Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hG19zVkfMcimw7vS1t_gSF-LL9w.roa
File:                     hG19zVkfMcimw7vS1t_gSF-LL9w.roa (raw, json)
Hash identifier:          O9PoEm9CbpUiWoKtbGD0ouDSJA5sH477UsAT7/uQRUo=
Subject key identifier:   84:6D:7D:CD:59:1F:31:C8:A6:C3:BB:D2:D6:DF:E0:48:5F:8B:2F:DC
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018CC4255E82BE16527EF7546BEC59428730
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hG19zVkfMcimw7vS1t_gSF-LL9w.roa
Signing time:             Mon 01 Jan 2024 08:30:32 +0000
ROA not before:           Mon 01 Jan 2024 08:30:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     198607
IP address blocks:        163.5.87.0/24 maxlen: 24
                          163.5.202.0/24 maxlen: 24
                          163.5.239.0/24 maxlen: 24
                          163.5.127.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 05 Jan 2024 18:48:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:25:5e:82:be:16:52:7e:f7:54:6b:ec:59:42:87:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan  1 08:30:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=846d7dcd591f31c8a6c3bbd2d6dfe0485f8b2fdc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:34:18:64:5c:ba:ab:cc:ba:e3:80:71:7a:61:
                    4a:26:da:a4:25:82:88:da:85:d7:1f:d3:bc:62:fa:
                    0b:b6:51:05:55:b6:9d:4c:a3:e9:3d:5a:f0:25:3f:
                    ec:f3:83:69:d2:88:3b:d8:fb:6b:ff:1f:b8:00:f0:
                    ba:70:73:36:05:d7:b3:05:2a:e6:1a:bb:65:d1:7f:
                    dc:58:b3:9f:95:63:a7:50:65:ad:b4:a9:dc:cf:0a:
                    b6:fe:ec:e3:e8:78:50:b5:2d:0c:12:f4:82:71:dd:
                    96:e6:97:05:ed:8b:36:5e:c3:33:cd:7e:2b:c2:8a:
                    15:b1:2f:07:33:b5:6c:d9:ea:df:9b:03:db:47:45:
                    ea:8d:32:52:b1:08:b0:b8:dc:c8:3e:62:c0:ce:64:
                    04:cc:7f:6f:0e:3d:8a:ee:9a:a4:b7:a0:99:51:35:
                    8b:35:09:28:a1:45:b2:ad:45:22:6b:0f:10:c4:25:
                    e0:bd:ea:95:83:94:33:5a:78:df:45:7e:c2:0d:7b:
                    93:48:af:5e:f9:d8:61:71:26:88:4e:e5:fc:9e:7b:
                    c7:48:7e:e5:69:85:21:79:0c:81:34:d2:c1:59:40:
                    c5:f5:4d:20:71:77:36:69:50:8f:7e:d0:18:01:93:
                    ae:1c:44:d1:f0:e5:3a:c5:e1:b9:0a:f5:04:a8:a3:
                    aa:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:6D:7D:CD:59:1F:31:C8:A6:C3:BB:D2:D6:DF:E0:48:5F:8B:2F:DC
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hG19zVkfMcimw7vS1t_gSF-LL9w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.87.0/24
                  163.5.127.0/24
                  163.5.202.0/24
                  163.5.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:d1:a8:2f:19:40:df:f9:48:97:12:34:b4:f3:80:99:7f:97:
         4f:64:58:31:1f:0c:e0:db:c8:6f:26:62:dd:7c:2c:e7:3d:89:
         62:9b:44:4b:4e:a2:eb:9f:00:24:96:d2:ae:c8:d5:89:2c:5e:
         94:76:cc:92:30:f9:74:13:f9:0a:be:64:e4:36:56:69:e6:13:
         7e:94:e2:b8:70:2a:39:b2:c9:f1:f2:b6:66:0a:b4:3a:cf:35:
         81:cd:fc:c8:42:13:40:81:42:78:8a:8e:30:0f:26:0d:9e:f3:
         95:c7:51:4d:b9:93:c8:61:4f:ff:08:14:70:3a:42:a7:97:91:
         c8:52:41:4b:e6:96:cc:f3:de:e1:11:98:75:a4:c0:ad:04:c8:
         d6:4d:52:76:e3:d1:84:3f:4e:8a:be:30:da:8b:3f:f2:d8:94:
         4a:cc:29:94:0b:36:0f:9d:38:9f:52:62:75:1a:84:b0:89:65:
         df:45:55:6a:e9:97:36:54:7f:60:54:1c:d5:72:91:80:56:d4:
         32:ef:75:de:87:ef:63:6f:16:6d:17:f6:39:d9:83:23:40:5d:
         49:d8:5a:bc:5d:99:8d:4d:2e:14:e6:af:4c:01:59:ab:69:95:
         7c:73:5e:ab:1a:83:8c:25:03:a4:63:63:ec:ef:12:ae:a0:be:
         fc:68:ed:11
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEJV6CvhZSfvdUa+xZQocwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDZkN2RjZDU5MWYzMWM4YTZjM2JiZDJkNmRmZTA0ODVmOGIyZmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDQYZFy6q8y644BxemFKJtqkJYKI
2oXXH9O8YvoLtlEFVbadTKPpPVrwJT/s84Np0og72Ptr/x+4APC6cHM2BdezBSrm
Grtl0X/cWLOflWOnUGWttKnczwq2/uzj6HhQtS0MEvSCcd2W5pcF7Ys2XsMzzX4r
wooVsS8HM7Vs2erfmwPbR0XqjTJSsQiwuNzIPmLAzmQEzH9vDj2K7pqkt6CZUTWL
NQkooUWyrUUiaw8QxCXgveqVg5QzWnjfRX7CDXuTSK9e+dhhcSaITuX8nnvHSH7l
aYUheQyBNNLBWUDF9U0gcXc2aVCPftAYAZOuHETR8OU6xeG5CvUEqKOq4wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIRtfc1ZHzHIpsO70tbf4Ehfiy/cMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaEcxOXpWa2ZNY2ltdzd2UzF0X2dTRi1MTDl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowVXAwQA
owV/AwQAowXKAwQAowXvMA0GCSqGSIb3DQEBCwUAA4IBAQAs0agvGUDf+UiXEjS0
84CZf5dPZFgxHwzg28hvJmLdfCznPYlim0RLTqLrnwAkltKuyNWJLF6UdsySMPl0
E/kKvmTkNlZp5hN+lOK4cCo5ssnx8rZmCrQ6zzWBzfzIQhNAgUJ4io4wDyYNnvOV
x1FNuZPIYU//CBRwOkKnl5HIUkFL5pbM897hEZh1pMCtBMjWTVJ249GEP06KvjDa
iz/y2JRKzCmUCzYPnTifUmJ1GoSwiWXfRVVq6Zc2VH9gVBzVcpGAVtQy73Xeh+9j
bxZtF/Y52YMjQF1J2Fq8XZmNTS4U5q9MAVmraZV8c16rGoOMJQOkY2Ps7xKuoL78
aO0R
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:34 2024 by rpki-client on console-ams.rpki-client.org