Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/D3CE9gmYUVM7F2f9_Zmjyd3whEE.roa
File:                     D3CE9gmYUVM7F2f9_Zmjyd3whEE.roa (raw, json)
Hash identifier:          ACumeMdRty6R/dTtt0utBxUMMM7cfAgmcVIUb+44Aq8=
Subject key identifier:   0F:70:84:F6:09:98:51:53:3B:17:67:FD:FD:99:A3:C9:DD:F0:84:41
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0189A88B974D14E4EA70647A4DBE08A48C3A
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/D3CE9gmYUVM7F2f9_Zmjyd3whEE.roa
Signing time:             Sun 30 Jul 2023 20:44:27 +0000
ROA not before:           Sun 30 Jul 2023 20:44:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        163.5.229.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.240.0/24 maxlen: 24
                          163.5.246.0/24 maxlen: 24
                          163.5.88.0/24 maxlen: 24
                          163.5.90.0/24 maxlen: 24
                          163.5.93.0/24 maxlen: 24
                          163.5.102.0/24 maxlen: 24
                          163.5.101.0/24 maxlen: 24
                          163.5.109.0/24 maxlen: 24
                          163.5.108.0/24 maxlen: 24
                          163.5.116.0/24 maxlen: 24
                          163.5.117.0/24 maxlen: 24
                          163.5.38.0/24 maxlen: 24
                          163.5.39.0/24 maxlen: 24
                          163.5.63.0/24 maxlen: 24
                          163.5.60.0/24 maxlen: 24
                          163.5.174.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.192.0/24 maxlen: 24
                          163.5.225.0/24 maxlen: 24
                          163.5.119.0/24 maxlen: 24
                          163.5.130.0/24 maxlen: 24
                          163.5.131.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.147.0/24 maxlen: 24
                          163.5.171.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 03 Aug 2023 11:40:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:a8:8b:97:4d:14:e4:ea:70:64:7a:4d:be:08:a4:8c:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jul 30 20:44:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0f7084f6099851533b1767fdfd99a3c9ddf08441
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:0a:31:42:63:c9:8a:2d:19:ba:7d:f2:68:e9:
                    29:5c:dd:66:8c:7f:57:d6:fc:71:e1:1b:e5:b8:d1:
                    85:de:3c:eb:e4:25:57:13:eb:5c:8a:05:60:26:74:
                    e0:88:57:5a:67:01:f7:d5:41:2c:c8:29:1d:ca:e3:
                    05:e9:94:5e:35:da:5c:09:38:24:09:a4:45:37:06:
                    c1:89:ed:63:aa:97:65:2e:bd:09:4d:d7:38:53:93:
                    dc:a4:41:05:c9:24:5e:25:5f:32:a1:14:5f:e3:b9:
                    8c:28:ca:24:3c:1a:8c:b7:e3:8d:be:e3:30:d6:be:
                    f8:9b:8f:78:2a:06:74:47:8a:9d:03:77:b4:52:4a:
                    ee:ed:96:96:63:f0:aa:74:bf:e7:7d:5f:48:cd:7c:
                    7e:af:3e:f4:20:7f:05:1f:03:a5:af:42:2c:b7:91:
                    85:10:1f:a9:7a:ae:42:ef:04:b1:e0:f6:bb:76:c3:
                    b0:e8:e9:a7:5a:c1:0a:ec:56:b6:e3:6c:99:45:ab:
                    38:bb:3f:50:7c:58:64:0e:45:45:ce:47:f0:05:7f:
                    58:36:dc:ab:35:a4:b9:f2:8e:43:a0:74:2e:d5:19:
                    99:0e:61:be:44:a6:8e:1c:b0:11:05:3a:29:fb:69:
                    ae:01:be:4c:54:ea:ac:25:74:74:f7:81:d2:25:3a:
                    0f:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:70:84:F6:09:98:51:53:3B:17:67:FD:FD:99:A3:C9:DD:F0:84:41
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/D3CE9gmYUVM7F2f9_Zmjyd3whEE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.38.0/23
                  163.5.60.0/24
                  163.5.63.0/24
                  163.5.88.0/24
                  163.5.90.0/24
                  163.5.93.0/24
                  163.5.101.0-163.5.102.255
                  163.5.108.0/23
                  163.5.116.0/23
                  163.5.119.0/24
                  163.5.130.0/23
                  163.5.134.0/24
                  163.5.147.0/24
                  163.5.171.0/24
                  163.5.174.0/24
                  163.5.189.0/24
                  163.5.192.0/24
                  163.5.225.0/24
                  163.5.228.0/23
                  163.5.240.0/24
                  163.5.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:1d:7f:11:00:e0:79:f6:f6:f3:02:73:22:5c:de:38:6d:a3:
         c2:e4:f2:a2:87:bf:f4:1f:2d:00:86:2c:83:45:0f:ba:68:9f:
         0f:73:e7:47:51:f1:14:33:8c:4e:74:d6:c5:af:6a:b7:30:57:
         b8:f9:1a:7e:fa:a9:d0:e1:11:e7:7c:6e:0d:b2:75:9f:4a:66:
         d9:35:95:db:4a:27:f2:27:12:33:18:4e:c8:9d:96:4c:c5:7f:
         6a:a3:db:7b:c3:c6:f0:b9:80:86:2e:1a:80:56:d6:99:94:c0:
         20:31:9e:d1:32:a0:36:71:ff:1d:eb:5e:58:48:a1:03:2c:93:
         20:ba:64:0b:a0:50:5e:67:e5:63:7c:e1:80:ad:a5:ed:a7:85:
         b9:bd:61:7b:c3:a3:c2:35:ce:94:49:2c:aa:d5:14:8e:a6:63:
         ff:de:0e:4e:f1:c9:fb:49:19:3a:de:f3:b7:a6:d4:e4:fc:96:
         aa:7c:e6:5b:5d:02:bb:f4:f2:34:6a:12:88:fe:e1:8f:dc:ea:
         9d:96:8b:96:69:78:5a:f6:7d:6a:b6:b7:2a:97:c1:fb:dc:a8:
         98:96:3f:45:bb:7d:b1:cf:2e:89:29:86:cb:52:63:15:96:f0:
         cc:3b:a2:28:c0:5e:ad:92:f1:41:b6:22:db:55:7f:91:60:46:
         f3:ca:37:bc
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYmoi5dNFOTqcGR6Tb4IpIw6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNzMwMjA0NDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjcwODRmNjA5OTg1MTUzM2IxNzY3ZmRmZDk5YTNjOWRkZjA4NDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwoxQmPJii0Zun3yaOkpXN1mjH9X
1vxx4RvluNGF3jzr5CVXE+tcigVgJnTgiFdaZwH31UEsyCkdyuMF6ZReNdpcCTgk
CaRFNwbBie1jqpdlLr0JTdc4U5PcpEEFySReJV8yoRRf47mMKMokPBqMt+ONvuMw
1r74m494KgZ0R4qdA3e0Ukru7ZaWY/CqdL/nfV9IzXx+rz70IH8FHwOlr0Ist5GF
EB+peq5C7wSx4Pa7dsOw6OmnWsEK7Fa242yZRas4uz9QfFhkDkVFzkfwBX9YNtyr
NaS58o5DoHQu1RmZDmG+RKaOHLARBTop+2muAb5MVOqsJXR094HSJToPPwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFA9whPYJmFFTOxdn/f2Zo8nd8IRBMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRDNDRTlnbVlVVk03RjJmOV9abWp5ZDN3aEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAGj
BSYDBACjBTwDBACjBT8DBACjBVgDBACjBVoDBACjBV0wDAMEAKMFZQMEAKMFZgME
AaMFbAMEAaMFdAMEAKMFdwMEAaMFggMEAKMFhgMEAKMFkwMEAKMFqwMEAKMFrgME
AKMFvQMEAKMFwAMEAKMF4QMEAaMF5AMEAKMF8AMEAKMF9jANBgkqhkiG9w0BAQsF
AAOCAQEAlx1/EQDgefb28wJzIlzeOG2jwuTyooe/9B8tAIYsg0UPumifD3PnR1Hx
FDOMTnTWxa9qtzBXuPkafvqp0OER53xuDbJ1n0pm2TWV20on8icSMxhOyJ2WTMV/
aqPbe8PG8LmAhi4agFbWmZTAIDGe0TKgNnH/HeteWEihAyyTILpkC6BQXmflY3zh
gK2l7aeFub1he8OjwjXOlEksqtUUjqZj/94OTvHJ+0kZOt7zt6bU5PyWqnzmW10C
u/TyNGoSiP7hj9zqnZaLlml4WvZ9ara3KpfB+9yomJY/Rbt9sc8uiSmGy1JjFZbw
zDuiKMBerZLxQbYi21V/kWBG88o3vA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:29 2024 by rpki-client on console-ams.rpki-client.org