Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/7syQToHJWRnt7LDLdoZHHrnhew4.roa
File:                     7syQToHJWRnt7LDLdoZHHrnhew4.roa (raw, json)
Hash identifier:          YDwRhJDSMVBy7xjnRJkW00RRplqpSgsxLCAo6t5uSGk=
Subject key identifier:   EE:CC:90:4E:81:C9:59:19:ED:EC:B0:CB:76:86:47:1E:B9:E1:7B:0E
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018DCD9A756E971934BA7E0C71016C0CCDD9
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/7syQToHJWRnt7LDLdoZHHrnhew4.roa
Signing time:             Wed 21 Feb 2024 21:37:48 +0000
ROA not before:           Wed 21 Feb 2024 21:37:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        163.5.30.0/24 maxlen: 24
                          163.5.79.0/24 maxlen: 24
                          163.5.89.0/24 maxlen: 24
                          163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.128.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.139.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.145.0/24 maxlen: 24
                          163.5.146.0/24 maxlen: 24
                          163.5.148.0/24 maxlen: 24
                          163.5.151.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24
                          163.5.161.0/24 maxlen: 24
                          163.5.167.0/24 maxlen: 24
                          163.5.178.0/24 maxlen: 24
                          163.5.182.0/24 maxlen: 24
                          163.5.188.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.191.0/24 maxlen: 24
                          163.5.195.0/24 maxlen: 24
                          163.5.201.0/24 maxlen: 24
                          163.5.203.0/24 maxlen: 24
                          163.5.204.0/24 maxlen: 24
                          163.5.205.0/24 maxlen: 24
                          163.5.212.0/24 maxlen: 24
                          163.5.218.0/24 maxlen: 24
                          163.5.224.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.248.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 24 Feb 2024 10:17:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:cd:9a:75:6e:97:19:34:ba:7e:0c:71:01:6c:0c:cd:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Feb 21 21:37:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=eecc904e81c95919edecb0cb7686471eb9e17b0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:0c:fe:32:e7:03:67:aa:0c:3a:7d:a9:12:84:
                    11:0f:9c:f4:33:0d:7f:f6:7d:f3:53:55:51:6d:da:
                    25:49:2e:16:70:b7:3b:c8:96:47:2b:38:02:8a:d7:
                    c8:77:66:ec:62:77:ac:fe:eb:0b:55:21:0f:6c:3d:
                    de:04:f6:7d:2b:65:91:93:2d:9b:34:05:23:48:be:
                    e3:1b:6f:75:26:cc:11:54:85:fd:de:4e:91:75:71:
                    2c:7a:b6:e6:3e:b0:a0:4f:5b:54:45:4c:aa:bb:bc:
                    65:52:55:d3:08:b9:33:2f:47:e0:b3:fd:95:fd:83:
                    96:88:11:fa:9f:ad:47:e5:9a:1d:5a:f7:75:22:01:
                    fe:9b:4a:57:f1:5b:20:86:bf:8d:b9:a7:01:c7:c9:
                    33:60:ab:27:7b:b9:9e:7a:cf:03:1d:5e:39:04:3a:
                    57:a1:8b:19:70:35:c1:66:c8:eb:2c:a7:eb:9f:86:
                    6a:d3:72:6e:3d:04:17:fe:a6:ba:f3:23:9a:f8:33:
                    c3:f4:e1:91:8b:64:b2:43:9c:aa:c2:d8:7f:1c:ef:
                    6f:17:7a:ab:47:9b:b6:a6:c0:21:df:76:f8:63:89:
                    b2:8d:1b:6c:c3:57:c6:0c:96:cb:72:73:e2:10:fb:
                    bc:73:57:14:2b:54:8a:83:7e:77:d6:8f:92:85:f9:
                    c4:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:CC:90:4E:81:C9:59:19:ED:EC:B0:CB:76:86:47:1E:B9:E1:7B:0E
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/7syQToHJWRnt7LDLdoZHHrnhew4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.30.0/24
                  163.5.79.0/24
                  163.5.89.0/24
                  163.5.110.0-163.5.113.255
                  163.5.121.0/24
                  163.5.126.0/24
                  163.5.128.0/24
                  163.5.134.0/24
                  163.5.139.0/24
                  163.5.143.0/24
                  163.5.145.0-163.5.146.255
                  163.5.148.0/24
                  163.5.151.0/24
                  163.5.160.0/23
                  163.5.167.0/24
                  163.5.178.0/24
                  163.5.182.0/24
                  163.5.188.0/23
                  163.5.191.0/24
                  163.5.195.0/24
                  163.5.201.0/24
                  163.5.203.0-163.5.205.255
                  163.5.212.0/24
                  163.5.218.0/24
                  163.5.224.0/24
                  163.5.228.0/24
                  163.5.241.0/24
                  163.5.248.0/24
                  163.5.250.0/24
                  163.5.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:81:1c:fc:71:05:c1:01:cb:9d:cb:49:d8:63:ac:79:28:d1:
         43:7c:df:db:ca:31:fa:b7:90:06:82:32:25:28:c5:d2:0b:08:
         f4:06:b3:03:0f:c7:1e:ae:36:a3:aa:1f:64:c2:df:33:60:a4:
         4c:32:61:12:7b:4e:e8:91:8f:30:b6:e0:f3:fa:c3:df:a8:9f:
         76:6e:21:0c:11:6d:40:4e:03:30:2f:9e:52:5a:5a:7e:2c:c5:
         6b:f5:cf:a1:20:bc:c2:68:af:81:5f:72:68:16:5f:da:13:d4:
         67:bf:61:fc:1d:58:38:82:2c:0b:52:13:80:a0:8c:68:13:b7:
         9f:88:b1:fb:c7:27:69:79:0d:c8:30:2f:83:10:ad:ee:3a:ce:
         09:81:25:e4:0c:f8:21:87:a2:9d:81:93:9b:99:d1:54:c7:d7:
         9f:58:d4:c8:62:56:35:5d:9e:b7:5a:e6:1f:90:48:1e:01:f5:
         b6:fc:10:69:9e:9e:58:db:68:6c:8e:90:e4:4e:19:62:2f:25:
         01:75:aa:f8:3b:6a:3a:b7:34:da:9f:54:03:29:34:71:22:27:
         55:7c:25:ce:72:90:13:27:65:00:0c:93:6c:dd:35:2f:8e:23:
         58:e8:a5:77:a4:1a:9f:a2:f2:c3:7a:26:36:59:4e:21:13:1a:
         60:be:6b:a0
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAY3NmnVulxk0un4McQFsDM3ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMjIxMjEzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWNjOTA0ZTgxYzk1OTE5ZWRlY2IwY2I3Njg2NDcxZWI5ZTE3YjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQz+MucDZ6oMOn2pEoQRD5z0Mw1/
9n3zU1VRbdolSS4WcLc7yJZHKzgCitfId2bsYnes/usLVSEPbD3eBPZ9K2WRky2b
NAUjSL7jG291JswRVIX93k6RdXEserbmPrCgT1tURUyqu7xlUlXTCLkzL0fgs/2V
/YOWiBH6n61H5ZodWvd1IgH+m0pX8Vsghr+NuacBx8kzYKsne7mees8DHV45BDpX
oYsZcDXBZsjrLKfrn4Zq03JuPQQX/qa68yOa+DPD9OGRi2SyQ5yqwth/HO9vF3qr
R5u2psAh33b4Y4myjRtsw1fGDJbLcnPiEPu8c1cUK1SKg3531o+ShfnEIQIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFO7MkE6ByVkZ7eywy3aGRx654XsOMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvN3N5UVRvSEpXUm50N0xETGRvWkhIcm5oZXc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCB0wQCAAEwgcwDBACj
BR4DBACjBU8DBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeQMEAKMFfgMEAKMFgAME
AKMFhgMEAKMFiwMEAKMFjzAMAwQAowWRAwQAowWSAwQAowWUAwQAowWXAwQBowWg
AwQAowWnAwQAowWyAwQAowW2AwQBowW8AwQAowW/AwQAowXDAwQAowXJMAwDBACj
BcsDBAGjBcwDBACjBdQDBACjBdoDBACjBeADBACjBeQDBACjBfEDBACjBfgDBACj
BfoDBACjBf0wDQYJKoZIhvcNAQELBQADggEBACiBHPxxBcEBy53LSdhjrHko0UN8
39vKMfq3kAaCMiUoxdILCPQGswMPxx6uNqOqH2TC3zNgpEwyYRJ7TuiRjzC24PP6
w9+on3ZuIQwRbUBOAzAvnlJaWn4sxWv1z6EgvMJor4FfcmgWX9oT1Ge/YfwdWDiC
LAtSE4CgjGgTt5+IsfvHJ2l5DcgwL4MQre46zgmBJeQM+CGHop2Bk5uZ0VTH159Y
1MhiVjVdnrda5h+QSB4B9bb8EGmenljbaGyOkOROGWIvJQF1qvg7ajq3NNqfVAMp
NHEiJ1V8Jc5ykBMnZQAMk2zdNS+OI1jopXekGp+i8sN6JjZZTiETGmC+a6A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:28 2024 by rpki-client on console-ams.rpki-client.org