Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/k9_LrOgVW_nqacHbi0qOOOMmjus.roa
File:                     k9_LrOgVW_nqacHbi0qOOOMmjus.roa (raw, json)
Hash identifier:          UFTTIlgd9TNPeYVvDy5wWcVBYo3qAK81nvzVhlhhB40=
Subject key identifier:   93:DF:CB:AC:E8:15:5B:F9:EA:69:C1:DB:8B:4A:8E:38:E3:26:8E:EB
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018AE1131AB5B7C03C1C587F8AE9A65E8151
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/k9_LrOgVW_nqacHbi0qOOOMmjus.roa
Signing time:             Fri 29 Sep 2023 13:14:00 +0000
ROA not before:           Fri 29 Sep 2023 13:14:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        163.5.230.0/24 maxlen: 24
                          163.5.227.0/24 maxlen: 24
                          163.5.229.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.238.0/24 maxlen: 24
                          163.5.240.0/24 maxlen: 24
                          163.5.246.0/24 maxlen: 24
                          163.5.245.0/24 maxlen: 24
                          163.5.243.0/24 maxlen: 24
                          163.5.88.0/24 maxlen: 24
                          163.5.90.0/24 maxlen: 24
                          163.5.93.0/24 maxlen: 24
                          163.5.102.0/24 maxlen: 24
                          163.5.101.0/24 maxlen: 24
                          163.5.109.0/24 maxlen: 24
                          163.5.108.0/24 maxlen: 24
                          163.5.116.0/24 maxlen: 24
                          163.5.118.0/24 maxlen: 24
                          163.5.117.0/24 maxlen: 24
                          163.5.38.0/24 maxlen: 24
                          163.5.34.0/24 maxlen: 24
                          163.5.39.0/24 maxlen: 24
                          163.5.63.0/24 maxlen: 24
                          163.5.60.0/24 maxlen: 24
                          163.5.174.0/24 maxlen: 24
                          163.5.177.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.192.0/24 maxlen: 24
                          163.5.225.0/24 maxlen: 24
                          163.5.226.0/24 maxlen: 24
                          163.5.119.0/24 maxlen: 24
                          163.5.130.0/24 maxlen: 24
                          163.5.131.0/24 maxlen: 24
                          163.5.133.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.147.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 06 Oct 2023 22:16:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:e1:13:1a:b5:b7:c0:3c:1c:58:7f:8a:e9:a6:5e:81:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Sep 29 13:14:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=93dfcbace8155bf9ea69c1db8b4a8e38e3268eeb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:e6:c6:58:fd:61:3c:fd:f0:97:f3:73:ea:5f:
                    36:b5:da:da:68:0d:77:d4:24:f8:80:21:f1:1e:52:
                    df:d0:de:c3:a2:c0:fa:61:9e:b0:b6:aa:f7:4e:4c:
                    6d:77:59:f4:cb:53:9d:5e:40:ee:55:43:51:e3:8a:
                    19:df:37:0b:a6:5b:d5:60:96:b4:46:20:9b:9c:a1:
                    61:cf:2b:45:e4:7d:46:50:2a:93:fd:64:00:c7:f4:
                    98:35:cd:ea:cb:aa:4b:3a:d8:40:3f:8f:9f:68:79:
                    22:de:6e:4e:1a:a2:e3:6e:af:e8:7c:db:a8:41:2e:
                    60:15:aa:5f:e5:49:b1:f9:ac:1a:a9:5e:8a:d2:a3:
                    f1:82:64:49:ba:66:f5:6a:af:4f:e6:1e:25:87:78:
                    70:ac:67:2b:24:67:1d:04:bb:3c:bf:1c:ce:d8:3c:
                    45:d8:03:39:dc:3d:79:3a:67:1d:c3:36:b5:a7:68:
                    4b:8a:f9:f3:d0:88:6c:30:ac:b3:5c:4e:25:02:13:
                    d4:41:97:bd:1e:1e:47:d1:fd:37:a0:d1:cf:4c:46:
                    e1:00:38:f2:b2:4e:c1:d4:bd:48:63:e3:78:2f:0f:
                    0a:09:4b:c8:15:1c:a8:f8:61:4f:a8:ad:48:9e:dc:
                    44:83:ca:f2:01:a5:b0:28:03:8c:17:1d:0c:29:87:
                    f3:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:DF:CB:AC:E8:15:5B:F9:EA:69:C1:DB:8B:4A:8E:38:E3:26:8E:EB
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/k9_LrOgVW_nqacHbi0qOOOMmjus.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.34.0/24
                  163.5.38.0/23
                  163.5.60.0/24
                  163.5.63.0/24
                  163.5.88.0/24
                  163.5.90.0/24
                  163.5.93.0/24
                  163.5.101.0-163.5.102.255
                  163.5.108.0/23
                  163.5.116.0/22
                  163.5.130.0/23
                  163.5.133.0-163.5.134.255
                  163.5.147.0/24
                  163.5.174.0/24
                  163.5.177.0/24
                  163.5.189.0/24
                  163.5.192.0/24
                  163.5.225.0-163.5.230.255
                  163.5.238.0/24
                  163.5.240.0/24
                  163.5.243.0/24
                  163.5.245.0-163.5.246.255

    Signature Algorithm: sha256WithRSAEncryption
         7d:d4:cf:c9:c2:28:6e:c7:6f:cb:7a:23:9d:d2:bc:6b:5b:a6:
         df:a8:b9:28:53:c9:31:29:2f:f7:be:37:bb:1f:54:bc:16:58:
         3a:36:46:ad:10:b7:5d:45:2c:44:94:00:15:85:0b:61:f5:5c:
         e8:24:f9:66:45:ba:76:63:81:aa:53:cf:61:17:94:4c:f5:35:
         0f:a2:db:0a:b0:19:8f:62:38:94:39:a5:ee:57:35:39:6f:7a:
         a6:8e:b4:91:6c:2a:cf:8e:eb:57:5a:45:33:af:45:f6:79:6b:
         c3:ab:3c:d9:6c:a3:b4:d7:c3:d0:7b:77:cc:ad:12:a3:0a:b5:
         72:05:36:5f:de:93:82:8a:b3:14:f5:29:8c:5a:83:47:18:42:
         88:f0:58:2d:40:37:2d:a6:1f:44:f7:2f:63:f5:96:67:95:3e:
         a1:20:d0:f4:d5:0c:6c:8e:c8:ed:08:d9:ad:7a:a2:c1:f8:6c:
         8d:fa:36:df:1c:c3:3f:81:e0:51:3b:c8:7f:48:0a:6a:4c:69:
         39:59:05:63:27:14:f2:08:7b:c2:eb:26:4a:7d:34:57:ac:4d:
         84:a5:71:c9:38:58:c8:fd:8c:89:f2:50:f1:4c:8f:72:5d:86:
         2b:a2:a1:34:7c:08:d6:8e:24:bd:d4:52:6f:8c:b1:2b:b6:66:
         98:97:ef:fb
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAYrhExq1t8A8HFh/iummXoFRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwOTI5MTMxNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2RmY2JhY2U4MTU1YmY5ZWE2OWMxZGI4YjRhOGUzOGUzMjY4ZWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnObGWP1hPP3wl/Nz6l82tdraaA13
1CT4gCHxHlLf0N7DosD6YZ6wtqr3Tkxtd1n0y1OdXkDuVUNR44oZ3zcLplvVYJa0
RiCbnKFhzytF5H1GUCqT/WQAx/SYNc3qy6pLOthAP4+faHki3m5OGqLjbq/ofNuo
QS5gFapf5Umx+awaqV6K0qPxgmRJumb1aq9P5h4lh3hwrGcrJGcdBLs8vxzO2DxF
2AM53D15Omcdwza1p2hLivnz0IhsMKyzXE4lAhPUQZe9Hh5H0f03oNHPTEbhADjy
sk7B1L1IY+N4Lw8KCUvIFRyo+GFPqK1IntxEg8ryAaWwKAOMFx0MKYfzTQIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFJPfy6zoFVv56mnB24tKjjjjJo7rMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvazlfTHJPZ1ZXX25xYWNIYmkwcU9PT01tanVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBACj
BSIDBAGjBSYDBACjBTwDBACjBT8DBACjBVgDBACjBVoDBACjBV0wDAMEAKMFZQME
AKMFZgMEAaMFbAMEAqMFdAMEAaMFgjAMAwQAowWFAwQAowWGAwQAowWTAwQAowWu
AwQAowWxAwQAowW9AwQAowXAMAwDBACjBeEDBACjBeYDBACjBe4DBACjBfADBACj
BfMwDAMEAKMF9QMEAKMF9jANBgkqhkiG9w0BAQsFAAOCAQEAfdTPycIobsdvy3oj
ndK8a1um36i5KFPJMSkv9743ux9UvBZYOjZGrRC3XUUsRJQAFYULYfVc6CT5ZkW6
dmOBqlPPYReUTPU1D6LbCrAZj2I4lDml7lc1OW96po60kWwqz47rV1pFM69F9nlr
w6s82WyjtNfD0Ht3zK0Sowq1cgU2X96TgoqzFPUpjFqDRxhCiPBYLUA3LaYfRPcv
Y/WWZ5U+oSDQ9NUMbI7I7QjZrXqiwfhsjfo23xzDP4HgUTvIf0gKakxpOVkFYycU
8gh7wusmSn00V6xNhKVxyThYyP2MifJQ8UyPcl2GK6KhNHwI1o4kvdRSb4yxK7Zm
mJfv+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:07 2024 by rpki-client on console-fra.rpki-client.org