Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/cIAwvBRulCPLBuEUOTIGpL85yIA.roa
File:                     cIAwvBRulCPLBuEUOTIGpL85yIA.roa (raw, json)
Hash identifier:          Wb2gLYwtzk0Z7jtrrDzbGSv0uUwqwUKAcgJHVcqlls4=
Subject key identifier:   70:80:30:BC:14:6E:94:23:CB:06:E1:14:39:32:06:A4:BF:39:C8:80
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018BD815FDC11769F92D0CEDA5712F5110F0
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/cIAwvBRulCPLBuEUOTIGpL85yIA.roa
Signing time:             Thu 16 Nov 2023 12:23:21 +0000
ROA not before:           Thu 16 Nov 2023 12:23:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        163.5.230.0/24 maxlen: 24
                          163.5.227.0/24 maxlen: 24
                          163.5.229.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.238.0/24 maxlen: 24
                          163.5.240.0/24 maxlen: 24
                          163.5.246.0/24 maxlen: 24
                          163.5.245.0/24 maxlen: 24
                          163.5.243.0/24 maxlen: 24
                          163.5.88.0/24 maxlen: 24
                          163.5.90.0/24 maxlen: 24
                          163.5.93.0/24 maxlen: 24
                          163.5.100.0/24 maxlen: 24
                          163.5.102.0/24 maxlen: 24
                          163.5.101.0/24 maxlen: 24
                          163.5.109.0/24 maxlen: 24
                          163.5.108.0/24 maxlen: 24
                          163.5.116.0/24 maxlen: 24
                          163.5.118.0/24 maxlen: 24
                          163.5.117.0/24 maxlen: 24
                          163.5.38.0/24 maxlen: 24
                          163.5.34.0/24 maxlen: 24
                          163.5.39.0/24 maxlen: 24
                          163.5.63.0/24 maxlen: 24
                          163.5.60.0/24 maxlen: 24
                          163.5.174.0/24 maxlen: 24
                          163.5.177.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.192.0/24 maxlen: 24
                          163.5.225.0/24 maxlen: 24
                          163.5.226.0/24 maxlen: 24
                          163.5.119.0/24 maxlen: 24
                          163.5.130.0/24 maxlen: 24
                          163.5.131.0/24 maxlen: 24
                          163.5.133.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.147.0/24 maxlen: 24
                          163.5.161.0/24 maxlen: 24
                          163.5.171.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 18 Nov 2023 12:46:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:d8:15:fd:c1:17:69:f9:2d:0c:ed:a5:71:2f:51:10:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Nov 16 12:23:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=708030bc146e9423cb06e114393206a4bf39c880
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:c8:ee:ed:c0:25:45:35:9f:f1:b5:db:60:5c:
                    db:a7:98:17:b4:49:a2:2c:db:d3:19:0b:8c:4a:c3:
                    89:92:a1:4c:63:b6:be:49:86:77:2d:68:c0:10:52:
                    60:d0:41:68:46:f3:9f:1e:73:75:1d:59:df:a7:7c:
                    4a:a7:2b:a7:f9:a6:ba:f3:d2:b2:ae:10:a8:83:04:
                    e3:b0:f8:08:a9:4e:ef:1f:ac:1a:c6:01:09:4d:01:
                    06:1a:03:d8:95:ae:2e:c8:ea:58:07:fc:71:dc:39:
                    32:9f:7a:b3:59:25:60:6b:a4:73:13:ec:1b:4b:ae:
                    3f:bb:a1:7e:14:c0:e9:70:58:d8:e2:5a:6d:e4:f5:
                    d6:fc:63:f5:4a:89:89:98:00:7e:bf:70:f5:c9:24:
                    be:f7:3f:44:5f:96:9a:7c:29:9b:0f:fe:f8:e9:e8:
                    66:39:3a:36:a4:4d:3b:0d:41:da:bf:69:b7:21:47:
                    8c:c1:96:e6:e0:69:f0:96:07:ad:31:80:ed:8e:c4:
                    4f:22:99:8c:5e:1b:82:ae:80:11:1d:7c:ed:cb:f5:
                    8d:63:8b:37:58:45:5f:82:30:13:54:66:89:22:35:
                    5e:56:40:8a:62:d8:e9:84:f4:ae:53:e2:1e:53:58:
                    1d:45:09:77:78:bb:82:c5:f9:73:cf:6e:9d:58:24:
                    03:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:80:30:BC:14:6E:94:23:CB:06:E1:14:39:32:06:A4:BF:39:C8:80
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/cIAwvBRulCPLBuEUOTIGpL85yIA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.34.0/24
                  163.5.38.0/23
                  163.5.60.0/24
                  163.5.63.0/24
                  163.5.88.0/24
                  163.5.90.0/24
                  163.5.93.0/24
                  163.5.100.0-163.5.102.255
                  163.5.108.0/23
                  163.5.116.0/22
                  163.5.130.0/23
                  163.5.133.0-163.5.134.255
                  163.5.147.0/24
                  163.5.161.0/24
                  163.5.171.0/24
                  163.5.174.0/24
                  163.5.177.0/24
                  163.5.189.0/24
                  163.5.192.0/24
                  163.5.225.0-163.5.230.255
                  163.5.238.0/24
                  163.5.240.0/24
                  163.5.243.0/24
                  163.5.245.0-163.5.246.255

    Signature Algorithm: sha256WithRSAEncryption
         0b:5e:df:6e:ce:bf:f0:93:77:8c:dc:9f:54:0a:17:c9:58:be:
         9e:37:3c:b4:b5:46:64:67:3e:f0:dc:3f:a8:08:32:f2:8c:cc:
         ec:a9:aa:e5:7a:d7:5b:e0:a1:af:e0:5a:65:bf:c4:35:01:33:
         c7:12:06:31:df:1f:14:ff:26:df:20:17:9c:54:30:62:da:4c:
         06:dc:d3:b0:56:61:4d:5f:6d:3b:b9:c9:bb:a8:fb:f0:c6:89:
         1b:9f:11:3f:49:c4:d8:f4:f6:29:84:8f:6a:ae:ec:45:36:28:
         8d:2e:19:36:59:ef:a4:7c:0f:94:1d:22:69:9d:c2:a4:f2:1d:
         42:04:df:c2:4b:66:7d:c5:60:5d:4a:74:d6:b1:8c:09:4c:cb:
         f8:77:55:22:97:e1:21:43:61:a1:d0:d1:7d:48:88:0d:ba:78:
         b0:7b:d9:b4:fd:7f:6d:2f:85:8b:0f:f9:15:b1:2c:91:61:31:
         72:ab:d2:b9:d9:c7:e0:81:7c:0d:85:76:fd:69:7b:53:f5:43:
         8f:7e:d0:cd:f9:43:8c:41:0b:64:f7:57:f6:1f:b5:fa:54:2f:
         52:fa:5b:38:8e:18:94:9c:0f:46:6e:4e:97:65:ce:91:ab:83:
         73:d8:8e:60:7d:f4:d3:7a:e9:36:d2:69:2f:89:5c:98:2f:7d:
         8a:bf:26:9c
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYvYFf3BF2n5LQztpXEvURDwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMTE2MTIyMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDgwMzBiYzE0NmU5NDIzY2IwNmUxMTQzOTMyMDZhNGJmMzljODgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8ju7cAlRTWf8bXbYFzbp5gXtEmi
LNvTGQuMSsOJkqFMY7a+SYZ3LWjAEFJg0EFoRvOfHnN1HVnfp3xKpyun+aa689Ky
rhCogwTjsPgIqU7vH6waxgEJTQEGGgPYla4uyOpYB/xx3Dkyn3qzWSVga6RzE+wb
S64/u6F+FMDpcFjY4lpt5PXW/GP1SomJmAB+v3D1ySS+9z9EX5aafCmbD/746ehm
OTo2pE07DUHav2m3IUeMwZbm4GnwlgetMYDtjsRPIpmMXhuCroARHXzty/WNY4s3
WEVfgjATVGaJIjVeVkCKYtjphPSuU+IeU1gdRQl3eLuCxflzz26dWCQDPwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFHCAMLwUbpQjywbhFDkyBqS/OciAMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvY0lBd3ZCUnVsQ1BMQnVFVU9USUdwTDg1eUlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBACj
BSIDBAGjBSYDBACjBTwDBACjBT8DBACjBVgDBACjBVoDBACjBV0wDAMEAqMFZAME
AKMFZgMEAaMFbAMEAqMFdAMEAaMFgjAMAwQAowWFAwQAowWGAwQAowWTAwQAowWh
AwQAowWrAwQAowWuAwQAowWxAwQAowW9AwQAowXAMAwDBACjBeEDBACjBeYDBACj
Be4DBACjBfADBACjBfMwDAMEAKMF9QMEAKMF9jANBgkqhkiG9w0BAQsFAAOCAQEA
C17fbs6/8JN3jNyfVAoXyVi+njc8tLVGZGc+8Nw/qAgy8ozM7Kmq5XrXW+Chr+Ba
Zb/ENQEzxxIGMd8fFP8m3yAXnFQwYtpMBtzTsFZhTV9tO7nJu6j78MaJG58RP0nE
2PT2KYSPaq7sRTYojS4ZNlnvpHwPlB0iaZ3CpPIdQgTfwktmfcVgXUp01rGMCUzL
+HdVIpfhIUNhodDRfUiIDbp4sHvZtP1/bS+Fiw/5FbEskWExcqvSudnH4IF8DYV2
/Wl7U/VDj37QzflDjEELZPdX9h+1+lQvUvpbOI4YlJwPRm5Ol2XOkauDc9iOYH30
03rpNtJpL4lcmC99ir8mnA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:33 2024 by rpki-client on console-ams.rpki-client.org