Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8odDRNgp66wj2dnBNx8SgBTBQDY.roa
File:                     8odDRNgp66wj2dnBNx8SgBTBQDY.roa (raw, json)
Hash identifier:          c7xcPxvfeia+En7fpl2ktJJCm7vCrsOT1JzN8S+cJng=
Subject key identifier:   F2:87:43:44:D8:29:EB:AC:23:D9:D9:C1:37:1F:12:80:14:C1:40:36
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018834094E279E882CEA609F9172B816E487
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8odDRNgp66wj2dnBNx8SgBTBQDY.roa
Signing time:             Fri 19 May 2023 12:43:25 +0000
ROA not before:           Fri 19 May 2023 12:43:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204372
IP address blocks:        163.5.227.0/24 maxlen: 24
                          163.5.230.0/24 maxlen: 24
                          163.5.240.0/24 maxlen: 24
                          163.5.248.0/24 maxlen: 24
                          163.5.254.0/24 maxlen: 24
                          163.5.86.0/24 maxlen: 24
                          163.5.87.0/24 maxlen: 24
                          163.5.99.0/24 maxlen: 24
                          163.5.107.0/24 maxlen: 24
                          163.5.109.0/24 maxlen: 24
                          163.5.117.0/24 maxlen: 24
                          163.5.31.0/24 maxlen: 24
                          163.5.35.0/24 maxlen: 24
                          163.5.61.0/24 maxlen: 24
                          163.5.62.0/24 maxlen: 24
                          163.5.198.0/24 maxlen: 24
                          163.5.202.0/24 maxlen: 24
                          163.5.211.0/24 maxlen: 24
                          163.5.210.0/24 maxlen: 24
                          163.5.216.0/24 maxlen: 24
                          163.5.223.0/24 maxlen: 24
                          163.5.221.0/24 maxlen: 24
                          163.5.226.0/24 maxlen: 24
                          163.5.222.0/24 maxlen: 24
                          163.5.132.0/24 maxlen: 24
                          163.5.130.0/24 maxlen: 24
                          163.5.127.0/24 maxlen: 24
                          163.5.136.0/24 maxlen: 24
                          163.5.138.0/24 maxlen: 24
                          163.5.133.0/24 maxlen: 24
                          163.5.145.0/24 maxlen: 24
                          163.5.149.0/24 maxlen: 24
                          163.5.158.0/24 maxlen: 24
                          163.5.166.0/24 maxlen: 24
                          163.5.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 21 May 2023 07:26:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:34:09:4e:27:9e:88:2c:ea:60:9f:91:72:b8:16:e4:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: May 19 12:43:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f2874344d829ebac23d9d9c1371f128014c14036
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:63:b3:43:b8:56:bd:26:b4:6b:03:05:db:14:
                    04:41:6c:61:2f:21:3d:11:ad:3f:a1:1e:f4:ab:73:
                    da:52:d9:94:de:5c:03:d5:03:81:9e:2f:c1:9e:aa:
                    b7:52:1d:77:7e:7d:a6:8f:dd:e8:2f:ba:0f:f9:7e:
                    53:63:d2:ed:2c:37:54:5a:ba:6b:f9:44:5d:96:fd:
                    14:e7:34:ba:d6:fd:c1:39:9d:63:40:e0:0f:49:b0:
                    0c:e6:33:29:2d:9d:96:73:5b:c9:c6:99:c8:79:9d:
                    3f:90:c7:19:f6:7d:1f:7e:5a:09:0a:bb:79:32:46:
                    fa:99:07:a9:d4:4d:a1:66:14:93:54:95:89:69:76:
                    92:2d:54:23:62:09:6b:96:af:13:db:72:99:84:a3:
                    b6:45:ab:72:ef:7a:f2:09:a7:99:04:e3:78:1c:75:
                    75:ae:df:21:dc:20:6a:88:b7:c2:ab:4d:cd:53:00:
                    fb:47:15:a2:e4:e6:99:eb:25:fe:41:bd:1f:f0:3b:
                    b1:df:da:53:ae:c8:8c:a0:51:8d:63:30:d0:77:8c:
                    b2:96:1c:02:8f:2b:77:3f:56:c3:77:56:e4:cd:b8:
                    20:db:fd:cc:25:29:2c:94:a1:18:82:03:b7:18:c5:
                    bb:1c:22:34:4d:d0:0e:71:32:9f:26:d9:43:28:38:
                    27:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:87:43:44:D8:29:EB:AC:23:D9:D9:C1:37:1F:12:80:14:C1:40:36
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8odDRNgp66wj2dnBNx8SgBTBQDY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.31.0/24
                  163.5.35.0/24
                  163.5.61.0-163.5.62.255
                  163.5.86.0/23
                  163.5.99.0/24
                  163.5.107.0/24
                  163.5.109.0/24
                  163.5.117.0/24
                  163.5.127.0/24
                  163.5.130.0/24
                  163.5.132.0/23
                  163.5.136.0/24
                  163.5.138.0/24
                  163.5.145.0/24
                  163.5.149.0/24
                  163.5.158.0/24
                  163.5.161.0/24
                  163.5.166.0/24
                  163.5.198.0/24
                  163.5.202.0/24
                  163.5.210.0/23
                  163.5.216.0/24
                  163.5.221.0-163.5.223.255
                  163.5.226.0/23
                  163.5.230.0/24
                  163.5.240.0/24
                  163.5.248.0/24
                  163.5.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:2c:1d:ac:7e:7a:49:05:d3:80:d1:7d:5a:33:bd:de:9b:47:
         50:9e:d2:78:72:c9:f6:82:1f:35:b6:17:92:29:89:4e:38:ec:
         f2:dd:69:5c:ff:83:f1:65:30:23:12:cd:ce:4d:33:99:50:15:
         6d:a4:3d:52:da:cb:d6:b0:22:56:f0:e4:d2:0a:5d:12:09:54:
         fa:7a:c8:54:b8:cd:b0:c5:03:35:b6:10:57:20:c0:28:f5:57:
         6f:8b:f8:87:29:1d:df:c8:61:7b:ef:68:76:44:99:34:c4:88:
         a7:90:c0:3e:fd:03:a2:68:a6:d4:f9:9b:ad:5b:52:96:90:79:
         1c:e8:9e:9c:ed:de:79:c6:0c:92:02:6f:ae:4e:73:57:5e:de:
         11:4d:aa:ed:6c:55:1a:e6:4c:27:78:f1:ef:8b:c7:a5:d2:fb:
         ed:9d:b4:a3:98:72:de:ba:ab:24:fb:87:09:ac:2d:10:c2:cb:
         9a:df:19:ed:df:d7:b9:5b:da:fc:20:1a:82:d8:9e:5d:32:c1:
         19:6f:c9:97:f8:f6:f0:c7:ef:74:0c:5d:3b:c4:4f:af:fa:2c:
         86:f1:89:0d:d4:d6:2a:0e:13:7f:42:89:91:e2:f8:41:f7:2a:
         aa:f6:1d:2c:aa:84:ad:4c:4a:05:a2:8f:70:b8:69:ad:e3:52:
         a3:85:46:d9
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAYg0CU4nnogs6mCfkXK4FuSHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNTE5MTI0MzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjg3NDM0NGQ4MjllYmFjMjNkOWQ5YzEzNzFmMTI4MDE0YzE0MDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2OzQ7hWvSa0awMF2xQEQWxhLyE9
Ea0/oR70q3PaUtmU3lwD1QOBni/Bnqq3Uh13fn2mj93oL7oP+X5TY9LtLDdUWrpr
+URdlv0U5zS61v3BOZ1jQOAPSbAM5jMpLZ2Wc1vJxpnIeZ0/kMcZ9n0ffloJCrt5
Mkb6mQep1E2hZhSTVJWJaXaSLVQjYglrlq8T23KZhKO2Raty73ryCaeZBON4HHV1
rt8h3CBqiLfCq03NUwD7RxWi5OaZ6yX+Qb0f8Dux39pTrsiMoFGNYzDQd4yylhwC
jyt3P1bDd1bkzbgg2/3MJSkslKEYggO3GMW7HCI0TdAOcTKfJtlDKDgn9wIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFPKHQ0TYKeusI9nZwTcfEoAUwUA2MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvOG9kRFJOZ3A2NndqMmRuQk54OFNnQlRCUURZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgDBACj
BR8DBACjBSMwDAMEAKMFPQMEAKMFPgMEAaMFVgMEAKMFYwMEAKMFawMEAKMFbQME
AKMFdQMEAKMFfwMEAKMFggMEAaMFhAMEAKMFiAMEAKMFigMEAKMFkQMEAKMFlQME
AKMFngMEAKMFoQMEAKMFpgMEAKMFxgMEAKMFygMEAaMF0gMEAKMF2DAMAwQAowXd
AwQFowXAAwQBowXiAwQAowXmAwQAowXwAwQAowX4AwQAowX+MA0GCSqGSIb3DQEB
CwUAA4IBAQAHLB2sfnpJBdOA0X1aM73em0dQntJ4csn2gh81theSKYlOOOzy3Wlc
/4PxZTAjEs3OTTOZUBVtpD1S2svWsCJW8OTSCl0SCVT6eshUuM2wxQM1thBXIMAo
9Vdvi/iHKR3fyGF772h2RJk0xIinkMA+/QOiaKbU+ZutW1KWkHkc6J6c7d55xgyS
Am+uTnNXXt4RTartbFUa5kwnePHvi8el0vvtnbSjmHLeuqsk+4cJrC0Qwsua3xnt
39e5W9r8IBqC2J5dMsEZb8mX+Pbwx+90DF07xE+v+iyG8YkN1NYqDhN/QomR4vhB
9yqq9h0sqoStTEoFoo9wuGmt41KjhUbZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:03 2024 by rpki-client on console-fra.rpki-client.org