Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Z6duTEN07h2ukqpZnRNBzLAnrwk.roa
File:                     Z6duTEN07h2ukqpZnRNBzLAnrwk.roa (raw, json)
Hash identifier:          X2QCJ0mqaMuiy6pJugf8MUYwWiaax3jgGpDE1Y5ZJuc=
Subject key identifier:   67:A7:6E:4C:43:74:EE:1D:AE:92:AA:59:9D:13:41:CC:B0:27:AF:09
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01882E46D7C0F347042BDEC453E7410B6D78
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Z6duTEN07h2ukqpZnRNBzLAnrwk.roa
Signing time:             Thu 18 May 2023 09:52:54 +0000
ROA not before:           Thu 18 May 2023 09:52:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204372
IP address blocks:        163.5.227.0/24 maxlen: 24
                          163.5.230.0/24 maxlen: 24
                          163.5.239.0/24 maxlen: 24
                          163.5.240.0/24 maxlen: 24
                          163.5.248.0/24 maxlen: 24
                          163.5.254.0/24 maxlen: 24
                          163.5.86.0/24 maxlen: 24
                          163.5.87.0/24 maxlen: 24
                          163.5.99.0/24 maxlen: 24
                          163.5.107.0/24 maxlen: 24
                          163.5.109.0/24 maxlen: 24
                          163.5.117.0/24 maxlen: 24
                          163.5.31.0/24 maxlen: 24
                          163.5.35.0/24 maxlen: 24
                          163.5.61.0/24 maxlen: 24
                          163.5.62.0/24 maxlen: 24
                          163.5.198.0/24 maxlen: 24
                          163.5.202.0/24 maxlen: 24
                          163.5.211.0/24 maxlen: 24
                          163.5.210.0/24 maxlen: 24
                          163.5.216.0/24 maxlen: 24
                          163.5.223.0/24 maxlen: 24
                          163.5.221.0/24 maxlen: 24
                          163.5.226.0/24 maxlen: 24
                          163.5.222.0/24 maxlen: 24
                          163.5.132.0/24 maxlen: 24
                          163.5.130.0/24 maxlen: 24
                          163.5.127.0/24 maxlen: 24
                          163.5.136.0/24 maxlen: 24
                          163.5.138.0/24 maxlen: 24
                          163.5.133.0/24 maxlen: 24
                          163.5.145.0/24 maxlen: 24
                          163.5.149.0/24 maxlen: 24
                          163.5.158.0/24 maxlen: 24
                          163.5.166.0/24 maxlen: 24
                          163.5.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 19 May 2023 12:43:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:2e:46:d7:c0:f3:47:04:2b:de:c4:53:e7:41:0b:6d:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: May 18 09:52:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=67a76e4c4374ee1dae92aa599d1341ccb027af09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:fa:87:f8:77:bc:a0:39:ff:75:b2:64:e2:4c:
                    19:df:32:0d:c0:18:ac:06:1d:02:40:a7:60:24:e9:
                    98:40:17:03:93:f8:19:be:c1:d4:06:45:0e:e0:c8:
                    89:c2:b4:16:ea:cb:29:ac:76:02:7a:3c:b6:9c:12:
                    00:d0:1b:d5:0b:a3:7a:6f:1c:4a:87:f4:c0:37:65:
                    80:dc:1e:42:6d:7e:86:2a:dd:7f:a2:b2:6d:13:32:
                    f9:7c:b9:92:12:7b:30:43:15:89:ed:c6:bf:aa:b5:
                    99:5d:6c:64:cd:bb:d6:9e:22:35:34:cc:e6:f3:a7:
                    7b:84:9c:0d:a0:f1:fa:ca:c5:a5:58:78:a8:20:a9:
                    68:1f:22:0a:78:6b:18:98:8c:7a:4e:30:c1:23:c4:
                    13:34:5b:e4:74:c6:e4:b2:2f:db:4e:a6:8c:23:f2:
                    a3:0d:bd:31:a3:e8:fb:29:44:63:24:f9:5b:1d:ff:
                    30:2c:c3:1f:07:d6:d9:cf:8e:f8:73:ef:52:b8:9d:
                    ce:f7:ad:54:59:01:be:ab:d5:7d:54:c8:49:04:d6:
                    1f:4f:b8:cf:c8:75:64:a0:c3:52:cc:65:d0:82:7e:
                    fe:32:cc:9c:36:1c:8e:82:75:2a:29:53:e0:ee:46:
                    61:fc:2c:39:aa:3a:da:b6:ba:52:20:21:50:6f:99:
                    63:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:A7:6E:4C:43:74:EE:1D:AE:92:AA:59:9D:13:41:CC:B0:27:AF:09
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Z6duTEN07h2ukqpZnRNBzLAnrwk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.31.0/24
                  163.5.35.0/24
                  163.5.61.0-163.5.62.255
                  163.5.86.0/23
                  163.5.99.0/24
                  163.5.107.0/24
                  163.5.109.0/24
                  163.5.117.0/24
                  163.5.127.0/24
                  163.5.130.0/24
                  163.5.132.0/23
                  163.5.136.0/24
                  163.5.138.0/24
                  163.5.145.0/24
                  163.5.149.0/24
                  163.5.158.0/24
                  163.5.161.0/24
                  163.5.166.0/24
                  163.5.198.0/24
                  163.5.202.0/24
                  163.5.210.0/23
                  163.5.216.0/24
                  163.5.221.0-163.5.223.255
                  163.5.226.0/23
                  163.5.230.0/24
                  163.5.239.0-163.5.240.255
                  163.5.248.0/24
                  163.5.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:bc:3c:bc:42:47:ac:76:d4:4b:97:ca:a3:a2:cc:f0:f3:aa:
         a8:91:3f:55:0a:36:af:7a:51:c4:b3:c2:c4:d6:fc:91:31:18:
         e4:e8:19:86:0b:1a:3a:9a:d5:41:6e:96:1e:68:e4:30:27:6e:
         45:a4:4c:b4:01:14:12:47:9e:ae:2d:be:a2:1a:75:cc:49:af:
         56:82:aa:91:fc:99:bf:c3:b2:f0:f4:15:52:e0:c4:fb:73:81:
         e9:8c:b2:cc:3d:a7:cc:7f:a0:e4:0a:75:25:69:bd:1b:9a:3c:
         d0:26:3a:68:79:ae:09:89:0f:c7:e1:bd:90:41:93:14:13:f9:
         17:8c:7d:e1:0f:33:30:19:7b:3b:b6:ae:b7:17:58:7f:ff:13:
         98:d8:6f:a0:8b:81:6a:24:d9:d9:32:f5:01:50:f2:c0:8d:0d:
         bd:ae:cb:45:12:0c:f3:f8:1a:15:49:03:ae:01:89:0e:75:6c:
         83:c1:ab:fe:5d:b1:91:42:b1:5f:39:80:9c:8e:35:d9:82:28:
         2e:34:13:e9:5c:66:8d:9f:4b:8c:e5:e0:86:81:f8:44:2b:e0:
         8a:8a:66:7b:3d:e5:70:6a:fa:94:b7:f6:c8:4f:5d:6d:85:cd:
         c3:1d:65:7f:67:1b:56:15:52:21:99:df:03:8a:85:a5:44:9d:
         36:58:7c:7f
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAYguRtfA80cEK97EU+dBC214MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNTE4MDk1MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2E3NmU0YzQzNzRlZTFkYWU5MmFhNTk5ZDEzNDFjY2IwMjdhZjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/qH+He8oDn/dbJk4kwZ3zINwBis
Bh0CQKdgJOmYQBcDk/gZvsHUBkUO4MiJwrQW6ssprHYCejy2nBIA0BvVC6N6bxxK
h/TAN2WA3B5CbX6GKt1/orJtEzL5fLmSEnswQxWJ7ca/qrWZXWxkzbvWniI1NMzm
86d7hJwNoPH6ysWlWHioIKloHyIKeGsYmIx6TjDBI8QTNFvkdMbksi/bTqaMI/Kj
Db0xo+j7KURjJPlbHf8wLMMfB9bZz474c+9SuJ3O961UWQG+q9V9VMhJBNYfT7jP
yHVkoMNSzGXQgn7+MsycNhyOgnUqKVPg7kZh/Cw5qjratrpSICFQb5ljfQIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFGenbkxDdO4drpKqWZ0TQcywJ68JMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvWjZkdVRFTjA3aDJ1a3FwWm5STkJ6TEFucndrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBxwQCAAEwgcADBACj
BR8DBACjBSMwDAMEAKMFPQMEAKMFPgMEAaMFVgMEAKMFYwMEAKMFawMEAKMFbQME
AKMFdQMEAKMFfwMEAKMFggMEAaMFhAMEAKMFiAMEAKMFigMEAKMFkQMEAKMFlQME
AKMFngMEAKMFoQMEAKMFpgMEAKMFxgMEAKMFygMEAaMF0gMEAKMF2DAMAwQAowXd
AwQFowXAAwQBowXiAwQAowXmMAwDBACjBe8DBACjBfADBACjBfgDBACjBf4wDQYJ
KoZIhvcNAQELBQADggEBAKG8PLxCR6x21EuXyqOizPDzqqiRP1UKNq96UcSzwsTW
/JExGOToGYYLGjqa1UFulh5o5DAnbkWkTLQBFBJHnq4tvqIadcxJr1aCqpH8mb/D
svD0FVLgxPtzgemMssw9p8x/oOQKdSVpvRuaPNAmOmh5rgmJD8fhvZBBkxQT+ReM
feEPMzAZezu2rrcXWH//E5jYb6CLgWok2dky9QFQ8sCNDb2uy0USDPP4GhVJA64B
iQ51bIPBq/5dsZFCsV85gJyONdmCKC40E+lcZo2fS4zl4IaB+EQr4IqKZns95XBq
+pS39shPXW2FzcMdZX9nG1YVUiGZ3wOKhaVEnTZYfH8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org