Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/wIqZ-SUYJYPHx6TkZbJGgXjqt-A.roa
File:                     wIqZ-SUYJYPHx6TkZbJGgXjqt-A.roa (raw, json)
Hash identifier:          vNQnrbEn9hgyVCoxbeDVIWW2XK3ISSqdaUvJvmz7YW0=
Subject key identifier:   C0:8A:99:F9:25:18:25:83:C7:C7:A4:E4:65:B2:46:81:78:EA:B7:E0
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01857042CBC31A7CE9B8D82CD0A8A4005165
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/wIqZ-SUYJYPHx6TkZbJGgXjqt-A.roa
Signing time:             Mon 02 Jan 2023 02:15:03 +0000
ROA not before:           Mon 02 Jan 2023 02:15:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211237
IP address blocks:        163.5.186.0/24 maxlen: 24
                          163.5.95.0/24 maxlen: 24
                          163.5.94.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.116.0/24 maxlen: 24
                          163.5.135.0/24 maxlen: 24
                          163.5.32.0/24 maxlen: 24
                          163.5.142.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 13 Feb 2023 19:26:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:42:cb:c3:1a:7c:e9:b8:d8:2c:d0:a8:a4:00:51:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan  2 02:15:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c08a99f925182583c7c7a4e465b2468178eab7e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:87:34:50:2e:1c:d5:e6:6a:e7:b7:35:c3:30:
                    f4:12:b7:ed:75:96:b4:9d:94:f6:f6:59:8b:47:ff:
                    5a:9b:27:8f:37:ab:81:43:0d:f2:c6:e1:15:8d:8f:
                    54:45:f7:41:6f:27:b6:d9:53:e6:e7:32:f8:7a:fc:
                    18:8d:43:28:02:a4:3d:d5:e6:7e:db:12:7c:b6:96:
                    ae:36:81:48:4c:4f:d2:3d:76:c4:0b:d4:e8:c4:74:
                    c0:a5:3e:30:5c:7d:98:a2:b1:34:1f:a3:65:c5:49:
                    b2:25:5b:9c:98:1f:0b:06:fb:b6:71:45:32:92:b8:
                    51:3f:54:f1:5e:a2:45:99:b1:83:df:36:db:29:e2:
                    7f:02:4c:79:c8:3f:87:7b:6a:10:cf:2f:c6:f3:a4:
                    85:e2:7d:33:04:92:41:ee:36:b0:6e:25:c5:dc:6f:
                    69:71:99:a6:89:59:41:4c:e1:2e:62:38:b9:e5:4c:
                    c7:95:e8:3f:ac:97:22:4f:92:6f:b9:ab:bd:30:8f:
                    e3:f2:8f:2a:5f:6e:9a:5c:e3:31:59:fd:48:62:1e:
                    d0:57:a1:7f:ab:11:13:d4:b4:fd:e9:26:a1:2c:ed:
                    46:cb:b5:44:17:fe:3d:2f:10:8b:fc:14:f5:8c:00:
                    52:22:03:42:97:ac:55:6e:19:84:b1:b5:8a:34:1e:
                    19:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:8A:99:F9:25:18:25:83:C7:C7:A4:E4:65:B2:46:81:78:EA:B7:E0
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/wIqZ-SUYJYPHx6TkZbJGgXjqt-A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.32.0/24
                  163.5.94.0/23
                  163.5.112.0/23
                  163.5.116.0/24
                  163.5.135.0/24
                  163.5.142.0/24
                  163.5.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:7f:8c:64:86:ca:15:96:75:e0:eb:a4:f9:ba:a0:ef:81:e3:
         7d:57:64:e9:6a:11:42:3c:61:cc:74:d5:41:29:dc:e3:f6:56:
         47:14:7c:17:41:a9:db:d7:5b:75:db:6c:b9:5f:fd:bc:54:dd:
         61:d0:65:71:e0:18:c7:73:22:89:19:f4:dd:44:97:a1:16:ca:
         f7:f8:bf:56:09:b0:9f:d3:ac:b3:46:c1:76:0a:23:c9:36:68:
         f6:37:02:56:69:b2:c1:25:2a:b5:16:13:bf:77:f2:b5:20:cd:
         9d:cf:80:b9:43:2e:fa:30:fc:a5:d9:74:f7:3c:e8:f8:3c:34:
         ba:02:e5:d5:2b:19:8d:cd:75:db:67:b3:c4:8f:db:2d:41:a3:
         1a:47:f3:b4:98:64:46:6d:d2:33:72:89:31:3c:d2:4a:5a:f3:
         86:99:7b:14:3f:0f:84:b4:3a:d3:11:aa:88:73:d5:f5:73:3e:
         53:e5:3d:68:4b:04:74:17:6c:37:67:05:5a:5d:7d:c4:58:bd:
         3b:79:92:28:66:42:e3:8c:d2:a6:23:43:05:0c:b0:6a:aa:73:
         71:89:79:69:cf:50:c6:f1:da:b1:4a:91:ec:ab:6e:ff:fb:5e:
         e0:4c:a7:2a:54:10:1c:ee:0f:a2:57:a0:c2:e7:6b:16:20:a4:
         18:d8:bb:26
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVwQsvDGnzpuNgs0KikAFFlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTAyMDIxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDhhOTlmOTI1MTgyNTgzYzdjN2E0ZTQ2NWIyNDY4MTc4ZWFiN2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYc0UC4c1eZq57c1wzD0ErftdZa0
nZT29lmLR/9amyePN6uBQw3yxuEVjY9URfdBbye22VPm5zL4evwYjUMoAqQ91eZ+
2xJ8tpauNoFITE/SPXbEC9ToxHTApT4wXH2YorE0H6NlxUmyJVucmB8LBvu2cUUy
krhRP1TxXqJFmbGD3zbbKeJ/Akx5yD+He2oQzy/G86SF4n0zBJJB7jawbiXF3G9p
cZmmiVlBTOEuYji55UzHleg/rJciT5Jvuau9MI/j8o8qX26aXOMxWf1IYh7QV6F/
qxET1LT96SahLO1Gy7VEF/49LxCL/BT1jABSIgNCl6xVbhmEsbWKNB4ZwwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMCKmfklGCWDx8ek5GWyRoF46rfgMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvd0lxWi1TVVlKWVBIeDZUa1piSkdnWGpxdC1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowUgAwQB
owVeAwQBowVwAwQAowV0AwQAowWHAwQAowWOAwQAowW6MA0GCSqGSIb3DQEBCwUA
A4IBAQBRf4xkhsoVlnXg66T5uqDvgeN9V2TpahFCPGHMdNVBKdzj9lZHFHwXQanb
11t122y5X/28VN1h0GVx4BjHcyKJGfTdRJehFsr3+L9WCbCf06yzRsF2CiPJNmj2
NwJWabLBJSq1FhO/d/K1IM2dz4C5Qy76MPyl2XT3POj4PDS6AuXVKxmNzXXbZ7PE
j9stQaMaR/O0mGRGbdIzcokxPNJKWvOGmXsUPw+EtDrTEaqIc9X1cz5T5T1oSwR0
F2w3ZwVaXX3EWL07eZIoZkLjjNKmI0MFDLBqqnNxiXlpz1DG8dqxSpHsq27/+17g
TKcqVBAc7g+iV6DC52sWIKQY2Lsm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:08 2024 by rpki-client on console-fra.rpki-client.org