Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/YZg015djmSEShiTA-VDhKXL2ThY.roa
File:                     YZg015djmSEShiTA-VDhKXL2ThY.roa (raw, json)
Hash identifier:          vDfHRtJIPBnwtPV1n8OiaY0Iv4csGEJGtvWgcMixsZ4=
Subject key identifier:   61:98:34:D7:97:63:99:21:12:86:24:C0:F9:50:E1:29:72:F6:4E:16
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0185C99DDACAAAD5D7F14EF99350F54DDF5F
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/YZg015djmSEShiTA-VDhKXL2ThY.roa
Signing time:             Thu 19 Jan 2023 10:40:43 +0000
ROA not before:           Thu 19 Jan 2023 10:40:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204372
IP address blocks:        163.5.233.0/24 maxlen: 24
                          163.5.227.0/24 maxlen: 24
                          163.5.230.0/24 maxlen: 24
                          163.5.239.0/24 maxlen: 24
                          163.5.240.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.244.0/24 maxlen: 24
                          163.5.246.0/24 maxlen: 24
                          163.5.248.0/24 maxlen: 24
                          163.5.254.0/24 maxlen: 24
                          163.5.100.0/24 maxlen: 24
                          163.5.99.0/24 maxlen: 24
                          163.5.107.0/24 maxlen: 24
                          163.5.117.0/24 maxlen: 24
                          163.5.31.0/24 maxlen: 24
                          163.5.35.0/24 maxlen: 24
                          163.5.202.0/24 maxlen: 24
                          163.5.211.0/24 maxlen: 24
                          163.5.210.0/24 maxlen: 24
                          163.5.216.0/24 maxlen: 24
                          163.5.223.0/24 maxlen: 24
                          163.5.221.0/24 maxlen: 24
                          163.5.226.0/24 maxlen: 24
                          163.5.222.0/24 maxlen: 24
                          163.5.132.0/24 maxlen: 24
                          163.5.130.0/24 maxlen: 24
                          163.5.127.0/24 maxlen: 24
                          163.5.136.0/24 maxlen: 24
                          163.5.138.0/24 maxlen: 24
                          163.5.133.0/24 maxlen: 24
                          163.5.145.0/24 maxlen: 24
                          163.5.149.0/24 maxlen: 24
                          163.5.158.0/24 maxlen: 24
                          163.5.166.0/24 maxlen: 24
                          163.5.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 25 Jan 2023 06:24:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:c9:9d:da:ca:aa:d5:d7:f1:4e:f9:93:50:f5:4d:df:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan 19 10:40:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=619834d797639921128624c0f950e12972f64e16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:95:c3:2b:af:9b:d2:f5:7d:00:75:4e:4a:05:
                    a2:80:81:c0:5a:a3:fe:2f:f2:fe:bb:f1:cb:07:16:
                    70:5d:f7:32:8e:dc:fb:3e:f5:0c:91:b5:62:76:40:
                    e7:4c:f0:2e:5f:53:4b:cc:6d:f9:90:2a:c1:38:25:
                    88:5d:fc:a7:9f:16:2d:4b:eb:f7:66:5b:b6:cb:38:
                    3f:08:69:5d:0a:01:ce:ef:ef:ec:70:1d:02:3c:62:
                    d3:bc:95:41:c6:b5:25:64:9e:5e:a1:fa:09:54:fe:
                    af:56:5c:f7:d3:a1:e3:82:6b:85:27:65:dd:42:ce:
                    1a:1b:e0:a5:42:37:4c:1d:f7:cb:43:66:a3:8f:1e:
                    0d:79:89:b5:02:6f:d5:b8:ec:ca:c4:83:db:02:e5:
                    fb:21:10:ee:42:5c:34:99:61:86:1d:97:61:69:37:
                    42:45:bf:36:a4:24:85:ac:ca:d6:c9:b8:a8:a1:26:
                    d7:6a:31:e6:f7:1c:08:5f:4a:3b:54:32:d1:71:2f:
                    dd:b4:c3:f1:a2:e7:86:33:79:8a:e0:65:b3:1e:6e:
                    54:f5:b2:0c:72:1e:19:a2:b4:46:ea:96:0f:8c:a6:
                    35:ba:7c:d6:2f:fe:2b:cc:2d:ab:f0:ca:84:69:8f:
                    79:57:26:6c:9f:38:e6:fb:6a:7a:01:de:10:2c:d4:
                    cd:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:98:34:D7:97:63:99:21:12:86:24:C0:F9:50:E1:29:72:F6:4E:16
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/YZg015djmSEShiTA-VDhKXL2ThY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.31.0/24
                  163.5.35.0/24
                  163.5.99.0-163.5.100.255
                  163.5.107.0/24
                  163.5.117.0/24
                  163.5.127.0/24
                  163.5.130.0/24
                  163.5.132.0/23
                  163.5.136.0/24
                  163.5.138.0/24
                  163.5.145.0/24
                  163.5.149.0/24
                  163.5.158.0/24
                  163.5.161.0/24
                  163.5.166.0/24
                  163.5.202.0/24
                  163.5.210.0/23
                  163.5.216.0/24
                  163.5.221.0-163.5.223.255
                  163.5.226.0/23
                  163.5.230.0/24
                  163.5.233.0/24
                  163.5.239.0-163.5.241.255
                  163.5.244.0/24
                  163.5.246.0/24
                  163.5.248.0/24
                  163.5.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:54:f1:f1:69:ba:6d:fa:77:54:78:7e:59:e6:96:ee:ce:17:
         86:7e:75:a9:4a:74:45:e8:82:b5:70:e0:35:8d:e8:81:34:d3:
         35:6b:ad:57:13:1c:90:08:e2:57:82:7e:a9:08:15:ea:f6:d3:
         22:2e:91:76:49:31:b7:19:ce:9a:c1:36:9f:84:09:34:a8:3f:
         3a:f0:99:4e:bf:fd:fa:bc:1c:f4:bc:dd:ea:d6:5a:9d:3f:f6:
         39:cb:69:9a:34:0d:3b:0f:c0:57:84:41:28:c4:c8:4b:0e:ed:
         c9:25:eb:23:98:8e:e1:77:cd:f6:3f:78:9f:09:93:db:08:e2:
         a8:4c:c4:ea:56:a3:09:69:5a:84:42:1b:ad:8c:81:e5:29:cc:
         c5:3b:09:38:38:9d:b5:29:b7:27:5b:f6:60:e0:b1:9d:21:5d:
         fe:e9:72:98:60:fc:1b:72:e5:41:1e:d4:39:2e:0c:8d:ef:d6:
         ba:c1:96:71:58:28:a6:22:88:4f:d5:e6:63:78:53:de:93:2f:
         bd:9b:6e:b3:a1:53:95:70:49:6f:2a:0a:64:7b:6e:ba:13:53:
         50:23:1b:59:98:de:cc:49:2e:7d:ff:20:ee:ad:1a:ef:56:e5:
         85:d3:41:54:a2:65:21:d3:be:83:b8:16:00:b6:97:18:48:98:
         48:95:3d:e6
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAYXJndrKqtXX8U75k1D1Td9fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTE5MTA0MDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTk4MzRkNzk3NjM5OTIxMTI4NjI0YzBmOTUwZTEyOTcyZjY0ZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJXDK6+b0vV9AHVOSgWigIHAWqP+
L/L+u/HLBxZwXfcyjtz7PvUMkbVidkDnTPAuX1NLzG35kCrBOCWIXfynnxYtS+v3
Zlu2yzg/CGldCgHO7+/scB0CPGLTvJVBxrUlZJ5eofoJVP6vVlz306HjgmuFJ2Xd
Qs4aG+ClQjdMHffLQ2ajjx4NeYm1Am/VuOzKxIPbAuX7IRDuQlw0mWGGHZdhaTdC
Rb82pCSFrMrWybiooSbXajHm9xwIX0o7VDLRcS/dtMPxoueGM3mK4GWzHm5U9bIM
ch4ZorRG6pYPjKY1unzWL/4rzC2r8MqEaY95VyZsnzjm+2p6Ad4QLNTNzQIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFGGYNNeXY5khEoYkwPlQ4Sly9k4WMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvWVpnMDE1ZGptU0VTaGlUQS1WRGhLWEwyVGhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBwQQCAAEwgboDBACj
BR8DBACjBSMwDAMEAKMFYwMEAKMFZAMEAKMFawMEAKMFdQMEAKMFfwMEAKMFggME
AaMFhAMEAKMFiAMEAKMFigMEAKMFkQMEAKMFlQMEAKMFngMEAKMFoQMEAKMFpgME
AKMFygMEAaMF0gMEAKMF2DAMAwQAowXdAwQFowXAAwQBowXiAwQAowXmAwQAowXp
MAwDBACjBe8DBAGjBfADBACjBfQDBACjBfYDBACjBfgDBACjBf4wDQYJKoZIhvcN
AQELBQADggEBAHhU8fFpum36d1R4flnmlu7OF4Z+dalKdEXogrVw4DWN6IE00zVr
rVcTHJAI4leCfqkIFer20yIukXZJMbcZzprBNp+ECTSoPzrwmU6//fq8HPS83erW
Wp0/9jnLaZo0DTsPwFeEQSjEyEsO7ckl6yOYjuF3zfY/eJ8Jk9sI4qhMxOpWowlp
WoRCG62MgeUpzMU7CTg4nbUptydb9mDgsZ0hXf7pcphg/Bty5UEe1DkuDI3v1rrB
lnFYKKYiiE/V5mN4U96TL72bbrOhU5VwSW8qCmR7broTU1AjG1mY3sxJLn3/IO6t
Gu9W5YXTQVSiZSHTvoO4FgC2lxhImEiVPeY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org