Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/f4wq1TO602peyvTP7jyxiOpH6ic.roa
File:                     f4wq1TO602peyvTP7jyxiOpH6ic.roa (raw, json)
Hash identifier:          h1GLsWplHL7HsfsM5g9cQyULPqcG4qSHA86nuCIjS48=
Subject key identifier:   7F:8C:2A:D5:33:BA:D3:6A:5E:CA:F4:CF:EE:3C:B1:88:EA:47:EA:27
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01885D1125F6D7DBE3B455A774CF84F49620
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/f4wq1TO602peyvTP7jyxiOpH6ic.roa
Signing time:             Sat 27 May 2023 11:56:24 +0000
ROA not before:           Sat 27 May 2023 11:56:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     397563
IP address blocks:        163.5.208.0/24 maxlen: 24
                          163.5.123.0/24 maxlen: 24
                          163.5.137.0/24 maxlen: 24
                          163.5.156.0/24 maxlen: 24
                          163.5.157.0/24 maxlen: 24
                          163.5.165.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 19 Jun 2023 17:36:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:5d:11:25:f6:d7:db:e3:b4:55:a7:74:cf:84:f4:96:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: May 27 11:56:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7f8c2ad533bad36a5ecaf4cfee3cb188ea47ea27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:16:72:22:aa:a5:34:d8:e5:2a:63:a3:89:b6:
                    94:65:01:49:a7:5d:96:57:59:30:74:d4:ac:d7:ff:
                    5e:e8:41:31:5c:22:86:b2:c7:b1:f4:46:66:16:7c:
                    14:29:d8:37:80:3d:0e:51:a1:02:3b:44:e9:aa:a8:
                    a9:39:15:91:b8:2e:94:da:04:5e:f2:f0:ab:31:3a:
                    31:97:ea:29:fb:bd:d5:0b:05:11:68:23:ed:7e:8c:
                    90:a4:88:b0:18:34:8d:ba:99:fc:04:2f:4e:c4:d8:
                    6c:ae:f7:a7:96:eb:41:31:0e:55:f1:ad:46:f5:f1:
                    28:bb:a5:1b:2e:0d:bf:ee:98:f2:43:14:96:f5:c8:
                    11:18:27:1b:84:8e:bb:ea:d7:5a:57:f5:d5:57:5e:
                    f5:50:ca:06:11:24:6d:9b:c8:71:2f:84:a7:ad:e9:
                    43:a9:b5:7b:85:0f:7c:f5:88:3d:69:af:0e:9c:82:
                    6b:d5:fb:b1:a9:c0:d1:de:75:e4:66:8b:5d:34:55:
                    f4:f7:47:7f:9d:33:86:53:51:bd:44:71:e6:3f:ee:
                    e9:e5:1b:30:a4:ce:a5:5b:5e:97:d0:fc:44:1d:bb:
                    b6:58:48:91:a4:28:b1:60:2b:6b:c6:12:a6:bb:48:
                    41:5a:f6:ab:ef:f8:0b:aa:64:d6:66:16:c0:03:7d:
                    3d:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:8C:2A:D5:33:BA:D3:6A:5E:CA:F4:CF:EE:3C:B1:88:EA:47:EA:27
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/f4wq1TO602peyvTP7jyxiOpH6ic.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.123.0/24
                  163.5.137.0/24
                  163.5.156.0/23
                  163.5.165.0/24
                  163.5.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:8d:f8:36:cb:f3:92:ba:16:1d:88:02:42:e8:10:56:df:22:
         f8:b7:a3:8d:54:b3:25:c2:22:5d:ef:58:60:1f:7a:8f:ba:99:
         30:9e:89:c6:1a:4f:e6:1e:b6:5e:6e:a7:bf:f5:46:65:5f:fb:
         0f:14:f5:3d:71:22:df:40:2e:34:e6:7c:32:86:3e:99:91:a4:
         1c:35:f1:fb:a7:28:7c:24:59:f7:0c:4a:9a:72:f5:ff:9c:5a:
         c8:c7:b4:b2:c6:74:85:3e:4f:72:69:7f:de:dc:e3:e3:77:98:
         27:cf:73:29:fb:f1:a0:d1:1a:9d:c5:80:d9:89:3c:71:43:fa:
         0c:ad:c4:cb:1f:9d:cf:a1:84:63:2a:54:c0:9f:0b:8b:3c:da:
         68:fb:46:82:13:7e:a8:7a:a9:1d:57:39:e1:14:c8:ff:94:ce:
         01:ad:93:d5:d5:b0:39:61:5a:3d:18:8c:56:e3:59:fd:22:2c:
         e6:24:c6:c1:9c:6d:9e:60:4a:ff:d3:de:9c:13:05:27:49:73:
         78:d6:eb:90:c5:cd:d5:95:7b:8d:88:06:01:74:ea:6a:89:3d:
         71:60:4d:fc:64:81:de:ac:8d:4b:43:21:74:c9:f2:b9:35:39:
         d6:87:4e:bd:35:95:95:24:75:12:9f:bc:e2:5d:cb:66:1e:cc:
         5a:7d:27:1a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYhdESX219vjtFWndM+E9JYgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNTI3MTE1NjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjhjMmFkNTMzYmFkMzZhNWVjYWY0Y2ZlZTNjYjE4OGVhNDdlYTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixZyIqqlNNjlKmOjibaUZQFJp12W
V1kwdNSs1/9e6EExXCKGssex9EZmFnwUKdg3gD0OUaECO0TpqqipORWRuC6U2gRe
8vCrMToxl+op+73VCwURaCPtfoyQpIiwGDSNupn8BC9OxNhsrvenlutBMQ5V8a1G
9fEou6UbLg2/7pjyQxSW9cgRGCcbhI676tdaV/XVV171UMoGESRtm8hxL4SnrelD
qbV7hQ989Yg9aa8OnIJr1fuxqcDR3nXkZotdNFX090d/nTOGU1G9RHHmP+7p5Rsw
pM6lW16X0PxEHbu2WEiRpCixYCtrxhKmu0hBWvar7/gLqmTWZhbAA3094wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFH+MKtUzutNqXsr0z+48sYjqR+onMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZjR3cTFUTzYwMnBleXZUUDdqeXhpT3BINmljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowV7AwQA
owWJAwQBowWcAwQAowWlAwQAowXQMA0GCSqGSIb3DQEBCwUAA4IBAQCnjfg2y/OS
uhYdiAJC6BBW3yL4t6ONVLMlwiJd71hgH3qPupkwnonGGk/mHrZebqe/9UZlX/sP
FPU9cSLfQC405nwyhj6ZkaQcNfH7pyh8JFn3DEqacvX/nFrIx7SyxnSFPk9yaX/e
3OPjd5gnz3Mp+/Gg0RqdxYDZiTxxQ/oMrcTLH53PoYRjKlTAnwuLPNpo+0aCE36o
eqkdVznhFMj/lM4BrZPV1bA5YVo9GIxW41n9IizmJMbBnG2eYEr/096cEwUnSXN4
1uuQxc3VlXuNiAYBdOpqiT1xYE38ZIHerI1LQyF0yfK5NTnWh069NZWVJHUSn7zi
XctmHsxafSca
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:34 2024 by rpki-client on console-ams.rpki-client.org