Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/dvW7fcja1Z6ByjkMALVCps1JVmw.roa
File:                     dvW7fcja1Z6ByjkMALVCps1JVmw.roa (raw, json)
Hash identifier:          9HB05/CmulhYHiWmC1excP7coK1Exj0yf92w0BgIS2Y=
Subject key identifier:   76:F5:BB:7D:C8:DA:D5:9E:81:CA:39:0C:00:B5:42:A6:CD:49:56:6C
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0187ADBDAC93E73184574C17C0B6827BD641
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/dvW7fcja1Z6ByjkMALVCps1JVmw.roa
Signing time:             Sun 23 Apr 2023 10:51:41 +0000
ROA not before:           Sun 23 Apr 2023 10:51:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        163.5.105.0/24 maxlen: 24
                          163.5.106.0/24 maxlen: 24
                          163.5.115.0/24 maxlen: 24
                          163.5.118.0/24 maxlen: 24
                          163.5.229.0/24 maxlen: 24
                          163.5.242.0/24 maxlen: 24
                          163.5.32.0/24 maxlen: 24
                          163.5.212.0/24 maxlen: 24
                          163.5.220.0/24 maxlen: 24
                          163.5.119.0/24 maxlen: 24
                          163.5.153.0/24 maxlen: 24
                          163.5.159.0/24 maxlen: 24
                          163.5.168.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 24 Apr 2023 03:51:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:ad:bd:ac:93:e7:31:84:57:4c:17:c0:b6:82:7b:d6:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Apr 23 10:51:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=76f5bb7dc8dad59e81ca390c00b542a6cd49566c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:2b:22:ed:b0:a1:9b:52:57:29:09:ed:40:fa:
                    7a:c0:b5:d4:20:f1:b9:1d:95:32:22:09:ee:dd:23:
                    c6:15:32:bc:4a:97:22:c2:c6:f4:c4:3c:1b:e4:a1:
                    54:77:f1:5b:ba:55:1b:33:41:08:91:da:c3:41:9c:
                    cd:44:c5:60:fd:84:e4:b1:1b:fd:cc:e6:bf:fe:2f:
                    bf:a6:64:75:47:29:d4:cd:32:91:3f:8c:e3:1e:b5:
                    48:6a:0f:a5:25:4c:ad:34:6c:26:42:ef:1b:f3:e7:
                    e3:df:f5:fa:d0:fe:4b:4a:28:b0:4c:ea:a0:f9:26:
                    c5:09:85:03:52:3c:96:e0:07:17:cf:ed:f0:27:42:
                    dc:40:74:47:94:4e:d6:88:60:44:25:78:e2:65:25:
                    13:6a:77:59:75:f2:82:c1:ec:be:ff:ec:77:b3:c1:
                    d6:f6:8a:23:af:a2:7f:6d:4f:12:cd:96:96:d4:f6:
                    53:3f:b9:68:5f:aa:b9:60:1e:ed:8a:1f:26:d0:d2:
                    ec:75:4f:46:3a:89:3c:18:1c:59:83:85:82:30:de:
                    b5:80:d1:2a:fe:be:89:e2:df:55:a9:04:dd:53:6f:
                    c2:0d:9e:85:81:d2:fb:ac:a6:5e:39:3f:ae:6e:f9:
                    56:34:02:e1:23:20:27:4a:d2:80:42:8b:fd:62:55:
                    81:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:F5:BB:7D:C8:DA:D5:9E:81:CA:39:0C:00:B5:42:A6:CD:49:56:6C
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/dvW7fcja1Z6ByjkMALVCps1JVmw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.32.0/24
                  163.5.105.0-163.5.106.255
                  163.5.115.0/24
                  163.5.118.0/23
                  163.5.153.0/24
                  163.5.159.0/24
                  163.5.168.0/24
                  163.5.212.0/24
                  163.5.220.0/24
                  163.5.229.0/24
                  163.5.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:65:f8:3a:f6:d3:d4:3b:11:78:84:5d:67:7a:9f:38:c4:47:
         82:34:d3:1a:84:db:59:59:0b:22:75:82:14:2c:29:d9:b1:f2:
         f1:cc:54:83:8f:76:b5:d7:a9:43:5a:2f:96:08:e5:c4:93:06:
         03:f8:9a:34:ff:9d:44:42:b3:d8:df:ef:9e:3c:47:ef:27:31:
         17:e8:eb:22:32:db:10:17:56:8e:29:75:f2:de:e7:e7:c8:f8:
         17:3c:59:3f:fc:1f:ef:9e:42:53:2c:33:b4:d3:74:06:3c:ee:
         ba:12:97:51:8c:72:e3:44:b7:fe:e6:5f:ae:78:00:35:e1:4a:
         08:fe:04:21:25:a4:ce:3f:ae:1c:c2:96:5f:43:13:69:f0:95:
         f5:f0:04:e7:5c:dc:94:75:e4:f5:b6:a0:dd:35:75:11:54:aa:
         c6:35:e3:7c:ba:61:ef:b1:a7:c9:03:70:3b:74:a9:e3:69:5a:
         a2:df:66:9c:7b:bb:dd:df:ed:cc:cb:bc:ef:db:33:db:3d:75:
         fc:9b:a1:52:ff:ca:47:35:8c:71:0f:6b:e0:ed:8f:8c:ed:f1:
         3b:fd:2c:5f:4d:fb:ce:5f:31:dd:77:60:9c:a1:b8:48:3a:ee:
         6c:3b:d4:af:73:dc:54:be:f3:e0:40:61:dc:0d:79:63:96:30:
         36:6f:1c:67
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYetvayT5zGEV0wXwLaCe9ZBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNDIzMTA1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmY1YmI3ZGM4ZGFkNTllODFjYTM5MGMwMGI1NDJhNmNkNDk1NjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSsi7bChm1JXKQntQPp6wLXUIPG5
HZUyIgnu3SPGFTK8Spciwsb0xDwb5KFUd/FbulUbM0EIkdrDQZzNRMVg/YTksRv9
zOa//i+/pmR1RynUzTKRP4zjHrVIag+lJUytNGwmQu8b8+fj3/X60P5LSiiwTOqg
+SbFCYUDUjyW4AcXz+3wJ0LcQHRHlE7WiGBEJXjiZSUTandZdfKCwey+/+x3s8HW
9oojr6J/bU8SzZaW1PZTP7loX6q5YB7tih8m0NLsdU9GOok8GBxZg4WCMN61gNEq
/r6J4t9VqQTdU2/CDZ6FgdL7rKZeOT+ubvlWNALhIyAnStKAQov9YlWB4wIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFHb1u33I2tWegco5DAC1QqbNSVZsMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZHZXN2ZjamExWjZCeWprTUFMVkNwczFKVm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAowUgMAwD
BACjBWkDBACjBWoDBACjBXMDBAGjBXYDBACjBZkDBACjBZ8DBACjBagDBACjBdQD
BACjBdwDBACjBeUDBACjBfIwDQYJKoZIhvcNAQELBQADggEBABJl+Dr209Q7EXiE
XWd6nzjER4I00xqE21lZCyJ1ghQsKdmx8vHMVIOPdrXXqUNaL5YI5cSTBgP4mjT/
nURCs9jf7548R+8nMRfo6yIy2xAXVo4pdfLe5+fI+Bc8WT/8H++eQlMsM7TTdAY8
7roSl1GMcuNEt/7mX654ADXhSgj+BCElpM4/rhzCll9DE2nwlfXwBOdc3JR15PW2
oN01dRFUqsY143y6Ye+xp8kDcDt0qeNpWqLfZpx7u93f7czLvO/bM9s9dfyboVL/
ykc1jHEPa+Dtj4zt8Tv9LF9N+85fMd13YJyhuEg67mw71K9z3FS+8+BAYdwNeWOW
MDZvHGc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:34 2024 by rpki-client on console-ams.rpki-client.org