Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4zBIaILG74HSmGiQ0TMGc3oDDvk.roa
File:                     4zBIaILG74HSmGiQ0TMGc3oDDvk.roa (raw, json)
Hash identifier:          Pu5iVF4FM2mnxemtpNTiOckah9AvoiZo0W077APFbrk=
Subject key identifier:   E3:30:48:68:82:C6:EF:81:D2:98:68:90:D1:33:06:73:7A:03:0E:F9
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0191735C6D330D394DBB853C495758698FC3
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4zBIaILG74HSmGiQ0TMGc3oDDvk.roa
Signing time:             Wed 21 Aug 2024 05:15:22 +0000
ROA not before:           Wed 21 Aug 2024 05:15:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     40676
IP address blocks:        163.5.56.0/24 maxlen: 24
                          163.5.82.0/24 maxlen: 24
                          163.5.99.0/24 maxlen: 24
                          163.5.127.0/24 maxlen: 24
                          163.5.140.0/24 maxlen: 24
                          163.5.202.0/24 maxlen: 24
                          163.5.248.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 16 Sep 2024 11:12:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:73:5c:6d:33:0d:39:4d:bb:85:3c:49:57:58:69:8f:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Aug 21 05:15:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e330486882c6ef81d2986890d13306737a030ef9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:58:9e:47:f9:a2:59:07:8a:03:76:0b:e2:a4:
                    7d:c4:bc:ac:42:e7:76:6d:4b:e2:07:87:36:cf:c8:
                    5d:d0:d3:9d:64:56:d7:b3:dc:f5:cf:92:dd:85:c5:
                    57:7f:ef:5c:79:01:66:6d:ec:ad:11:bc:c3:7d:8d:
                    f8:4d:6c:e5:f1:f2:bc:0e:5a:13:10:45:f7:a0:86:
                    49:0f:e8:25:5a:46:68:c5:08:a2:56:28:93:b7:26:
                    0f:cd:85:42:a7:63:4a:a7:ce:50:97:7a:40:8b:9a:
                    55:22:96:7c:0b:40:99:f2:28:72:7d:a8:86:e8:fb:
                    4b:41:aa:a3:b5:78:3c:24:8a:f6:5b:6c:3a:18:0a:
                    71:57:49:2c:64:01:63:56:81:70:03:12:94:79:b9:
                    ad:e6:44:34:aa:35:6d:31:ea:2e:1f:4a:b5:7d:c4:
                    38:e5:21:a5:6f:d5:17:8e:fb:08:5e:db:c2:7c:67:
                    14:61:f3:f5:53:17:bd:82:9d:b0:c0:bb:a6:00:6f:
                    53:53:85:16:d5:14:b0:10:aa:99:98:b5:3b:25:10:
                    c1:74:66:46:c8:8d:88:4b:2e:63:c1:a2:ab:fa:15:
                    5c:a6:04:67:5d:89:35:38:21:c8:a2:a8:19:11:b1:
                    e4:88:10:de:7b:78:fa:56:a2:aa:05:d7:03:84:87:
                    d5:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:30:48:68:82:C6:EF:81:D2:98:68:90:D1:33:06:73:7A:03:0E:F9
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4zBIaILG74HSmGiQ0TMGc3oDDvk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.56.0/24
                  163.5.82.0/24
                  163.5.99.0/24
                  163.5.127.0/24
                  163.5.140.0/24
                  163.5.202.0/24
                  163.5.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:69:00:3c:a9:19:99:e6:15:0f:0c:90:15:da:21:06:43:ce:
         0e:ef:45:32:6d:b4:76:79:c8:36:dd:ed:8a:ee:c8:f2:cb:ea:
         ad:30:7f:94:23:6f:4c:0c:d4:17:37:81:b9:cb:e0:2c:2a:cc:
         1a:73:4d:44:63:d3:ed:b8:bc:33:4d:25:95:86:5f:e1:90:95:
         53:12:19:fe:43:1d:70:91:f7:05:1f:dd:0b:10:be:22:7f:22:
         bd:cf:dd:80:e9:4e:cf:0a:df:ee:f1:29:dd:e0:ec:50:90:13:
         19:6c:66:3d:83:ff:da:27:fd:3f:f8:96:e0:e8:0d:ca:15:6f:
         22:4f:cb:50:bb:00:0c:ca:e9:1f:33:f2:0b:af:69:d6:5e:7a:
         a2:09:e0:64:94:30:ee:df:37:30:08:ed:1f:01:02:4b:e1:71:
         94:de:06:44:33:6a:17:66:51:03:ae:df:81:b5:c5:0d:46:88:
         e9:36:d1:df:4e:5c:36:97:2d:42:37:ad:10:6e:57:78:85:4e:
         72:e4:5a:5d:e0:5a:e5:42:73:59:f7:21:14:34:78:35:7d:15:
         d8:08:a3:c6:70:e2:69:41:bc:1b:be:c1:d7:06:95:e3:5d:85:
         86:ed:54:dd:62:1d:48:f2:2b:02:c4:86:d7:d7:10:8d:12:0a:
         27:a5:9b:ad
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZFzXG0zDTlNu4U8SVdYaY/DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwODIxMDUxNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzMwNDg2ODgyYzZlZjgxZDI5ODY4OTBkMTMzMDY3MzdhMDMwZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlieR/miWQeKA3YL4qR9xLysQud2
bUviB4c2z8hd0NOdZFbXs9z1z5LdhcVXf+9ceQFmbeytEbzDfY34TWzl8fK8DloT
EEX3oIZJD+glWkZoxQiiViiTtyYPzYVCp2NKp85Ql3pAi5pVIpZ8C0CZ8ihyfaiG
6PtLQaqjtXg8JIr2W2w6GApxV0ksZAFjVoFwAxKUebmt5kQ0qjVtMeouH0q1fcQ4
5SGlb9UXjvsIXtvCfGcUYfP1Uxe9gp2wwLumAG9TU4UW1RSwEKqZmLU7JRDBdGZG
yI2ISy5jwaKr+hVcpgRnXYk1OCHIoqgZEbHkiBDee3j6VqKqBdcDhIfVtwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOMwSGiCxu+B0phokNEzBnN6Aw75MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNHpCSWFJTEc3NEhTbUdpUTBUTUdjM29ERHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowU4AwQA
owVSAwQAowVjAwQAowV/AwQAowWMAwQAowXKAwQAowX4MA0GCSqGSIb3DQEBCwUA
A4IBAQCdaQA8qRmZ5hUPDJAV2iEGQ84O70UybbR2ecg23e2K7sjyy+qtMH+UI29M
DNQXN4G5y+AsKswac01EY9PtuLwzTSWVhl/hkJVTEhn+Qx1wkfcFH90LEL4ifyK9
z92A6U7PCt/u8Snd4OxQkBMZbGY9g//aJ/0/+Jbg6A3KFW8iT8tQuwAMyukfM/IL
r2nWXnqiCeBklDDu3zcwCO0fAQJL4XGU3gZEM2oXZlEDrt+BtcUNRojpNtHfTlw2
ly1CN60Qbld4hU5y5Fpd4FrlQnNZ9yEUNHg1fRXYCKPGcOJpQbwbvsHXBpXjXYWG
7VTdYh1I8isCxIbX1xCNEgonpZut
-----END CERTIFICATE-----
Generated at Mon Sep 16 13:24:21 2024 by rpki-client on console-fra.rpki-client.org