Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Qa58MQS_Z73AklOJqzr_1lWX7F0.roa
File:                     Qa58MQS_Z73AklOJqzr_1lWX7F0.roa (raw, json)
Hash identifier:          STmlpA4k+nJ8QXu+6sFiT5ak6qtAsBxor3GS1wvWaZ0=
Subject key identifier:   41:AE:7C:31:04:BF:67:BD:C0:92:53:89:AB:3A:FF:D6:55:97:EC:5D
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0188AEC6ED1D6CEBE15BF8969209366E1771
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Qa58MQS_Z73AklOJqzr_1lWX7F0.roa
Signing time:             Mon 12 Jun 2023 08:44:12 +0000
ROA not before:           Mon 12 Jun 2023 08:44:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211936
IP address blocks:        163.5.32.0/24 maxlen: 24
                          163.5.159.0/24 maxlen: 24
                          163.5.168.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 15 Jun 2023 15:51:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:ae:c6:ed:1d:6c:eb:e1:5b:f8:96:92:09:36:6e:17:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jun 12 08:44:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=41ae7c3104bf67bdc0925389ab3affd65597ec5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:a9:fe:0e:c3:aa:26:4c:66:e8:c4:8f:c7:63:
                    bf:13:39:43:40:a5:db:f9:fc:b3:1e:03:00:01:fa:
                    3c:87:f7:bd:7f:b6:db:fe:29:3d:5e:ac:63:da:df:
                    32:a3:aa:e5:e7:dd:a1:75:c1:3c:c1:11:11:65:69:
                    b9:2c:36:b9:9b:09:53:0c:0e:43:e0:48:70:22:9b:
                    9a:7b:99:95:4e:a8:07:68:66:7a:72:9a:b9:e0:e5:
                    2c:6b:84:e9:8d:af:d7:13:11:2f:07:1f:6f:74:79:
                    6c:03:c5:0b:f9:99:3d:97:16:72:34:71:17:fa:b2:
                    3b:2a:8a:f3:9f:a1:26:b4:66:da:98:d5:87:2a:80:
                    01:8d:e9:40:d1:b8:b1:f7:9a:a1:ff:ef:e9:67:e8:
                    c1:ce:ce:97:59:4f:6c:c6:d2:b7:84:d0:fb:47:b1:
                    20:cc:ad:e1:7a:9b:d2:10:a3:b6:64:17:e9:28:90:
                    71:05:a3:b6:f8:e6:5e:d1:95:4a:03:d5:3d:f9:00:
                    ad:22:89:c7:43:14:de:11:c0:bc:08:c5:d3:f6:35:
                    f1:b0:57:df:c2:ee:6d:a3:29:fe:cf:0b:18:8d:8f:
                    24:58:a2:13:92:18:b8:b7:1c:22:5c:cf:ef:c6:66:
                    5f:a8:9c:ac:20:ad:4f:d2:1e:4d:06:b9:54:ca:d2:
                    87:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:AE:7C:31:04:BF:67:BD:C0:92:53:89:AB:3A:FF:D6:55:97:EC:5D
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Qa58MQS_Z73AklOJqzr_1lWX7F0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.32.0/24
                  163.5.159.0/24
                  163.5.168.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:ed:cb:b3:3a:11:bf:90:5d:a1:fd:8b:e3:e5:ac:cb:69:89:
         18:ae:22:fc:14:4a:48:ec:47:13:3f:c6:bd:38:e3:a8:23:3e:
         f2:c2:80:ed:de:bc:7d:14:26:1e:d9:2e:2e:0b:b5:12:2c:30:
         de:89:b4:73:33:62:cf:03:4f:03:3b:73:a4:43:ab:b7:1a:71:
         ed:bc:63:25:82:64:c9:a2:b8:e2:2b:fd:2d:08:3a:d5:69:d8:
         a4:0e:c6:e1:5b:ee:39:e2:3a:18:0e:ca:9c:e4:42:57:e8:5e:
         ed:42:f6:43:c0:f1:c4:80:bc:1c:67:bc:c3:a5:a7:ae:88:be:
         73:9a:e5:db:c5:04:5c:4e:4b:60:0f:25:39:d2:d3:d4:ef:9b:
         6c:c6:b8:eb:ac:ea:03:c6:69:74:32:50:f8:99:99:a6:ce:1c:
         0f:84:52:1c:2e:2b:f1:d8:17:ef:1c:fa:8e:de:a5:64:85:0a:
         ca:26:dc:e2:8d:2a:de:85:9d:66:bf:1e:3e:2e:0c:5d:6c:18:
         16:e1:e7:1c:6c:c8:84:66:82:dd:93:a2:ac:e4:bd:3f:bc:1f:
         f1:a2:50:4b:e5:64:38:a2:53:e6:7c:6a:96:54:47:e9:91:97:
         71:55:48:49:f8:d1:89:1b:01:2a:87:aa:9e:c2:f5:88:d1:7c:
         fa:42:ae:91
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYiuxu0dbOvhW/iWkgk2bhdxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNjEyMDg0NDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWFlN2MzMTA0YmY2N2JkYzA5MjUzODlhYjNhZmZkNjU1OTdlYzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6n+DsOqJkxm6MSPx2O/EzlDQKXb
+fyzHgMAAfo8h/e9f7bb/ik9Xqxj2t8yo6rl592hdcE8wRERZWm5LDa5mwlTDA5D
4EhwIpuae5mVTqgHaGZ6cpq54OUsa4Tpja/XExEvBx9vdHlsA8UL+Zk9lxZyNHEX
+rI7Korzn6EmtGbamNWHKoABjelA0bix95qh/+/pZ+jBzs6XWU9sxtK3hND7R7Eg
zK3hepvSEKO2ZBfpKJBxBaO2+OZe0ZVKA9U9+QCtIonHQxTeEcC8CMXT9jXxsFff
wu5toyn+zwsYjY8kWKITkhi4txwiXM/vxmZfqJysIK1P0h5NBrlUytKHqwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEGufDEEv2e9wJJTias6/9ZVl+xdMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUWE1OE1RU19aNzNBa2xPSnF6cl8xbFdYN0YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowUgAwQA
owWfAwQAowWoMA0GCSqGSIb3DQEBCwUAA4IBAQCh7cuzOhG/kF2h/Yvj5azLaYkY
riL8FEpI7EcTP8a9OOOoIz7ywoDt3rx9FCYe2S4uC7USLDDeibRzM2LPA08DO3Ok
Q6u3GnHtvGMlgmTJorjiK/0tCDrVadikDsbhW+454joYDsqc5EJX6F7tQvZDwPHE
gLwcZ7zDpaeuiL5zmuXbxQRcTktgDyU50tPU75tsxrjrrOoDxml0MlD4mZmmzhwP
hFIcLivx2BfvHPqO3qVkhQrKJtzijSrehZ1mvx4+LgxdbBgW4eccbMiEZoLdk6Ks
5L0/vB/xolBL5WQ4olPmfGqWVEfpkZdxVUhJ+NGJGwEqh6qewvWI0Xz6Qq6R
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:31 2024 by rpki-client on console-ams.rpki-client.org