Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ne3ISReILAmuGG5vJXVlGB1Sc_w.roa
File:                     Ne3ISReILAmuGG5vJXVlGB1Sc_w.roa (raw, json)
Hash identifier:          RBBN+OTv2k+opQKWkkV4tz6N9nfybphLrzCncQGsXxA=
Subject key identifier:   35:ED:C8:49:17:88:2C:09:AE:18:6E:6F:25:75:65:18:1D:52:73:FC
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018D8E2B037D07F1A2E1A9ADD0A5E863738E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ne3ISReILAmuGG5vJXVlGB1Sc_w.roa
Signing time:             Fri 09 Feb 2024 14:00:00 +0000
ROA not before:           Fri 09 Feb 2024 14:00:00 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        163.5.28.0/24 maxlen: 24
                          163.5.30.0/24 maxlen: 24
                          163.5.79.0/24 maxlen: 24
                          163.5.89.0/24 maxlen: 24
                          163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.128.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.139.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.145.0/24 maxlen: 24
                          163.5.146.0/24 maxlen: 24
                          163.5.148.0/24 maxlen: 24
                          163.5.150.0/24 maxlen: 24
                          163.5.151.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24
                          163.5.167.0/24 maxlen: 24
                          163.5.178.0/24 maxlen: 24
                          163.5.182.0/24 maxlen: 24
                          163.5.188.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.191.0/24 maxlen: 24
                          163.5.201.0/24 maxlen: 24
                          163.5.203.0/24 maxlen: 24
                          163.5.204.0/24 maxlen: 24
                          163.5.205.0/24 maxlen: 24
                          163.5.218.0/24 maxlen: 24
                          163.5.224.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.242.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 09 Feb 2024 18:06:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:8e:2b:03:7d:07:f1:a2:e1:a9:ad:d0:a5:e8:63:73:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Feb  9 14:00:00 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=35edc84917882c09ae186e6f257565181d5273fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:1b:44:56:a9:ce:40:70:6c:46:86:63:f9:df:
                    f6:2b:6a:4d:89:1d:d0:49:6e:cd:25:f7:83:54:0b:
                    69:f7:74:93:a4:7b:50:84:10:e1:1f:d6:68:2b:eb:
                    8d:cc:c2:8e:77:4a:55:9d:92:2e:2b:48:29:d1:ac:
                    5f:35:e3:c8:0b:48:47:d7:5d:85:64:54:33:31:52:
                    aa:55:7d:ef:31:9a:2e:a5:cb:81:1d:91:8d:17:b3:
                    ac:65:63:d1:cf:12:38:a4:71:37:44:85:81:e5:a4:
                    3a:78:55:71:c2:4f:2c:92:15:92:0c:88:99:2e:b5:
                    e8:5a:fb:30:00:b4:8a:8f:74:0d:59:f8:9d:f9:30:
                    ec:89:38:c6:98:14:41:f3:8d:45:6c:aa:cb:85:9d:
                    e8:82:5b:13:1f:56:20:4c:de:a8:d7:9f:e4:be:28:
                    1f:5a:e7:f1:8f:4b:99:6d:80:46:6a:1a:4d:60:53:
                    c2:5d:61:5b:32:61:97:3c:2a:42:71:8a:bb:1d:79:
                    63:99:f2:c2:86:1a:c0:80:07:02:40:cb:10:16:10:
                    c1:2a:ac:08:ce:3b:79:01:31:66:a0:4f:14:11:85:
                    bd:4a:ee:18:73:11:54:c1:77:82:c3:81:92:be:ea:
                    bc:40:6d:b2:0c:14:ba:4f:5b:c6:e4:ed:0d:98:ae:
                    59:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:ED:C8:49:17:88:2C:09:AE:18:6E:6F:25:75:65:18:1D:52:73:FC
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ne3ISReILAmuGG5vJXVlGB1Sc_w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.28.0/24
                  163.5.30.0/24
                  163.5.79.0/24
                  163.5.89.0/24
                  163.5.110.0-163.5.113.255
                  163.5.121.0/24
                  163.5.126.0/24
                  163.5.128.0/24
                  163.5.134.0/24
                  163.5.139.0/24
                  163.5.143.0/24
                  163.5.145.0-163.5.146.255
                  163.5.148.0/24
                  163.5.150.0/23
                  163.5.160.0/24
                  163.5.167.0/24
                  163.5.178.0/24
                  163.5.182.0/24
                  163.5.188.0/23
                  163.5.191.0/24
                  163.5.201.0/24
                  163.5.203.0-163.5.205.255
                  163.5.218.0/24
                  163.5.224.0/24
                  163.5.228.0/24
                  163.5.241.0-163.5.242.255
                  163.5.250.0/24
                  163.5.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:6a:26:05:bf:73:1a:82:e5:34:59:89:05:f4:88:4a:6f:91:
         2e:81:01:8d:5c:82:77:19:f5:b2:89:3f:04:c8:76:bb:29:2e:
         52:89:36:e6:42:74:9e:27:85:b4:03:3b:c2:02:8c:66:29:09:
         89:9b:d1:85:06:1a:53:d6:a2:93:d5:b6:dd:43:6d:db:af:f4:
         66:d7:8c:73:14:7f:5e:bb:46:57:93:a5:ca:a6:8a:f0:7e:57:
         66:49:af:6c:47:a2:1c:4f:b0:91:dc:ea:a2:95:ff:8f:9f:12:
         a2:64:b3:19:d5:fb:c3:0e:0a:0e:da:d9:68:8f:0b:b9:ef:84:
         a1:cc:77:b4:3f:f1:83:63:c4:f6:18:84:2b:20:c3:83:da:c3:
         ba:d9:eb:b7:e9:46:45:0e:c8:2a:f2:4c:da:5d:44:2d:c0:29:
         3b:6d:ce:bf:f6:a9:2c:f6:cc:69:88:20:59:9c:9f:01:20:77:
         f8:94:dd:ba:96:6e:7d:ea:fa:26:10:bc:36:5e:15:8f:47:b0:
         29:34:e9:f3:47:e4:c1:46:54:fc:bb:0d:a8:54:bc:7f:18:86:
         eb:ca:f3:90:2c:fd:7e:0b:c2:68:8d:67:36:a3:e9:ae:e2:f5:
         1d:9b:fc:f5:4a:52:dc:b6:9d:21:fb:a4:ef:de:c4:0d:72:dc:
         57:d5:da:07
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAY2OKwN9B/Gi4amt0KXoY3OOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMjA5MTQwMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWVkYzg0OTE3ODgyYzA5YWUxODZlNmYyNTc1NjUxODFkNTI3M2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRtEVqnOQHBsRoZj+d/2K2pNiR3Q
SW7NJfeDVAtp93STpHtQhBDhH9ZoK+uNzMKOd0pVnZIuK0gp0axfNePIC0hH112F
ZFQzMVKqVX3vMZoupcuBHZGNF7OsZWPRzxI4pHE3RIWB5aQ6eFVxwk8skhWSDIiZ
LrXoWvswALSKj3QNWfid+TDsiTjGmBRB841FbKrLhZ3oglsTH1YgTN6o15/kvigf
Wufxj0uZbYBGahpNYFPCXWFbMmGXPCpCcYq7HXljmfLChhrAgAcCQMsQFhDBKqwI
zjt5ATFmoE8UEYW9Su4YcxFUwXeCw4GSvuq8QG2yDBS6T1vG5O0NmK5ZrwIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFDXtyEkXiCwJrhhubyV1ZRgdUnP8MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTmUzSVNSZUlMQW11R0c1dkpYVmxHQjFTY193LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBACj
BRwDBACjBR4DBACjBU8DBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeQMEAKMFfgME
AKMFgAMEAKMFhgMEAKMFiwMEAKMFjzAMAwQAowWRAwQAowWSAwQAowWUAwQBowWW
AwQAowWgAwQAowWnAwQAowWyAwQAowW2AwQBowW8AwQAowW/AwQAowXJMAwDBACj
BcsDBAGjBcwDBACjBdoDBACjBeADBACjBeQwDAMEAKMF8QMEAKMF8gMEAKMF+gME
AKMF/TANBgkqhkiG9w0BAQsFAAOCAQEAZWomBb9zGoLlNFmJBfSISm+RLoEBjVyC
dxn1sok/BMh2uykuUok25kJ0nieFtAM7wgKMZikJiZvRhQYaU9aik9W23UNt26/0
ZteMcxR/XrtGV5OlyqaK8H5XZkmvbEeiHE+wkdzqopX/j58SomSzGdX7ww4KDtrZ
aI8Lue+Eocx3tD/xg2PE9hiEKyDDg9rDutnrt+lGRQ7IKvJM2l1ELcApO23Ov/ap
LPbMaYggWZyfASB3+JTdupZufer6JhC8Nl4Vj0ewKTTp80fkwUZU/LsNqFS8fxiG
68rzkCz9fgvCaI1nNqPpruL1HZv89UpS3LadIfuk797EDXLcV9XaBw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:31 2024 by rpki-client on console-ams.rpki-client.org