Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/LmBL2w9LBZjUZINr96mPBZKy0A4.roa
File:                     LmBL2w9LBZjUZINr96mPBZKy0A4.roa (raw, json)
Hash identifier:          eXlaY+ps1rtpQ43v8iBaAG4OW4RRxI5Z+DG5eUYmy68=
Subject key identifier:   2E:60:4B:DB:0F:4B:05:98:D4:64:83:6B:F7:A9:8F:05:92:B2:D0:0E
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018CF8EA1A54026E28C88677952CDB8DDD4C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/LmBL2w9LBZjUZINr96mPBZKy0A4.roa
Signing time:             Thu 11 Jan 2024 14:25:40 +0000
ROA not before:           Thu 11 Jan 2024 14:25:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     399486
IP address blocks:        163.5.181.0/24 maxlen: 24
                          163.5.210.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.32.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24
                          163.5.169.0/24 maxlen: 24
                          163.5.64.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 24 Feb 2024 10:18:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:f8:ea:1a:54:02:6e:28:c8:86:77:95:2c:db:8d:dd:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan 11 14:25:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2e604bdb0f4b0598d464836bf7a98f0592b2d00e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:30:59:08:44:83:80:df:f4:eb:f2:0a:0a:31:
                    13:a2:35:22:d1:7b:73:2a:42:33:3c:5c:08:9b:c5:
                    b0:a0:d9:fe:98:0c:30:75:b5:20:15:b3:34:39:b1:
                    90:e0:af:de:29:96:bf:67:22:63:9f:fe:94:02:8e:
                    a5:ea:d1:a2:0b:5d:76:40:04:30:6e:8d:d5:71:ac:
                    56:84:f3:58:81:70:bd:ff:0a:78:4f:4f:f2:81:7a:
                    c7:13:1a:4c:11:a5:33:d7:90:51:a0:ab:1e:5e:f9:
                    12:2e:6a:27:73:27:eb:e1:68:db:9c:78:54:c8:bd:
                    3b:2a:3d:14:e8:b3:14:dd:e8:7f:9e:75:e0:04:b2:
                    4d:fb:a9:e8:57:10:55:0a:39:b3:ba:f7:6c:18:75:
                    71:a9:ce:ee:35:8d:38:05:ab:b1:dc:0a:4b:40:23:
                    86:a8:70:62:29:1e:77:50:41:51:d7:a6:aa:0b:66:
                    6b:46:3a:56:42:d8:84:a3:73:7f:06:60:08:50:c3:
                    f5:57:61:fd:ef:ee:b7:40:07:2a:79:7a:2a:3c:e2:
                    fe:ca:f5:d0:da:49:45:33:5d:83:d4:b3:dd:0c:02:
                    b4:a4:6f:2e:1d:af:6e:d2:c0:15:eb:b5:fd:8c:b4:
                    54:1d:be:df:aa:7d:1b:f7:37:8f:74:a7:af:cf:1d:
                    e2:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:60:4B:DB:0F:4B:05:98:D4:64:83:6B:F7:A9:8F:05:92:B2:D0:0E
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/LmBL2w9LBZjUZINr96mPBZKy0A4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.32.0/24
                  163.5.64.0/24
                  163.5.112.0/24
                  163.5.160.0/24
                  163.5.169.0/24
                  163.5.181.0/24
                  163.5.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:3e:26:1b:07:b5:3e:d2:8e:d0:8e:47:7a:ab:8c:12:2b:f7:
         e2:7a:3d:11:e6:a8:25:be:4a:7e:b9:e1:25:77:76:23:0d:35:
         23:5d:31:5a:31:67:57:be:b1:9e:5d:ad:ff:6f:6c:55:ce:f2:
         cd:9d:58:81:1c:ff:56:3e:76:26:51:fb:a4:4d:a5:fd:86:cf:
         bb:88:4e:b3:fe:6a:0b:67:26:b7:bf:d4:60:a0:a9:2f:6e:eb:
         7c:27:1e:59:7f:1c:90:4c:96:7e:1f:28:30:11:6b:2d:31:2e:
         b2:9a:47:a2:05:c5:3a:ef:6e:b9:18:d5:65:d5:19:70:35:95:
         7f:d4:06:94:a3:b4:32:fd:47:32:74:61:c3:35:e8:0e:8a:3a:
         f7:fa:12:02:cf:0c:12:cd:cd:7a:3b:83:0b:4f:24:70:e4:83:
         06:08:b9:ee:6f:e6:90:03:24:6d:c9:1d:62:9e:89:1f:32:76:
         1d:a2:d8:02:89:ed:0c:2a:c1:d7:f1:2a:28:f6:a5:ab:57:37:
         38:ed:ae:02:57:ba:70:00:1b:2b:b3:ca:9d:14:3b:14:16:ef:
         cd:6c:3f:00:05:af:47:2f:57:57:bb:a9:40:8e:98:da:5d:07:
         ed:f5:9e:4d:bf:45:3c:d8:fe:66:81:02:55:6b:f4:6e:95:a1:
         42:89:6e:6a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYz46hpUAm4oyIZ3lSzbjd1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTExMTQyNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTYwNGJkYjBmNGIwNTk4ZDQ2NDgzNmJmN2E5OGYwNTkyYjJkMDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDBZCESDgN/06/IKCjETojUi0Xtz
KkIzPFwIm8WwoNn+mAwwdbUgFbM0ObGQ4K/eKZa/ZyJjn/6UAo6l6tGiC112QAQw
bo3VcaxWhPNYgXC9/wp4T0/ygXrHExpMEaUz15BRoKseXvkSLmoncyfr4WjbnHhU
yL07Kj0U6LMU3eh/nnXgBLJN+6noVxBVCjmzuvdsGHVxqc7uNY04Baux3ApLQCOG
qHBiKR53UEFR16aqC2ZrRjpWQtiEo3N/BmAIUMP1V2H97+63QAcqeXoqPOL+yvXQ
2klFM12D1LPdDAK0pG8uHa9u0sAV67X9jLRUHb7fqn0b9zePdKevzx3iGQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFC5gS9sPSwWY1GSDa/epjwWSstAOMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTG1CTDJ3OUxCWmpVWklOcjk2bVBCWkt5MEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowUgAwQA
owVAAwQAowVwAwQAowWgAwQAowWpAwQAowW1AwQAowXSMA0GCSqGSIb3DQEBCwUA
A4IBAQBJPiYbB7U+0o7Qjkd6q4wSK/fiej0R5qglvkp+ueEld3YjDTUjXTFaMWdX
vrGeXa3/b2xVzvLNnViBHP9WPnYmUfukTaX9hs+7iE6z/moLZya3v9RgoKkvbut8
Jx5ZfxyQTJZ+HygwEWstMS6ymkeiBcU67265GNVl1RlwNZV/1AaUo7Qy/UcydGHD
NegOijr3+hICzwwSzc16O4MLTyRw5IMGCLnub+aQAyRtyR1inokfMnYdotgCie0M
KsHX8Soo9qWrVzc47a4CV7pwABsrs8qdFDsUFu/NbD8ABa9HL1dXu6lAjpjaXQft
9Z5Nv0U82P5mgQJVa/RulaFCiW5q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:05 2024 by rpki-client on console-fra.rpki-client.org