Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Uw1uNBcJJ9JWYZ8stCAWDbQjkUM.roa
File:                     Uw1uNBcJJ9JWYZ8stCAWDbQjkUM.roa (raw, json)
Hash identifier:          KFqKvUtQFpHZqgarLjDKw7Z7ud3KTGoWvGzvLXLX8TU=
Subject key identifier:   53:0D:6E:34:17:09:27:D2:56:61:9F:2C:B4:20:16:0D:B4:23:91:43
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01881EE390054FA43A71ED022854EFA5A9BA
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Uw1uNBcJJ9JWYZ8stCAWDbQjkUM.roa
Signing time:             Mon 15 May 2023 10:10:09 +0000
ROA not before:           Mon 15 May 2023 10:10:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        163.5.71.0/24 maxlen: 24
                          163.5.93.0/24 maxlen: 24
                          163.5.102.0/24 maxlen: 24
                          163.5.101.0/24 maxlen: 24
                          163.5.108.0/24 maxlen: 24
                          163.5.116.0/24 maxlen: 24
                          163.5.229.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.238.0/24 maxlen: 24
                          163.5.246.0/24 maxlen: 24
                          163.5.39.0/24 maxlen: 24
                          163.5.60.0/24 maxlen: 24
                          163.5.174.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.192.0/24 maxlen: 24
                          163.5.225.0/24 maxlen: 24
                          163.5.131.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 18 May 2023 09:39:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:1e:e3:90:05:4f:a4:3a:71:ed:02:28:54:ef:a5:a9:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: May 15 10:10:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=530d6e34170927d256619f2cb420160db4239143
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:8c:93:05:d4:06:39:a7:07:f0:a7:15:33:40:
                    f0:f3:51:eb:bf:5f:ce:d3:e3:fd:01:03:70:c3:ac:
                    69:53:5c:c3:a6:98:50:db:8f:a1:0b:0c:38:17:31:
                    b0:e0:19:62:56:78:91:8a:2d:72:cd:1d:03:87:39:
                    27:81:ca:4e:4d:9e:4e:c2:bd:f9:3f:96:00:62:03:
                    e8:64:bf:9c:f5:74:e2:23:40:55:76:30:0a:a0:60:
                    61:42:ff:d6:d4:c6:e0:c7:71:d2:ad:ba:7a:f8:3f:
                    c3:77:11:89:47:17:37:f4:93:9c:1b:70:6e:dc:24:
                    6d:26:0f:da:f2:1c:ed:99:9f:e0:85:dc:d1:f6:fd:
                    41:54:54:18:b9:b4:06:ab:1a:74:cd:82:f1:31:62:
                    b4:fb:49:2d:8d:c7:e9:99:77:6e:78:27:ee:02:11:
                    54:7d:88:ce:04:b1:a9:86:5c:27:50:23:11:bf:a8:
                    bf:78:5b:ea:99:03:2c:c1:fb:10:bf:0b:86:e2:b7:
                    77:5f:cf:85:73:94:7b:86:47:6e:f4:bd:c8:2e:e4:
                    80:b8:f8:49:6d:78:08:84:2d:8a:df:c6:00:fc:fb:
                    44:63:5a:be:3a:05:4d:90:0a:5b:8b:5f:68:28:50:
                    7c:f1:69:ec:40:6d:74:57:9b:0d:cb:9b:a7:fe:c8:
                    12:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:0D:6E:34:17:09:27:D2:56:61:9F:2C:B4:20:16:0D:B4:23:91:43
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Uw1uNBcJJ9JWYZ8stCAWDbQjkUM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.39.0/24
                  163.5.60.0/24
                  163.5.71.0/24
                  163.5.93.0/24
                  163.5.101.0-163.5.102.255
                  163.5.108.0/24
                  163.5.116.0/24
                  163.5.131.0/24
                  163.5.134.0/24
                  163.5.174.0/24
                  163.5.189.0/24
                  163.5.192.0/24
                  163.5.225.0/24
                  163.5.228.0/23
                  163.5.238.0/24
                  163.5.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:d8:73:3f:76:b1:b5:48:ce:44:8b:b6:51:1b:ab:78:d2:43:
         e7:25:d7:e1:34:9d:1f:69:29:51:32:d9:40:c6:f8:df:4b:11:
         9d:a2:6c:a2:e8:a7:b7:aa:b5:46:4a:85:11:9f:0a:f7:83:c9:
         05:af:9e:4e:4d:79:86:99:a8:16:05:e1:3a:80:30:f6:fb:0f:
         e8:92:81:62:15:ac:a2:87:56:93:d5:24:76:ee:7a:e5:29:19:
         76:74:11:83:0a:26:36:02:0e:c0:80:18:40:e6:c9:cb:f5:e6:
         97:e6:81:88:9f:51:43:5f:6a:51:1b:1b:7e:b7:ed:5a:b9:62:
         a5:a6:16:d2:f4:44:43:b5:c7:ae:cb:f6:88:ac:29:e8:40:50:
         6f:5c:96:dc:97:4f:93:3e:db:f9:2e:19:a4:26:e0:04:00:3b:
         0e:7a:42:31:59:1b:cf:c8:d3:7e:29:d1:8e:7f:be:c0:d0:53:
         3a:e5:61:60:8e:89:35:99:58:28:37:29:fc:f3:c4:58:5c:3e:
         c6:b1:79:98:53:06:5d:c2:48:f8:9b:d0:27:c8:d2:37:80:68:
         4d:07:b0:a2:00:d8:8b:ba:bf:47:ec:19:92:6f:6a:b2:0b:6e:
         0b:bd:9c:37:f3:c3:f1:50:d8:78:be:13:02:95:5d:f0:fd:9f:
         54:fc:03:ab
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYge45AFT6Q6ce0CKFTvpam6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNTE1MTAxMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzBkNmUzNDE3MDkyN2QyNTY2MTlmMmNiNDIwMTYwZGI0MjM5MTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoyTBdQGOacH8KcVM0Dw81Hrv1/O
0+P9AQNww6xpU1zDpphQ24+hCww4FzGw4BliVniRii1yzR0DhzkngcpOTZ5Owr35
P5YAYgPoZL+c9XTiI0BVdjAKoGBhQv/W1Mbgx3HSrbp6+D/DdxGJRxc39JOcG3Bu
3CRtJg/a8hztmZ/ghdzR9v1BVFQYubQGqxp0zYLxMWK0+0ktjcfpmXdueCfuAhFU
fYjOBLGphlwnUCMRv6i/eFvqmQMswfsQvwuG4rd3X8+Fc5R7hkdu9L3ILuSAuPhJ
bXgIhC2K38YA/PtEY1q+OgVNkApbi19oKFB88WnsQG10V5sNy5un/sgSXwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFFMNbjQXCSfSVmGfLLQgFg20I5FDMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVXcxdU5CY0pKOUpXWVo4c3RDQVdEYlFqa1VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAKMFJwME
AKMFPAMEAKMFRwMEAKMFXTAMAwQAowVlAwQAowVmAwQAowVsAwQAowV0AwQAowWD
AwQAowWGAwQAowWuAwQAowW9AwQAowXAAwQAowXhAwQBowXkAwQAowXuAwQAowX2
MA0GCSqGSIb3DQEBCwUAA4IBAQA62HM/drG1SM5Ei7ZRG6t40kPnJdfhNJ0faSlR
MtlAxvjfSxGdomyi6Ke3qrVGSoURnwr3g8kFr55OTXmGmagWBeE6gDD2+w/okoFi
Fayih1aT1SR27nrlKRl2dBGDCiY2Ag7AgBhA5snL9eaX5oGIn1FDX2pRGxt+t+1a
uWKlphbS9ERDtceuy/aIrCnoQFBvXJbcl0+TPtv5LhmkJuAEADsOekIxWRvPyNN+
KdGOf77A0FM65WFgjok1mVgoNyn888RYXD7GsXmYUwZdwkj4m9AnyNI3gGhNB7Ci
ANiLur9H7BmSb2qyC24LvZw388PxUNh4vhMClV3w/Z9U/AOr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org