Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/allJVvdW8oiqHpZzPH8fJ-gDqY8.roa
File:                     allJVvdW8oiqHpZzPH8fJ-gDqY8.roa (raw, json)
Hash identifier:          GeFxtppcoiu1aIWYfA5Xv0S7iVA39Isymb4C/3muHw4=
Subject key identifier:   6A:59:49:56:F7:56:F2:88:AA:1E:96:73:3C:7F:1F:27:E8:03:A9:8F
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01882E4F15D5E3BD967564F296C08791CF52
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/allJVvdW8oiqHpZzPH8fJ-gDqY8.roa
Signing time:             Thu 18 May 2023 10:01:54 +0000
ROA not before:           Thu 18 May 2023 10:01:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212815
IP address blocks:        163.5.83.0/24 maxlen: 24
                          163.5.84.0/24 maxlen: 24
                          163.5.233.0/24 maxlen: 24
                          163.5.244.0/24 maxlen: 24
                          163.5.59.0/24 maxlen: 24
                          163.5.192.0/24 maxlen: 24
                          163.5.193.0/24 maxlen: 24
                          163.5.214.0/24 maxlen: 24
                          163.5.215.0/24 maxlen: 24
                          163.5.120.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.144.0/24 maxlen: 24
                          163.5.142.0/24 maxlen: 24
                          163.5.154.0/24 maxlen: 24
                          185.253.54.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 05 Jun 2023 16:39:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:2e:4f:15:d5:e3:bd:96:75:64:f2:96:c0:87:91:cf:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: May 18 10:01:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6a594956f756f288aa1e96733c7f1f27e803a98f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:f0:06:bd:ad:51:76:a2:42:90:c5:61:21:fc:
                    85:f0:5b:53:43:5a:e0:5b:88:31:de:19:6b:01:20:
                    11:f3:b0:1c:a2:09:4f:6b:72:7b:10:53:37:97:c7:
                    ef:a6:01:87:f5:6f:63:13:e2:c8:35:27:81:f2:c0:
                    c4:dc:e2:02:c8:ef:8b:89:d7:c9:3b:61:a8:2f:1a:
                    05:a8:5f:07:3e:54:e5:27:f8:6e:61:a9:86:11:5f:
                    25:5a:c5:c4:bf:95:77:70:aa:f1:c5:94:ae:c5:46:
                    f1:39:4f:35:74:f9:2f:34:51:d9:4d:cd:58:88:45:
                    e3:f9:75:b3:3f:0e:d0:d8:06:d1:42:94:05:5d:bd:
                    57:bd:01:8c:ee:dc:43:4a:99:b3:51:9c:9c:13:79:
                    f4:9c:63:56:84:79:a0:62:13:25:9c:7f:38:6c:2a:
                    ad:bd:bb:79:c5:84:3b:7c:65:a6:20:e6:64:e4:3a:
                    00:0e:33:7d:bf:ab:8e:6a:2f:64:bb:28:de:ca:a5:
                    23:92:1f:ef:1a:22:7c:23:d4:00:ae:eb:c1:d0:e5:
                    9a:a8:36:56:f6:db:58:5b:de:39:c2:72:bd:4b:5c:
                    8c:ac:f7:60:65:13:f5:a4:ea:f0:3c:44:da:e3:e0:
                    a7:ac:8e:e6:bd:c3:7b:6b:7d:a2:69:39:7b:ce:7a:
                    3f:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:59:49:56:F7:56:F2:88:AA:1E:96:73:3C:7F:1F:27:E8:03:A9:8F
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/allJVvdW8oiqHpZzPH8fJ-gDqY8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.59.0/24
                  163.5.83.0-163.5.84.255
                  163.5.120.0/24
                  163.5.142.0-163.5.144.255
                  163.5.154.0/24
                  163.5.192.0/23
                  163.5.214.0/23
                  163.5.233.0/24
                  163.5.244.0/24
                  185.253.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:c9:d8:4d:a3:f7:91:d7:54:cc:1a:b8:4c:a5:b7:03:9b:bc:
         ba:8f:29:b4:f6:55:d4:9a:b0:e4:5a:50:40:84:98:63:94:e2:
         9b:81:33:01:40:79:a3:0c:bc:94:cb:9f:0e:ac:49:ec:96:d2:
         c0:ea:4b:49:2c:cb:1f:95:0a:6a:9f:be:50:34:44:4e:21:11:
         dc:5d:cc:ce:79:cc:78:29:35:9a:51:bd:8d:f0:b4:10:bf:7c:
         7b:49:21:ba:03:fe:5d:fb:ee:23:2e:9b:b1:c8:df:4f:18:fd:
         49:17:11:ca:c9:0b:cb:a6:82:5c:3d:12:b8:8c:fa:7f:9e:44:
         a0:2c:59:63:0a:86:60:3d:48:d8:e2:b9:fb:f2:fd:d0:75:e1:
         a1:3b:9b:43:e2:6f:c9:48:c5:04:de:76:f0:2a:84:b5:6a:76:
         44:0b:41:44:d0:9b:c8:5b:e7:ea:55:b8:cf:2b:15:59:2b:c1:
         95:f6:64:5d:f9:95:77:04:eb:63:c3:33:ba:a6:82:ae:ab:ef:
         60:bf:da:47:1a:e5:ce:de:22:d8:1e:75:18:a0:71:16:a4:1d:
         63:f1:d7:fd:c4:c1:0a:c2:87:47:b6:79:9a:c4:4b:a1:29:31:
         f4:35:ec:91:2a:69:58:30:9c:51:e9:a2:aa:b8:e4:b6:45:d4:
         92:da:1f:cf
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYguTxXV472WdWTylsCHkc9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNTE4MTAwMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTU5NDk1NmY3NTZmMjg4YWExZTk2NzMzYzdmMWYyN2U4MDNhOThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/AGva1RdqJCkMVhIfyF8FtTQ1rg
W4gx3hlrASAR87AcoglPa3J7EFM3l8fvpgGH9W9jE+LINSeB8sDE3OICyO+LidfJ
O2GoLxoFqF8HPlTlJ/huYamGEV8lWsXEv5V3cKrxxZSuxUbxOU81dPkvNFHZTc1Y
iEXj+XWzPw7Q2AbRQpQFXb1XvQGM7txDSpmzUZycE3n0nGNWhHmgYhMlnH84bCqt
vbt5xYQ7fGWmIOZk5DoADjN9v6uOai9kuyjeyqUjkh/vGiJ8I9QAruvB0OWaqDZW
9ttYW945wnK9S1yMrPdgZRP1pOrwPETa4+CnrI7mvcN7a32iaTl7zno/cQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFGpZSVb3VvKIqh6Wczx/HyfoA6mPMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYWxsSlZ2ZFc4b2lxSHBaelBIOGZKLWdEcVk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAowU7MAwD
BACjBVMDBACjBVQDBACjBXgwDAMEAaMFjgMEAKMFkAMEAKMFmgMEAaMFwAMEAaMF
1gMEAKMF6QMEAKMF9AMEALn9NjANBgkqhkiG9w0BAQsFAAOCAQEAfMnYTaP3kddU
zBq4TKW3A5u8uo8ptPZV1Jqw5FpQQISYY5Tim4EzAUB5owy8lMufDqxJ7JbSwOpL
SSzLH5UKap++UDRETiER3F3MznnMeCk1mlG9jfC0EL98e0khugP+XfvuIy6bscjf
Txj9SRcRyskLy6aCXD0SuIz6f55EoCxZYwqGYD1I2OK5+/L90HXhoTubQ+JvyUjF
BN528CqEtWp2RAtBRNCbyFvn6lW4zysVWSvBlfZkXfmVdwTrY8MzuqaCrqvvYL/a
Rxrlzt4i2B51GKBxFqQdY/HX/cTBCsKHR7Z5msRLoSkx9DXskSppWDCcUemiqrjk
tkXUktofzw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org