Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/yLTOczCzFzicTirXi66d1igaYUM.roa
File:                     yLTOczCzFzicTirXi66d1igaYUM.roa (raw, json)
Hash identifier:          aZAlwUsXk1pxiCCK4YjgC2iRY8xJ8d9VrBo2RvqKI44=
Subject key identifier:   C8:B4:CE:73:30:B3:17:38:9C:4E:2A:D7:8B:AE:9D:D6:28:1A:61:43
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0185817FA0EEADE9A892940E8BE77CAB974F
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/yLTOczCzFzicTirXi66d1igaYUM.roa
Signing time:             Thu 05 Jan 2023 10:35:03 +0000
ROA not before:           Thu 05 Jan 2023 10:35:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211936
IP address blocks:        163.5.106.0/24 maxlen: 24
                          163.5.115.0/24 maxlen: 24
                          163.5.118.0/24 maxlen: 24
                          163.5.229.0/24 maxlen: 24
                          163.5.212.0/24 maxlen: 24
                          163.5.215.0/24 maxlen: 24
                          163.5.220.0/24 maxlen: 24
                          163.5.225.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.119.0/24 maxlen: 24
                          163.5.153.0/24 maxlen: 24
                          163.5.159.0/24 maxlen: 24
                          163.5.168.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 09 Jan 2023 11:27:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:81:7f:a0:ee:ad:e9:a8:92:94:0e:8b:e7:7c:ab:97:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan  5 10:35:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c8b4ce7330b317389c4e2ad78bae9dd6281a6143
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:37:83:b1:4d:df:72:3f:43:b6:8e:d4:ff:42:
                    27:b7:3a:ee:46:3e:04:90:10:49:22:71:30:93:14:
                    f6:a3:aa:e2:3b:cc:f5:20:a9:4a:d4:cb:12:5e:4d:
                    d2:cb:a9:85:44:e8:96:26:f0:bd:6e:86:05:9f:32:
                    5c:2d:91:0e:59:2b:ed:17:33:ac:5a:74:ec:5a:4c:
                    d9:6d:db:ce:2f:68:70:f8:88:91:76:b8:bc:54:b9:
                    65:94:78:b4:d7:52:da:8f:49:77:f1:a7:14:02:c5:
                    86:84:0d:e2:2c:ca:df:e9:ac:2f:46:d6:13:9f:62:
                    ba:3a:f5:a7:d9:d2:bf:63:f4:83:85:d5:38:fd:ea:
                    cc:f9:1e:66:05:c2:ca:5d:d1:01:3b:2a:00:ea:d0:
                    5a:db:d2:1d:11:fa:ff:fc:d8:2d:71:39:fb:2a:0d:
                    69:52:db:0e:0f:ea:58:2e:66:ba:3c:37:c5:52:3a:
                    2f:90:f0:c3:9c:c9:ea:39:58:ad:4a:72:f0:e4:66:
                    85:76:f9:ee:cc:91:e7:0c:9b:e1:47:d9:ea:74:0d:
                    04:98:8c:72:c9:53:8d:69:e6:d6:9a:6c:0d:c4:bb:
                    67:d6:f6:d5:55:d9:ac:c8:45:f9:ba:13:7d:67:2d:
                    63:ad:08:b0:6e:e0:6b:a4:18:45:be:3d:d4:28:1c:
                    ce:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:B4:CE:73:30:B3:17:38:9C:4E:2A:D7:8B:AE:9D:D6:28:1A:61:43
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/yLTOczCzFzicTirXi66d1igaYUM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.106.0/24
                  163.5.115.0/24
                  163.5.118.0/23
                  163.5.121.0/24
                  163.5.153.0/24
                  163.5.159.0/24
                  163.5.168.0/24
                  163.5.212.0/24
                  163.5.215.0/24
                  163.5.220.0/24
                  163.5.225.0/24
                  163.5.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:4a:d9:0b:45:97:29:61:59:5e:76:62:6a:d7:1e:ae:4f:50:
         37:f1:e8:79:7f:a1:74:ce:4f:15:b6:80:a0:91:f4:ee:9f:2e:
         b5:2c:78:3b:24:78:c8:d9:20:14:2b:f6:35:d6:37:8a:0d:24:
         18:91:f5:cf:5d:1b:c2:a9:de:8b:e5:ce:59:a7:07:2d:ec:2f:
         b7:04:c3:f5:74:78:18:8b:f9:e0:92:0c:71:6d:f2:d2:cc:c9:
         61:99:2a:2a:9f:ae:9e:71:0b:aa:d5:e6:b9:99:a5:b9:bd:d0:
         d0:b6:ed:f8:44:20:3b:28:f4:18:49:16:b8:2a:29:26:05:39:
         3e:57:0c:11:9e:6e:40:51:b5:f1:1d:8c:d9:a1:fa:09:4d:b7:
         ed:ed:f0:34:7e:ee:27:4e:44:a0:20:35:8b:60:e3:0e:0c:44:
         50:6c:9a:c6:9b:09:ba:a9:a6:a5:99:d9:36:ad:ce:72:a3:a6:
         7a:71:ac:3a:e1:b4:45:ab:9b:5e:c8:53:72:17:cb:4d:db:91:
         d6:3b:8e:3f:50:32:23:34:70:88:75:cd:3b:d3:0c:87:eb:bc:
         0f:fa:7a:f5:d7:0e:03:0d:d7:c1:7f:ed:ad:8b:32:ae:d9:f3:
         d8:b9:d7:2a:74:17:e0:ea:b8:08:13:fd:ab:f7:60:fa:79:22:
         ee:58:ef:29
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYWBf6DuremokpQOi+d8q5dPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMTA1MTAzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGI0Y2U3MzMwYjMxNzM4OWM0ZTJhZDc4YmFlOWRkNjI4MWE2MTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzeDsU3fcj9Dto7U/0IntzruRj4E
kBBJInEwkxT2o6riO8z1IKlK1MsSXk3Sy6mFROiWJvC9boYFnzJcLZEOWSvtFzOs
WnTsWkzZbdvOL2hw+IiRdri8VLlllHi011Laj0l38acUAsWGhA3iLMrf6awvRtYT
n2K6OvWn2dK/Y/SDhdU4/erM+R5mBcLKXdEBOyoA6tBa29IdEfr//NgtcTn7Kg1p
UtsOD+pYLma6PDfFUjovkPDDnMnqOVitSnLw5GaFdvnuzJHnDJvhR9nqdA0EmIxy
yVONaebWmmwNxLtn1vbVVdmsyEX5uhN9Zy1jrQiwbuBrpBhFvj3UKBzO9QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMi0znMwsxc4nE4q14uundYoGmFDMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEveUxUT2N6Q3pGemljVGlyWGk2NmQxaWdhWVVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAowVqAwQA
owVzAwQBowV2AwQAowV5AwQAowWZAwQAowWfAwQAowWoAwQAowXUAwQAowXXAwQA
owXcAwQAowXhAwQAowXlMA0GCSqGSIb3DQEBCwUAA4IBAQCMStkLRZcpYVledmJq
1x6uT1A38eh5f6F0zk8VtoCgkfTuny61LHg7JHjI2SAUK/Y11jeKDSQYkfXPXRvC
qd6L5c5Zpwct7C+3BMP1dHgYi/ngkgxxbfLSzMlhmSoqn66ecQuq1ea5maW5vdDQ
tu34RCA7KPQYSRa4KikmBTk+VwwRnm5AUbXxHYzZofoJTbft7fA0fu4nTkSgIDWL
YOMODERQbJrGmwm6qaalmdk2rc5yo6Z6caw64bRFq5teyFNyF8tN25HWO44/UDIj
NHCIdc070wyH67wP+nr11w4DDdfBf+2tizKu2fPYudcqdBfg6rgIE/2r92D6eSLu
WO8p
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:08 2024 by rpki-client on console-fra.rpki-client.org