Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/yZQ2NaTpn9AWtER_XN3r9lcoQ7Q.roa
File:                     yZQ2NaTpn9AWtER_XN3r9lcoQ7Q.roa (raw, json)
Hash identifier:          R/GncMu9osLeImaqAOiBrwJGtNjqbq25zjaI2zqIhY0=
Subject key identifier:   C9:94:36:35:A4:E9:9F:D0:16:B4:44:7F:5C:DD:EB:F6:57:28:43:B4
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018801007E05B5CFC16D9361E4BC4A986A13
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/yZQ2NaTpn9AWtER_XN3r9lcoQ7Q.roa
Signing time:             Tue 09 May 2023 14:53:09 +0000
ROA not before:           Tue 09 May 2023 14:53:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        163.5.71.0/24 maxlen: 24
                          163.5.93.0/24 maxlen: 24
                          163.5.101.0/24 maxlen: 24
                          163.5.108.0/24 maxlen: 24
                          163.5.116.0/24 maxlen: 24
                          163.5.229.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.238.0/24 maxlen: 24
                          163.5.246.0/24 maxlen: 24
                          163.5.60.0/24 maxlen: 24
                          163.5.174.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.192.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 11 May 2023 20:26:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:01:00:7e:05:b5:cf:c1:6d:93:61:e4:bc:4a:98:6a:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: May  9 14:53:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c9943635a4e99fd016b4447f5cddebf6572843b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:fe:fd:30:0c:e1:29:43:3d:52:8f:51:cf:83:
                    b7:b7:2c:f8:c7:75:12:ee:23:75:c1:38:c4:b7:1f:
                    6a:ed:d6:3a:86:9b:f1:79:8b:c8:a0:1e:c5:bb:b7:
                    14:e8:9f:fe:57:93:a2:68:59:26:a3:ab:06:c4:df:
                    e3:4e:29:96:ee:86:e0:81:b4:7c:52:f3:ee:52:82:
                    6d:1e:aa:66:52:6d:57:ab:d5:9a:44:d9:ea:ca:5f:
                    8e:07:3f:74:8f:18:b5:4e:6c:33:6e:85:66:1d:bf:
                    65:e9:89:77:f1:05:e1:0c:d9:e6:63:4f:57:12:57:
                    31:e5:ca:5c:d1:ce:1a:dd:75:b1:ed:16:16:3d:10:
                    b0:90:ee:ca:42:97:f1:aa:b2:df:8d:9b:35:0e:08:
                    1b:f7:97:d6:8a:15:1a:77:a7:12:fb:de:23:20:a6:
                    79:5c:a5:88:d2:5f:20:ec:d2:8b:72:87:e8:30:b2:
                    93:0c:b1:dd:d4:a1:3f:b5:bb:1c:34:81:af:c1:2c:
                    5a:1f:70:c7:47:66:95:c7:1f:dc:3d:1f:f3:98:36:
                    56:ac:d8:a0:f1:09:78:51:6f:93:b6:ff:7e:e8:6b:
                    36:03:dd:cc:af:d0:bf:b2:03:0e:3e:ba:1b:d4:1d:
                    78:e6:36:37:10:dd:88:cf:f1:d1:ac:06:19:c9:bb:
                    ea:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:94:36:35:A4:E9:9F:D0:16:B4:44:7F:5C:DD:EB:F6:57:28:43:B4
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/yZQ2NaTpn9AWtER_XN3r9lcoQ7Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.60.0/24
                  163.5.71.0/24
                  163.5.93.0/24
                  163.5.101.0/24
                  163.5.108.0/24
                  163.5.116.0/24
                  163.5.134.0/24
                  163.5.174.0/24
                  163.5.189.0/24
                  163.5.192.0/24
                  163.5.228.0/23
                  163.5.238.0/24
                  163.5.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:c6:00:7c:7f:16:5b:8b:f1:1a:d1:06:71:d6:bc:fb:26:09:
         ce:4f:22:10:9b:9b:43:d0:0a:35:66:63:ce:85:4f:5a:38:f1:
         5b:b9:de:61:22:fb:4c:43:dd:24:e0:75:e7:89:3c:58:86:e5:
         f5:67:1b:af:b3:58:b2:d5:6f:58:7e:17:0b:21:67:fa:64:1e:
         86:44:e6:ae:6b:fd:d6:8a:3d:3b:b2:fe:1c:be:e4:f9:58:1f:
         0e:4f:ff:eb:0e:25:7d:bc:56:7e:55:f2:ef:d3:0e:85:06:ab:
         d1:cb:2c:f6:11:8d:88:a6:a3:4c:7d:69:1a:32:4b:4a:69:5f:
         5d:15:b8:7d:b6:62:d1:26:92:97:b3:fe:a4:ad:44:4d:91:28:
         7e:35:b7:54:a3:b2:eb:1a:a2:89:f9:30:e7:f5:aa:ff:38:00:
         da:3f:fe:f9:9c:62:e5:3a:56:32:80:1a:a5:7a:25:2b:5c:83:
         a3:cb:45:3f:35:cb:80:a7:f1:70:4d:b8:01:36:79:a4:9c:90:
         81:09:51:36:fc:58:1e:3c:44:e5:0e:e3:07:72:5c:a1:21:d9:
         00:ca:aa:fc:28:de:64:b6:07:04:ef:d5:a9:05:89:29:d1:45:
         7d:bc:0b:89:dc:79:47:b6:81:6a:06:36:b1:9e:76:d5:c4:31:
         79:ed:69:58
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYgBAH4Ftc/BbZNh5LxKmGoTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNTA5MTQ1MzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTk0MzYzNWE0ZTk5ZmQwMTZiNDQ0N2Y1Y2RkZWJmNjU3Mjg0M2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/79MAzhKUM9Uo9Rz4O3tyz4x3US
7iN1wTjEtx9q7dY6hpvxeYvIoB7Fu7cU6J/+V5OiaFkmo6sGxN/jTimW7obggbR8
UvPuUoJtHqpmUm1Xq9WaRNnqyl+OBz90jxi1TmwzboVmHb9l6Yl38QXhDNnmY09X
Elcx5cpc0c4a3XWx7RYWPRCwkO7KQpfxqrLfjZs1Dggb95fWihUad6cS+94jIKZ5
XKWI0l8g7NKLcofoMLKTDLHd1KE/tbscNIGvwSxaH3DHR2aVxx/cPR/zmDZWrNig
8Ql4UW+Ttv9+6Gs2A93Mr9C/sgMOProb1B145jY3EN2Iz/HRrAYZybvqUQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFMmUNjWk6Z/QFrREf1zd6/ZXKEO0MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEveVpRMk5hVHBuOUFXdEVSX1hOM3I5bGNvUTdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAowU8AwQA
owVHAwQAowVdAwQAowVlAwQAowVsAwQAowV0AwQAowWGAwQAowWuAwQAowW9AwQA
owXAAwQBowXkAwQAowXuAwQAowX2MA0GCSqGSIb3DQEBCwUAA4IBAQAGxgB8fxZb
i/Ea0QZx1rz7JgnOTyIQm5tD0Ao1ZmPOhU9aOPFbud5hIvtMQ90k4HXniTxYhuX1
Zxuvs1iy1W9YfhcLIWf6ZB6GROaua/3Wij07sv4cvuT5WB8OT//rDiV9vFZ+VfLv
0w6FBqvRyyz2EY2IpqNMfWkaMktKaV9dFbh9tmLRJpKXs/6krURNkSh+NbdUo7Lr
GqKJ+TDn9ar/OADaP/75nGLlOlYygBqleiUrXIOjy0U/NcuAp/FwTbgBNnmknJCB
CVE2/FgePETlDuMHclyhIdkAyqr8KN5ktgcE79WpBYkp0UV9vAuJ3HlHtoFqBjax
nnbVxDF57WlY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:09 2024 by rpki-client on console-fra.rpki-client.org