Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/sGwIS9Q2mGvPO88S-C1Ek3RL7SA.roa
File:                     sGwIS9Q2mGvPO88S-C1Ek3RL7SA.roa (raw, json)
Hash identifier:          +XrdOKpmngQRGnayIStCs3d2HcwDkRIFypVLoPm7CQ4=
Subject key identifier:   B0:6C:08:4B:D4:36:98:6B:CF:3B:CF:12:F8:2D:44:93:74:4B:ED:20
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018A8A1C1371332D8B20170720F722854EF1
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/sGwIS9Q2mGvPO88S-C1Ek3RL7SA.roa
Signing time:             Tue 12 Sep 2023 15:56:50 +0000
ROA not before:           Tue 12 Sep 2023 15:56:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399486
IP address blocks:        163.5.210.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.32.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24
                          163.5.169.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 28 Oct 2023 22:48:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:8a:1c:13:71:33:2d:8b:20:17:07:20:f7:22:85:4e:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Sep 12 15:56:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b06c084bd436986bcf3bcf12f82d4493744bed20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:2f:2a:4f:63:64:00:0a:89:25:73:02:a6:52:
                    69:44:1d:69:95:70:29:30:8d:cc:35:4f:cc:5f:41:
                    00:1b:e7:c0:a0:68:ea:99:f7:d2:4a:d3:a9:86:61:
                    92:a4:ce:20:f2:64:8c:aa:22:7d:dd:94:f6:99:8b:
                    c4:ef:0f:42:6f:ec:36:9b:73:13:87:3c:8d:a9:06:
                    04:79:3c:7f:bd:66:fd:fa:fe:58:70:ee:b4:ef:50:
                    9f:a1:7e:e7:ee:99:66:ff:6b:eb:db:0f:cb:20:c8:
                    73:a7:63:39:59:43:45:0e:49:76:b7:ff:ad:1b:bc:
                    0e:7a:fb:5a:38:62:29:88:6c:ee:81:ad:2a:68:ec:
                    0f:68:6a:db:15:57:00:2d:4d:81:8a:7b:d8:2e:f5:
                    4d:bc:e2:28:69:49:b0:f9:1e:65:73:80:62:0c:40:
                    23:db:03:39:82:74:48:ad:ac:5f:69:c5:77:50:65:
                    7d:de:53:93:8c:68:2b:a4:4e:80:3a:63:36:5d:76:
                    3d:02:77:54:4c:9d:7a:ac:79:f9:8d:62:dd:26:32:
                    5a:e9:ea:18:92:9b:df:68:21:00:86:81:7b:c3:07:
                    72:fc:d0:30:7a:cb:2c:e7:bd:55:42:21:5e:a1:53:
                    d2:76:48:12:b0:db:ca:39:87:e1:71:5b:82:c5:f8:
                    d2:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:6C:08:4B:D4:36:98:6B:CF:3B:CF:12:F8:2D:44:93:74:4B:ED:20
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/sGwIS9Q2mGvPO88S-C1Ek3RL7SA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.32.0/24
                  163.5.112.0/24
                  163.5.160.0/24
                  163.5.169.0/24
                  163.5.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:ea:78:b1:9d:6d:3c:60:47:ee:fa:d1:2e:e9:8b:7e:9c:5b:
         55:e7:bc:d6:a8:f0:11:28:42:42:d0:bb:e9:48:1a:49:b4:94:
         7f:16:fa:3a:db:9a:a9:09:d7:66:b8:f1:cb:99:d7:e9:41:bb:
         ec:59:ae:3d:5b:57:f0:45:fa:ee:59:cb:07:f2:09:2f:bc:31:
         fb:9c:10:b5:30:a6:1d:6c:f4:52:fc:95:dd:78:af:6c:47:8c:
         7f:e0:32:6f:4b:1b:8a:05:40:4d:05:89:b9:7e:5d:f6:68:53:
         a0:cc:60:c1:f9:e5:e5:22:90:ae:3d:0a:87:a0:2c:40:df:54:
         52:1c:18:e9:31:ff:9c:b3:a7:6a:9a:0a:7b:a4:ea:89:8c:1d:
         b5:83:86:f6:57:95:a1:ea:11:b6:68:49:7c:88:db:99:ef:8f:
         7c:de:d3:a4:90:f3:97:ac:41:fb:56:ce:6f:7b:d5:39:7f:70:
         4d:b9:8f:bc:f7:32:26:85:13:ac:9f:67:b6:49:60:bb:10:e7:
         1c:de:31:d8:7f:86:60:16:35:20:77:86:41:b6:90:bb:37:72:
         c3:36:b4:ce:3b:fc:80:14:b2:ab:d5:6c:4e:8a:40:a6:0f:33:
         7d:f8:df:19:09:68:3f:60:e6:05:8e:2a:24:83:78:b7:e7:d9:
         be:b6:20:77
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYqKHBNxMy2LIBcHIPcihU7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwOTEyMTU1NjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDZjMDg0YmQ0MzY5ODZiY2YzYmNmMTJmODJkNDQ5Mzc0NGJlZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAii8qT2NkAAqJJXMCplJpRB1plXAp
MI3MNU/MX0EAG+fAoGjqmffSStOphmGSpM4g8mSMqiJ93ZT2mYvE7w9Cb+w2m3MT
hzyNqQYEeTx/vWb9+v5YcO6071CfoX7n7plm/2vr2w/LIMhzp2M5WUNFDkl2t/+t
G7wOevtaOGIpiGzuga0qaOwPaGrbFVcALU2BinvYLvVNvOIoaUmw+R5lc4BiDEAj
2wM5gnRIraxfacV3UGV93lOTjGgrpE6AOmM2XXY9AndUTJ16rHn5jWLdJjJa6eoY
kpvfaCEAhoF7wwdy/NAwesss571VQiFeoVPSdkgSsNvKOYfhcVuCxfjSZwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLBsCEvUNphrzzvPEvgtRJN0S+0gMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvc0d3SVM5UTJtR3ZQTzg4Uy1DMUVrM1JMN1NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowUgAwQA
owVwAwQAowWgAwQAowWpAwQAowXSMA0GCSqGSIb3DQEBCwUAA4IBAQCG6nixnW08
YEfu+tEu6Yt+nFtV57zWqPARKEJC0LvpSBpJtJR/Fvo625qpCddmuPHLmdfpQbvs
Wa49W1fwRfruWcsH8gkvvDH7nBC1MKYdbPRS/JXdeK9sR4x/4DJvSxuKBUBNBYm5
fl32aFOgzGDB+eXlIpCuPQqHoCxA31RSHBjpMf+cs6dqmgp7pOqJjB21g4b2V5Wh
6hG2aEl8iNuZ74983tOkkPOXrEH7Vs5ve9U5f3BNuY+89zImhROsn2e2SWC7EOcc
3jHYf4ZgFjUgd4ZBtpC7N3LDNrTOO/yAFLKr1WxOikCmDzN9+N8ZCWg/YOYFjiok
g3i359m+tiB3
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:36 2024 by rpki-client on console-ams.rpki-client.org