Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GSgfq0L6BudKwA3SpQA9QYAV6jo.roa
File:                     GSgfq0L6BudKwA3SpQA9QYAV6jo.roa (raw, json)
Hash identifier:          wL5s2+iGerF3kY2Bh8VTwuzCQXRWZbblr5WlqJvo7U8=
Subject key identifier:   19:28:1F:AB:42:FA:06:E7:4A:C0:0D:D2:A5:00:3D:41:80:15:EA:3A
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0189BB19D0919F144A89A154B905C76325FF
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GSgfq0L6BudKwA3SpQA9QYAV6jo.roa
Signing time:             Thu 03 Aug 2023 11:12:58 +0000
ROA not before:           Thu 03 Aug 2023 11:12:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204372
IP address blocks:        163.5.202.0/24 maxlen: 24
                          163.5.99.0/24 maxlen: 24
                          163.5.211.0/24 maxlen: 24
                          163.5.216.0/24 maxlen: 24
                          163.5.221.0/24 maxlen: 24
                          163.5.31.0/24 maxlen: 24
                          163.5.138.0/24 maxlen: 24
                          163.5.35.0/24 maxlen: 24
                          163.5.161.0/24 maxlen: 24
                          163.5.62.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 14 Aug 2023 12:44:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:bb:19:d0:91:9f:14:4a:89:a1:54:b9:05:c7:63:25:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Aug  3 11:12:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=19281fab42fa06e74ac00dd2a5003d418015ea3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:b8:10:19:6f:d6:0f:e8:81:7c:a7:ab:d5:41:
                    24:31:9f:55:40:7c:5f:24:d4:72:dd:32:c0:a6:52:
                    26:d7:6d:28:80:44:ca:c6:b7:4b:71:27:c6:a8:0b:
                    bf:3a:81:0c:c0:ce:bd:89:36:2c:16:ca:c1:ba:c9:
                    fa:94:57:2e:b7:b9:46:03:3e:d4:92:5c:e8:a9:2b:
                    17:09:6e:27:c4:b2:2d:92:ee:84:a9:1c:ca:54:19:
                    ef:47:ab:54:2e:ba:66:eb:6f:1d:8c:72:fa:3e:e4:
                    5d:83:3a:ee:f1:f8:36:18:43:f7:17:81:25:94:2e:
                    9a:4c:30:a2:fc:07:4c:d2:10:f8:00:11:e3:57:5a:
                    f7:48:03:8d:ab:c2:75:20:0f:90:cf:01:e5:af:0b:
                    bb:ab:f5:ed:9d:e2:9a:07:62:dd:77:52:2c:50:9b:
                    fb:b4:23:1c:3a:7d:64:d3:c8:a1:11:18:f9:77:34:
                    39:cf:20:2b:ca:33:fa:b4:53:5e:fe:2d:f4:95:94:
                    d5:9e:b6:54:95:f9:d7:3a:18:96:86:70:a0:cc:76:
                    33:52:6d:7e:c5:3e:5d:f1:af:70:85:ed:81:e8:11:
                    fe:2c:9f:80:74:43:25:ca:e0:63:b7:20:d2:56:9c:
                    5b:63:73:7e:cc:ab:8c:4c:21:b7:39:b1:e4:cf:f1:
                    52:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:28:1F:AB:42:FA:06:E7:4A:C0:0D:D2:A5:00:3D:41:80:15:EA:3A
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GSgfq0L6BudKwA3SpQA9QYAV6jo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.31.0/24
                  163.5.35.0/24
                  163.5.62.0/24
                  163.5.99.0/24
                  163.5.138.0/24
                  163.5.161.0/24
                  163.5.202.0/24
                  163.5.211.0/24
                  163.5.216.0/24
                  163.5.221.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b3:54:8e:6b:e3:5f:68:cc:c7:3b:87:8b:8d:58:6b:af:d4:f4:
         04:e0:ee:46:44:ea:3e:86:8f:cf:81:40:e6:68:f8:8d:34:7c:
         16:67:e3:84:35:47:0e:ef:1f:4f:95:dc:43:07:b6:09:62:13:
         b6:03:74:53:4b:f1:ee:13:57:23:41:96:4a:ce:b9:ab:96:4a:
         45:94:34:f2:b7:79:45:c8:90:9c:1f:d4:59:3e:17:de:3d:14:
         c2:d6:32:bb:36:d1:39:98:b2:4a:df:eb:00:af:61:6e:15:58:
         a4:0c:e8:b5:f3:3d:28:d4:29:b5:6b:db:92:b1:cd:c1:ac:5b:
         82:63:4b:e0:e8:6c:0d:08:15:59:b8:fa:42:77:58:0e:d6:58:
         ef:18:67:8a:7b:b3:08:6e:18:bb:a7:2e:67:a4:4f:64:e6:b4:
         b7:31:43:d8:b1:cc:94:aa:66:b0:ef:53:48:ca:e8:6c:c5:4f:
         a5:78:ba:83:98:13:c4:a0:4d:0c:db:97:a7:f5:6a:d7:3a:40:
         a0:0d:8a:94:8d:df:25:48:d0:98:94:7a:e5:6d:a9:84:56:63:
         53:08:08:63:20:a7:02:bb:5e:65:07:f5:cf:ae:04:e8:b9:51:
         0a:97:93:be:ce:fe:95:c7:3f:93:4e:5d:0f:68:92:8e:90:6c:
         49:61:b6:93
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYm7GdCRnxRKiaFUuQXHYyX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwODAzMTExMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTI4MWZhYjQyZmEwNmU3NGFjMDBkZDJhNTAwM2Q0MTgwMTVlYTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurgQGW/WD+iBfKer1UEkMZ9VQHxf
JNRy3TLAplIm120ogETKxrdLcSfGqAu/OoEMwM69iTYsFsrBusn6lFcut7lGAz7U
klzoqSsXCW4nxLItku6EqRzKVBnvR6tULrpm628djHL6PuRdgzru8fg2GEP3F4El
lC6aTDCi/AdM0hD4ABHjV1r3SAONq8J1IA+QzwHlrwu7q/XtneKaB2Ldd1IsUJv7
tCMcOn1k08ihERj5dzQ5zyAryjP6tFNe/i30lZTVnrZUlfnXOhiWhnCgzHYzUm1+
xT5d8a9whe2B6BH+LJ+AdEMlyuBjtyDSVpxbY3N+zKuMTCG3ObHkz/FSNQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFBkoH6tC+gbnSsAN0qUAPUGAFeo6MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvR1NnZnEwTDZCdWRLd0EzU3BRQTlRWUFWNmpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAowUfAwQA
owUjAwQAowU+AwQAowVjAwQAowWKAwQAowWhAwQAowXKAwQAowXTAwQAowXYAwQA
owXdMA0GCSqGSIb3DQEBCwUAA4IBAQCzVI5r419ozMc7h4uNWGuv1PQE4O5GROo+
ho/PgUDmaPiNNHwWZ+OENUcO7x9PldxDB7YJYhO2A3RTS/HuE1cjQZZKzrmrlkpF
lDTyt3lFyJCcH9RZPhfePRTC1jK7NtE5mLJK3+sAr2FuFVikDOi18z0o1Cm1a9uS
sc3BrFuCY0vg6GwNCBVZuPpCd1gO1ljvGGeKe7MIbhi7py5npE9k5rS3MUPYscyU
qmaw71NIyuhsxU+leLqDmBPEoE0M25en9WrXOkCgDYqUjd8lSNCYlHrlbamEVmNT
CAhjIKcCu15lB/XPrgTouVEKl5O+zv6Vxz+TTl0PaJKOkGxJYbaT
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:30 2024 by rpki-client on console-ams.rpki-client.org