Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XfBpGhm6pokeuikFGtSa5Bsova0.roa
File:                     XfBpGhm6pokeuikFGtSa5Bsova0.roa (raw, json)
Hash identifier:          sTnGSKwnvOpIDU97VxO+vzByxVzrwGBiMq1qMTBEM6A=
Subject key identifier:   5D:F0:69:1A:19:BA:A6:89:1E:BA:29:05:1A:D4:9A:E4:1B:28:BD:AD
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01888D1EE5D084713FC764DE98998F5839C3
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XfBpGhm6pokeuikFGtSa5Bsova0.roa
Signing time:             Mon 05 Jun 2023 19:53:12 +0000
ROA not before:           Mon 05 Jun 2023 19:53:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        163.5.105.0/24 maxlen: 24
                          163.5.106.0/24 maxlen: 24
                          163.5.242.0/24 maxlen: 24
                          163.5.32.0/24 maxlen: 24
                          163.5.159.0/24 maxlen: 24
                          163.5.168.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 09 Jun 2023 14:06:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:8d:1e:e5:d0:84:71:3f:c7:64:de:98:99:8f:58:39:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jun  5 19:53:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5df0691a19baa6891eba29051ad49ae41b28bdad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:ee:9e:bb:f6:80:0f:9b:2a:d7:bb:27:b1:b3:
                    0a:66:fb:c6:46:61:ed:d1:20:68:ce:ec:29:94:9c:
                    bb:84:9b:c4:a6:f1:52:92:00:e8:7d:67:cc:ea:2d:
                    03:f6:43:2f:f5:f6:63:a2:e4:91:64:65:0e:3e:80:
                    23:91:29:56:4c:4f:00:88:99:cd:af:b5:52:ea:c6:
                    f3:92:e4:9d:ed:89:e5:0f:ce:3b:29:18:0c:6b:7d:
                    0d:4a:65:db:da:5d:dc:42:58:b9:4a:5e:31:a3:a0:
                    eb:87:6e:9d:14:67:ea:30:d6:0c:7f:69:f9:41:ff:
                    05:a3:01:c6:8f:1a:54:9a:40:61:73:43:9d:75:b7:
                    ae:ce:47:d0:8c:5f:13:60:ae:f7:65:f6:77:b7:86:
                    94:63:bd:b1:17:9d:e0:57:8e:08:6d:69:76:d6:4e:
                    48:21:37:c6:ba:64:17:bb:51:24:fb:9d:cd:62:97:
                    d4:d2:a2:7a:dc:78:03:b2:b1:9e:21:28:51:3d:89:
                    6c:1a:ba:07:a5:94:ea:24:f0:f6:f3:47:ba:de:cf:
                    e8:d4:58:3a:f3:e4:b0:ba:d7:75:77:3e:e6:e4:25:
                    ae:6d:8b:43:d4:82:d9:87:72:55:c9:2b:50:68:29:
                    51:5a:4c:7b:5b:6d:e1:c1:2f:e9:f9:04:b0:cc:74:
                    b4:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:F0:69:1A:19:BA:A6:89:1E:BA:29:05:1A:D4:9A:E4:1B:28:BD:AD
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XfBpGhm6pokeuikFGtSa5Bsova0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.32.0/24
                  163.5.105.0-163.5.106.255
                  163.5.159.0/24
                  163.5.168.0/24
                  163.5.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:ac:0e:38:57:f5:ab:b3:81:ce:c8:0b:84:f1:52:57:a5:55:
         56:87:db:f3:33:84:6b:c5:ca:53:3d:0e:d6:bf:ee:ad:77:2d:
         ee:e3:5a:62:62:06:3b:99:62:a5:5f:3e:e8:3b:ac:56:65:f3:
         e7:3b:c0:2f:e9:c7:e6:39:c4:97:7c:97:dc:12:7f:a9:fa:ce:
         11:8f:56:d7:e5:63:6d:0f:58:92:da:54:41:0d:c1:ec:6b:e6:
         b9:a1:b5:71:ce:9c:2c:29:48:81:86:e8:34:44:25:ec:de:34:
         1e:3d:bc:ce:cb:ab:49:f6:63:59:ca:f3:66:1c:28:07:f3:c9:
         11:93:b9:6f:7c:21:20:c0:20:70:d9:b3:4e:3b:15:c3:4e:26:
         39:57:c3:87:f3:3d:dc:dc:83:80:49:3b:e6:40:2b:11:16:d4:
         88:6d:42:4b:46:f3:7f:e7:fd:7f:c0:c5:90:98:97:33:e7:6e:
         b8:ab:16:9e:2a:8c:f3:b2:1a:be:73:34:0c:22:09:68:5a:95:
         87:45:9d:27:94:a8:a4:31:ae:26:e4:3e:1d:95:71:c0:18:76:
         6b:01:c5:eb:1a:74:b4:d8:d0:f5:b7:c1:0a:e5:ae:33:ad:f4:
         5c:d2:2d:81:7c:3e:0c:6c:7d:6a:78:73:06:59:ad:7a:5d:e7:
         71:f8:38:0b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYiNHuXQhHE/x2TemJmPWDnDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNjA1MTk1MzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGYwNjkxYTE5YmFhNjg5MWViYTI5MDUxYWQ0OWFlNDFiMjhiZGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgO6eu/aAD5sq17snsbMKZvvGRmHt
0SBozuwplJy7hJvEpvFSkgDofWfM6i0D9kMv9fZjouSRZGUOPoAjkSlWTE8AiJnN
r7VS6sbzkuSd7YnlD847KRgMa30NSmXb2l3cQli5Sl4xo6Drh26dFGfqMNYMf2n5
Qf8FowHGjxpUmkBhc0OddbeuzkfQjF8TYK73ZfZ3t4aUY72xF53gV44IbWl21k5I
ITfGumQXu1Ek+53NYpfU0qJ63HgDsrGeIShRPYlsGroHpZTqJPD280e63s/o1Fg6
8+Swutd1dz7m5CWubYtD1ILZh3JVyStQaClRWkx7W23hwS/p+QSwzHS0GwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFF3waRoZuqaJHropBRrUmuQbKL2tMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvWGZCcEdobTZwb2tldWlrRkd0U2E1QnNvdmEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAowUgMAwD
BACjBWkDBACjBWoDBACjBZ8DBACjBagDBACjBfIwDQYJKoZIhvcNAQELBQADggEB
AB6sDjhX9auzgc7IC4TxUlelVVaH2/MzhGvFylM9Dta/7q13Le7jWmJiBjuZYqVf
Pug7rFZl8+c7wC/px+Y5xJd8l9wSf6n6zhGPVtflY20PWJLaVEENwexr5rmhtXHO
nCwpSIGG6DREJezeNB49vM7Lq0n2Y1nK82YcKAfzyRGTuW98ISDAIHDZs047FcNO
JjlXw4fzPdzcg4BJO+ZAKxEW1IhtQktG83/n/X/AxZCYlzPnbrirFp4qjPOyGr5z
NAwiCWhalYdFnSeUqKQxribkPh2VccAYdmsBxesadLTY0PW3wQrlrjOt9FzSLYF8
PgxsfWp4cwZZrXpd53H4OAs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org