Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/S5pKK5AzYJlQhqTL54mtAIKTLOs.roa
File:                     S5pKK5AzYJlQhqTL54mtAIKTLOs.roa (raw, json)
Hash identifier:          Hyps0b4r3sxEFsSDk4MVbN7ZXVFu9bgcikL69nwVv6E=
Subject key identifier:   4B:9A:4A:2B:90:33:60:99:50:86:A4:CB:E7:89:AD:00:82:93:2C:EB
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018601F8CCD53D0720017D7F29E5B3A35BB1
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/S5pKK5AzYJlQhqTL54mtAIKTLOs.roa
Signing time:             Mon 30 Jan 2023 09:18:47 +0000
ROA not before:           Mon 30 Jan 2023 09:18:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56913
IP address blocks:        163.5.70.0/24 maxlen: 24
                          163.5.77.0/24 maxlen: 24
                          163.5.78.0/24 maxlen: 24
                          163.5.72.0/24 maxlen: 24
                          163.5.89.0/24 maxlen: 24
                          163.5.88.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 11 Feb 2023 17:32:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:01:f8:cc:d5:3d:07:20:01:7d:7f:29:e5:b3:a3:5b:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan 30 09:18:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4b9a4a2b903360995086a4cbe789ad0082932ceb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:83:ff:1b:f6:ec:1b:e3:1b:f8:64:99:46:b0:
                    01:92:e0:38:9a:2d:18:34:ed:95:ed:ff:8d:00:8b:
                    11:f4:23:27:02:27:af:d3:11:88:8f:0a:60:bd:6e:
                    59:a5:46:87:d6:25:63:ec:3d:a8:82:5a:dc:57:1a:
                    2c:b7:e2:69:06:94:bb:6b:9e:5e:c0:0f:00:42:25:
                    74:ca:4a:fb:09:bf:09:48:fc:c5:f1:66:0a:96:3b:
                    13:9e:9b:c5:87:75:69:87:df:7f:c4:c2:9d:fc:24:
                    a1:27:c3:01:02:b7:32:83:1c:5a:b7:c8:bc:a1:f9:
                    e7:52:56:48:ce:70:e6:3b:6c:08:e5:f6:99:3c:2c:
                    1a:42:dc:43:81:b6:2f:9a:c9:bb:00:2a:81:f4:c5:
                    58:de:5d:73:9c:97:a0:f9:16:3a:cf:ec:55:df:48:
                    cd:89:75:56:cf:eb:b3:d9:38:04:0c:b9:5a:20:a0:
                    62:65:12:45:17:a0:f6:69:6e:d3:f7:de:03:9e:1b:
                    19:6e:fe:0b:27:65:de:b8:5a:1e:45:a1:da:ad:a9:
                    13:24:99:08:7c:be:14:83:1c:24:2c:9d:59:5c:6e:
                    08:a7:a7:83:90:f3:10:99:6c:dc:3c:ef:f0:19:5c:
                    73:a5:fd:ea:bc:cf:9f:05:03:a5:10:13:e6:a4:ff:
                    27:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:9A:4A:2B:90:33:60:99:50:86:A4:CB:E7:89:AD:00:82:93:2C:EB
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/S5pKK5AzYJlQhqTL54mtAIKTLOs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.70.0/24
                  163.5.72.0/24
                  163.5.77.0-163.5.78.255
                  163.5.88.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8f:e5:db:90:30:c5:ec:90:46:a7:6c:e9:d1:d2:19:2b:80:83:
         78:29:92:1e:26:cd:ea:64:35:f0:fa:70:6e:60:70:ac:e3:40:
         25:c0:07:4f:a8:12:eb:be:a9:fe:dc:6d:a5:d1:23:07:ed:30:
         1c:c8:35:19:b4:6f:93:b7:4e:1a:29:46:a9:a8:71:f0:da:85:
         e4:f3:12:c9:39:4f:9c:46:49:98:ab:cf:fb:df:2f:7c:1e:d8:
         f2:21:5f:66:3e:12:13:51:51:08:80:ff:76:5c:69:83:27:05:
         ac:0f:a2:7a:3c:ae:13:0f:f4:aa:04:65:54:55:aa:04:4a:d4:
         ce:47:e2:26:9f:72:d4:20:0a:09:fc:2c:20:e5:f5:2f:ba:28:
         68:47:c1:e3:c2:29:7a:c6:7f:9a:d5:73:20:7d:cf:02:d5:42:
         86:83:9c:c2:d1:29:93:69:29:8b:a1:9c:1b:af:38:3f:87:38:
         5d:fa:e9:9c:eb:de:e0:2e:2e:5d:cc:da:bd:b6:8a:11:26:d6:
         b5:82:f4:f0:37:44:95:f2:0c:8e:44:b4:bb:18:c7:1f:dd:94:
         25:02:61:d5:36:55:0b:b5:7e:5e:d6:12:10:b6:13:37:68:d9:
         bc:82:ae:0e:ed:40:0a:d2:d2:c2:f1:9c:9d:7e:8d:60:87:b2:
         05:73:59:a2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYYB+MzVPQcgAX1/KeWzo1uxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTMwMDkxODQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjlhNGEyYjkwMzM2MDk5NTA4NmE0Y2JlNzg5YWQwMDgyOTMyY2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YP/G/bsG+Mb+GSZRrABkuA4mi0Y
NO2V7f+NAIsR9CMnAiev0xGIjwpgvW5ZpUaH1iVj7D2oglrcVxost+JpBpS7a55e
wA8AQiV0ykr7Cb8JSPzF8WYKljsTnpvFh3Vph99/xMKd/CShJ8MBArcygxxat8i8
ofnnUlZIznDmO2wI5faZPCwaQtxDgbYvmsm7ACqB9MVY3l1znJeg+RY6z+xV30jN
iXVWz+uz2TgEDLlaIKBiZRJFF6D2aW7T994DnhsZbv4LJ2XeuFoeRaHarakTJJkI
fL4UgxwkLJ1ZXG4Ip6eDkPMQmWzcPO/wGVxzpf3qvM+fBQOlEBPmpP8njwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFEuaSiuQM2CZUIaky+eJrQCCkyzrMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUzVwS0s1QXpZSmxRaHFUTDU0bXRBSUtUTE9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAowVGAwQA
owVIMAwDBACjBU0DBACjBU4DBAGjBVgwDQYJKoZIhvcNAQELBQADggEBAI/l25Aw
xeyQRqds6dHSGSuAg3gpkh4mzepkNfD6cG5gcKzjQCXAB0+oEuu+qf7cbaXRIwft
MBzINRm0b5O3ThopRqmocfDaheTzEsk5T5xGSZirz/vfL3we2PIhX2Y+EhNRUQiA
/3ZcaYMnBawPono8rhMP9KoEZVRVqgRK1M5H4iafctQgCgn8LCDl9S+6KGhHwePC
KXrGf5rVcyB9zwLVQoaDnMLRKZNpKYuhnBuvOD+HOF366Zzr3uAuLl3M2r22ihEm
1rWC9PA3RJXyDI5EtLsYxx/dlCUCYdU2VQu1fl7WEhC2Ezdo2byCrg7tQArS0sLx
nJ1+jWCHsgVzWaI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:05 2024 by rpki-client on console-fra.rpki-client.org