Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GOa8eytbke3EopAYk5AhJZlkxzI.roa
File:                     GOa8eytbke3EopAYk5AhJZlkxzI.roa (raw, json)
Hash identifier:          jiKwD8kek0+YKSoSSBRlOBNZyKuCX54I3zkBMhzQ0HI=
Subject key identifier:   18:E6:BC:7B:2B:5B:91:ED:C4:A2:90:18:93:90:21:25:99:64:C7:32
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018F254AFE4C7E7DC948D882DAE91E3CD83C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GOa8eytbke3EopAYk5AhJZlkxzI.roa
Signing time:             Sun 28 Apr 2024 15:20:22 +0000
ROA not before:           Sun 28 Apr 2024 15:20:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        163.5.30.0/24 maxlen: 24
                          163.5.89.0/24 maxlen: 24
                          163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.124.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.128.0/24 maxlen: 24
                          163.5.129.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.136.0/24 maxlen: 24
                          163.5.139.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.146.0/24 maxlen: 24
                          163.5.151.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24
                          163.5.163.0/24 maxlen: 24
                          163.5.167.0/24 maxlen: 24
                          163.5.171.0/24 maxlen: 24
                          163.5.178.0/24 maxlen: 24
                          163.5.182.0/24 maxlen: 24
                          163.5.188.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.191.0/24 maxlen: 24
                          163.5.201.0/24 maxlen: 24
                          163.5.203.0/24 maxlen: 24
                          163.5.204.0/24 maxlen: 24
                          163.5.205.0/24 maxlen: 24
                          163.5.218.0/24 maxlen: 24
                          163.5.224.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 Apr 2024 08:54:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:25:4a:fe:4c:7e:7d:c9:48:d8:82:da:e9:1e:3c:d8:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Apr 28 15:20:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=18e6bc7b2b5b91edc4a29018939021259964c732
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:c5:2e:9c:e1:40:c4:c9:e2:42:c2:28:fd:58:
                    50:1c:69:83:8c:23:ee:20:21:a4:03:98:94:82:02:
                    b3:44:2a:d5:95:bc:6d:e5:a6:ed:27:e5:98:c4:93:
                    15:a1:58:d7:4a:66:14:9b:f4:53:bc:4c:22:1c:d7:
                    b1:81:6e:92:6d:b9:7b:7a:17:97:87:83:49:f7:9d:
                    f0:02:a6:6c:35:c8:f5:ef:51:3d:40:cf:11:5b:46:
                    8c:c4:5a:ee:61:d8:d2:31:76:3d:e9:ca:93:e2:28:
                    7e:4e:20:d2:b0:22:2a:5a:ff:3c:66:cd:28:62:6a:
                    da:18:c4:02:9e:a9:af:6a:c3:f0:90:a0:ba:c2:be:
                    66:47:c2:a0:68:24:65:e7:b4:5a:e8:48:13:ce:02:
                    3a:b5:c9:ed:f3:81:5e:8e:9a:85:49:ec:03:57:f8:
                    34:86:c7:37:ec:05:8c:59:ea:af:1d:29:59:73:b9:
                    69:23:b8:f1:59:41:8d:66:80:4d:bf:b7:81:fc:74:
                    c0:d6:01:4a:9b:ee:9d:6a:c1:80:77:e0:d8:73:89:
                    b1:53:0c:23:29:bb:3f:1a:17:82:de:36:8d:86:4c:
                    d9:01:a8:96:06:f1:04:71:0a:a9:2e:b1:cd:f4:56:
                    77:e9:5c:ab:16:db:37:48:36:f5:77:2a:79:32:54:
                    7f:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:E6:BC:7B:2B:5B:91:ED:C4:A2:90:18:93:90:21:25:99:64:C7:32
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GOa8eytbke3EopAYk5AhJZlkxzI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.30.0/24
                  163.5.89.0/24
                  163.5.110.0-163.5.113.255
                  163.5.121.0/24
                  163.5.124.0/24
                  163.5.126.0/24
                  163.5.128.0/23
                  163.5.134.0/24
                  163.5.136.0/24
                  163.5.139.0/24
                  163.5.143.0/24
                  163.5.146.0/24
                  163.5.151.0/24
                  163.5.160.0/24
                  163.5.163.0/24
                  163.5.167.0/24
                  163.5.171.0/24
                  163.5.178.0/24
                  163.5.182.0/24
                  163.5.188.0/23
                  163.5.191.0/24
                  163.5.201.0/24
                  163.5.203.0-163.5.205.255
                  163.5.218.0/24
                  163.5.224.0/24
                  163.5.228.0/24
                  163.5.241.0/24
                  163.5.250.0/24
                  163.5.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:9c:6b:ce:f4:b4:79:eb:66:d7:ad:0e:63:66:6e:2b:1c:12:
         2f:85:de:9a:70:b2:56:38:fe:66:47:52:f8:0b:a7:72:ca:dd:
         ae:04:00:88:57:58:21:fc:87:b0:25:56:b0:44:a2:e3:c8:02:
         8d:07:f2:33:6f:4c:bc:41:65:46:47:7b:46:95:48:6c:5d:07:
         2a:27:f7:b8:b1:0d:9f:e9:d5:b7:b3:c8:81:8a:84:8d:96:67:
         7e:80:0d:62:be:96:58:4a:13:c2:f9:5e:be:83:9a:51:26:d1:
         e6:8e:ff:f7:d3:ca:ba:e5:bf:c9:91:30:85:95:a4:7a:98:e8:
         0f:7d:88:6d:c7:4e:8b:fb:b4:b2:0f:cd:52:68:42:87:7a:78:
         6c:67:f1:b6:74:9e:7b:56:5c:f2:fc:03:b6:f2:a2:54:a9:56:
         80:54:7e:46:c4:77:c2:ca:50:b5:d0:13:f0:b9:3e:5d:4a:09:
         07:8e:7d:76:27:9a:07:ba:67:c7:57:07:3f:5e:c6:a0:a7:1e:
         d7:d3:73:be:0b:e5:d1:35:8d:56:c8:60:fc:9d:86:ac:58:76:
         62:51:d7:57:5b:bb:42:04:5a:fb:80:c1:1b:50:d4:07:b7:3f:
         ca:7f:3f:0b:0c:d3:52:48:a5:0f:b0:1a:14:61:b8:4e:d9:5c:
         5e:1d:3f:6f
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAY8lSv5Mfn3JSNiC2ukePNg8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNDI4MTUyMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGU2YmM3YjJiNWI5MWVkYzRhMjkwMTg5MzkwMjEyNTk5NjRjNzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8UunOFAxMniQsIo/VhQHGmDjCPu
ICGkA5iUggKzRCrVlbxt5abtJ+WYxJMVoVjXSmYUm/RTvEwiHNexgW6Sbbl7eheX
h4NJ953wAqZsNcj171E9QM8RW0aMxFruYdjSMXY96cqT4ih+TiDSsCIqWv88Zs0o
YmraGMQCnqmvasPwkKC6wr5mR8KgaCRl57Ra6EgTzgI6tcnt84FejpqFSewDV/g0
hsc37AWMWeqvHSlZc7lpI7jxWUGNZoBNv7eB/HTA1gFKm+6dasGAd+DYc4mxUwwj
Kbs/GheC3jaNhkzZAaiWBvEEcQqpLrHN9FZ36VyrFts3SDb1dyp5MlR/8wIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFBjmvHsrW5HtxKKQGJOQISWZZMcyMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvR09hOGV5dGJrZTNFb3BBWWs1QWhKWmxreHpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBxQQCAAEwgb4DBACj
BR4DBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeQMEAKMFfAMEAKMFfgMEAaMFgAME
AKMFhgMEAKMFiAMEAKMFiwMEAKMFjwMEAKMFkgMEAKMFlwMEAKMFoAMEAKMFowME
AKMFpwMEAKMFqwMEAKMFsgMEAKMFtgMEAaMFvAMEAKMFvwMEAKMFyTAMAwQAowXL
AwQBowXMAwQAowXaAwQAowXgAwQAowXkAwQAowXxAwQAowX6AwQAowX9MA0GCSqG
SIb3DQEBCwUAA4IBAQBNnGvO9LR562bXrQ5jZm4rHBIvhd6acLJWOP5mR1L4C6dy
yt2uBACIV1gh/IewJVawRKLjyAKNB/Izb0y8QWVGR3tGlUhsXQcqJ/e4sQ2f6dW3
s8iBioSNlmd+gA1ivpZYShPC+V6+g5pRJtHmjv/308q65b/JkTCFlaR6mOgPfYht
x06L+7SyD81SaEKHenhsZ/G2dJ57Vlzy/AO28qJUqVaAVH5GxHfCylC10BPwuT5d
SgkHjn12J5oHumfHVwc/Xsagpx7X03O+C+XRNY1WyGD8nYasWHZiUddXW7tCBFr7
gMEbUNQHtz/Kfz8LDNNSSKUPsBoUYbhO2VxeHT9v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:04 2024 by rpki-client on console-fra.rpki-client.org