Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/jzpqwUfHdfNPxmOrWCyk9hyfaiE.roa
File:                     jzpqwUfHdfNPxmOrWCyk9hyfaiE.roa (raw, json)
Hash identifier:          TKqnTGfG/GpMiFLo64NuwjI59ZfF2fLcOYKezyk164U=
Subject key identifier:   8F:3A:6A:C1:47:C7:75:F3:4F:C6:63:AB:58:2C:A4:F6:1C:9F:6A:21
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018C78920B869595EE3926F0D16ACA56D8B7
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/jzpqwUfHdfNPxmOrWCyk9hyfaiE.roa
Signing time:             Sun 17 Dec 2023 16:18:06 +0000
ROA not before:           Sun 17 Dec 2023 16:18:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        163.5.230.0/24 maxlen: 24
                          163.5.227.0/24 maxlen: 24
                          163.5.229.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.238.0/24 maxlen: 24
                          163.5.240.0/24 maxlen: 24
                          163.5.246.0/24 maxlen: 24
                          163.5.245.0/24 maxlen: 24
                          163.5.243.0/24 maxlen: 24
                          163.5.88.0/24 maxlen: 24
                          163.5.90.0/24 maxlen: 24
                          163.5.93.0/24 maxlen: 24
                          163.5.100.0/24 maxlen: 24
                          163.5.102.0/24 maxlen: 24
                          163.5.101.0/24 maxlen: 24
                          163.5.109.0/24 maxlen: 24
                          163.5.108.0/24 maxlen: 24
                          163.5.114.0/24 maxlen: 24
                          163.5.116.0/24 maxlen: 24
                          163.5.118.0/24 maxlen: 24
                          163.5.117.0/24 maxlen: 24
                          163.5.38.0/24 maxlen: 24
                          163.5.39.0/24 maxlen: 24
                          163.5.38.0/23 maxlen: 23
                          163.5.63.0/24 maxlen: 24
                          163.5.60.0/24 maxlen: 24
                          163.5.179.0/24 maxlen: 24
                          163.5.174.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.192.0/24 maxlen: 24
                          163.5.225.0/24 maxlen: 24
                          163.5.226.0/24 maxlen: 24
                          163.5.119.0/24 maxlen: 24
                          163.5.130.0/24 maxlen: 24
                          163.5.131.0/24 maxlen: 24
                          163.5.133.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.147.0/24 maxlen: 24
                          163.5.161.0/24 maxlen: 24
                          163.5.171.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 22 Dec 2023 11:10:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:78:92:0b:86:95:95:ee:39:26:f0:d1:6a:ca:56:d8:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Dec 17 16:18:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8f3a6ac147c775f34fc663ab582ca4f61c9f6a21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:2f:ce:40:5d:5f:48:ae:c9:b9:d1:62:06:fe:
                    26:cf:ed:81:c2:e3:21:a3:f1:e8:e4:4f:c2:df:ca:
                    ba:a6:16:d9:b3:5d:5d:6e:71:1d:62:6f:3c:01:d5:
                    55:b2:c8:97:31:98:3a:f3:bf:af:d9:16:a5:0f:0a:
                    37:cf:30:d9:fe:3d:e8:83:e4:b8:7f:8f:80:5e:a4:
                    b0:e2:a8:5f:75:97:23:3f:6d:35:e7:9d:96:f3:d9:
                    29:3d:ca:61:60:7b:c4:71:a0:9c:25:e5:af:32:dd:
                    b7:ae:60:0d:9f:07:90:a8:b5:e7:79:a7:ee:55:bf:
                    5f:12:1b:dc:ad:60:1b:1f:4c:12:98:d0:a7:47:08:
                    7c:eb:49:02:2e:e8:da:ed:45:c7:26:9a:67:21:6a:
                    f4:1f:a0:b5:f6:e8:02:9a:dd:bf:71:f1:b1:d6:40:
                    47:03:13:0d:f9:1f:a1:49:9d:ca:6e:ef:01:99:87:
                    18:74:8d:b5:1c:ac:3b:51:16:12:c4:3e:77:fb:ab:
                    db:fb:9a:ee:7e:53:9c:9d:76:a6:c4:7a:93:21:20:
                    32:0f:46:9e:4b:fe:16:ed:ee:40:53:bf:99:a4:3e:
                    ec:2f:23:8b:8a:45:59:c4:ca:d8:bf:a9:f8:c4:9c:
                    a1:1d:1f:33:5b:4a:31:85:c8:55:e7:03:61:e7:96:
                    2e:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:3A:6A:C1:47:C7:75:F3:4F:C6:63:AB:58:2C:A4:F6:1C:9F:6A:21
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/jzpqwUfHdfNPxmOrWCyk9hyfaiE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.38.0/23
                  163.5.60.0/24
                  163.5.63.0/24
                  163.5.88.0/24
                  163.5.90.0/24
                  163.5.93.0/24
                  163.5.100.0-163.5.102.255
                  163.5.108.0/23
                  163.5.114.0/24
                  163.5.116.0/22
                  163.5.130.0/23
                  163.5.133.0-163.5.134.255
                  163.5.147.0/24
                  163.5.161.0/24
                  163.5.171.0/24
                  163.5.174.0/24
                  163.5.179.0/24
                  163.5.189.0/24
                  163.5.192.0/24
                  163.5.225.0-163.5.230.255
                  163.5.238.0/24
                  163.5.240.0/24
                  163.5.243.0/24
                  163.5.245.0-163.5.246.255

    Signature Algorithm: sha256WithRSAEncryption
         71:73:a8:b1:fe:fd:02:a3:a7:9a:dc:5c:dc:52:2d:c2:6a:7e:
         ca:2c:74:b9:17:43:4c:e0:85:cc:30:eb:71:45:1a:96:96:b3:
         8a:02:ea:da:54:02:ec:84:14:13:ca:90:53:0e:36:19:06:90:
         32:2e:fa:c8:f1:ac:31:2b:de:1e:b0:5c:8f:82:d2:9a:84:66:
         98:a5:ec:b9:1c:ea:c1:05:0f:0a:b9:28:14:cc:18:af:57:77:
         58:7e:9f:fa:53:a4:83:de:7c:6a:05:56:54:73:fa:d1:ce:42:
         65:e8:6e:e8:d1:85:c2:ed:65:1b:8d:69:5b:9a:b4:61:ce:67:
         d5:67:38:89:8b:ba:eb:57:5f:03:5e:32:a1:f6:d5:2b:3c:67:
         fc:be:ea:49:d4:23:f8:00:dd:66:df:08:a9:d9:f5:31:7a:11:
         f4:b1:9d:9b:86:a5:d2:33:c3:03:b6:ce:67:80:34:a1:c3:d7:
         31:2f:9d:d6:98:7e:0c:46:d7:71:88:4e:e8:b3:97:2d:5b:3b:
         a7:a1:df:fd:ec:45:cb:96:f3:53:d3:74:39:47:f0:18:ba:f4:
         e4:a2:8d:01:63:ea:52:3f:d3:4f:e9:ff:a7:41:52:af:3b:29:
         a1:fc:58:fc:91:5d:a5:7f:de:a9:ba:c0:c2:c9:e6:80:2e:87:
         49:52:26:ca
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYx4kguGlZXuOSbw0WrKVti3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMjE3MTYxODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjNhNmFjMTQ3Yzc3NWYzNGZjNjYzYWI1ODJjYTRmNjFjOWY2YTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiC/OQF1fSK7JudFiBv4mz+2BwuMh
o/Ho5E/C38q6phbZs11dbnEdYm88AdVVssiXMZg687+v2RalDwo3zzDZ/j3og+S4
f4+AXqSw4qhfdZcjP201552W89kpPcphYHvEcaCcJeWvMt23rmANnweQqLXneafu
Vb9fEhvcrWAbH0wSmNCnRwh860kCLuja7UXHJppnIWr0H6C19ugCmt2/cfGx1kBH
AxMN+R+hSZ3Kbu8BmYcYdI21HKw7URYSxD53+6vb+5ruflOcnXamxHqTISAyD0ae
S/4W7e5AU7+ZpD7sLyOLikVZxMrYv6n4xJyhHR8zW0oxhchV5wNh55YuFwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFI86asFHx3XzT8Zjq1gspPYcn2ohMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvanpwcXdVZkhkZk5QeG1PcldDeWs5aHlmYWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAGj
BSYDBACjBTwDBACjBT8DBACjBVgDBACjBVoDBACjBV0wDAMEAqMFZAMEAKMFZgME
AaMFbAMEAKMFcgMEAqMFdAMEAaMFgjAMAwQAowWFAwQAowWGAwQAowWTAwQAowWh
AwQAowWrAwQAowWuAwQAowWzAwQAowW9AwQAowXAMAwDBACjBeEDBACjBeYDBACj
Be4DBACjBfADBACjBfMwDAMEAKMF9QMEAKMF9jANBgkqhkiG9w0BAQsFAAOCAQEA
cXOosf79AqOnmtxc3FItwmp+yix0uRdDTOCFzDDrcUUalpazigLq2lQC7IQUE8qQ
Uw42GQaQMi76yPGsMSveHrBcj4LSmoRmmKXsuRzqwQUPCrkoFMwYr1d3WH6f+lOk
g958agVWVHP60c5CZehu6NGFwu1lG41pW5q0Yc5n1Wc4iYu661dfA14yofbVKzxn
/L7qSdQj+ADdZt8Iqdn1MXoR9LGdm4al0jPDA7bOZ4A0ocPXMS+d1ph+DEbXcYhO
6LOXLVs7p6Hf/exFy5bzU9N0OUfwGLr05KKNAWPqUj/TT+n/p0FSrzspofxY/JFd
pX/eqbrAwsnmgC6HSVImyg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:34 2024 by rpki-client on console-ams.rpki-client.org