Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-IYz6emrf9R6-3D_es1f1Fn9H8c.roa
File:                     1-IYz6emrf9R6-3D_es1f1Fn9H8c.roa (raw, json)
Hash identifier:          84EKq8wemmr1Z44tCIQTqiZ/jAUqEeXj8CfMW3zstuE=
Subject key identifier:   F8:86:33:E9:E9:AB:7F:D4:7A:FB:70:FF:7A:CD:5F:D4:59:FD:1F:C7
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018CAE5C5ED19723B9F0211CDE2879F64759
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-IYz6emrf9R6-3D_es1f1Fn9H8c.roa
Signing time:             Thu 28 Dec 2023 02:58:58 +0000
ROA not before:           Thu 28 Dec 2023 02:58:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        163.5.228.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24
                          163.5.255.0/24 maxlen: 24
                          163.5.83.0/24 maxlen: 24
                          163.5.79.0/24 maxlen: 24
                          163.5.89.0/24 maxlen: 24
                          163.5.94.0/24 maxlen: 24
                          163.5.95.0/24 maxlen: 24
                          163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.106.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.30.0/24 maxlen: 24
                          163.5.36.0/24 maxlen: 24
                          163.5.178.0/24 maxlen: 24
                          163.5.181.0/24 maxlen: 24
                          163.5.182.0/24 maxlen: 24
                          163.5.188.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.191.0/24 maxlen: 24
                          163.5.204.0/24 maxlen: 24
                          163.5.205.0/24 maxlen: 24
                          163.5.201.0/24 maxlen: 24
                          163.5.203.0/24 maxlen: 24
                          163.5.218.0/24 maxlen: 24
                          163.5.224.0/24 maxlen: 24
                          163.5.120.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.128.0/24 maxlen: 24
                          163.5.139.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.151.0/24 maxlen: 24
                          163.5.148.0/24 maxlen: 24
                          163.5.150.0/24 maxlen: 24
                          163.5.146.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24
                          163.5.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 07:52:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ae:5c:5e:d1:97:23:b9:f0:21:1c:de:28:79:f6:47:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Dec 28 02:58:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f88633e9e9ab7fd47afb70ff7acd5fd459fd1fc7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:eb:47:c9:ed:0d:81:d2:58:38:8b:2f:a0:cd:
                    7b:35:3c:7e:1e:b1:36:0f:26:53:43:a3:b0:55:42:
                    90:bf:f6:68:82:09:10:02:62:3f:08:45:8f:9e:64:
                    7b:3e:59:ca:cd:63:e8:57:5f:d9:13:7e:f1:f1:f2:
                    ce:c4:8f:2d:f6:dd:53:e5:3c:0b:f6:7c:b2:ae:5e:
                    3e:4f:ee:6b:b4:c8:6a:82:c8:3a:79:c7:7f:9f:92:
                    d0:e7:a3:d1:43:ad:04:5c:b2:a6:df:1c:ba:75:36:
                    3a:29:74:03:9a:95:50:7c:3c:0b:8d:77:c7:ba:ac:
                    2f:ba:be:e0:bb:20:37:91:3e:b2:eb:a9:c5:fb:86:
                    bb:25:6c:2d:73:ae:31:bc:53:ec:96:83:9f:5b:38:
                    f3:7a:ac:cb:29:e1:e0:dc:3b:b9:ed:9d:f5:c6:e5:
                    2d:3e:0a:ae:35:ae:b2:59:ed:42:94:03:2f:10:c7:
                    7e:d1:50:3e:d3:47:f9:18:01:c7:4c:22:13:0c:3d:
                    28:e5:9c:1f:ed:b5:0a:90:70:c6:c6:7c:38:0a:9b:
                    b3:4b:96:e5:bd:44:f6:c2:1a:f0:53:2a:8f:cb:49:
                    05:c1:9d:62:8f:9e:1d:92:8c:c6:0b:0f:01:57:86:
                    c0:48:f2:ca:12:7e:be:ef:f0:ec:a6:76:75:2f:df:
                    57:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:86:33:E9:E9:AB:7F:D4:7A:FB:70:FF:7A:CD:5F:D4:59:FD:1F:C7
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-IYz6emrf9R6-3D_es1f1Fn9H8c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.30.0/24
                  163.5.36.0/24
                  163.5.79.0/24
                  163.5.83.0/24
                  163.5.89.0/24
                  163.5.94.0/23
                  163.5.106.0/24
                  163.5.110.0-163.5.113.255
                  163.5.120.0/23
                  163.5.126.0/24
                  163.5.128.0/24
                  163.5.134.0/24
                  163.5.139.0/24
                  163.5.143.0/24
                  163.5.146.0/24
                  163.5.148.0/24
                  163.5.150.0/23
                  163.5.160.0/24
                  163.5.167.0/24
                  163.5.178.0/24
                  163.5.181.0-163.5.182.255
                  163.5.188.0/23
                  163.5.191.0/24
                  163.5.201.0/24
                  163.5.203.0-163.5.205.255
                  163.5.218.0/24
                  163.5.224.0/24
                  163.5.228.0/24
                  163.5.241.0/24
                  163.5.250.0/24
                  163.5.253.0/24
                  163.5.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:ae:d3:49:7e:c5:4a:0c:ca:c8:7c:35:cb:df:41:85:d2:d0:
         12:09:3e:91:fa:a2:e6:1d:24:4e:cc:db:09:94:a3:dd:4a:bb:
         24:49:b3:66:cc:59:a8:6f:10:9b:37:1b:b5:80:44:74:fb:95:
         8e:fa:2b:82:af:48:0e:3a:fb:1e:0c:ee:26:a9:b0:ef:64:ef:
         af:53:b5:cd:0a:8c:7a:0b:ec:c2:e3:05:d4:c8:2b:f3:bb:14:
         42:65:61:7d:66:27:b2:47:6b:3e:df:ef:ab:42:c7:22:80:cb:
         e4:c8:b5:4c:4b:01:82:e5:53:c9:1a:18:b0:04:62:d5:b5:0a:
         de:11:47:f7:95:f4:d9:f0:20:88:cb:24:27:7a:79:19:1f:4b:
         e3:76:b7:7d:9b:fb:36:f1:8e:ff:75:11:33:c9:35:2e:01:b5:
         28:dd:e4:3a:1e:c7:f2:d4:cd:83:88:8f:1a:5a:a9:5a:dd:5e:
         5d:a9:b6:23:31:e6:71:4e:c3:09:f6:c5:86:ea:c8:61:1d:62:
         59:2c:35:56:8c:61:e5:e8:51:89:44:51:fe:f3:c1:f0:da:31:
         db:9f:f0:07:21:e7:6d:82:bf:25:b6:a3:c5:be:30:90:92:e2:
         3a:7e:99:54:51:86:d5:79:9c:9e:a6:40:15:ec:2d:17:44:52:
         f8:aa:c5:0d
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISAYyuXF7RlyO58CEc3ih59kdZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMjI4MDI1ODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODg2MzNlOWU5YWI3ZmQ0N2FmYjcwZmY3YWNkNWZkNDU5ZmQxZmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9OtHye0NgdJYOIsvoM17NTx+HrE2
DyZTQ6OwVUKQv/ZoggkQAmI/CEWPnmR7PlnKzWPoV1/ZE37x8fLOxI8t9t1T5TwL
9nyyrl4+T+5rtMhqgsg6ecd/n5LQ56PRQ60EXLKm3xy6dTY6KXQDmpVQfDwLjXfH
uqwvur7guyA3kT6y66nF+4a7JWwtc64xvFPsloOfWzjzeqzLKeHg3Du57Z31xuUt
PgquNa6yWe1ClAMvEMd+0VA+00f5GAHHTCITDD0o5Zwf7bUKkHDGxnw4CpuzS5bl
vUT2whrwUyqPy0kFwZ1ij54dkozGCw8BV4bASPLKEn6+7/DspnZ1L99X0QIDAQAB
o4IC4TCCAt0wHQYDVR0OBBYEFPiGM+npq3/Uevtw/3rNX9RZ/R/HMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMS1JWXo2ZW1yZjlSNi0zRF9lczFmMUZuOUg4Yy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTMvZDAyZGZiLTk2NzMtNDlhOC05NzFjLTlmZTk0MTA4ZmYw
MS8xL0RPaFJ0dDFkTms3aG5nczRJQnMtamZKaVM4cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB9QYIKwYBBQUHAQcBAf8EgeUwgeIwgd8EAgABMIHYAwQA
owUeAwQAowUkAwQAowVPAwQAowVTAwQAowVZAwQBowVeAwQAowVqMAwDBAGjBW4D
BAGjBXADBAGjBXgDBACjBX4DBACjBYADBACjBYYDBACjBYsDBACjBY8DBACjBZID
BACjBZQDBAGjBZYDBACjBaADBACjBacDBACjBbIwDAMEAKMFtQMEAKMFtgMEAaMF
vAMEAKMFvwMEAKMFyTAMAwQAowXLAwQBowXMAwQAowXaAwQAowXgAwQAowXkAwQA
owXxAwQAowX6AwQAowX9AwQAowX/MA0GCSqGSIb3DQEBCwUAA4IBAQBTrtNJfsVK
DMrIfDXL30GF0tASCT6R+qLmHSROzNsJlKPdSrskSbNmzFmobxCbNxu1gER0+5WO
+iuCr0gOOvseDO4mqbDvZO+vU7XNCox6C+zC4wXUyCvzuxRCZWF9ZieyR2s+3++r
QscigMvkyLVMSwGC5VPJGhiwBGLVtQreEUf3lfTZ8CCIyyQnenkZH0vjdrd9m/s2
8Y7/dREzyTUuAbUo3eQ6Hsfy1M2DiI8aWqla3V5dqbYjMeZxTsMJ9sWG6shhHWJZ
LDVWjGHl6FGJRFH+88Hw2jHbn/AHIedtgr8ltqPFvjCQkuI6fplUUYbVeZyepkAV
7C0XRFL4qsUN
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:27 2024 by rpki-client on console-ams.rpki-client.org