Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-6bsrNfVNgPlU2sNRxfFBMSbtfg.roa
File:                     1-6bsrNfVNgPlU2sNRxfFBMSbtfg.roa (raw, json)
Hash identifier:          hoy5ar0oUbpPsdfW80va/3kcfy04sBNYsPPN1tCAdG0=
Subject key identifier:   FB:A6:EC:AC:D7:D5:36:03:E5:53:6B:0D:47:17:C5:04:C4:9B:B5:F8
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018EE86E998E2CE471EB13E163B32260A20B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-6bsrNfVNgPlU2sNRxfFBMSbtfg.roa
Signing time:             Tue 16 Apr 2024 19:42:26 +0000
ROA not before:           Tue 16 Apr 2024 19:42:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        163.5.30.0/24 maxlen: 24
                          163.5.89.0/24 maxlen: 24
                          163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.124.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.128.0/24 maxlen: 24
                          163.5.129.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.136.0/24 maxlen: 24
                          163.5.139.0/24 maxlen: 24
                          163.5.140.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.144.0/24 maxlen: 24
                          163.5.146.0/24 maxlen: 24
                          163.5.148.0/24 maxlen: 24
                          163.5.151.0/24 maxlen: 24
                          163.5.154.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24
                          163.5.162.0/24 maxlen: 24
                          163.5.163.0/24 maxlen: 24
                          163.5.167.0/24 maxlen: 24
                          163.5.171.0/24 maxlen: 24
                          163.5.178.0/24 maxlen: 24
                          163.5.182.0/24 maxlen: 24
                          163.5.188.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.191.0/24 maxlen: 24
                          163.5.201.0/24 maxlen: 24
                          163.5.203.0/24 maxlen: 24
                          163.5.204.0/24 maxlen: 24
                          163.5.205.0/24 maxlen: 24
                          163.5.211.0/24 maxlen: 24
                          163.5.218.0/24 maxlen: 24
                          163.5.224.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 17 Apr 2024 16:13:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:e8:6e:99:8e:2c:e4:71:eb:13:e1:63:b3:22:60:a2:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Apr 16 19:42:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fba6ecacd7d53603e5536b0d4717c504c49bb5f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:ac:e3:7c:03:ad:bb:c0:7a:68:74:cf:98:b0:
                    8d:92:e2:f0:37:6b:57:e4:57:fe:91:c5:fe:6f:e3:
                    c8:c8:03:c5:5a:9c:1a:1c:bf:99:61:ae:9e:0e:ec:
                    8a:c1:f1:7a:b5:62:33:f9:d3:f2:c1:b7:8a:1b:1d:
                    d7:ff:ac:cd:13:cc:1f:88:54:6c:db:59:7e:c8:df:
                    c3:af:f6:50:23:66:25:cc:de:72:6a:5c:82:df:7c:
                    9e:64:d4:a9:a2:1d:53:b8:c0:67:0f:5b:13:db:06:
                    10:66:9e:1b:80:cd:5a:23:3a:32:4e:72:62:b6:69:
                    76:fc:7e:59:fd:37:3c:f7:8d:aa:18:8f:a9:f6:d5:
                    34:e0:3e:02:74:1a:18:2e:bf:a1:7d:2f:88:9a:f7:
                    7d:d0:c6:dc:5c:39:08:a9:14:02:e6:19:32:42:fa:
                    58:18:5b:1a:8b:31:fd:e0:28:fa:40:a2:32:58:4f:
                    ad:1a:e5:1c:41:5f:f6:90:18:7f:f9:b2:34:a0:5b:
                    7a:6f:0a:5c:15:48:48:37:57:8c:c3:d5:22:53:a3:
                    c1:8c:0b:1e:e9:bf:be:a5:00:fa:34:99:e7:ca:10:
                    05:19:e4:e7:03:97:74:ca:0d:b3:1d:aa:5a:2f:0a:
                    c6:c5:27:06:84:e7:95:44:5c:69:fe:22:7a:00:f0:
                    3e:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:A6:EC:AC:D7:D5:36:03:E5:53:6B:0D:47:17:C5:04:C4:9B:B5:F8
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-6bsrNfVNgPlU2sNRxfFBMSbtfg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.30.0/24
                  163.5.89.0/24
                  163.5.110.0-163.5.113.255
                  163.5.121.0/24
                  163.5.124.0/24
                  163.5.126.0/24
                  163.5.128.0/23
                  163.5.134.0/24
                  163.5.136.0/24
                  163.5.139.0-163.5.140.255
                  163.5.143.0-163.5.144.255
                  163.5.146.0/24
                  163.5.148.0/24
                  163.5.151.0/24
                  163.5.154.0/24
                  163.5.160.0/24
                  163.5.162.0/23
                  163.5.167.0/24
                  163.5.171.0/24
                  163.5.178.0/24
                  163.5.182.0/24
                  163.5.188.0/23
                  163.5.191.0/24
                  163.5.201.0/24
                  163.5.203.0-163.5.205.255
                  163.5.211.0/24
                  163.5.218.0/24
                  163.5.224.0/24
                  163.5.228.0/24
                  163.5.241.0/24
                  163.5.250.0/24
                  163.5.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:52:22:e5:18:31:10:a1:0d:16:f2:19:ae:4b:f3:1e:74:a5:
         32:eb:49:57:87:09:ac:d7:9d:35:b5:48:eb:bb:a8:a5:c4:fc:
         0b:ef:cd:99:93:e7:e8:e3:d5:f4:31:14:0b:a5:9d:1d:20:6d:
         4a:a9:d4:ea:11:23:92:80:85:4d:67:0b:ae:9e:12:e3:58:0a:
         4a:44:28:09:7d:63:ad:d0:c3:8a:fd:6c:d5:be:90:5a:59:a9:
         4b:85:b3:1f:d2:df:66:04:fb:75:b5:bd:e5:14:f3:af:48:10:
         18:fc:18:0d:4d:6a:bc:54:65:37:97:a9:08:c7:10:09:57:0b:
         52:39:b5:71:90:2d:12:b2:d4:e3:44:c4:2a:a9:e4:d6:d9:84:
         c3:69:7b:72:94:87:62:aa:0f:74:97:96:27:c3:d4:ca:ae:c3:
         df:be:86:7b:41:e7:21:48:28:4e:89:69:bb:04:54:eb:67:de:
         ec:f6:65:76:90:bd:17:22:c1:4e:f9:43:b0:8a:9a:be:af:ba:
         ed:0f:ad:de:70:03:c0:91:b9:dc:f8:f3:d1:33:2c:28:6a:5e:
         fe:28:fd:d6:46:62:72:bf:e8:03:55:d7:ec:de:8a:7e:23:33:
         c5:87:c1:37:eb:0d:a5:7c:1f:79:ac:99:40:c5:ff:a6:59:cc:
         9c:5e:b6:cf
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgISAY7obpmOLORx6xPhY7MiYKILMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNDE2MTk0MjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmE2ZWNhY2Q3ZDUzNjAzZTU1MzZiMGQ0NzE3YzUwNGM0OWJiNWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqzjfAOtu8B6aHTPmLCNkuLwN2tX
5Ff+kcX+b+PIyAPFWpwaHL+ZYa6eDuyKwfF6tWIz+dPywbeKGx3X/6zNE8wfiFRs
21l+yN/Dr/ZQI2YlzN5yalyC33yeZNSpoh1TuMBnD1sT2wYQZp4bgM1aIzoyTnJi
tml2/H5Z/Tc8942qGI+p9tU04D4CdBoYLr+hfS+Imvd90MbcXDkIqRQC5hkyQvpY
GFsaizH94Cj6QKIyWE+tGuUcQV/2kBh/+bI0oFt6bwpcFUhIN1eMw9UiU6PBjAse
6b++pQD6NJnnyhAFGeTnA5d0yg2zHapaLwrGxScGhOeVRFxp/iJ6APA+7QIDAQAB
o4IC6TCCAuUwHQYDVR0OBBYEFPum7KzX1TYD5VNrDUcXxQTEm7X4MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMS02YnNyTmZWTmdQbFUyc05SeGZGQk1TYnRmZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTMvZDAyZGZiLTk2NzMtNDlhOC05NzFjLTlmZTk0MTA4ZmYw
MS8xL0RPaFJ0dDFkTms3aG5nczRJQnMtamZKaVM4cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB/QYIKwYBBQUHAQcBAf8Ege0wgeowgecEAgABMIHgAwQA
owUeAwQAowVZMAwDBAGjBW4DBAGjBXADBACjBXkDBACjBXwDBACjBX4DBAGjBYAD
BACjBYYDBACjBYgwDAMEAKMFiwMEAKMFjDAMAwQAowWPAwQAowWQAwQAowWSAwQA
owWUAwQAowWXAwQAowWaAwQAowWgAwQBowWiAwQAowWnAwQAowWrAwQAowWyAwQA
owW2AwQBowW8AwQAowW/AwQAowXJMAwDBACjBcsDBAGjBcwDBACjBdMDBACjBdoD
BACjBeADBACjBeQDBACjBfEDBACjBfoDBACjBf0wDQYJKoZIhvcNAQELBQADggEB
AC1SIuUYMRChDRbyGa5L8x50pTLrSVeHCazXnTW1SOu7qKXE/AvvzZmT5+jj1fQx
FAulnR0gbUqp1OoRI5KAhU1nC66eEuNYCkpEKAl9Y63Qw4r9bNW+kFpZqUuFsx/S
32YE+3W1veUU869IEBj8GA1NarxUZTeXqQjHEAlXC1I5tXGQLRKy1ONExCqp5NbZ
hMNpe3KUh2KqD3SXlifD1Mquw9++hntB5yFIKE6JabsEVOtn3uz2ZXaQvRciwU75
Q7CKmr6vuu0Prd5wA8CRudz489EzLChqXv4o/dZGYnK/6ANV1+zein4jM8WHwTfr
DaV8H3msmUDF/6ZZzJxets8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:00 2024 by rpki-client on console-fra.rpki-client.org