Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/PIBjPB2ES3SYg6vLVDxM4AvMFNQ.roa
File:                     PIBjPB2ES3SYg6vLVDxM4AvMFNQ.roa (raw, json)
Hash identifier:          nSg5pwpUKiGqwhTeLb+SE/SDHPOKAHGWEwP1gZNLSmg=
Subject key identifier:   3C:80:63:3C:1D:84:4B:74:98:83:AB:CB:54:3C:4C:E0:0B:CC:14:D4
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018CC568F237BA061B827E03F831872B8FB4
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/PIBjPB2ES3SYg6vLVDxM4AvMFNQ.roa
Signing time:             Mon 01 Jan 2024 14:23:58 +0000
ROA not before:           Mon 01 Jan 2024 14:23:58 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        163.5.228.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24
                          163.5.255.0/24 maxlen: 24
                          163.5.66.0/24 maxlen: 24
                          163.5.83.0/24 maxlen: 24
                          163.5.79.0/24 maxlen: 24
                          163.5.89.0/24 maxlen: 24
                          163.5.94.0/24 maxlen: 24
                          163.5.95.0/24 maxlen: 24
                          163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.106.0/24 maxlen: 24
                          163.5.118.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.30.0/24 maxlen: 24
                          163.5.36.0/24 maxlen: 24
                          163.5.178.0/24 maxlen: 24
                          163.5.181.0/24 maxlen: 24
                          163.5.182.0/24 maxlen: 24
                          163.5.188.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.191.0/24 maxlen: 24
                          163.5.199.0/24 maxlen: 24
                          163.5.204.0/24 maxlen: 24
                          163.5.205.0/24 maxlen: 24
                          163.5.201.0/24 maxlen: 24
                          163.5.203.0/24 maxlen: 24
                          163.5.218.0/24 maxlen: 24
                          163.5.224.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.128.0/24 maxlen: 24
                          163.5.139.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.151.0/24 maxlen: 24
                          163.5.148.0/24 maxlen: 24
                          163.5.150.0/24 maxlen: 24
                          163.5.146.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24
                          163.5.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:27:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:68:f2:37:ba:06:1b:82:7e:03:f8:31:87:2b:8f:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan  1 14:23:58 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3c80633c1d844b749883abcb543c4ce00bcc14d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:5e:15:47:8c:7a:29:fd:52:11:65:05:61:90:
                    a1:b2:5d:33:da:11:2e:6a:40:12:e5:6a:6c:5b:75:
                    98:e6:c8:28:e8:62:3f:f1:2d:a7:d1:84:37:f6:11:
                    28:95:9a:1e:32:c6:ce:bd:d8:b6:9d:09:17:4e:62:
                    ea:a7:c2:68:ec:de:31:68:c5:6a:6f:c6:91:07:0f:
                    3f:c8:4d:79:53:33:e5:3b:46:15:5a:69:dd:3d:e7:
                    04:57:a6:23:90:e6:18:6f:bb:e9:3d:b5:17:3d:88:
                    b9:60:f4:a3:6d:bc:7d:b1:df:94:72:c7:aa:d5:b5:
                    c1:59:96:95:c7:a3:ad:02:42:c2:4a:6e:e1:7e:a6:
                    86:00:41:c8:bd:b5:69:b5:6b:52:4b:73:c8:5c:e4:
                    99:4f:f5:3f:f1:e9:50:73:13:95:76:2b:8c:8f:37:
                    77:c7:5e:f2:c3:f5:1d:99:a1:06:02:99:b7:ef:ef:
                    91:70:3f:79:56:aa:fd:97:db:70:9c:a5:22:79:79:
                    a5:fd:c7:4d:c9:f7:13:54:0e:be:c1:05:22:98:47:
                    cd:35:9c:89:de:57:fd:bf:e5:1f:f8:c0:14:ae:7a:
                    84:c0:eb:b8:2e:41:da:a5:f9:23:32:23:9d:8a:15:
                    82:e0:54:04:5e:41:fc:91:29:82:1c:3d:95:6e:3e:
                    12:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:80:63:3C:1D:84:4B:74:98:83:AB:CB:54:3C:4C:E0:0B:CC:14:D4
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/PIBjPB2ES3SYg6vLVDxM4AvMFNQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.30.0/24
                  163.5.36.0/24
                  163.5.66.0/24
                  163.5.79.0/24
                  163.5.83.0/24
                  163.5.89.0/24
                  163.5.94.0/23
                  163.5.106.0/24
                  163.5.110.0-163.5.113.255
                  163.5.118.0/24
                  163.5.121.0/24
                  163.5.126.0/24
                  163.5.128.0/24
                  163.5.134.0/24
                  163.5.139.0/24
                  163.5.143.0/24
                  163.5.146.0/24
                  163.5.148.0/24
                  163.5.150.0/23
                  163.5.160.0/24
                  163.5.167.0/24
                  163.5.178.0/24
                  163.5.181.0-163.5.182.255
                  163.5.188.0/23
                  163.5.191.0/24
                  163.5.199.0/24
                  163.5.201.0/24
                  163.5.203.0-163.5.205.255
                  163.5.218.0/24
                  163.5.224.0/24
                  163.5.228.0/24
                  163.5.241.0/24
                  163.5.250.0/24
                  163.5.253.0/24
                  163.5.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:7c:36:75:48:0a:95:e7:46:17:ff:82:78:53:b7:40:79:61:
         16:38:db:6a:ce:55:3f:55:0f:84:0f:1a:e8:92:d9:63:5f:5d:
         82:64:c0:2c:80:e9:e2:21:b1:6a:f0:0f:25:75:00:1a:37:ef:
         db:93:b1:80:7f:b7:81:23:3e:69:fb:01:46:13:75:32:22:10:
         65:b3:18:b8:68:74:2e:9a:ac:8a:2d:c6:90:77:ff:e7:e0:5b:
         4a:f8:ff:d0:e7:20:00:85:80:c5:17:72:7a:7f:6d:41:56:dc:
         99:f2:81:28:90:70:40:26:35:07:df:f9:60:98:bb:62:0d:b3:
         19:c5:b5:dd:ad:ac:52:76:67:0f:13:01:ec:2f:e5:34:69:a2:
         25:6b:99:4f:c2:d1:c3:52:9c:0c:08:38:1b:3d:97:b9:ea:c6:
         4c:08:96:44:ab:4e:b4:83:70:1e:dc:d0:50:f6:74:f4:02:f1:
         af:8e:4e:18:1d:02:60:da:94:f1:83:51:d6:23:a8:59:47:04:
         3b:36:cb:23:b9:12:18:4d:5a:85:ee:63:84:74:f7:2f:b1:66:
         3e:70:72:8a:57:cc:e6:1d:8a:f2:23:a5:fc:e6:6a:4a:89:d2:
         ca:cf:d1:c2:5c:42:9b:6a:25:0d:12:42:24:42:1e:e2:ed:59:
         8f:96:5d:1d
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAYzFaPI3ugYbgn4D+DGHK4+0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMTQyMzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzgwNjMzYzFkODQ0Yjc0OTg4M2FiY2I1NDNjNGNlMDBiY2MxNGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl14VR4x6Kf1SEWUFYZChsl0z2hEu
akAS5WpsW3WY5sgo6GI/8S2n0YQ39hEolZoeMsbOvdi2nQkXTmLqp8Jo7N4xaMVq
b8aRBw8/yE15UzPlO0YVWmndPecEV6YjkOYYb7vpPbUXPYi5YPSjbbx9sd+Ucseq
1bXBWZaVx6OtAkLCSm7hfqaGAEHIvbVptWtSS3PIXOSZT/U/8elQcxOVdiuMjzd3
x17yw/UdmaEGApm37++RcD95Vqr9l9twnKUieXml/cdNyfcTVA6+wQUimEfNNZyJ
3lf9v+Uf+MAUrnqEwOu4LkHapfkjMiOdihWC4FQEXkH8kSmCHD2Vbj4SzwIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFDyAYzwdhEt0mIOry1Q8TOALzBTUMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUElCalBCMkVTM1NZZzZ2TFZEeE00QXZNRk5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgfEEAgABMIHqAwQA
owUeAwQAowUkAwQAowVCAwQAowVPAwQAowVTAwQAowVZAwQBowVeAwQAowVqMAwD
BAGjBW4DBAGjBXADBACjBXYDBACjBXkDBACjBX4DBACjBYADBACjBYYDBACjBYsD
BACjBY8DBACjBZIDBACjBZQDBAGjBZYDBACjBaADBACjBacDBACjBbIwDAMEAKMF
tQMEAKMFtgMEAaMFvAMEAKMFvwMEAKMFxwMEAKMFyTAMAwQAowXLAwQBowXMAwQA
owXaAwQAowXgAwQAowXkAwQAowXxAwQAowX6AwQAowX9AwQAowX/MA0GCSqGSIb3
DQEBCwUAA4IBAQCFfDZ1SAqV50YX/4J4U7dAeWEWONtqzlU/VQ+EDxroktljX12C
ZMAsgOniIbFq8A8ldQAaN+/bk7GAf7eBIz5p+wFGE3UyIhBlsxi4aHQumqyKLcaQ
d//n4FtK+P/Q5yAAhYDFF3J6f21BVtyZ8oEokHBAJjUH3/lgmLtiDbMZxbXdraxS
dmcPEwHsL+U0aaIla5lPwtHDUpwMCDgbPZe56sZMCJZEq060g3Ae3NBQ9nT0AvGv
jk4YHQJg2pTxg1HWI6hZRwQ7NssjuRIYTVqF7mOEdPcvsWY+cHKKV8zmHYryI6X8
5mpKidLKz9HCXEKbaiUNEkIkQh7i7VmPll0d
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:31 2024 by rpki-client on console-ams.rpki-client.org