Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ur2bZUrluaSCwvLb2blyS907jds.roa
File:                     Ur2bZUrluaSCwvLb2blyS907jds.roa (raw, json)
Hash identifier:          pgFCl/XOW2FCRhS674Ydi5KRYpuUsT2R2OQZOyU6Z1s=
Subject key identifier:   52:BD:9B:65:4A:E5:B9:A4:82:C2:F2:DB:D9:B9:72:4B:DD:3B:8D:DB
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0189895EEF97A96C5D58F63214FC71E41B6C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ur2bZUrluaSCwvLb2blyS907jds.roa
Signing time:             Mon 24 Jul 2023 19:27:27 +0000
ROA not before:           Mon 24 Jul 2023 19:27:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     397563
IP address blocks:        163.5.177.0/24 maxlen: 24
                          163.5.137.0/24 maxlen: 24
                          163.5.159.0/24 maxlen: 24
                          163.5.157.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 25 Jul 2023 19:20:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:89:5e:ef:97:a9:6c:5d:58:f6:32:14:fc:71:e4:1b:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jul 24 19:27:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=52bd9b654ae5b9a482c2f2dbd9b9724bdd3b8ddb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:8e:55:f3:14:e2:88:c7:1a:a6:25:78:c7:4e:
                    9d:91:dc:66:03:14:33:8a:34:f9:a2:8a:79:c3:33:
                    19:2f:22:98:62:a4:00:a2:c9:dc:6f:05:a8:a2:fc:
                    40:be:cb:8d:0e:ef:25:5b:75:da:e6:00:4d:3f:38:
                    b3:91:ac:83:cb:9f:7c:18:94:71:1f:9f:3f:8b:dd:
                    5d:6f:66:97:ab:c1:8f:34:02:65:14:60:13:8b:ad:
                    f6:10:3b:00:d1:3e:93:d9:c4:b4:a4:23:2d:4d:84:
                    2b:7e:9a:1b:5f:fa:0c:2d:c9:07:f5:da:05:4d:98:
                    3e:db:92:5d:32:cd:af:b2:32:81:68:e8:61:ca:04:
                    a3:55:c3:db:87:fa:1e:9e:3f:8f:3b:6e:a5:cf:cb:
                    6e:78:03:d7:76:b4:e8:c9:84:5c:82:b0:4b:8b:7d:
                    c4:66:c6:3c:b5:1d:6e:9d:f1:7d:6f:4d:40:d7:99:
                    af:3a:57:dd:cc:81:f3:92:c8:61:c1:cf:6d:52:94:
                    1c:98:b7:0a:71:25:e2:55:71:6d:88:88:6e:fb:83:
                    cd:00:f3:0b:0c:ce:97:1b:52:65:f9:3c:06:c0:15:
                    d6:28:96:2d:e2:bc:01:f8:4c:90:c9:e8:a0:36:85:
                    25:f2:03:29:98:10:27:5c:b5:b2:e0:62:06:71:8a:
                    25:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:BD:9B:65:4A:E5:B9:A4:82:C2:F2:DB:D9:B9:72:4B:DD:3B:8D:DB
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ur2bZUrluaSCwvLb2blyS907jds.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.137.0/24
                  163.5.157.0/24
                  163.5.159.0/24
                  163.5.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:c2:bf:60:b0:a9:74:74:b2:c5:ab:89:50:7c:47:5d:6a:64:
         53:00:4d:7c:c0:44:f6:6b:b9:64:eb:d1:a9:c2:c3:59:0b:5f:
         31:e5:52:7f:2d:f9:e6:82:10:6d:e3:f2:bf:cd:2e:b7:37:fd:
         4f:7b:b0:73:f4:b1:9b:50:9b:29:4e:09:92:53:c7:58:37:5e:
         2a:70:1c:57:5a:dc:03:7c:34:80:2f:df:f7:67:39:70:5f:e2:
         b4:92:28:57:64:b7:e8:a5:26:ce:4c:79:30:ae:4e:97:5a:4b:
         15:80:c4:29:81:14:6b:5e:b6:a2:02:8e:1b:ee:f2:9a:90:72:
         8a:47:f9:1e:d5:60:1b:b8:a0:21:74:f9:e3:9f:e0:05:30:41:
         d3:d1:63:fc:b9:3c:d2:66:32:cd:97:01:67:39:23:4d:6f:00:
         0d:8c:c0:63:bc:1e:0d:08:16:1c:9d:24:19:c4:a8:1e:39:14:
         f6:47:4e:2e:1c:14:63:22:d1:35:01:8c:ba:de:9c:7d:a5:55:
         e4:b6:83:22:bf:3a:7d:f5:9e:d2:63:24:8f:21:73:69:95:a1:
         32:d4:f0:66:bc:f1:3a:ba:db:68:f5:df:b4:23:80:8d:0c:57:
         42:78:4c:62:04:be:ba:d5:bc:38:32:a1:8a:c6:1f:75:8d:65:
         89:ca:e6:45
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYmJXu+XqWxdWPYyFPxx5BtsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNzI0MTkyNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmJkOWI2NTRhZTViOWE0ODJjMmYyZGJkOWI5NzI0YmRkM2I4ZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvI5V8xTiiMcapiV4x06dkdxmAxQz
ijT5oop5wzMZLyKYYqQAosncbwWoovxAvsuNDu8lW3Xa5gBNPzizkayDy598GJRx
H58/i91db2aXq8GPNAJlFGATi632EDsA0T6T2cS0pCMtTYQrfpobX/oMLckH9doF
TZg+25JdMs2vsjKBaOhhygSjVcPbh/oenj+PO26lz8tueAPXdrToyYRcgrBLi33E
ZsY8tR1unfF9b01A15mvOlfdzIHzkshhwc9tUpQcmLcKcSXiVXFtiIhu+4PNAPML
DM6XG1Jl+TwGwBXWKJYt4rwB+EyQyeigNoUl8gMpmBAnXLWy4GIGcYol3QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFK9m2VK5bmkgsLy29m5ckvdO43bMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVXIyYlpVcmx1YVNDd3ZMYjJibHlTOTA3amRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowWJAwQA
owWdAwQAowWfAwQAowWxMA0GCSqGSIb3DQEBCwUAA4IBAQAfwr9gsKl0dLLFq4lQ
fEddamRTAE18wET2a7lk69GpwsNZC18x5VJ/LfnmghBt4/K/zS63N/1Pe7Bz9LGb
UJspTgmSU8dYN14qcBxXWtwDfDSAL9/3ZzlwX+K0kihXZLfopSbOTHkwrk6XWksV
gMQpgRRrXraiAo4b7vKakHKKR/ke1WAbuKAhdPnjn+AFMEHT0WP8uTzSZjLNlwFn
OSNNbwANjMBjvB4NCBYcnSQZxKgeORT2R04uHBRjItE1AYy63px9pVXktoMivzp9
9Z7SYySPIXNplaEy1PBmvPE6utto9d+0I4CNDFdCeExiBL661bw4MqGKxh91jWWJ
yuZF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org