Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/py2YnnsIgkEd2DywdVwh1E6wGUE.roa
File:                     py2YnnsIgkEd2DywdVwh1E6wGUE.roa (raw, json)
Hash identifier:          vPa1coQLIgX4ZLZHHzunFKnIlFiX5f+AHJwQGKPDkrc=
Subject key identifier:   A7:2D:98:9E:7B:08:82:41:1D:D8:3C:B0:75:5C:21:D4:4E:B0:19:41
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01892660E1DF4E056C4E0618935A8306389F
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/py2YnnsIgkEd2DywdVwh1E6wGUE.roa
Signing time:             Wed 05 Jul 2023 14:07:10 +0000
ROA not before:           Wed 05 Jul 2023 14:07:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204372
IP address blocks:        163.5.99.0/24 maxlen: 24
                          163.5.230.0/24 maxlen: 24
                          163.5.31.0/24 maxlen: 24
                          163.5.35.0/24 maxlen: 24
                          163.5.248.0/24 maxlen: 24
                          163.5.254.0/24 maxlen: 24
                          163.5.61.0/24 maxlen: 24
                          163.5.62.0/24 maxlen: 24
                          163.5.202.0/24 maxlen: 24
                          163.5.210.0/24 maxlen: 24
                          163.5.211.0/24 maxlen: 24
                          163.5.216.0/24 maxlen: 24
                          163.5.223.0/24 maxlen: 24
                          163.5.226.0/24 maxlen: 24
                          163.5.221.0/24 maxlen: 24
                          163.5.127.0/24 maxlen: 24
                          163.5.136.0/24 maxlen: 24
                          163.5.138.0/24 maxlen: 24
                          163.5.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 09 Jul 2023 11:06:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:26:60:e1:df:4e:05:6c:4e:06:18:93:5a:83:06:38:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jul  5 14:07:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a72d989e7b0882411dd83cb0755c21d44eb01941
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:bf:6b:60:ca:5f:ca:3d:02:00:b3:a0:bf:a6:
                    74:a6:eb:a2:ba:16:e5:fa:6f:11:4e:32:76:56:dc:
                    33:55:be:f6:13:32:f0:62:be:17:ce:11:92:c3:8f:
                    dd:73:b7:b1:9a:80:7a:dd:38:fe:d6:2a:f1:4e:c2:
                    01:ef:16:7c:4f:d2:a7:66:0d:94:22:b2:c3:71:3a:
                    08:68:d4:16:0d:f9:7a:5d:a2:0e:2d:a0:cd:23:f4:
                    15:59:6e:1c:99:32:bb:d6:2c:cd:4a:93:e8:7c:e5:
                    93:8b:65:79:db:6b:1b:17:a4:ed:13:b3:52:b6:24:
                    1c:24:e6:1a:3c:c9:bf:a6:cf:aa:58:e8:4f:96:84:
                    ab:2c:10:62:f0:fb:ee:98:e8:53:67:14:f8:27:6d:
                    0c:89:98:c4:08:7a:39:82:4c:39:86:5a:35:c9:c6:
                    84:ef:d9:1e:19:32:30:f6:59:cc:ed:b4:8d:5a:5b:
                    35:12:5e:ed:8d:97:68:d6:e3:5e:5d:f4:91:f6:d3:
                    a2:20:cc:df:53:a9:0f:dc:2f:95:66:85:79:95:d6:
                    23:59:b6:52:0d:fc:3b:28:52:c9:52:a2:85:11:2d:
                    b9:69:95:4d:7c:78:36:25:42:3b:41:fd:57:bc:50:
                    8e:aa:98:45:c7:6c:50:ba:fb:75:58:bf:ce:d1:87:
                    67:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:2D:98:9E:7B:08:82:41:1D:D8:3C:B0:75:5C:21:D4:4E:B0:19:41
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/py2YnnsIgkEd2DywdVwh1E6wGUE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.31.0/24
                  163.5.35.0/24
                  163.5.61.0-163.5.62.255
                  163.5.99.0/24
                  163.5.127.0/24
                  163.5.136.0/24
                  163.5.138.0/24
                  163.5.161.0/24
                  163.5.202.0/24
                  163.5.210.0/23
                  163.5.216.0/24
                  163.5.221.0/24
                  163.5.223.0/24
                  163.5.226.0/24
                  163.5.230.0/24
                  163.5.248.0/24
                  163.5.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:f3:dc:b1:85:c9:9e:33:3c:8e:aa:ff:c9:db:5c:44:15:20:
         0e:8a:ca:2f:b0:45:93:da:5b:ba:58:f8:99:ed:b7:e3:4c:be:
         69:c7:cf:11:a5:5c:f7:12:c0:f7:ca:24:1a:38:6b:bb:63:95:
         91:06:27:22:c7:d5:02:92:d8:c1:49:05:dc:77:52:15:de:9e:
         e9:f1:02:bf:b0:4a:14:24:76:8c:fc:f7:8f:c9:ff:ae:61:93:
         a4:f1:e1:b2:38:d3:bd:40:a2:23:a3:4a:8f:53:57:fd:bf:6f:
         b2:1a:88:c1:02:16:0c:33:a3:8a:aa:e2:98:62:ad:d9:78:fe:
         f7:be:ab:09:d0:6c:51:9e:b8:4a:e0:76:e1:da:7e:51:d3:62:
         54:11:69:90:0f:da:e4:c1:11:d2:66:2f:1d:7c:1c:f6:46:3a:
         90:63:f9:f9:7c:e2:73:37:ea:2f:0d:b3:72:af:e3:a8:9c:cc:
         ba:26:5b:1c:ac:59:d3:f0:12:77:02:e0:d8:59:ee:74:85:3a:
         bd:47:9c:b8:49:63:5a:05:d5:9b:d1:0d:c9:6e:9d:e2:e9:e9:
         62:be:6b:d5:a8:14:1c:13:10:6f:a0:8e:64:9a:6a:ed:2c:16:
         40:ae:25:64:19:9a:87:2a:cb:fa:73:21:18:ec:57:aa:62:cb:
         b3:bf:98:19
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYkmYOHfTgVsTgYYk1qDBjifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNzA1MTQwNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzJkOTg5ZTdiMDg4MjQxMWRkODNjYjA3NTVjMjFkNDRlYjAxOTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnL9rYMpfyj0CALOgv6Z0puuiuhbl
+m8RTjJ2VtwzVb72EzLwYr4XzhGSw4/dc7exmoB63Tj+1irxTsIB7xZ8T9KnZg2U
IrLDcToIaNQWDfl6XaIOLaDNI/QVWW4cmTK71izNSpPofOWTi2V522sbF6TtE7NS
tiQcJOYaPMm/ps+qWOhPloSrLBBi8PvumOhTZxT4J20MiZjECHo5gkw5hlo1ycaE
79keGTIw9lnM7bSNWls1El7tjZdo1uNeXfSR9tOiIMzfU6kP3C+VZoV5ldYjWbZS
Dfw7KFLJUqKFES25aZVNfHg2JUI7Qf1XvFCOqphFx2xQuvt1WL/O0YdnIQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFKctmJ57CIJBHdg8sHVcIdROsBlBMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcHkyWW5uc0lna0VkMkR5d2RWd2gxRTZ3R1VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAKMFHwME
AKMFIzAMAwQAowU9AwQAowU+AwQAowVjAwQAowV/AwQAowWIAwQAowWKAwQAowWh
AwQAowXKAwQBowXSAwQAowXYAwQAowXdAwQAowXfAwQAowXiAwQAowXmAwQAowX4
AwQAowX+MA0GCSqGSIb3DQEBCwUAA4IBAQBk89yxhcmeMzyOqv/J21xEFSAOisov
sEWT2lu6WPiZ7bfjTL5px88RpVz3EsD3yiQaOGu7Y5WRBicix9UCktjBSQXcd1IV
3p7p8QK/sEoUJHaM/PePyf+uYZOk8eGyONO9QKIjo0qPU1f9v2+yGojBAhYMM6OK
quKYYq3ZeP73vqsJ0GxRnrhK4Hbh2n5R02JUEWmQD9rkwRHSZi8dfBz2RjqQY/n5
fOJzN+ovDbNyr+OonMy6JlscrFnT8BJ3AuDYWe50hTq9R5y4SWNaBdWb0Q3Jbp3i
6elivmvVqBQcExBvoI5kmmrtLBZAriVkGZqHKsv6cyEY7FeqYsuzv5gZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:35 2024 by rpki-client on console-ams.rpki-client.org