Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GtOOiQkPk34SCHj8Q8-e04E9HbQ.roa
File:                     GtOOiQkPk34SCHj8Q8-e04E9HbQ.roa (raw, json)
Hash identifier:          WcQLGVS4fiMIE3g5ymH+9V7IWqN3roca4r/nhYyZfrk=
Subject key identifier:   1A:D3:8E:89:09:0F:93:7E:12:08:78:FC:43:CF:9E:D3:81:3D:1D:B4
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0188AEC34443BB3E7E9511B71C1102D7DDE4
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GtOOiQkPk34SCHj8Q8-e04E9HbQ.roa
Signing time:             Mon 12 Jun 2023 08:40:12 +0000
ROA not before:           Mon 12 Jun 2023 08:40:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        163.5.229.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.240.0/24 maxlen: 24
                          163.5.246.0/24 maxlen: 24
                          163.5.249.0/24 maxlen: 24
                          163.5.71.0/24 maxlen: 24
                          163.5.88.0/24 maxlen: 24
                          163.5.90.0/24 maxlen: 24
                          163.5.93.0/24 maxlen: 24
                          163.5.102.0/24 maxlen: 24
                          163.5.101.0/24 maxlen: 24
                          163.5.109.0/24 maxlen: 24
                          163.5.108.0/24 maxlen: 24
                          163.5.116.0/24 maxlen: 24
                          163.5.38.0/24 maxlen: 24
                          163.5.39.0/24 maxlen: 24
                          163.5.63.0/24 maxlen: 24
                          163.5.60.0/24 maxlen: 24
                          163.5.174.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.187.0/24 maxlen: 24
                          163.5.192.0/24 maxlen: 24
                          163.5.225.0/24 maxlen: 24
                          163.5.119.0/24 maxlen: 24
                          163.5.131.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.147.0/24 maxlen: 24
                          163.5.171.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 30 Jun 2023 09:22:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:ae:c3:44:43:bb:3e:7e:95:11:b7:1c:11:02:d7:dd:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jun 12 08:40:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1ad38e89090f937e120878fc43cf9ed3813d1db4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:49:06:39:b6:13:e6:1a:f4:c8:dc:4b:cf:3a:
                    4d:3a:a6:c4:04:cd:d9:ef:cf:d7:93:c3:46:03:eb:
                    37:bf:98:88:dc:15:a4:2d:4b:a2:a8:6d:a4:d7:90:
                    60:54:42:06:60:0c:0f:ce:d9:22:d9:12:89:a1:2e:
                    e6:1d:60:2d:31:e6:30:05:1d:df:79:68:cf:7f:0c:
                    58:25:7c:0b:15:b6:15:91:35:9e:9f:8b:48:44:f4:
                    3f:ff:60:be:c9:ff:f0:72:63:4a:3c:f2:22:5f:eb:
                    e3:f1:a6:ad:ae:79:21:3a:e4:bc:37:e9:85:78:6b:
                    c7:ad:61:51:6d:e8:2a:9f:41:24:38:90:a5:83:b0:
                    3e:1f:73:e2:61:3b:c8:24:66:17:bd:43:e5:fc:52:
                    6d:d0:63:6c:f7:d5:2e:ae:36:59:21:25:b0:e8:71:
                    b6:28:bf:e5:91:fb:8a:a4:7b:a4:2d:b9:4a:65:62:
                    e0:ca:87:bc:27:19:93:41:ce:ab:74:bf:fb:ea:00:
                    d3:9b:fc:97:98:6d:c6:5d:d4:78:25:d7:2f:bc:61:
                    92:69:6f:e0:57:a3:ed:3d:44:8d:9f:d9:50:06:f6:
                    af:76:7d:d0:36:13:93:cd:09:17:91:b7:b2:18:a0:
                    22:71:42:ed:49:f5:36:db:8f:9f:e7:2f:8d:df:55:
                    eb:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:D3:8E:89:09:0F:93:7E:12:08:78:FC:43:CF:9E:D3:81:3D:1D:B4
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GtOOiQkPk34SCHj8Q8-e04E9HbQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.38.0/23
                  163.5.60.0/24
                  163.5.63.0/24
                  163.5.71.0/24
                  163.5.88.0/24
                  163.5.90.0/24
                  163.5.93.0/24
                  163.5.101.0-163.5.102.255
                  163.5.108.0/23
                  163.5.116.0/24
                  163.5.119.0/24
                  163.5.131.0/24
                  163.5.134.0/24
                  163.5.147.0/24
                  163.5.171.0/24
                  163.5.174.0/24
                  163.5.187.0/24
                  163.5.189.0/24
                  163.5.192.0/24
                  163.5.225.0/24
                  163.5.228.0/23
                  163.5.240.0/24
                  163.5.246.0/24
                  163.5.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:d3:fc:1f:11:ca:87:4b:4b:3d:7b:31:a9:88:ed:c4:c9:1b:
         e6:08:c9:0c:4c:b9:1e:4a:9e:16:03:03:50:7c:4c:75:9b:5d:
         5f:d1:25:3a:53:53:40:73:d1:15:7c:a8:71:20:0e:02:cf:f2:
         0f:21:ae:3d:52:19:cf:ce:ff:45:8d:24:f6:33:ec:73:d0:ea:
         8f:d6:61:5c:fc:c9:09:05:86:70:e1:9c:38:30:90:53:17:ff:
         5e:c4:79:57:95:6e:02:df:2b:89:df:e0:ba:e0:4b:7d:1f:9d:
         20:98:94:34:b7:8c:19:e1:47:25:41:cd:a8:e9:1b:96:31:01:
         35:f7:da:3c:60:47:b6:96:79:3e:d9:d4:f9:19:ae:28:8a:41:
         97:68:8e:f2:c3:68:62:9d:a4:ec:58:54:6f:48:e7:c8:17:7e:
         ad:1b:b0:d6:a8:d6:24:7a:e8:35:17:f0:97:3f:e3:a1:4a:82:
         ca:c7:61:25:9f:09:e4:65:23:6b:cd:7b:91:fc:20:be:c9:5a:
         d4:45:8d:50:77:8b:d1:b7:6f:43:49:7c:91:ba:d5:15:c8:fd:
         5c:79:4b:49:38:b8:52:19:20:67:76:f9:75:a3:ce:ad:c3:20:
         b2:d7:91:8e:c4:47:0a:f7:39:c0:75:ba:76:09:2d:73:00:64:
         cb:d6:98:21
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYiuw0RDuz5+lRG3HBEC193kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNjEyMDg0MDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWQzOGU4OTA5MGY5MzdlMTIwODc4ZmM0M2NmOWVkMzgxM2QxZGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0kGObYT5hr0yNxLzzpNOqbEBM3Z
78/Xk8NGA+s3v5iI3BWkLUuiqG2k15BgVEIGYAwPztki2RKJoS7mHWAtMeYwBR3f
eWjPfwxYJXwLFbYVkTWen4tIRPQ//2C+yf/wcmNKPPIiX+vj8aatrnkhOuS8N+mF
eGvHrWFRbegqn0EkOJClg7A+H3PiYTvIJGYXvUPl/FJt0GNs99UurjZZISWw6HG2
KL/lkfuKpHukLblKZWLgyoe8JxmTQc6rdL/76gDTm/yXmG3GXdR4JdcvvGGSaW/g
V6PtPUSNn9lQBvavdn3QNhOTzQkXkbeyGKAicULtSfU224+f5y+N31Xr9QIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFBrTjokJD5N+Egh4/EPPntOBPR20MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvR3RPT2lRa1BrMzRTQ0hqOFE4LWUwNEU5SGJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBAGj
BSYDBACjBTwDBACjBT8DBACjBUcDBACjBVgDBACjBVoDBACjBV0wDAMEAKMFZQME
AKMFZgMEAaMFbAMEAKMFdAMEAKMFdwMEAKMFgwMEAKMFhgMEAKMFkwMEAKMFqwME
AKMFrgMEAKMFuwMEAKMFvQMEAKMFwAMEAKMF4QMEAaMF5AMEAKMF8AMEAKMF9gME
AKMF+TANBgkqhkiG9w0BAQsFAAOCAQEAcNP8HxHKh0tLPXsxqYjtxMkb5gjJDEy5
HkqeFgMDUHxMdZtdX9ElOlNTQHPRFXyocSAOAs/yDyGuPVIZz87/RY0k9jPsc9Dq
j9ZhXPzJCQWGcOGcODCQUxf/XsR5V5VuAt8rid/guuBLfR+dIJiUNLeMGeFHJUHN
qOkbljEBNffaPGBHtpZ5PtnU+RmuKIpBl2iO8sNoYp2k7FhUb0jnyBd+rRuw1qjW
JHroNRfwlz/joUqCysdhJZ8J5GUja817kfwgvsla1EWNUHeL0bdvQ0l8kbrVFcj9
XHlLSTi4UhkgZ3b5daPOrcMgsteRjsRHCvc5wHW6dgktcwBky9aYIQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:30 2024 by rpki-client on console-ams.rpki-client.org