Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/WjXK-EGBA-zS7zRKJo4pWR2lq10.roa
File:                     WjXK-EGBA-zS7zRKJo4pWR2lq10.roa (raw, json)
Hash identifier:          6KM9jQMcvT5hcgW/jmQGEjElp7UT6mzOmiFOcg/0Mh4=
Subject key identifier:   5A:35:CA:F8:41:81:03:EC:D2:EF:34:4A:26:8E:29:59:1D:A5:AB:5D
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0185AAAAE4952BEEAC664ECB950AEAEB97F5
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/WjXK-EGBA-zS7zRKJo4pWR2lq10.roa
Signing time:             Fri 13 Jan 2023 10:26:44 +0000
ROA not before:           Fri 13 Jan 2023 10:26:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204372
IP address blocks:        163.5.233.0/24 maxlen: 24
                          163.5.227.0/24 maxlen: 24
                          163.5.230.0/24 maxlen: 24
                          163.5.239.0/24 maxlen: 24
                          163.5.240.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.244.0/24 maxlen: 24
                          163.5.246.0/24 maxlen: 24
                          163.5.248.0/24 maxlen: 24
                          163.5.100.0/24 maxlen: 24
                          163.5.99.0/24 maxlen: 24
                          163.5.107.0/24 maxlen: 24
                          163.5.31.0/24 maxlen: 24
                          163.5.35.0/24 maxlen: 24
                          163.5.202.0/24 maxlen: 24
                          163.5.211.0/24 maxlen: 24
                          163.5.210.0/24 maxlen: 24
                          163.5.221.0/24 maxlen: 24
                          163.5.226.0/24 maxlen: 24
                          163.5.222.0/24 maxlen: 24
                          163.5.132.0/24 maxlen: 24
                          163.5.130.0/24 maxlen: 24
                          163.5.127.0/24 maxlen: 24
                          163.5.136.0/24 maxlen: 24
                          163.5.138.0/24 maxlen: 24
                          163.5.133.0/24 maxlen: 24
                          163.5.145.0/24 maxlen: 24
                          163.5.149.0/24 maxlen: 24
                          163.5.158.0/24 maxlen: 24
                          163.5.166.0/24 maxlen: 24
                          163.5.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 16 Jan 2023 16:31:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:aa:aa:e4:95:2b:ee:ac:66:4e:cb:95:0a:ea:eb:97:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan 13 10:26:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5a35caf8418103ecd2ef344a268e29591da5ab5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:cc:15:32:8b:d0:8b:83:33:d6:3f:b4:63:cd:
                    df:b4:cf:ff:6f:0d:a0:94:54:75:76:98:17:68:15:
                    6c:6c:68:b9:18:83:77:90:77:d0:b1:08:6c:c2:29:
                    d5:7f:86:a2:29:27:a3:fc:fc:6f:78:58:ce:22:46:
                    42:51:97:ab:d0:bc:a0:03:e8:3c:00:06:c5:1c:d2:
                    c3:fc:8e:61:ae:a5:78:cd:55:dc:5e:0e:7a:9d:20:
                    f5:8c:10:79:0f:84:ae:8d:a1:fb:22:d7:66:47:cb:
                    04:f4:9b:39:b4:f1:8b:2e:67:1c:bd:91:bf:77:de:
                    ad:1a:7c:a3:61:fc:5b:f8:c8:01:3b:a2:c7:40:ab:
                    f9:86:71:3d:f5:f3:af:57:21:39:ce:49:3d:11:c5:
                    0b:c1:87:76:5c:ee:64:9f:a3:15:56:93:78:10:35:
                    54:4f:42:8f:b5:6d:19:72:0a:da:0a:8a:0b:40:fd:
                    51:d1:28:58:ad:73:64:0e:7e:ba:f2:29:cc:4c:a7:
                    c6:96:37:53:0d:cf:af:0a:c1:55:52:e7:49:10:4c:
                    46:44:d6:92:f4:c3:d5:62:50:c9:09:4c:5b:0a:34:
                    8d:3b:f3:3d:59:cd:2a:a3:20:ef:6b:f2:9d:26:0f:
                    52:56:0c:ef:91:be:03:6f:2f:44:d6:29:4a:f5:50:
                    cd:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:35:CA:F8:41:81:03:EC:D2:EF:34:4A:26:8E:29:59:1D:A5:AB:5D
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/WjXK-EGBA-zS7zRKJo4pWR2lq10.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.31.0/24
                  163.5.35.0/24
                  163.5.99.0-163.5.100.255
                  163.5.107.0/24
                  163.5.127.0/24
                  163.5.130.0/24
                  163.5.132.0/23
                  163.5.136.0/24
                  163.5.138.0/24
                  163.5.145.0/24
                  163.5.149.0/24
                  163.5.158.0/24
                  163.5.161.0/24
                  163.5.166.0/24
                  163.5.202.0/24
                  163.5.210.0/23
                  163.5.221.0-163.5.222.255
                  163.5.226.0/23
                  163.5.230.0/24
                  163.5.233.0/24
                  163.5.239.0-163.5.241.255
                  163.5.244.0/24
                  163.5.246.0/24
                  163.5.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:e8:b3:08:82:46:90:e8:57:03:c6:72:31:12:df:b3:94:19:
         4b:29:4a:af:d1:22:a3:f1:d6:ac:2d:e8:74:0b:b0:9e:67:2a:
         43:80:06:43:af:20:71:4a:b4:a4:dd:79:2e:5e:e2:ed:70:ec:
         dd:e8:e4:21:b0:91:a3:6c:fc:85:10:c5:07:50:aa:b2:f7:08:
         74:e4:53:a3:60:ed:b3:18:e0:6d:2e:de:d4:42:22:dc:80:9e:
         f7:85:9d:ee:47:37:70:98:4c:7e:1f:5f:93:67:72:a1:98:ab:
         d6:ef:ff:97:69:5f:05:df:3e:a9:e3:c6:e9:e7:99:42:73:67:
         fc:d6:a2:b6:24:d3:c9:4c:b3:ba:7e:81:9f:1e:3d:5b:ab:e6:
         2e:94:80:e9:4f:17:89:8a:ad:2a:1a:22:5a:8c:4c:e8:ae:6e:
         73:2c:48:04:7e:f5:f6:ad:66:23:d2:3d:02:3b:c4:af:d4:75:
         1b:51:d9:0f:33:92:4d:59:40:61:3c:86:1a:f1:a5:31:eb:d2:
         97:d6:81:a3:3d:3f:d7:7e:aa:01:b9:0b:f9:51:77:9b:3d:ca:
         f6:d9:1a:72:e6:aa:12:2a:b3:38:5b:14:92:f5:00:42:e2:04:
         20:a2:33:1f:0c:10:4c:0b:f5:ee:7e:ca:df:ac:bc:d1:7c:59:
         9a:39:2b:2f
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYWqquSVK+6sZk7LlQrq65f1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTEzMTAyNjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTM1Y2FmODQxODEwM2VjZDJlZjM0NGEyNjhlMjk1OTFkYTVhYjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcwVMovQi4Mz1j+0Y83ftM//bw2g
lFR1dpgXaBVsbGi5GIN3kHfQsQhswinVf4aiKSej/PxveFjOIkZCUZer0LygA+g8
AAbFHNLD/I5hrqV4zVXcXg56nSD1jBB5D4SujaH7ItdmR8sE9Js5tPGLLmccvZG/
d96tGnyjYfxb+MgBO6LHQKv5hnE99fOvVyE5zkk9EcULwYd2XO5kn6MVVpN4EDVU
T0KPtW0ZcgraCooLQP1R0ShYrXNkDn668inMTKfGljdTDc+vCsFVUudJEExGRNaS
9MPVYlDJCUxbCjSNO/M9Wc0qoyDva/KdJg9SVgzvkb4Dby9E1ilK9VDNZQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFFo1yvhBgQPs0u80SiaOKVkdpatdMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvV2pYSy1FR0JBLXpTN3pSS0pvNHBXUjJscTEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagDBACj
BR8DBACjBSMwDAMEAKMFYwMEAKMFZAMEAKMFawMEAKMFfwMEAKMFggMEAaMFhAME
AKMFiAMEAKMFigMEAKMFkQMEAKMFlQMEAKMFngMEAKMFoQMEAKMFpgMEAKMFygME
AaMF0jAMAwQAowXdAwQAowXeAwQBowXiAwQAowXmAwQAowXpMAwDBACjBe8DBAGj
BfADBACjBfQDBACjBfYDBACjBfgwDQYJKoZIhvcNAQELBQADggEBABfoswiCRpDo
VwPGcjES37OUGUspSq/RIqPx1qwt6HQLsJ5nKkOABkOvIHFKtKTdeS5e4u1w7N3o
5CGwkaNs/IUQxQdQqrL3CHTkU6Ng7bMY4G0u3tRCItyAnveFne5HN3CYTH4fX5Nn
cqGYq9bv/5dpXwXfPqnjxunnmUJzZ/zWorYk08lMs7p+gZ8ePVur5i6UgOlPF4mK
rSoaIlqMTOiubnMsSAR+9fatZiPSPQI7xK/UdRtR2Q8zkk1ZQGE8hhrxpTHr0pfW
gaM9P9d+qgG5C/lRd5s9yvbZGnLmqhIqszhbFJL1AELiBCCiMx8MEEwL9e5+yt+s
vNF8WZo5Ky8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org