Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/_1lGNn4bkpcC4VQnxdNSWJ0I7_c.roa
File:                     _1lGNn4bkpcC4VQnxdNSWJ0I7_c.roa (raw, json)
Hash identifier:          kIX+JfU7EAlWyR/KR6mieYoGEch+dxFrpJr+lZYtqao=
Subject key identifier:   FF:59:46:36:7E:1B:92:97:02:E1:54:27:C5:D3:52:58:9D:08:EF:F7
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0185D572521F16F066F61C91320763454A11
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/_1lGNn4bkpcC4VQnxdNSWJ0I7_c.roa
Signing time:             Sat 21 Jan 2023 17:48:37 +0000
ROA not before:           Sat 21 Jan 2023 17:48:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60721
IP address blocks:        163.5.91.0/24 maxlen: 24
                          163.5.97.0/24 maxlen: 24
                          163.5.114.0/24 maxlen: 24
                          163.5.249.0/24 maxlen: 24
                          163.5.33.0/24 maxlen: 24
                          163.5.34.0/24 maxlen: 24
                          163.5.152.0/24 maxlen: 24
                          163.5.169.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 08 Feb 2023 18:02:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:d5:72:52:1f:16:f0:66:f6:1c:91:32:07:63:45:4a:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan 21 17:48:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ff5946367e1b929702e15427c5d352589d08eff7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:ba:99:c6:14:6c:18:10:77:c4:3d:4d:60:3e:
                    28:52:71:a1:dd:66:63:d3:cd:79:2f:ed:5b:7e:cf:
                    cc:17:cd:ce:26:ab:a1:2b:2c:53:43:06:71:a9:ce:
                    de:88:4f:f9:40:e6:8b:67:d1:11:0a:f3:b1:a7:30:
                    11:62:cf:e9:d5:f9:ed:10:d3:c0:2d:5e:8a:eb:f6:
                    24:c6:0c:2b:69:7f:01:f7:dd:62:ed:38:f3:3f:a6:
                    bf:66:de:88:c9:2c:3a:84:fe:7a:bb:86:cb:7e:a2:
                    96:94:d6:95:c2:18:97:9f:36:26:4e:58:63:b4:4a:
                    3e:9a:05:ba:34:c0:a3:d7:03:6a:42:f7:d3:03:a1:
                    5a:c8:5a:92:bd:ad:ba:8c:6d:7b:01:21:32:dd:8a:
                    f6:7a:da:bc:28:0a:80:61:15:99:47:50:58:d4:ff:
                    fb:9c:eb:21:02:d9:34:77:a5:8e:2b:48:95:95:f9:
                    1d:5e:b9:db:72:c0:ce:50:90:6b:7f:6c:67:d4:a0:
                    2c:02:7a:94:a1:0e:9a:dc:52:4a:03:43:a7:2d:6b:
                    d1:99:84:2c:bf:e8:e9:f4:01:cb:d8:92:fc:cb:6f:
                    17:a7:9b:92:31:01:b1:0c:73:76:d2:af:ac:3c:e7:
                    4e:f7:9f:a2:45:69:92:43:8c:ed:5c:78:00:05:2b:
                    35:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:59:46:36:7E:1B:92:97:02:E1:54:27:C5:D3:52:58:9D:08:EF:F7
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/_1lGNn4bkpcC4VQnxdNSWJ0I7_c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.33.0-163.5.34.255
                  163.5.91.0/24
                  163.5.97.0/24
                  163.5.114.0/24
                  163.5.152.0/24
                  163.5.169.0/24
                  163.5.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:e2:d8:5b:91:1b:5b:9a:e7:c4:56:11:ff:2a:8a:5b:28:74:
         a0:44:9f:b8:12:10:b4:29:08:70:52:e4:76:4a:91:1b:08:ec:
         1f:17:45:12:df:1c:9e:08:00:a0:de:59:73:1d:5d:04:9e:0c:
         bc:5b:45:e2:7e:70:19:23:4b:12:8a:41:de:75:0a:29:40:7a:
         46:4a:8b:f5:71:35:e8:bf:36:f6:d5:04:cc:27:32:c8:45:90:
         0a:cc:c2:8f:e8:21:d5:b8:04:e8:42:1e:3f:4b:c7:54:44:37:
         37:dc:91:02:18:aa:e8:5b:b2:88:fe:38:1f:c7:23:0c:fe:3b:
         2a:9d:05:cf:85:eb:23:de:c2:b4:c2:c4:09:c7:eb:8c:f3:64:
         90:a7:14:8b:67:b0:11:55:9b:da:fb:3e:6d:fe:24:97:94:dd:
         af:9d:02:cd:d5:a0:37:95:37:b6:5d:b0:70:59:7b:20:33:15:
         29:ac:4d:48:02:67:c0:8e:d9:0d:e0:69:47:0f:6e:be:a9:08:
         9b:66:5f:98:e7:11:5c:64:65:c0:0c:52:6d:ba:96:b0:de:5c:
         78:33:4e:75:d9:5c:4c:cc:6b:0a:fe:7a:30:2f:c7:eb:5b:0f:
         9f:bb:fe:39:39:37:ee:ce:a1:fb:72:60:b7:60:a2:39:7f:e3:
         91:70:2f:b8
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYXVclIfFvBm9hyRMgdjRUoRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTIxMTc0ODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjU5NDYzNjdlMWI5Mjk3MDJlMTU0MjdjNWQzNTI1ODlkMDhlZmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7qZxhRsGBB3xD1NYD4oUnGh3WZj
0815L+1bfs/MF83OJquhKyxTQwZxqc7eiE/5QOaLZ9ERCvOxpzARYs/p1fntENPA
LV6K6/YkxgwraX8B991i7TjzP6a/Zt6IySw6hP56u4bLfqKWlNaVwhiXnzYmTlhj
tEo+mgW6NMCj1wNqQvfTA6FayFqSva26jG17ASEy3Yr2etq8KAqAYRWZR1BY1P/7
nOshAtk0d6WOK0iVlfkdXrnbcsDOUJBrf2xn1KAsAnqUoQ6a3FJKA0OnLWvRmYQs
v+jp9AHL2JL8y28Xp5uSMQGxDHN20q+sPOdO95+iRWmSQ4ztXHgABSs10wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFP9ZRjZ+G5KXAuFUJ8XTUlidCO/3MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvXzFsR05uNGJrcGNDNFZRbnhkTlNXSjBJN19jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBACjBSED
BACjBSIDBACjBVsDBACjBWEDBACjBXIDBACjBZgDBACjBakDBACjBfkwDQYJKoZI
hvcNAQELBQADggEBAKHi2FuRG1ua58RWEf8qilsodKBEn7gSELQpCHBS5HZKkRsI
7B8XRRLfHJ4IAKDeWXMdXQSeDLxbReJ+cBkjSxKKQd51CilAekZKi/VxNei/NvbV
BMwnMshFkArMwo/oIdW4BOhCHj9Lx1RENzfckQIYquhbsoj+OB/HIwz+OyqdBc+F
6yPewrTCxAnH64zzZJCnFItnsBFVm9r7Pm3+JJeU3a+dAs3VoDeVN7ZdsHBZeyAz
FSmsTUgCZ8CO2Q3gaUcPbr6pCJtmX5jnEVxkZcAMUm26lrDeXHgzTnXZXEzMawr+
ejAvx+tbD5+7/jk5N+7OoftyYLdgojl/45FwL7g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:33 2024 by rpki-client on console-ams.rpki-client.org