                  185.253.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:a6:35:09:06:75:a6:c1:f4:3d:de:e3:ab:3e:1d:2c:7e:a1:
         09:7e:aa:93:60:c4:bf:90:4e:d5:a3:33:34:c5:60:ea:86:1b:
         9a:ac:33:1f:ce:2c:cf:c0:2d:8c:19:6a:55:e6:4d:2c:0e:53:
         05:f8:52:f6:f6:06:42:e5:03:18:3a:c0:3b:ab:ec:77:c9:86:
         27:ca:58:24:e8:3f:68:5a:f4:dc:fb:a7:3f:9a:49:3d:a3:4b:
         e6:54:2c:2c:3d:9e:2a:21:86:ee:9a:67:c3:54:bc:09:a4:5f:
         c3:55:0d:e4:f0:0b:82:8b:78:f6:3d:38:70:a5:3d:0a:b7:d0:
         c6:46:ba:9c:c1:53:4c:88:8e:8f:2d:99:4e:82:64:f7:8f:02:
         fe:ae:41:5a:02:50:21:22:41:35:d9:58:8d:e7:83:9b:b5:00:
         0d:e0:c9:61:01:c7:47:ff:b1:4d:b5:9c:29:43:87:33:fa:36:
         78:6f:f2:23:40:aa:50:3e:43:28:42:2e:aa:61:1a:13:94:9e:
         59:b3:50:52:fd:5d:c7:76:f4:e9:08:32:66:80:ca:19:16:44:
         35:9a:f1:c2:b8:cf:f5:76:1a:5e:80:bf:ca:32:e1:6d:0a:14:
         9e:2c:52:b6:52:a1:c8:7e:42:61:48:6b:c7:c4:14:76:16:c4:
         6b:0b:40:62
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYwmkxE9vnyKfV8kekJVSUE8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMjAxMTgxMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmZlOTQxNTljNGJmMmUxNGE2ODZkODllZWFiZjlkYjRmYjhhNTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4FFSO5azH1l8BoDNxNcn4GvwxqVA
Q8OQR+lkMDI8sBvQrm3NJLW1XftOZzzOj7oBmdDxCvUEBsEbCeto6J4x/mejnhQW
HLr4182327JVzxvyyBuikFFyCi6BdTUzIE6nKlqd6Vbb5PVb/6dRAWVXeRRxGtKp
R3o4B7jBLUhuOWXWe/H1hU5rT/kayhX8FZk2f9dKFB2pbFRlJTzOpGtfP+EkbE1I
DMXTn3GR53YQ2l1HYYH+8CzlYKZOn6J5Ne23xTGBVwyZ233BPB6yRZJOk0BWFPhp
QKVyg/caxO3xUm5G0H2hoUd8ZJDBmBNmegSMgOhSjKcI6SxPNeknsekQvwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFBb+lBWcS/LhSmhtie6r+dtPuKVoMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRnY2VUZaeEw4dUZLYUcySjdxdjUyMC00cFdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAowUfAwQA
owUjAwQAowU7AwQAowU+AwQAowVTAwQAowVjMAwDBAGjBY4DBACjBZADBACjBZoD
BAGjBcAwDAMEAKMF1QMEA6MF0AMEAKMF3QMEALn9NjANBgkqhkiG9w0BAQsFAAOC
AQEAc6Y1CQZ1psH0Pd7jqz4dLH6hCX6qk2DEv5BO1aMzNMVg6oYbmqwzH84sz8At
jBlqVeZNLA5TBfhS9vYGQuUDGDrAO6vsd8mGJ8pYJOg/aFr03PunP5pJPaNL5lQs
LD2eKiGG7ppnw1S8CaRfw1UN5PALgot49j04cKU9CrfQxka6nMFTTIiOjy2ZToJk
948C/q5BWgJQISJBNdlYjeeDm7UADeDJYQHHR/+xTbWcKUOHM/o2eG/yI0CqUD5D
KEIuqmEaE5SeWbNQUv1dx3b06QgyZoDKGRZENZrxwrjP9XYaXoC/yjLhbQoUnixS
tlKhyH5CYUhrx8QUdhbEawtAYg==
-----END CERTIFICATE-----