Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/02gl1BwcPlD_4Vp-vWgkYEwLLss.roa
File:                     02gl1BwcPlD_4Vp-vWgkYEwLLss.roa (raw, json)
Hash identifier:          fzo390v6JQ50IK1uX4vpT0GmblhxGfQzgFI815mjPAg=
Subject key identifier:   D3:68:25:D4:1C:1C:3E:50:FF:E1:5A:7E:BD:68:24:60:4C:0B:2E:CB
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018AED39280054CE3D40C11350F9EE964BF1
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/02gl1BwcPlD_4Vp-vWgkYEwLLss.roa
Signing time:             Sun 01 Oct 2023 21:51:00 +0000
ROA not before:           Sun 01 Oct 2023 21:51:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        163.5.231.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.235.0/24 maxlen: 24
                          163.5.242.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.249.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.251.0/24 maxlen: 24
                          163.5.247.0/24 maxlen: 24
                          163.5.252.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24
                          163.5.255.0/24 maxlen: 24
                          163.5.66.0/24 maxlen: 24
                          163.5.71.0/24 maxlen: 24
                          163.5.78.0/24 maxlen: 24
                          163.5.83.0/24 maxlen: 24
                          163.5.79.0/24 maxlen: 24
                          163.5.89.0/24 maxlen: 24
                          163.5.86.0/24 maxlen: 24
                          163.5.87.0/24 maxlen: 24
                          163.5.97.0/24 maxlen: 24
                          163.5.94.0/24 maxlen: 24
                          163.5.95.0/24 maxlen: 24
                          163.5.104.0/24 maxlen: 24
                          163.5.105.0/24 maxlen: 24
                          163.5.99.0/24 maxlen: 24
                          163.5.100.0/24 maxlen: 24
                          163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.106.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.114.0/24 maxlen: 24
                          163.5.30.0/24 maxlen: 24
                          163.5.33.0/24 maxlen: 24
                          163.5.35.0/24 maxlen: 24
                          163.5.36.0/24 maxlen: 24
                          163.5.58.0/24 maxlen: 24
                          163.5.64.0/24 maxlen: 24
                          163.5.62.0/24 maxlen: 24
                          163.5.179.0/24 maxlen: 24
                          163.5.176.0/24 maxlen: 24
                          163.5.178.0/24 maxlen: 24
                          163.5.175.0/24 maxlen: 24
                          163.5.181.0/24 maxlen: 24
                          163.5.182.0/24 maxlen: 24
                          163.5.186.0/24 maxlen: 24
                          163.5.188.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.191.0/24 maxlen: 24
                          163.5.195.0/24 maxlen: 24
                          163.5.198.0/24 maxlen: 24
                          163.5.204.0/24 maxlen: 24
                          163.5.205.0/24 maxlen: 24
                          163.5.201.0/24 maxlen: 24
                          163.5.203.0/24 maxlen: 24
                          163.5.212.0/24 maxlen: 24
                          163.5.213.0/24 maxlen: 24
                          163.5.216.0/24 maxlen: 24
                          163.5.217.0/24 maxlen: 24
                          163.5.218.0/24 maxlen: 24
                          163.5.219.0/24 maxlen: 24
                          163.5.220.0/24 maxlen: 24
                          163.5.224.0/24 maxlen: 24
                          163.5.120.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.122.0/24 maxlen: 24
                          163.5.123.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.128.0/24 maxlen: 24
                          163.5.138.0/24 maxlen: 24
                          163.5.139.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.141.0/24 maxlen: 24
                          163.5.142.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.151.0/24 maxlen: 24
                          163.5.148.0/24 maxlen: 24
                          163.5.150.0/24 maxlen: 24
                          163.5.146.0/24 maxlen: 24
                          163.5.156.0/24 maxlen: 24
                          163.5.165.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24
                          163.5.161.0/24 maxlen: 24
                          163.5.167.0/24 maxlen: 24
                          163.5.172.0/24 maxlen: 24
                          163.5.170.0/24 maxlen: 24
                          163.5.171.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 02 Oct 2023 08:45:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:ed:39:28:00:54:ce:3d:40:c1:13:50:f9:ee:96:4b:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Oct  1 21:51:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d36825d41c1c3e50ffe15a7ebd6824604c0b2ecb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:ba:56:24:5b:b8:1c:08:3a:af:97:64:c1:ad:
                    cb:a6:9f:91:61:8e:c4:ce:f2:81:af:23:4a:30:81:
                    de:15:20:8f:7e:f6:97:ec:f8:66:7f:7f:dc:11:1d:
                    f3:af:36:8a:96:d4:88:88:6f:5c:07:b3:55:4b:b8:
                    a8:8c:76:c8:9d:de:78:6c:e7:04:b6:ab:cf:1c:1f:
                    d1:61:d9:d4:cf:df:fc:c2:72:f4:d3:f0:06:d3:08:
                    ae:72:23:bf:ea:f9:c7:57:a3:5e:36:33:52:a7:fc:
                    70:47:fa:76:2c:a9:18:7c:e4:58:06:a2:b4:cd:f3:
                    85:91:08:f0:ac:e7:4d:3c:51:58:78:50:c5:79:66:
                    c9:b9:26:b3:bc:75:69:ae:7c:4b:2e:b0:a5:5f:a8:
                    27:cf:6f:0b:32:57:8f:0f:8c:b5:d0:13:f3:31:9e:
                    b0:bf:a3:4f:56:52:4e:c9:f7:2e:f5:28:95:21:e1:
                    b2:67:13:8c:3a:f9:58:87:73:a9:5e:af:dc:01:66:
                    f7:21:99:cb:cd:db:55:47:03:03:be:b1:d2:41:e2:
                    de:69:3f:b3:13:21:e9:09:71:c1:5d:0a:4d:79:7f:
                    7e:93:7d:1b:25:89:9f:16:0d:a5:20:48:d1:18:47:
                    cb:f2:49:5d:f2:8b:07:27:cc:e0:26:49:fd:ba:b7:
                    1a:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:68:25:D4:1C:1C:3E:50:FF:E1:5A:7E:BD:68:24:60:4C:0B:2E:CB
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/02gl1BwcPlD_4Vp-vWgkYEwLLss.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.30.0/24
                  163.5.33.0/24
                  163.5.35.0-163.5.36.255
                  163.5.58.0/24
                  163.5.62.0/24
                  163.5.64.0/24
                  163.5.66.0/24
                  163.5.71.0/24
                  163.5.78.0/23
                  163.5.83.0/24
                  163.5.86.0/23
                  163.5.89.0/24
                  163.5.94.0/23
                  163.5.97.0/24
                  163.5.99.0-163.5.100.255
                  163.5.104.0-163.5.106.255
                  163.5.110.0-163.5.114.255
                  163.5.120.0/22
                  163.5.126.0/24
                  163.5.128.0/24
                  163.5.134.0/24
                  163.5.138.0/23
                  163.5.141.0-163.5.143.255
                  163.5.146.0/24
                  163.5.148.0/24
                  163.5.150.0/23
                  163.5.156.0/24
                  163.5.160.0/23
                  163.5.165.0/24
                  163.5.167.0/24
                  163.5.170.0-163.5.172.255
                  163.5.175.0-163.5.176.255
                  163.5.178.0/23
                  163.5.181.0-163.5.182.255
                  163.5.186.0/24
                  163.5.188.0/23
                  163.5.191.0/24
                  163.5.195.0/24
                  163.5.198.0/24
                  163.5.201.0/24
                  163.5.203.0-163.5.205.255
                  163.5.212.0/23
                  163.5.216.0-163.5.220.255
                  163.5.224.0/24
                  163.5.228.0/24
                  163.5.231.0/24
                  163.5.235.0/24
                  163.5.241.0-163.5.242.255
                  163.5.247.0/24
                  163.5.249.0-163.5.253.255
                  163.5.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:b5:e7:09:63:de:b3:53:55:07:04:2f:01:bc:6a:ee:9a:d4:
         b8:13:0e:22:09:f3:6e:f6:75:62:14:1c:ae:90:a1:5a:4d:9d:
         c1:20:0f:1b:36:9f:4c:39:d1:c7:3c:ac:fd:29:d6:e7:9a:2f:
         5c:e2:e1:38:3c:9c:aa:d9:32:b3:6a:b5:75:41:55:ea:9a:80:
         7a:58:8e:1a:b9:0c:24:09:8e:00:93:2f:bf:9d:55:05:65:16:
         2e:14:c9:59:90:85:4d:7d:f6:51:b5:99:0c:c8:0f:47:45:15:
         e7:90:26:6b:23:1f:13:57:9c:0e:6d:c2:a7:c2:f8:91:56:2b:
         3d:d8:5d:7f:93:82:9c:7d:57:64:96:68:8b:4d:b3:80:62:1a:
         8d:66:cb:c3:65:ed:bb:69:2c:4c:74:83:81:77:d3:60:72:d4:
         5e:16:e7:cb:a5:57:b0:4a:f1:92:50:ce:80:ef:1c:15:d9:13:
         87:bb:05:bc:90:df:ff:4f:6f:39:9a:6d:ad:6f:2d:09:b8:8a:
         1b:a2:35:69:fe:63:2b:68:d0:df:9c:3c:12:24:f8:8e:52:14:
         f3:06:ed:ce:5e:48:89:ae:f9:ad:1a:e6:c0:85:c7:1b:f0:c0:
         8e:b2:b0:cb:31:0a:f1:52:5d:25:c3:e9:6a:a1:15:0f:da:8a:
         8f:5b:84:66
-----BEGIN CERTIFICATE-----
MIIGkzCCBXugAwIBAgISAYrtOSgAVM49QMETUPnulkvxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMDAxMjE1MTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzY4MjVkNDFjMWMzZTUwZmZlMTVhN2ViZDY4MjQ2MDRjMGIyZWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbpWJFu4HAg6r5dkwa3Lpp+RYY7E
zvKBryNKMIHeFSCPfvaX7Phmf3/cER3zrzaKltSIiG9cB7NVS7iojHbInd54bOcE
tqvPHB/RYdnUz9/8wnL00/AG0wiuciO/6vnHV6NeNjNSp/xwR/p2LKkYfORYBqK0
zfOFkQjwrOdNPFFYeFDFeWbJuSazvHVprnxLLrClX6gnz28LMlePD4y10BPzMZ6w
v6NPVlJOyfcu9SiVIeGyZxOMOvlYh3OpXq/cAWb3IZnLzdtVRwMDvrHSQeLeaT+z
EyHpCXHBXQpNeX9+k30bJYmfFg2lIEjRGEfL8kld8osHJ8zgJkn9urca0QIDAQAB
o4IDnzCCA5swHQYDVR0OBBYEFNNoJdQcHD5Q/+Fafr1oJGBMCy7LMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMDJnbDFCd2NQbERfNFZwLXZXZ2tZRXdMTHNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBswYIKwYBBQUHAQcBAf8EggGiMIIBnjCCAZoEAgABMIIB
kgMEAKMFHgMEAKMFITAMAwQAowUjAwQAowUkAwQAowU6AwQAowU+AwQAowVAAwQA
owVCAwQAowVHAwQBowVOAwQAowVTAwQBowVWAwQAowVZAwQBowVeAwQAowVhMAwD
BACjBWMDBACjBWQwDAMEA6MFaAMEAKMFajAMAwQBowVuAwQAowVyAwQCowV4AwQA
owV+AwQAowWAAwQAowWGAwQBowWKMAwDBACjBY0DBASjBYADBACjBZIDBACjBZQD
BAGjBZYDBACjBZwDBAGjBaADBACjBaUDBACjBacwDAMEAaMFqgMEAKMFrDAMAwQA
owWvAwQAowWwAwQBowWyMAwDBACjBbUDBACjBbYDBACjBboDBAGjBbwDBACjBb8D
BACjBcMDBACjBcYDBACjBckwDAMEAKMFywMEAaMFzAMEAaMF1DAMAwQDowXYAwQA
owXcAwQAowXgAwQAowXkAwQAowXnAwQAowXrMAwDBACjBfEDBACjBfIDBACjBfcw
DAMEAKMF+QMEAaMF/AMEAKMF/zANBgkqhkiG9w0BAQsFAAOCAQEAPLXnCWPes1NV
BwQvAbxq7prUuBMOIgnzbvZ1YhQcrpChWk2dwSAPGzafTDnRxzys/SnW55ovXOLh
ODycqtkys2q1dUFV6pqAeliOGrkMJAmOAJMvv51VBWUWLhTJWZCFTX32UbWZDMgP
R0UV55AmayMfE1ecDm3Cp8L4kVYrPdhdf5OCnH1XZJZoi02zgGIajWbLw2Xtu2ks
THSDgXfTYHLUXhbny6VXsErxklDOgO8cFdkTh7sFvJDf/09vOZptrW8tCbiKG6I1
af5jK2jQ35w8EiT4jlIU8wbtzl5Iia75rRrmwIXHG/DAjrKwyzEK8VJdJcPpaqEV
D9qKj1uEZg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:27 2024 by rpki-client on console-ams.rpki-client.org