Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4n7xMcDNmfU0If66APYk-o6_kaQ.roa
File:                     4n7xMcDNmfU0If66APYk-o6_kaQ.roa (raw, json)
Hash identifier:          TPXUFW2uIg3LvGgj+nHmGwMUkChSEFzhaElqoW9dJUg=
Subject key identifier:   E2:7E:F1:31:C0:CD:99:F5:34:21:FE:BA:00:F6:24:FA:8E:BF:91:A4
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01858173660FE288CEDDB7164D29FBE3F4C6
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4n7xMcDNmfU0If66APYk-o6_kaQ.roa
Signing time:             Thu 05 Jan 2023 10:21:41 +0000
ROA not before:           Thu 05 Jan 2023 10:21:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204372
IP address blocks:        163.5.233.0/24 maxlen: 24
                          163.5.227.0/24 maxlen: 24
                          163.5.230.0/24 maxlen: 24
                          163.5.239.0/24 maxlen: 24
                          163.5.240.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.244.0/24 maxlen: 24
                          163.5.246.0/24 maxlen: 24
                          163.5.248.0/24 maxlen: 24
                          163.5.100.0/24 maxlen: 24
                          163.5.107.0/24 maxlen: 24
                          163.5.35.0/24 maxlen: 24
                          163.5.202.0/24 maxlen: 24
                          163.5.211.0/24 maxlen: 24
                          163.5.210.0/24 maxlen: 24
                          163.5.226.0/24 maxlen: 24
                          163.5.222.0/24 maxlen: 24
                          163.5.132.0/24 maxlen: 24
                          163.5.127.0/24 maxlen: 24
                          163.5.136.0/24 maxlen: 24
                          163.5.138.0/24 maxlen: 24
                          163.5.133.0/24 maxlen: 24
                          163.5.145.0/24 maxlen: 24
                          163.5.158.0/24 maxlen: 24
                          163.5.166.0/24 maxlen: 24
                          163.5.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 06 Jan 2023 10:04:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:81:73:66:0f:e2:88:ce:dd:b7:16:4d:29:fb:e3:f4:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan  5 10:21:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e27ef131c0cd99f53421feba00f624fa8ebf91a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:04:af:5a:48:aa:28:5c:c8:5a:b5:9f:c2:9f:
                    c7:a1:bd:36:3d:d0:e2:06:9c:31:e7:ac:8c:f2:b9:
                    5a:20:f6:3d:59:bf:9b:5f:76:0d:be:7c:4d:8d:4a:
                    6f:f1:3a:01:bc:a9:60:4e:be:fd:c9:8a:50:ab:39:
                    57:a9:9d:8e:9e:ba:23:52:2d:45:e9:6c:91:7d:e2:
                    4c:3b:8f:db:16:c7:6c:04:76:d5:bc:8a:4c:3a:c4:
                    82:e1:c2:68:7b:ec:8f:72:f2:29:48:13:a3:57:b5:
                    99:d3:07:da:34:74:3c:d4:63:7f:b3:20:cb:c7:ba:
                    fc:0d:6d:4f:c3:db:ec:30:9d:8d:96:78:2e:49:3a:
                    81:67:7c:a4:96:b8:4a:6e:d5:cc:a8:c9:28:cc:31:
                    50:c4:94:32:9d:b5:62:37:06:88:bb:0e:93:7e:5d:
                    e3:77:dd:77:e9:0d:19:5a:6a:c6:48:c3:9c:b0:10:
                    b6:74:9f:7f:c8:ee:16:06:44:47:d3:21:64:25:0a:
                    56:fa:7a:b2:b5:7d:81:aa:48:00:f9:3b:0e:86:fe:
                    03:cf:3e:0f:8c:a7:45:1d:f2:81:90:51:6c:9e:16:
                    d3:cf:41:9c:66:03:ed:b7:a5:3f:6a:0d:ac:e6:0f:
                    c8:f3:fa:de:fc:a3:41:b9:58:72:24:83:2c:ee:79:
                    45:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:7E:F1:31:C0:CD:99:F5:34:21:FE:BA:00:F6:24:FA:8E:BF:91:A4
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4n7xMcDNmfU0If66APYk-o6_kaQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.35.0/24
                  163.5.100.0/24
                  163.5.107.0/24
                  163.5.127.0/24
                  163.5.132.0/23
                  163.5.136.0/24
                  163.5.138.0/24
                  163.5.145.0/24
                  163.5.158.0/24
                  163.5.161.0/24
                  163.5.166.0/24
                  163.5.202.0/24
                  163.5.210.0/23
                  163.5.222.0/24
                  163.5.226.0/23
                  163.5.230.0/24
                  163.5.233.0/24
                  163.5.239.0-163.5.241.255
                  163.5.244.0/24
                  163.5.246.0/24
                  163.5.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:63:a3:ca:dd:f6:40:56:7d:6e:bd:3e:fa:0c:0e:78:b2:f3:
         f7:0f:d5:f6:69:76:a7:64:07:13:09:74:6b:ee:55:10:47:2e:
         7b:2b:1d:25:ec:cd:a6:7c:e0:2c:c1:d7:c3:56:8a:18:59:d0:
         17:35:26:2b:44:4b:bd:a2:40:23:dd:f3:94:4c:a4:19:4c:ff:
         65:5b:7c:85:2d:e8:13:93:cd:6e:3b:50:f5:6a:e7:42:28:78:
         44:48:14:8e:0a:85:71:ce:69:3f:39:b6:a9:d4:5f:71:7d:d1:
         a6:31:19:88:53:81:e2:b1:9f:a3:ca:0c:10:5a:db:0d:d0:54:
         e3:f0:f7:66:ec:2d:fc:43:0c:5b:6c:b9:f4:a2:c5:9e:24:39:
         c1:cb:4c:07:22:a1:8b:b9:48:ec:60:5d:1d:d2:50:e0:02:b1:
         ea:5d:13:2c:9b:13:1a:4e:d8:9b:cf:d1:18:7d:e0:9f:01:3c:
         c4:80:d5:9e:19:fd:8e:17:5f:55:45:d7:25:d9:9a:8d:81:eb:
         ac:81:38:1e:b6:75:47:9b:b2:70:a3:d7:b4:07:3a:ee:96:52:
         a1:e1:0f:83:08:1c:b3:8c:db:5e:da:e5:ac:f2:40:3b:c7:e5:
         c0:21:7e:e5:de:c5:5c:44:d0:9c:a6:08:3a:ab:18:b3:b3:9d:
         bc:39:82:2d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYWBc2YP4ojO3bcWTSn74/TGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTA1MTAyMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjdlZjEzMWMwY2Q5OWY1MzQyMWZlYmEwMGY2MjRmYThlYmY5MWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQSvWkiqKFzIWrWfwp/Hob02PdDi
Bpwx56yM8rlaIPY9Wb+bX3YNvnxNjUpv8ToBvKlgTr79yYpQqzlXqZ2OnrojUi1F
6WyRfeJMO4/bFsdsBHbVvIpMOsSC4cJoe+yPcvIpSBOjV7WZ0wfaNHQ81GN/syDL
x7r8DW1Pw9vsMJ2NlnguSTqBZ3yklrhKbtXMqMkozDFQxJQynbViNwaIuw6Tfl3j
d9136Q0ZWmrGSMOcsBC2dJ9/yO4WBkRH0yFkJQpW+nqytX2BqkgA+TsOhv4Dzz4P
jKdFHfKBkFFsnhbTz0GcZgPtt6U/ag2s5g/I8/re/KNBuVhyJIMs7nlFLwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFOJ+8THAzZn1NCH+ugD2JPqOv5GkMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNG43eE1jRE5tZlUwSWY2NkFQWWstbzZfa2FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBACj
BSMDBACjBWQDBACjBWsDBACjBX8DBAGjBYQDBACjBYgDBACjBYoDBACjBZEDBACj
BZ4DBACjBaEDBACjBaYDBACjBcoDBAGjBdIDBACjBd4DBAGjBeIDBACjBeYDBACj
BekwDAMEAKMF7wMEAaMF8AMEAKMF9AMEAKMF9gMEAKMF+DANBgkqhkiG9w0BAQsF
AAOCAQEAJWOjyt32QFZ9br0++gwOeLLz9w/V9ml2p2QHEwl0a+5VEEcueysdJezN
pnzgLMHXw1aKGFnQFzUmK0RLvaJAI93zlEykGUz/ZVt8hS3oE5PNbjtQ9WrnQih4
REgUjgqFcc5pPzm2qdRfcX3RpjEZiFOB4rGfo8oMEFrbDdBU4/D3Zuwt/EMMW2y5
9KLFniQ5wctMByKhi7lI7GBdHdJQ4AKx6l0TLJsTGk7Ym8/RGH3gnwE8xIDVnhn9
jhdfVUXXJdmajYHrrIE4HrZ1R5uycKPXtAc67pZSoeEPgwgcs4zbXtrlrPJAO8fl
wCF+5d7FXETQnKYIOqsYs7OdvDmCLQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:28 2024 by rpki-client on console-ams.rpki-client.org