Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/NonkPwoaOsLLS44ULvIlGbSlRgE.roa
File:                     NonkPwoaOsLLS44ULvIlGbSlRgE.roa (raw, json)
Hash identifier:          B0XEEA8fNVaMbzMsoqVueNB78GGpaVyhM+v8+ukLSuQ=
Subject key identifier:   36:89:E4:3F:0A:1A:3A:C2:CB:4B:8E:14:2E:F2:25:19:B4:A5:46:01
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0187EC015ED63C5E09874BC187130DE57770
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/NonkPwoaOsLLS44ULvIlGbSlRgE.roa
Signing time:             Fri 05 May 2023 13:02:05 +0000
ROA not before:           Fri 05 May 2023 13:02:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209260
IP address blocks:        163.5.217.0/24 maxlen: 24
                          163.5.33.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 14 Jul 2023 16:09:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:ec:01:5e:d6:3c:5e:09:87:4b:c1:87:13:0d:e5:77:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: May  5 13:02:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3689e43f0a1a3ac2cb4b8e142ef22519b4a54601
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:5f:7d:b0:c5:97:8b:c1:80:d5:c1:71:90:0f:
                    c6:47:34:0e:a7:d0:7f:0e:ce:8e:05:e9:71:a1:de:
                    9f:8b:4a:05:cf:a4:b3:d8:e0:a3:81:8e:39:bd:42:
                    89:92:89:2a:95:05:60:89:36:49:a6:db:36:f9:bf:
                    72:14:48:31:5b:68:6d:49:ea:a4:67:39:62:96:df:
                    f1:f6:f7:a8:4e:d8:6e:e9:88:b6:db:9e:14:c7:a9:
                    44:f8:69:00:e1:04:64:7d:c0:d4:f8:63:8f:2d:f4:
                    89:e6:ea:89:fa:97:35:6b:40:12:c8:03:11:64:e9:
                    d1:1f:91:32:56:75:90:87:0f:1c:4d:a5:31:ca:92:
                    ac:e1:42:dd:f3:a9:d3:a0:9c:11:e6:d5:e9:42:71:
                    d9:99:8a:7e:2c:ac:e7:3e:24:53:d5:e6:54:c7:d3:
                    cd:65:da:3f:54:05:dc:dd:21:24:78:d7:5f:5d:32:
                    c1:09:db:a9:c2:48:91:68:18:bb:28:41:7a:3f:56:
                    91:32:28:df:b0:16:73:15:ca:46:53:a0:a0:47:90:
                    fe:3b:cd:8c:45:d9:b6:52:a0:ad:bb:06:75:4b:03:
                    53:69:ed:90:ae:bd:dc:c4:ec:8e:0c:07:b7:98:3b:
                    6f:09:7a:db:4f:07:44:d1:77:ba:04:ce:57:b4:84:
                    5c:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:89:E4:3F:0A:1A:3A:C2:CB:4B:8E:14:2E:F2:25:19:B4:A5:46:01
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/NonkPwoaOsLLS44ULvIlGbSlRgE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.33.0/24
                  163.5.217.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:fc:aa:14:61:29:e6:96:c5:1d:2a:4a:49:76:3e:c5:c3:3b:
         75:4f:ef:d8:b8:1b:f1:65:ab:31:ca:2f:c6:b7:ab:ea:0c:77:
         7c:43:cf:c5:a7:4f:64:bb:37:d5:bb:07:20:13:6e:3f:50:38:
         bc:b1:9c:a8:1f:b5:45:0b:cf:48:d9:5c:e0:b0:ec:79:82:56:
         ba:bb:8a:cb:21:7c:13:45:5e:7f:56:e1:0b:cc:be:f6:e5:2d:
         ea:28:f1:8f:e8:d0:94:97:d4:a6:29:5a:48:08:eb:99:21:16:
         86:d8:df:25:62:e6:e6:4d:fe:0b:76:b0:be:ae:29:17:e6:9e:
         cf:ef:30:f1:c6:49:b7:50:ce:cb:70:e3:f4:4c:74:4e:bd:14:
         1e:a1:60:33:d3:2c:64:27:b3:84:1e:e2:6b:8c:d3:26:4d:15:
         f9:fd:02:5a:a6:21:ed:dc:66:29:77:cf:18:54:05:22:ee:9f:
         2b:a9:04:4b:c8:d8:b4:73:f8:3c:ef:57:bf:32:4d:60:e1:3a:
         9f:3c:e8:b2:82:61:99:98:5c:c5:ca:40:38:2d:d0:47:70:40:
         1b:50:f7:66:6a:49:fa:34:5f:9f:d3:6e:78:ca:87:6c:55:85:
         76:65:56:79:26:e1:2d:0d:ed:1d:f8:fe:57:d7:16:21:aa:f3:
         7a:c5:80:84
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfsAV7WPF4Jh0vBhxMN5XdwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNTA1MTMwMjA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjg5ZTQzZjBhMWEzYWMyY2I0YjhlMTQyZWYyMjUxOWI0YTU0NjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApl99sMWXi8GA1cFxkA/GRzQOp9B/
Ds6OBelxod6fi0oFz6Sz2OCjgY45vUKJkokqlQVgiTZJpts2+b9yFEgxW2htSeqk
Zzlilt/x9veoTthu6Yi2254Ux6lE+GkA4QRkfcDU+GOPLfSJ5uqJ+pc1a0ASyAMR
ZOnRH5EyVnWQhw8cTaUxypKs4ULd86nToJwR5tXpQnHZmYp+LKznPiRT1eZUx9PN
Zdo/VAXc3SEkeNdfXTLBCdupwkiRaBi7KEF6P1aRMijfsBZzFcpGU6CgR5D+O82M
Rdm2UqCtuwZ1SwNTae2Qrr3cxOyODAe3mDtvCXrbTwdE0Xe6BM5XtIRcCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDaJ5D8KGjrCy0uOFC7yJRm0pUYBMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTm9ua1B3b2FPc0xMUzQ0VUx2SWxHYlNsUmdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowUhAwQA
owXZMA0GCSqGSIb3DQEBCwUAA4IBAQBP/KoUYSnmlsUdKkpJdj7Fwzt1T+/YuBvx
Zasxyi/Gt6vqDHd8Q8/Fp09kuzfVuwcgE24/UDi8sZyoH7VFC89I2VzgsOx5gla6
u4rLIXwTRV5/VuELzL725S3qKPGP6NCUl9SmKVpICOuZIRaG2N8lYubmTf4LdrC+
rikX5p7P7zDxxkm3UM7LcOP0THROvRQeoWAz0yxkJ7OEHuJrjNMmTRX5/QJapiHt
3GYpd88YVAUi7p8rqQRLyNi0c/g871e/Mk1g4TqfPOiygmGZmFzFykA4LdBHcEAb
UPdmakn6NF+f0254yodsVYV2ZVZ5JuEtDe0d+P5X1xYhqvN6xYCE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:05 2024 by rpki-client on console-fra.rpki-client.org