Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/o2qwd2mKQDQqei3fsysRcjam9Lk.roa
File:                     o2qwd2mKQDQqei3fsysRcjam9Lk.roa (raw, json)
Hash identifier:          ple9hgR6DTvmaOrsCRs1qTsZ4/SR704/vaorkF497iQ=
Subject key identifier:   A3:6A:B0:77:69:8A:40:34:2A:7A:2D:DF:B3:2B:11:72:36:A6:F4:B9
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018CC425514FF569B9F27623E6BE1F4445A6
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/o2qwd2mKQDQqei3fsysRcjam9Lk.roa
Signing time:             Mon 01 Jan 2024 08:30:29 +0000
ROA not before:           Mon 01 Jan 2024 08:30:29 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     14445
IP address blocks:        163.5.173.0/24 maxlen: 24
                          163.5.206.0/24 maxlen: 24
                          163.5.200.0/24 maxlen: 24
                          163.5.132.0/24 maxlen: 24
                          163.5.29.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 30 Mar 2024 11:52:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:25:51:4f:f5:69:b9:f2:76:23:e6:be:1f:44:45:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan  1 08:30:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a36ab077698a40342a7a2ddfb32b117236a6f4b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:57:cd:41:09:ec:4c:35:cf:45:e2:fd:34:a8:
                    09:b6:7b:34:45:f1:54:8a:6d:6e:4e:13:1a:7f:72:
                    1b:e5:1d:13:a6:84:a7:fe:45:c3:9f:b2:bf:23:96:
                    3c:89:d3:64:1b:72:15:8f:a0:fb:ed:23:0d:32:62:
                    30:64:9c:76:77:72:93:15:b5:78:43:35:a9:15:57:
                    15:da:22:51:1a:eb:c3:c2:bd:3a:a8:27:f6:62:a8:
                    b2:62:09:39:04:bb:3a:c6:32:81:a1:a8:d2:fa:70:
                    dd:e9:08:c2:01:1d:0d:2f:d4:a3:72:e3:0f:59:12:
                    6f:33:48:41:a7:95:4a:25:f8:bf:06:88:d0:b2:54:
                    f4:63:8b:21:1c:a8:78:18:11:ac:b3:4b:6f:12:8e:
                    79:ee:15:8c:9f:ee:fc:18:09:64:c3:05:c7:d4:a2:
                    30:0d:99:b8:d2:97:54:78:e0:dd:29:dd:ef:76:05:
                    66:f6:2d:15:78:7f:2a:0b:09:1e:13:e4:93:09:c8:
                    1c:88:21:d9:46:7e:69:34:c4:fa:17:b5:8c:22:46:
                    47:59:24:62:a5:1e:ff:35:6f:c7:85:ba:b1:91:de:
                    9f:f2:b7:0a:7e:a0:8f:fb:af:67:13:54:2d:58:75:
                    dc:0f:82:27:d7:93:95:9a:e5:17:42:a5:5d:c3:3e:
                    c2:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:6A:B0:77:69:8A:40:34:2A:7A:2D:DF:B3:2B:11:72:36:A6:F4:B9
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/o2qwd2mKQDQqei3fsysRcjam9Lk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.29.0/24
                  163.5.132.0/24
                  163.5.173.0/24
                  163.5.200.0/24
                  163.5.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:0f:d9:87:bf:66:13:e5:b8:68:82:94:a1:27:27:d5:10:c1:
         22:12:f1:92:4c:6d:ad:55:86:b3:0f:3d:6b:9e:9c:e7:26:6b:
         0f:7e:2c:b8:53:84:21:b8:39:5a:03:14:ed:7d:aa:ce:f6:ef:
         b5:97:3c:b4:33:b4:7e:e1:b0:fb:59:9d:86:9b:c2:db:46:6b:
         e3:1a:b9:3d:1a:19:df:9b:a9:cd:b0:e5:64:19:25:fd:1e:e0:
         75:84:11:c9:36:3e:d2:e3:ae:58:ca:4c:1b:58:47:c4:73:49:
         90:68:1b:48:11:85:55:ca:69:2f:eb:fc:de:1e:a0:96:6e:79:
         de:fa:46:65:53:df:6f:32:f3:65:7f:f6:95:5c:9c:66:db:ab:
         6a:23:5b:79:5b:12:26:7b:94:b1:44:59:1d:2b:87:c2:fe:5d:
         3f:f3:8a:eb:b7:eb:b2:33:a2:20:9e:22:7e:24:6b:a6:89:34:
         d9:d4:c5:82:da:f5:7b:43:5b:52:d9:4d:13:ee:40:05:e1:f3:
         6c:01:43:c1:7c:c5:32:f4:a3:3d:56:b9:29:09:49:fd:dc:86:
         76:fe:66:5b:e0:b6:d4:cc:ee:6b:f5:6b:a0:10:8d:7a:f8:67:
         90:7f:b8:cf:74:30:fc:b0:f5:63:40:da:05:7e:c0:61:4b:c0:
         56:27:63:ea
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzEJVFP9Wm58nYj5r4fREWmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzZhYjA3NzY5OGE0MDM0MmE3YTJkZGZiMzJiMTE3MjM2YTZmNGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFfNQQnsTDXPReL9NKgJtns0RfFU
im1uThMaf3Ib5R0TpoSn/kXDn7K/I5Y8idNkG3IVj6D77SMNMmIwZJx2d3KTFbV4
QzWpFVcV2iJRGuvDwr06qCf2YqiyYgk5BLs6xjKBoajS+nDd6QjCAR0NL9SjcuMP
WRJvM0hBp5VKJfi/BojQslT0Y4shHKh4GBGss0tvEo557hWMn+78GAlkwwXH1KIw
DZm40pdUeODdKd3vdgVm9i0VeH8qCwkeE+STCcgciCHZRn5pNMT6F7WMIkZHWSRi
pR7/NW/Hhbqxkd6f8rcKfqCP+69nE1QtWHXcD4In15OVmuUXQqVdwz7C9QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKNqsHdpikA0Knot37MrEXI2pvS5MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbzJxd2QybUtRRFFxZWkzZnN5c1JjamFtOUxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowUdAwQA
owWEAwQAowWtAwQAowXIAwQAowXOMA0GCSqGSIb3DQEBCwUAA4IBAQCoD9mHv2YT
5bhogpShJyfVEMEiEvGSTG2tVYazDz1rnpznJmsPfiy4U4QhuDlaAxTtfarO9u+1
lzy0M7R+4bD7WZ2Gm8LbRmvjGrk9Ghnfm6nNsOVkGSX9HuB1hBHJNj7S465Yykwb
WEfEc0mQaBtIEYVVymkv6/zeHqCWbnne+kZlU99vMvNlf/aVXJxm26tqI1t5WxIm
e5SxRFkdK4fC/l0/84rrt+uyM6IgniJ+JGumiTTZ1MWC2vV7Q1tS2U0T7kAF4fNs
AUPBfMUy9KM9VrkpCUn93IZ2/mZb4LbUzO5r9WugEI16+GeQf7jPdDD8sPVjQNoF
fsBhS8BWJ2Pq
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:35 2024 by rpki-client on console-ams.rpki-client.org