Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/sRaKHJFGHkdBFCKYvfmK9woRNis.roa
File:                     sRaKHJFGHkdBFCKYvfmK9woRNis.roa (raw, json)
Hash identifier:          iRe8SUKinmtSfQ9RuIMC1M1R3ec5JZVJd8PxEc0csWs=
Subject key identifier:   B1:16:8A:1C:91:46:1E:47:41:14:22:98:BD:F9:8A:F7:0A:11:36:2B
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0187D179A08537879F698F2AB5771CF5B5B3
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/sRaKHJFGHkdBFCKYvfmK9woRNis.roa
Signing time:             Sun 30 Apr 2023 09:23:41 +0000
ROA not before:           Sun 30 Apr 2023 09:23:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204372
IP address blocks:        163.5.233.0/24 maxlen: 24
                          163.5.227.0/24 maxlen: 24
                          163.5.230.0/24 maxlen: 24
                          163.5.239.0/24 maxlen: 24
                          163.5.240.0/24 maxlen: 24
                          163.5.244.0/24 maxlen: 24
                          163.5.248.0/24 maxlen: 24
                          163.5.254.0/24 maxlen: 24
                          163.5.86.0/24 maxlen: 24
                          163.5.87.0/24 maxlen: 24
                          163.5.100.0/24 maxlen: 24
                          163.5.99.0/24 maxlen: 24
                          163.5.107.0/24 maxlen: 24
                          163.5.109.0/24 maxlen: 24
                          163.5.117.0/24 maxlen: 24
                          163.5.31.0/24 maxlen: 24
                          163.5.35.0/24 maxlen: 24
                          163.5.61.0/24 maxlen: 24
                          163.5.62.0/24 maxlen: 24
                          163.5.198.0/24 maxlen: 24
                          163.5.202.0/24 maxlen: 24
                          163.5.211.0/24 maxlen: 24
                          163.5.210.0/24 maxlen: 24
                          163.5.216.0/24 maxlen: 24
                          163.5.223.0/24 maxlen: 24
                          163.5.221.0/24 maxlen: 24
                          163.5.226.0/24 maxlen: 24
                          163.5.222.0/24 maxlen: 24
                          163.5.132.0/24 maxlen: 24
                          163.5.130.0/24 maxlen: 24
                          163.5.127.0/24 maxlen: 24
                          163.5.136.0/24 maxlen: 24
                          163.5.138.0/24 maxlen: 24
                          163.5.133.0/24 maxlen: 24
                          163.5.145.0/24 maxlen: 24
                          163.5.149.0/24 maxlen: 24
                          163.5.158.0/24 maxlen: 24
                          163.5.166.0/24 maxlen: 24
                          163.5.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 04 May 2023 09:19:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:d1:79:a0:85:37:87:9f:69:8f:2a:b5:77:1c:f5:b5:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Apr 30 09:23:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b1168a1c91461e4741142298bdf98af70a11362b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:0d:8d:b1:3c:ba:50:64:18:eb:56:f5:64:78:
                    dd:f5:26:93:db:11:48:2e:b4:09:23:a4:2c:bc:0e:
                    f7:99:16:fd:a5:f7:1a:d2:ef:f1:dc:50:8c:b7:7b:
                    15:48:81:6c:28:4f:89:b4:7d:36:bd:50:01:4a:25:
                    ef:62:ce:61:d8:14:fd:e4:30:3c:bb:e5:73:67:c6:
                    64:4f:c8:11:be:ef:01:25:2c:54:19:08:f9:36:a4:
                    3c:d5:aa:35:bb:6f:f4:44:aa:cc:bd:83:eb:09:b5:
                    24:76:7a:6a:53:79:0e:ac:5c:a0:7d:af:94:9d:b4:
                    a2:4d:90:d6:72:f7:d8:8e:ff:37:9a:e9:6d:84:cb:
                    2b:38:a6:ec:f4:fb:47:a2:25:54:bf:f3:7b:22:ce:
                    29:af:e6:ac:62:7e:cf:90:50:c1:3e:ab:3d:88:b8:
                    da:2a:a9:05:5e:a8:f2:80:c8:c1:d3:60:ac:cc:f8:
                    cf:1c:ef:1f:bd:19:75:99:e3:3b:2e:f9:80:6d:af:
                    92:a9:26:5c:d1:f7:4b:b5:df:1a:9d:c2:ae:e9:3b:
                    3d:af:a3:c3:88:ff:6f:25:03:0f:18:3c:ae:3d:e3:
                    3a:24:1d:a5:4e:59:70:1a:ba:2e:64:f7:95:bb:7c:
                    cc:b7:64:b1:8c:dd:72:75:98:aa:1e:c0:95:45:46:
                    8c:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:16:8A:1C:91:46:1E:47:41:14:22:98:BD:F9:8A:F7:0A:11:36:2B
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/sRaKHJFGHkdBFCKYvfmK9woRNis.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.31.0/24
                  163.5.35.0/24
                  163.5.61.0-163.5.62.255
                  163.5.86.0/23
                  163.5.99.0-163.5.100.255
                  163.5.107.0/24
                  163.5.109.0/24
                  163.5.117.0/24
                  163.5.127.0/24
                  163.5.130.0/24
                  163.5.132.0/23
                  163.5.136.0/24
                  163.5.138.0/24
                  163.5.145.0/24
                  163.5.149.0/24
                  163.5.158.0/24
                  163.5.161.0/24
                  163.5.166.0/24
                  163.5.198.0/24
                  163.5.202.0/24
                  163.5.210.0/23
                  163.5.216.0/24
                  163.5.221.0-163.5.223.255
                  163.5.226.0/23
                  163.5.230.0/24
                  163.5.233.0/24
                  163.5.239.0-163.5.240.255
                  163.5.244.0/24
                  163.5.248.0/24
                  163.5.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:9e:b5:55:e6:11:2f:b7:eb:69:79:86:c4:96:8e:83:37:1c:
         fe:52:a9:9f:25:8a:41:46:b4:7f:c8:a9:71:14:88:f4:a9:e4:
         46:45:62:6f:3d:60:e7:25:9b:98:24:35:07:b8:63:9a:b3:bb:
         92:74:8d:a3:34:26:76:63:e3:83:16:7b:fa:f6:c1:1c:ac:5d:
         70:b5:78:65:9b:57:52:05:35:0d:e5:e1:b0:01:f2:d5:08:20:
         d0:17:78:65:80:be:5a:d3:20:c9:4e:31:d4:e3:d3:2b:59:b4:
         eb:6d:f8:73:fa:e6:2d:0c:8d:aa:39:ed:60:f8:36:f1:00:2e:
         e2:26:cf:94:cf:a5:6f:dd:6a:b6:80:fe:84:54:1b:16:27:dd:
         a7:3c:e7:4d:3e:58:f7:76:d6:cd:c4:f2:51:78:7e:3c:f9:20:
         d7:b9:a5:c7:1c:fc:66:80:9b:9c:36:33:69:cb:a2:06:1c:9b:
         e0:8c:0a:4a:50:70:84:ff:03:2e:ba:06:24:29:5a:0b:49:cb:
         01:51:72:dc:98:82:fa:b3:fc:44:33:77:38:99:0b:2a:95:57:
         f8:97:20:69:8f:aa:ff:50:41:a9:b0:58:32:55:66:49:c8:c1:
         63:a5:37:26:ab:82:a1:e8:3c:af:96:ed:af:8b:a3:f5:f1:86:
         79:4e:68:8a
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAYfReaCFN4efaY8qtXcc9bWzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNDMwMDkyMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTE2OGExYzkxNDYxZTQ3NDExNDIyOThiZGY5OGFmNzBhMTEzNjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQ2NsTy6UGQY61b1ZHjd9SaT2xFI
LrQJI6QsvA73mRb9pfca0u/x3FCMt3sVSIFsKE+JtH02vVABSiXvYs5h2BT95DA8
u+VzZ8ZkT8gRvu8BJSxUGQj5NqQ81ao1u2/0RKrMvYPrCbUkdnpqU3kOrFygfa+U
nbSiTZDWcvfYjv83multhMsrOKbs9PtHoiVUv/N7Is4pr+asYn7PkFDBPqs9iLja
KqkFXqjygMjB02CszPjPHO8fvRl1meM7LvmAba+SqSZc0fdLtd8ancKu6Ts9r6PD
iP9vJQMPGDyuPeM6JB2lTllwGrouZPeVu3zMt2SxjN1ydZiqHsCVRUaM5wIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFLEWihyRRh5HQRQimL35ivcKETYrMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvc1JhS0hKRkdIa2RCRkNLWXZmbUs5d29STmlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCB2wQCAAEwgdQDBACj
BR8DBACjBSMwDAMEAKMFPQMEAKMFPgMEAaMFVjAMAwQAowVjAwQAowVkAwQAowVr
AwQAowVtAwQAowV1AwQAowV/AwQAowWCAwQBowWEAwQAowWIAwQAowWKAwQAowWR
AwQAowWVAwQAowWeAwQAowWhAwQAowWmAwQAowXGAwQAowXKAwQBowXSAwQAowXY
MAwDBACjBd0DBAWjBcADBAGjBeIDBACjBeYDBACjBekwDAMEAKMF7wMEAKMF8AME
AKMF9AMEAKMF+AMEAKMF/jANBgkqhkiG9w0BAQsFAAOCAQEALZ61VeYRL7fraXmG
xJaOgzcc/lKpnyWKQUa0f8ipcRSI9KnkRkVibz1g5yWbmCQ1B7hjmrO7knSNozQm
dmPjgxZ7+vbBHKxdcLV4ZZtXUgU1DeXhsAHy1Qgg0Bd4ZYC+WtMgyU4x1OPTK1m0
6234c/rmLQyNqjntYPg28QAu4ibPlM+lb91qtoD+hFQbFifdpzznTT5Y93bWzcTy
UXh+PPkg17mlxxz8ZoCbnDYzacuiBhyb4IwKSlBwhP8DLroGJClaC0nLAVFy3JiC
+rP8RDN3OJkLKpVX+JcgaY+q/1BBqbBYMlVmScjBY6U3JquCoeg8r5btr4uj9fGG
eU5oig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:08 2024 by rpki-client on console-fra.rpki-client.org