Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/BpzcqpUVcCXNvVroT2m8WjU0rjI.roa
File:                     BpzcqpUVcCXNvVroT2m8WjU0rjI.roa (raw, json)
Hash identifier:          Ye1vkA1iLscis2Cw4UAJGLnmwsOqQYwZuBeohrN8fTY=
Subject key identifier:   06:9C:DC:AA:95:15:70:25:CD:BD:5A:E8:4F:69:BC:5A:35:34:AE:32
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018A11E528FB98F77ACCDA8DC6C689DD1AE6
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/BpzcqpUVcCXNvVroT2m8WjU0rjI.roa
Signing time:             Sun 20 Aug 2023 07:42:25 +0000
ROA not before:           Sun 20 Aug 2023 07:42:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204372
IP address blocks:        163.5.202.0/24 maxlen: 24
                          163.5.99.0/24 maxlen: 24
                          163.5.221.0/24 maxlen: 24
                          163.5.31.0/24 maxlen: 24
                          163.5.35.0/24 maxlen: 24
                          163.5.161.0/24 maxlen: 24
                          163.5.62.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 27 Aug 2023 13:59:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:11:e5:28:fb:98:f7:7a:cc:da:8d:c6:c6:89:dd:1a:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Aug 20 07:42:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=069cdcaa95157025cdbd5ae84f69bc5a3534ae32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:d1:30:ba:69:66:ee:68:4e:a1:80:f5:14:91:
                    3d:a5:46:aa:f4:33:69:cc:d0:cd:a1:1f:a5:64:13:
                    eb:57:f1:8a:70:7c:33:0c:2e:26:f1:24:89:c9:c0:
                    76:f4:67:48:96:b2:54:53:ba:81:57:94:24:a7:7e:
                    d6:b1:8d:c5:a1:30:79:47:b6:f8:21:1c:40:32:19:
                    af:42:ee:6c:95:b8:fb:92:56:e4:c0:13:5a:78:3d:
                    8a:62:99:cb:18:a8:90:37:99:9f:2a:6a:06:9a:e4:
                    59:ae:4e:96:fb:3c:8c:f0:c5:39:78:62:d1:f5:53:
                    2e:98:c4:20:75:ca:24:db:8b:18:3d:d3:bb:3c:07:
                    5a:96:66:f8:65:11:12:0e:d3:d1:65:e1:92:b6:bf:
                    95:d1:d6:46:ea:47:fd:05:70:80:ce:83:b5:5a:49:
                    f3:1c:ea:d6:ff:5e:23:2a:6d:99:cd:4d:a9:fa:59:
                    0c:62:7e:61:df:93:d6:63:45:99:55:9a:63:46:24:
                    2d:93:30:f6:23:34:27:59:dd:fd:65:40:19:a0:de:
                    c0:38:3b:9d:57:35:c7:e0:36:ab:9d:00:ce:d8:97:
                    c3:bc:4f:b7:c6:fd:ef:42:91:4b:e0:d9:2e:f2:a0:
                    bc:6b:68:79:9e:e6:22:85:0f:dc:a2:83:52:6a:ba:
                    29:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:9C:DC:AA:95:15:70:25:CD:BD:5A:E8:4F:69:BC:5A:35:34:AE:32
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/BpzcqpUVcCXNvVroT2m8WjU0rjI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.31.0/24
                  163.5.35.0/24
                  163.5.62.0/24
                  163.5.99.0/24
                  163.5.161.0/24
                  163.5.202.0/24
                  163.5.221.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:a0:47:1b:5e:5b:cc:48:7c:0d:81:ee:7b:93:f8:fa:e1:2c:
         47:e6:13:db:c1:2d:5a:34:ee:8b:fe:73:33:7b:db:a5:f9:7f:
         1b:41:95:39:03:ac:e4:f6:fc:b2:00:13:25:ef:12:53:2e:75:
         c1:26:f0:a8:c7:93:79:e6:8b:13:28:9e:83:a2:e4:1a:4f:0f:
         ef:69:71:b4:47:56:4d:cf:14:44:9f:7d:6c:9a:ad:9b:7f:78:
         51:a7:38:5e:53:75:3c:8c:4d:eb:84:16:56:a5:39:53:09:48:
         60:b1:bb:fc:0e:39:ac:ea:de:10:a2:54:e6:fa:68:44:cb:69:
         79:8a:96:ae:be:71:8c:51:05:36:ac:58:26:ec:6f:fa:0f:f1:
         2f:2c:58:15:fa:fe:67:99:52:bc:bb:f2:1e:66:f0:c8:58:56:
         a3:18:c5:34:3b:d3:ce:97:a8:35:d8:eb:49:89:4e:8e:6d:3e:
         12:f0:79:e9:56:5f:6a:76:33:97:3a:14:0a:3c:7d:63:54:dc:
         0d:be:50:f2:2e:ef:76:4c:0e:18:2d:1b:ca:61:00:87:01:dd:
         b4:9d:5f:77:21:57:5f:b8:13:ba:a5:3d:1d:9e:0b:5f:05:68:
         5c:d0:46:22:40:5c:03:9e:89:fb:11:4c:78:ab:00:9a:5f:8a:
         eb:9f:a8:8f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYoR5Sj7mPd6zNqNxsaJ3RrmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwODIwMDc0MjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjljZGNhYTk1MTU3MDI1Y2RiZDVhZTg0ZjY5YmM1YTM1MzRhZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7NEwumlm7mhOoYD1FJE9pUaq9DNp
zNDNoR+lZBPrV/GKcHwzDC4m8SSJycB29GdIlrJUU7qBV5Qkp37WsY3FoTB5R7b4
IRxAMhmvQu5slbj7klbkwBNaeD2KYpnLGKiQN5mfKmoGmuRZrk6W+zyM8MU5eGLR
9VMumMQgdcok24sYPdO7PAdalmb4ZRESDtPRZeGStr+V0dZG6kf9BXCAzoO1Wknz
HOrW/14jKm2ZzU2p+lkMYn5h35PWY0WZVZpjRiQtkzD2IzQnWd39ZUAZoN7AODud
VzXH4DarnQDO2JfDvE+3xv3vQpFL4Nku8qC8a2h5nuYihQ/cooNSarop4QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAac3KqVFXAlzb1a6E9pvFo1NK4yMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQnB6Y3FwVVZjQ1hOdlZyb1QybThXalUwcmpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowUfAwQA
owUjAwQAowU+AwQAowVjAwQAowWhAwQAowXKAwQAowXdMA0GCSqGSIb3DQEBCwUA
A4IBAQA9oEcbXlvMSHwNge57k/j64SxH5hPbwS1aNO6L/nMze9ul+X8bQZU5A6zk
9vyyABMl7xJTLnXBJvCox5N55osTKJ6DouQaTw/vaXG0R1ZNzxREn31smq2bf3hR
pzheU3U8jE3rhBZWpTlTCUhgsbv8Djms6t4QolTm+mhEy2l5ipauvnGMUQU2rFgm
7G/6D/EvLFgV+v5nmVK8u/IeZvDIWFajGMU0O9POl6g12OtJiU6ObT4S8HnpVl9q
djOXOhQKPH1jVNwNvlDyLu92TA4YLRvKYQCHAd20nV93IVdfuBO6pT0dngtfBWhc
0EYiQFwDnon7EUx4qwCaX4rrn6iP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:29 2024 by rpki-client on console-ams.rpki-client.org