Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/VNC7KgXjnoL3vSCsXgoJUi_oDU4.roa
File:                     VNC7KgXjnoL3vSCsXgoJUi_oDU4.roa (raw, json)
Hash identifier:          8BK3R+ENGWGuMQ5py+r+VxnQG6uYwMYUyWhd4wTaJhE=
Subject key identifier:   54:D0:BB:2A:05:E3:9E:82:F7:BD:20:AC:5E:0A:09:52:2F:E8:0D:4E
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0186C610AEEF4B114A8729391CB0E00A36DC
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/VNC7KgXjnoL3vSCsXgoJUi_oDU4.roa
Signing time:             Thu 09 Mar 2023 11:10:27 +0000
ROA not before:           Thu 09 Mar 2023 11:10:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212669
IP address blocks:        163.5.194.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.224.0/24 maxlen: 24
                          163.5.114.0/24 maxlen: 24
                          163.5.141.0/24 maxlen: 24
                          163.5.146.0/24 maxlen: 24
                          163.5.162.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 26 Apr 2023 12:14:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:c6:10:ae:ef:4b:11:4a:87:29:39:1c:b0:e0:0a:36:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Mar  9 11:10:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=54d0bb2a05e39e82f7bd20ac5e0a09522fe80d4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:56:1b:40:c0:6e:81:39:e7:7c:7f:34:03:f7:
                    70:ed:2f:b6:35:1e:86:22:a8:35:57:55:8a:31:d3:
                    b2:68:d8:0d:b7:c0:58:bf:b3:9a:1e:2f:9a:94:f1:
                    90:31:6b:47:68:07:63:e7:23:27:9d:3e:fc:57:4e:
                    a1:24:33:36:69:8a:ac:61:89:83:4d:b3:3a:31:5a:
                    c0:49:3d:92:6d:33:e3:fe:24:d1:54:3f:61:b4:47:
                    eb:e8:15:a1:1b:44:a6:b4:98:ba:0a:88:e3:eb:66:
                    84:a5:25:a4:1d:32:24:a5:92:f6:d8:cb:c3:10:83:
                    26:77:41:84:ec:6c:27:d0:c2:1d:76:05:59:a3:3a:
                    e5:36:2c:4d:be:8c:49:4d:d0:b6:bb:4f:6c:bc:a7:
                    22:71:7d:c4:7d:fd:6f:40:18:54:a4:32:00:3a:de:
                    e5:a4:e3:5a:6f:bc:b0:59:c1:e0:c7:69:be:27:95:
                    95:1b:0e:00:a1:a6:3d:2d:8e:cc:ac:c1:dc:03:1b:
                    e3:b2:41:da:a6:b1:40:55:5f:96:2e:eb:5e:32:d1:
                    1a:b5:d8:5f:ce:18:44:df:a3:71:3a:9e:05:aa:29:
                    5d:98:9a:5a:0a:c8:8d:75:8d:78:20:ec:3b:cb:b8:
                    22:8b:07:29:c3:5c:c2:57:12:d2:71:ed:4c:e9:10:
                    c4:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:D0:BB:2A:05:E3:9E:82:F7:BD:20:AC:5E:0A:09:52:2F:E8:0D:4E
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/VNC7KgXjnoL3vSCsXgoJUi_oDU4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.113.0-163.5.114.255
                  163.5.141.0/24
                  163.5.146.0/24
                  163.5.162.0/24
                  163.5.194.0/24
                  163.5.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:9a:7a:ac:80:06:81:ba:d7:16:6e:96:a6:ec:a7:0f:8b:fa:
         ea:35:19:da:1e:22:be:5c:2b:85:cb:48:ce:0f:2e:dc:71:16:
         0d:4d:38:66:58:66:e6:51:71:1c:fa:ff:0f:62:e2:ce:22:e1:
         70:48:47:80:8d:60:29:c3:56:bd:88:4f:66:f8:6f:2a:ce:d6:
         44:86:30:59:4e:a0:4c:cf:62:81:d1:d8:f4:5d:8e:1c:87:65:
         33:19:1c:5c:5e:44:3a:17:77:44:72:72:15:61:a0:eb:38:5b:
         b8:fd:37:2b:b7:cc:de:f4:da:ce:68:7a:24:34:4d:09:d0:55:
         70:34:95:24:e1:44:7c:85:ed:25:5d:1b:04:f9:8b:8a:87:7a:
         02:b8:7b:a5:2c:26:af:bb:51:74:27:8e:16:dd:10:1a:36:74:
         28:0b:c7:88:21:d2:10:40:52:93:d0:77:d5:07:9f:1c:69:dc:
         01:31:aa:97:64:9f:51:24:8f:40:e8:be:90:87:7c:2d:47:fd:
         79:06:18:67:fc:de:ee:c8:e7:c2:a6:5c:72:9e:6a:33:84:e4:
         d3:9f:d3:33:31:d1:85:5c:6f:af:cf:0d:22:48:b2:7e:01:00:
         18:18:77:34:42:42:05:fd:97:8d:ec:8b:45:9b:06:1d:38:78:
         39:8e:7c:f1
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYbGEK7vSxFKhyk5HLDgCjbcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMzA5MTExMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGQwYmIyYTA1ZTM5ZTgyZjdiZDIwYWM1ZTBhMDk1MjJmZTgwZDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVYbQMBugTnnfH80A/dw7S+2NR6G
Iqg1V1WKMdOyaNgNt8BYv7OaHi+alPGQMWtHaAdj5yMnnT78V06hJDM2aYqsYYmD
TbM6MVrAST2SbTPj/iTRVD9htEfr6BWhG0SmtJi6Cojj62aEpSWkHTIkpZL22MvD
EIMmd0GE7Gwn0MIddgVZozrlNixNvoxJTdC2u09svKcicX3Eff1vQBhUpDIAOt7l
pONab7ywWcHgx2m+J5WVGw4AoaY9LY7MrMHcAxvjskHaprFAVV+WLuteMtEatdhf
zhhE36NxOp4FqildmJpaCsiNdY14IOw7y7giiwcpw1zCVxLSce1M6RDEvwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFFTQuyoF456C970grF4KCVIv6A1OMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVk5DN0tnWGpub0wzdlNDc1hnb0pVaV9vRFU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBACjBXED
BACjBXIDBACjBY0DBACjBZIDBACjBaIDBACjBcIDBACjBeAwDQYJKoZIhvcNAQEL
BQADggEBAEqaeqyABoG61xZulqbspw+L+uo1GdoeIr5cK4XLSM4PLtxxFg1NOGZY
ZuZRcRz6/w9i4s4i4XBIR4CNYCnDVr2IT2b4byrO1kSGMFlOoEzPYoHR2PRdjhyH
ZTMZHFxeRDoXd0RychVhoOs4W7j9Nyu3zN702s5oeiQ0TQnQVXA0lSThRHyF7SVd
GwT5i4qHegK4e6UsJq+7UXQnjhbdEBo2dCgLx4gh0hBAUpPQd9UHnxxp3AExqpdk
n1Ekj0DovpCHfC1H/XkGGGf83u7I58KmXHKeajOE5NOf0zMx0YVcb6/PDSJIsn4B
ABgYdzRCQgX9l43si0WbBh04eDmOfPE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:32 2024 by rpki-client on console-ams.rpki-client.org