Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vjyBqCII4W-B92mqe8cFdTKPwfM.roa
File:                     vjyBqCII4W-B92mqe8cFdTKPwfM.roa (raw, json)
Hash identifier:          6DBqjS86envH7T4F49wcyBZJquJQQ0WI5tmFfiPLCjc=
Subject key identifier:   BE:3C:81:A8:22:08:E1:6F:81:F7:69:AA:7B:C7:05:75:32:8F:C1:F3
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018CC9C06624D3376BDB1D2DD05392167321
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vjyBqCII4W-B92mqe8cFdTKPwfM.roa
Signing time:             Tue 02 Jan 2024 10:37:58 +0000
ROA not before:           Tue 02 Jan 2024 10:37:58 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     21859
IP address blocks:        163.5.199.0/24 maxlen: 24
                          163.5.212.0/24 maxlen: 24
                          163.5.219.0/24 maxlen: 24
                          163.5.141.0/24 maxlen: 24
                          163.5.248.0/24 maxlen: 24
                          163.5.61.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 06 Jan 2024 18:06:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:c0:66:24:d3:37:6b:db:1d:2d:d0:53:92:16:73:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan  2 10:37:58 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=be3c81a82208e16f81f769aa7bc70575328fc1f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:27:85:fa:bc:f7:92:6e:f4:44:f3:70:39:c3:
                    33:c5:af:43:61:2a:45:70:1f:d1:a3:aa:d4:e7:ca:
                    5a:19:a5:1e:09:da:ac:0e:45:87:d1:aa:d5:f0:e3:
                    c6:b1:8c:df:1c:89:f7:fd:10:fb:59:4b:cc:52:5d:
                    20:ff:ff:6a:50:39:e9:df:5f:5c:27:21:31:49:14:
                    8a:b1:4e:53:03:49:5f:00:82:16:a1:06:ca:28:e2:
                    9a:8f:3a:60:c1:85:e3:bd:6c:43:09:d7:e6:a8:96:
                    59:79:a0:5f:cf:01:59:74:61:df:58:ca:b9:10:8d:
                    d8:5e:39:33:26:cf:09:b2:23:54:6b:65:b3:f1:6b:
                    a7:37:23:57:51:ff:e6:80:cb:96:ca:d3:cb:a6:05:
                    dd:15:26:69:13:90:ac:15:a8:3f:58:02:52:13:80:
                    b0:30:f6:01:1a:f8:bb:cb:b2:9b:42:a2:31:8a:66:
                    08:de:5a:2d:02:4c:43:2f:ff:b6:f4:f9:cf:63:bb:
                    ed:07:44:c4:34:05:d7:d7:f6:4c:69:55:c8:f7:5a:
                    e2:11:c5:b1:90:da:d2:71:5a:7c:ed:7c:10:bc:87:
                    61:7b:7c:81:80:bb:0d:66:4e:75:4a:31:fc:c2:52:
                    67:05:3b:d5:70:b0:51:6b:51:e8:d1:4a:37:88:f8:
                    a5:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:3C:81:A8:22:08:E1:6F:81:F7:69:AA:7B:C7:05:75:32:8F:C1:F3
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vjyBqCII4W-B92mqe8cFdTKPwfM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.61.0/24
                  163.5.141.0/24
                  163.5.199.0/24
                  163.5.212.0/24
                  163.5.219.0/24
                  163.5.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:71:38:87:23:89:17:ed:55:b3:54:e2:42:0f:f9:e0:5c:ef:
         b3:d8:a0:4d:1f:a3:80:90:e2:e5:fd:af:07:3e:4c:55:99:6f:
         09:04:8d:d7:af:df:df:53:f2:58:8e:64:90:70:5d:70:58:fd:
         a6:42:73:ec:5c:2d:e1:83:7b:5f:cd:fe:59:d3:05:27:20:16:
         00:27:7b:d7:83:9f:c8:f5:1e:3b:2f:e1:74:4a:d6:00:b2:51:
         2f:89:f8:6f:a0:3d:93:bc:35:43:d9:6a:30:3a:f6:ef:9b:59:
         37:1c:28:4b:02:4d:63:7a:75:6f:a8:00:84:e4:30:00:29:a2:
         b0:51:35:d9:c5:65:a1:c3:ed:43:34:99:ed:6a:f6:65:dc:48:
         ac:6a:d2:c8:1c:65:d3:af:6d:1a:a8:28:08:fe:6d:29:c0:af:
         3d:94:a2:14:59:77:58:3c:e7:50:94:95:0e:17:31:4a:99:7e:
         01:91:70:52:11:23:82:2b:85:08:31:43:58:3d:c0:b6:cb:65:
         a6:9f:d6:6c:a2:4b:f2:91:af:95:85:95:77:47:28:58:7b:9b:
         ab:36:1f:bf:2d:1d:24:21:36:76:ea:09:0b:dd:ba:81:64:79:
         ea:f3:01:41:ba:38:21:6e:d6:37:e0:6d:81:21:dd:8e:68:93:
         14:6d:56:94
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzJwGYk0zdr2x0t0FOSFnMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAyMTAzNzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTNjODFhODIyMDhlMTZmODFmNzY5YWE3YmM3MDU3NTMyOGZjMWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCeF+rz3km70RPNwOcMzxa9DYSpF
cB/Ro6rU58paGaUeCdqsDkWH0arV8OPGsYzfHIn3/RD7WUvMUl0g//9qUDnp319c
JyExSRSKsU5TA0lfAIIWoQbKKOKajzpgwYXjvWxDCdfmqJZZeaBfzwFZdGHfWMq5
EI3YXjkzJs8JsiNUa2Wz8WunNyNXUf/mgMuWytPLpgXdFSZpE5CsFag/WAJSE4Cw
MPYBGvi7y7KbQqIximYI3lotAkxDL/+29PnPY7vtB0TENAXX1/ZMaVXI91riEcWx
kNrScVp87XwQvIdhe3yBgLsNZk51SjH8wlJnBTvVcLBRa1Ho0Uo3iPilKQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFL48gagiCOFvgfdpqnvHBXUyj8HzMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdmp5QnFDSUk0Vy1COTJtcWU4Y0ZkVEtQd2ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAowU9AwQA
owWNAwQAowXHAwQAowXUAwQAowXbAwQAowX4MA0GCSqGSIb3DQEBCwUAA4IBAQBh
cTiHI4kX7VWzVOJCD/ngXO+z2KBNH6OAkOLl/a8HPkxVmW8JBI3Xr9/fU/JYjmSQ
cF1wWP2mQnPsXC3hg3tfzf5Z0wUnIBYAJ3vXg5/I9R47L+F0StYAslEvifhvoD2T
vDVD2WowOvbvm1k3HChLAk1jenVvqACE5DAAKaKwUTXZxWWhw+1DNJntavZl3Eis
atLIHGXTr20aqCgI/m0pwK89lKIUWXdYPOdQlJUOFzFKmX4BkXBSESOCK4UIMUNY
PcC2y2Wmn9Zsokvyka+VhZV3RyhYe5urNh+/LR0kITZ26gkL3bqBZHnq8wFBujgh
btY34G2BId2OaJMUbVaU
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:36 2024 by rpki-client on console-ams.rpki-client.org