Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/W4zkUB1a5DA74NII-ZtKzHCX_Sc.roa
File:                     W4zkUB1a5DA74NII-ZtKzHCX_Sc.roa (raw, json)
Hash identifier:          oRI+GeN2T9jxG82pzn0pSzPjJCJUhttuQRvIbMUHbto=
Subject key identifier:   5B:8C:E4:50:1D:5A:E4:30:3B:E0:D2:08:F9:9B:4A:CC:70:97:FD:27
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018CC425518C43956F05FAAD1040EA1F0784
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/W4zkUB1a5DA74NII-ZtKzHCX_Sc.roa
Signing time:             Mon 01 Jan 2024 08:30:29 +0000
ROA not before:           Mon 01 Jan 2024 08:30:29 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     14618
IP address blocks:        163.5.190.0/24 maxlen: 24
                          163.5.195.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 21 Feb 2024 21:37:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:25:51:8c:43:95:6f:05:fa:ad:10:40:ea:1f:07:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan  1 08:30:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5b8ce4501d5ae4303be0d208f99b4acc7097fd27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:dc:89:d5:8d:a6:41:53:2a:39:1b:51:7f:28:
                    28:f3:e5:a1:89:b6:94:14:58:22:54:19:c2:d3:e7:
                    26:43:fc:1c:83:56:16:50:83:16:8e:a8:a8:84:5c:
                    ce:8c:3b:e5:64:65:dd:7a:5c:fe:fd:d5:c9:fb:fc:
                    c7:84:ab:59:97:ee:e5:03:16:2a:42:8e:63:44:3d:
                    aa:0d:fb:90:98:30:4f:0d:0a:7f:d0:ec:d6:cd:a8:
                    33:b9:bb:3d:15:1c:df:7d:68:3f:d6:55:97:e8:92:
                    b3:44:d4:78:a7:ae:5c:34:46:35:db:b8:9b:cb:f3:
                    17:5d:e3:a4:b7:ce:71:50:08:d9:ad:ff:ea:cd:ee:
                    f4:b0:54:23:2a:31:df:52:b6:ff:bb:6b:d1:e5:c4:
                    ff:2e:fd:3d:9a:4c:fe:29:42:7b:5a:be:2e:3b:e0:
                    5f:41:40:2f:54:aa:eb:09:68:f3:68:16:c0:8f:de:
                    01:f6:b2:52:83:f6:49:25:07:46:ec:e0:1c:2b:13:
                    25:f5:7b:2d:42:46:bd:24:63:a9:95:50:77:a1:55:
                    61:07:ff:af:97:e5:54:45:4c:22:c0:81:d8:c4:2c:
                    aa:07:75:ad:c6:7b:ef:2a:a3:8e:bf:68:2a:6e:ec:
                    1e:4d:92:6e:73:92:48:96:90:22:19:00:0c:9a:72:
                    73:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:8C:E4:50:1D:5A:E4:30:3B:E0:D2:08:F9:9B:4A:CC:70:97:FD:27
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/W4zkUB1a5DA74NII-ZtKzHCX_Sc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.190.0/24
                  163.5.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:21:15:c2:06:3c:6a:32:2b:18:6a:78:da:bc:b9:87:27:7f:
         af:e9:ba:3d:c2:8b:1a:73:06:38:39:ce:fb:f4:df:b9:c6:85:
         fe:80:6d:53:b8:b1:34:74:a4:76:8b:a8:e2:d4:6a:e0:52:6b:
         33:96:e6:c5:b2:5b:f0:0f:2a:50:c1:99:23:94:10:36:8c:0a:
         f5:6e:cf:3b:27:05:1f:3c:8b:70:ea:a8:f5:c0:8b:95:be:6e:
         3a:26:44:5b:bb:7b:78:f8:2d:e8:dc:8f:05:46:62:a5:1f:e1:
         32:ef:40:b7:8b:8f:33:10:27:bd:6b:14:aa:29:e5:15:3b:f9:
         94:4e:01:47:80:33:5a:c3:8f:0c:d3:10:79:89:73:2b:d6:38:
         57:46:23:84:6b:2b:2c:c6:4b:00:af:a7:ac:73:09:f5:ed:09:
         6c:ee:07:d0:7b:e7:23:68:c3:da:5a:01:60:db:1f:26:3b:d8:
         6c:f8:4f:9c:ea:cd:53:53:41:9a:1c:e9:68:ec:31:29:04:ad:
         51:65:95:a6:86:14:b6:67:77:a8:28:7b:2d:ee:e1:4f:30:14:
         c5:35:9c:a1:0c:db:54:ae:74:ce:b9:b0:d8:95:82:b3:73:4a:
         c5:ed:85:09:3f:f1:7b:35:f2:f7:d9:2e:c5:8e:b0:df:18:90:
         f5:c2:97:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJVGMQ5VvBfqtEEDqHweEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjhjZTQ1MDFkNWFlNDMwM2JlMGQyMDhmOTliNGFjYzcwOTdmZDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNyJ1Y2mQVMqORtRfygo8+WhibaU
FFgiVBnC0+cmQ/wcg1YWUIMWjqiohFzOjDvlZGXdelz+/dXJ+/zHhKtZl+7lAxYq
Qo5jRD2qDfuQmDBPDQp/0OzWzagzubs9FRzffWg/1lWX6JKzRNR4p65cNEY127ib
y/MXXeOkt85xUAjZrf/qze70sFQjKjHfUrb/u2vR5cT/Lv09mkz+KUJ7Wr4uO+Bf
QUAvVKrrCWjzaBbAj94B9rJSg/ZJJQdG7OAcKxMl9XstQka9JGOplVB3oVVhB/+v
l+VURUwiwIHYxCyqB3WtxnvvKqOOv2gqbuweTZJuc5JIlpAiGQAMmnJzeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFuM5FAdWuQwO+DSCPmbSsxwl/0nMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVzR6a1VCMWE1REE3NE5JSS1adEt6SENYX1NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowW+AwQA
owXDMA0GCSqGSIb3DQEBCwUAA4IBAQBSIRXCBjxqMisYanjavLmHJ3+v6bo9wosa
cwY4Oc779N+5xoX+gG1TuLE0dKR2i6ji1GrgUmszlubFslvwDypQwZkjlBA2jAr1
bs87JwUfPItw6qj1wIuVvm46JkRbu3t4+C3o3I8FRmKlH+Ey70C3i48zECe9axSq
KeUVO/mUTgFHgDNaw48M0xB5iXMr1jhXRiOEayssxksAr6escwn17Qls7gfQe+cj
aMPaWgFg2x8mO9hs+E+c6s1TU0GaHOlo7DEpBK1RZZWmhhS2Z3eoKHst7uFPMBTF
NZyhDNtUrnTOubDYlYKzc0rF7YUJP/F7NfL32S7FjrDfGJD1wpco
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:32 2024 by rpki-client on console-ams.rpki-client.org