Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ePSsVYnIxPSn7us15qcp_Bs4LmA.roa
File:                     ePSsVYnIxPSn7us15qcp_Bs4LmA.roa (raw, json)
Hash identifier:          7ALaTxEMv7OaE9650JwlEOW+gCLMfc/mtUzxtzKOP2U=
Subject key identifier:   78:F4:AC:55:89:C8:C4:F4:A7:EE:EB:35:E6:A7:29:FC:1B:38:2E:60
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01883D3023AF03CA31EAC161AA307E2E860D
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ePSsVYnIxPSn7us15qcp_Bs4LmA.roa
Signing time:             Sun 21 May 2023 07:22:24 +0000
ROA not before:           Sun 21 May 2023 07:22:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        163.5.71.0/24 maxlen: 24
                          163.5.93.0/24 maxlen: 24
                          163.5.102.0/24 maxlen: 24
                          163.5.101.0/24 maxlen: 24
                          163.5.108.0/24 maxlen: 24
                          163.5.116.0/24 maxlen: 24
                          163.5.229.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.238.0/24 maxlen: 24
                          163.5.246.0/24 maxlen: 24
                          163.5.38.0/24 maxlen: 24
                          163.5.39.0/24 maxlen: 24
                          163.5.60.0/24 maxlen: 24
                          163.5.174.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.192.0/24 maxlen: 24
                          163.5.225.0/24 maxlen: 24
                          163.5.131.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 26 May 2023 10:44:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:3d:30:23:af:03:ca:31:ea:c1:61:aa:30:7e:2e:86:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: May 21 07:22:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=78f4ac5589c8c4f4a7eeeb35e6a729fc1b382e60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:c3:c5:ba:75:d5:cc:af:a6:4a:5a:8d:29:f2:
                    64:ec:81:76:af:9e:7e:71:37:ca:db:91:fe:11:fd:
                    d9:a2:89:e3:35:b7:09:89:c9:7b:db:b7:1e:0d:ec:
                    e1:79:f0:fe:96:f1:0d:83:48:9d:ac:fa:1f:db:aa:
                    59:0c:6d:83:ca:8c:5a:31:a9:23:a0:a1:a6:54:79:
                    c3:d0:be:bb:13:c0:f2:af:27:5c:98:5b:56:a6:3f:
                    49:7d:bf:27:1c:e2:1c:07:c5:78:b9:dc:e8:e1:29:
                    70:db:82:d1:bb:f2:60:86:53:8e:44:8b:37:0b:58:
                    7d:80:fe:bc:13:f0:06:8f:54:f3:eb:c5:9c:67:6f:
                    99:5c:00:23:9b:57:07:81:71:c0:94:ff:24:81:67:
                    78:67:1d:0d:4e:af:5a:5e:f1:4c:61:d5:20:b0:bb:
                    90:ed:c5:e6:4b:3a:43:f6:76:05:1f:85:1a:81:de:
                    f9:a2:0d:21:04:31:6d:73:2f:b5:ac:f2:9a:10:51:
                    e2:97:9a:f7:87:2f:ea:32:f8:f6:71:31:92:2d:cb:
                    99:6a:0e:ca:c0:e9:f7:d0:48:87:a7:ff:42:70:09:
                    14:b2:77:15:ed:ba:74:bd:89:24:a7:76:fc:9c:6c:
                    ae:b6:c5:0c:53:32:d1:8c:9c:0b:c8:9b:b7:03:48:
                    e8:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:F4:AC:55:89:C8:C4:F4:A7:EE:EB:35:E6:A7:29:FC:1B:38:2E:60
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ePSsVYnIxPSn7us15qcp_Bs4LmA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.38.0/23
                  163.5.60.0/24
                  163.5.71.0/24
                  163.5.93.0/24
                  163.5.101.0-163.5.102.255
                  163.5.108.0/24
                  163.5.116.0/24
                  163.5.131.0/24
                  163.5.134.0/24
                  163.5.174.0/24
                  163.5.189.0/24
                  163.5.192.0/24
                  163.5.225.0/24
                  163.5.228.0/23
                  163.5.238.0/24
                  163.5.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:a5:49:1e:dc:6e:36:47:94:df:fe:c3:7f:dd:e3:25:26:5c:
         d1:40:8b:0d:aa:74:9f:96:b7:1c:90:cd:2d:6f:43:26:2c:a4:
         8d:ba:cd:e8:e1:97:26:ee:d7:cc:1c:1c:79:63:c8:17:e2:7f:
         3e:04:fe:8d:77:bd:63:2e:a5:13:52:5a:63:74:da:6b:5e:1a:
         04:7a:9f:47:60:67:78:e4:68:52:50:85:89:cc:a0:e7:79:9c:
         1a:98:16:b8:97:2f:bd:8e:89:e7:74:86:0e:ff:53:f5:08:14:
         2e:a6:72:11:e4:37:ca:85:7c:7e:9e:03:58:ad:de:77:e1:53:
         bf:b5:d0:d6:c1:14:e2:13:8b:58:20:95:b2:53:0e:b7:95:1e:
         18:cc:ba:f0:b9:43:8b:55:ee:ca:80:58:68:83:77:06:81:ac:
         ac:4b:1c:d4:3a:e3:cc:44:8d:be:ca:84:58:ac:d0:62:49:72:
         52:ad:ff:9a:4b:04:0c:75:43:66:19:ed:7d:04:ee:bf:ed:f2:
         05:c0:73:c2:64:b4:50:02:5c:b5:fd:a0:76:de:89:86:4a:f3:
         8d:38:43:dd:3b:79:d1:44:4d:c8:2b:3f:f6:81:24:0b:40:8c:
         7b:a4:81:b4:7a:b2:63:83:b1:4a:d6:3c:82:6e:ee:c1:01:54:
         27:e6:f8:eb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYg9MCOvA8ox6sFhqjB+LoYNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNTIxMDcyMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGY0YWM1NTg5YzhjNGY0YTdlZWViMzVlNmE3MjlmYzFiMzgyZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMPFunXVzK+mSlqNKfJk7IF2r55+
cTfK25H+Ef3ZoonjNbcJicl727ceDezhefD+lvENg0idrPof26pZDG2DyoxaMakj
oKGmVHnD0L67E8DyrydcmFtWpj9Jfb8nHOIcB8V4udzo4Slw24LRu/JghlOORIs3
C1h9gP68E/AGj1Tz68WcZ2+ZXAAjm1cHgXHAlP8kgWd4Zx0NTq9aXvFMYdUgsLuQ
7cXmSzpD9nYFH4Uagd75og0hBDFtcy+1rPKaEFHil5r3hy/qMvj2cTGSLcuZag7K
wOn30EiHp/9CcAkUsncV7bp0vYkkp3b8nGyutsUMUzLRjJwLyJu3A0jovwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFHj0rFWJyMT0p+7rNeanKfwbOC5gMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZVBTc1ZZbkl4UFNuN3VzMTVxY3BfQnM0TG1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAaMFJgME
AKMFPAMEAKMFRwMEAKMFXTAMAwQAowVlAwQAowVmAwQAowVsAwQAowV0AwQAowWD
AwQAowWGAwQAowWuAwQAowW9AwQAowXAAwQAowXhAwQBowXkAwQAowXuAwQAowX2
MA0GCSqGSIb3DQEBCwUAA4IBAQCPpUke3G42R5Tf/sN/3eMlJlzRQIsNqnSflrcc
kM0tb0MmLKSNus3o4Zcm7tfMHBx5Y8gX4n8+BP6Nd71jLqUTUlpjdNprXhoEep9H
YGd45GhSUIWJzKDneZwamBa4ly+9jonndIYO/1P1CBQupnIR5DfKhXx+ngNYrd53
4VO/tdDWwRTiE4tYIJWyUw63lR4YzLrwuUOLVe7KgFhog3cGgaysSxzUOuPMRI2+
yoRYrNBiSXJSrf+aSwQMdUNmGe19BO6/7fIFwHPCZLRQAly1/aB23omGSvONOEPd
O3nRRE3IKz/2gSQLQIx7pIG0erJjg7FK1jyCbu7BAVQn5vjr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:07 2024 by rpki-client on console-fra.rpki-client.org