Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ZA9Aj2-wXxIyRzs2pFsu1JsMF_E.roa
File:                     ZA9Aj2-wXxIyRzs2pFsu1JsMF_E.roa (raw, json)
Hash identifier:          6i07SpF0Dr0tZrpfeRYfRmB05Mk5UM62L8uXzaaeGYE=
Subject key identifier:   64:0F:40:8F:6F:B0:5F:12:32:47:3B:36:A4:5B:2E:D4:9B:0C:17:F1
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018DDAA4793E085B711267FE78717F835D68
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ZA9Aj2-wXxIyRzs2pFsu1JsMF_E.roa
Signing time:             Sat 24 Feb 2024 10:23:48 +0000
ROA not before:           Sat 24 Feb 2024 10:23:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        163.5.30.0/24 maxlen: 24
                          163.5.79.0/24 maxlen: 24
                          163.5.89.0/24 maxlen: 24
                          163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.128.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.139.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.145.0/24 maxlen: 24
                          163.5.146.0/24 maxlen: 24
                          163.5.148.0/24 maxlen: 24
                          163.5.151.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24
                          163.5.161.0/24 maxlen: 24
                          163.5.167.0/24 maxlen: 24
                          163.5.178.0/24 maxlen: 24
                          163.5.182.0/24 maxlen: 24
                          163.5.185.0/24 maxlen: 24
                          163.5.188.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.191.0/24 maxlen: 24
                          163.5.195.0/24 maxlen: 24
                          163.5.201.0/24 maxlen: 24
                          163.5.203.0/24 maxlen: 24
                          163.5.204.0/24 maxlen: 24
                          163.5.205.0/24 maxlen: 24
                          163.5.212.0/24 maxlen: 24
                          163.5.218.0/24 maxlen: 24
                          163.5.224.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.232.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.248.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 27 Feb 2024 15:24:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:da:a4:79:3e:08:5b:71:12:67:fe:78:71:7f:83:5d:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Feb 24 10:23:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=640f408f6fb05f1232473b36a45b2ed49b0c17f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:11:21:ff:4d:8a:8c:bb:58:11:18:1d:56:75:
                    73:d4:49:c9:0d:08:fd:ab:b6:07:aa:df:87:e2:35:
                    8f:8f:86:00:53:df:a1:04:c9:36:37:86:72:36:25:
                    b7:d3:f2:da:14:27:21:d6:eb:93:51:0b:9e:3e:2c:
                    8b:13:60:1c:27:97:9b:40:7a:0a:f6:ee:1d:dd:5a:
                    d1:66:9d:99:c6:9e:75:d3:5f:22:da:7b:80:59:ec:
                    86:7a:50:58:b2:ed:7b:0c:e1:1d:28:0f:e9:83:8f:
                    68:d7:bc:a5:70:b1:a2:7b:29:3e:57:57:15:6e:2c:
                    ae:a1:2b:7b:a5:c4:64:ee:da:50:bc:ac:06:b6:a9:
                    e7:14:fa:23:a3:59:33:ec:f0:12:6a:52:f5:b3:a9:
                    ac:b1:81:8f:b5:ab:c9:ff:57:d9:a5:16:ca:19:c0:
                    f1:7c:fb:50:45:45:06:63:13:0e:5c:c5:4f:e0:7f:
                    a9:84:70:d6:06:a0:8d:99:2f:b8:10:54:45:88:88:
                    5b:73:1c:ea:9c:9e:c9:a8:27:fe:e6:56:3c:82:db:
                    cd:1c:1d:c9:86:a3:27:2c:38:d0:fe:60:b2:f1:90:
                    09:bd:d7:24:e5:66:51:28:37:bd:0c:66:78:d0:12:
                    50:ad:96:d0:9a:a3:02:f3:88:f0:93:0c:0c:66:4c:
                    88:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:0F:40:8F:6F:B0:5F:12:32:47:3B:36:A4:5B:2E:D4:9B:0C:17:F1
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ZA9Aj2-wXxIyRzs2pFsu1JsMF_E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.30.0/24
                  163.5.79.0/24
                  163.5.89.0/24
                  163.5.110.0-163.5.113.255
                  163.5.121.0/24
                  163.5.126.0/24
                  163.5.128.0/24
                  163.5.134.0/24
                  163.5.139.0/24
                  163.5.143.0/24
                  163.5.145.0-163.5.146.255
                  163.5.148.0/24
                  163.5.151.0/24
                  163.5.160.0/23
                  163.5.167.0/24
                  163.5.178.0/24
                  163.5.182.0/24
                  163.5.185.0/24
                  163.5.188.0/23
                  163.5.191.0/24
                  163.5.195.0/24
                  163.5.201.0/24
                  163.5.203.0-163.5.205.255
                  163.5.212.0/24
                  163.5.218.0/24
                  163.5.224.0/24
                  163.5.228.0/24
                  163.5.232.0/24
                  163.5.241.0/24
                  163.5.248.0/24
                  163.5.250.0/24
                  163.5.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:60:56:b6:e4:15:f1:a5:67:52:58:72:b8:87:f2:0b:b7:b3:
         08:b9:8a:81:11:65:b1:00:ca:1e:b5:e6:84:74:f7:62:51:94:
         9e:3d:16:5b:55:f1:58:c6:83:95:01:ee:c4:72:f0:8c:67:8c:
         19:62:b3:c7:de:a7:e2:2c:c7:04:a7:14:ed:1b:86:f4:55:5a:
         6b:5c:04:a7:6a:22:eb:e2:50:38:a6:16:48:3a:80:70:40:52:
         f0:a8:65:56:30:0d:f9:da:94:c3:a1:96:64:bd:38:43:7e:bb:
         bf:b2:80:72:84:f3:62:88:f8:b6:da:fe:d6:87:ea:cf:8e:61:
         96:4b:fa:1f:fd:74:6e:e5:b7:15:81:c8:b5:98:89:0e:5c:aa:
         10:34:85:2c:a6:51:9d:b1:b4:e4:d1:f3:63:17:00:1a:c1:87:
         47:4d:bf:47:a5:89:6b:f2:b8:c8:12:7f:84:24:71:07:90:ba:
         08:cd:15:c5:33:8f:9d:2e:fe:36:89:0c:24:ac:ca:59:5a:c6:
         10:79:12:79:cf:93:29:73:b8:a2:91:1d:6b:bb:29:cd:41:4b:
         ac:85:99:45:25:f9:c8:49:ea:b9:2e:96:6c:8f:d6:e6:d8:09:
         f1:df:a2:8b:0e:47:ae:fd:aa:e9:d8:47:a1:39:e4:97:18:e6:
         cb:c8:6d:a1
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAY3apHk+CFtxEmf+eHF/g11oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMjI0MTAyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDBmNDA4ZjZmYjA1ZjEyMzI0NzNiMzZhNDViMmVkNDliMGMxN2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoREh/02KjLtYERgdVnVz1EnJDQj9
q7YHqt+H4jWPj4YAU9+hBMk2N4ZyNiW30/LaFCch1uuTUQuePiyLE2AcJ5ebQHoK
9u4d3VrRZp2Zxp51018i2nuAWeyGelBYsu17DOEdKA/pg49o17ylcLGieyk+V1cV
biyuoSt7pcRk7tpQvKwGtqnnFPojo1kz7PASalL1s6mssYGPtavJ/1fZpRbKGcDx
fPtQRUUGYxMOXMVP4H+phHDWBqCNmS+4EFRFiIhbcxzqnJ7JqCf+5lY8gtvNHB3J
hqMnLDjQ/mCy8ZAJvdck5WZRKDe9DGZ40BJQrZbQmqMC84jwkwwMZkyIhwIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFGQPQI9vsF8SMkc7NqRbLtSbDBfxMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvWkE5QWoyLXdYeEl5UnpzMnBGc3UxSnNNRl9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCB3wQCAAEwgdgDBACj
BR4DBACjBU8DBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeQMEAKMFfgMEAKMFgAME
AKMFhgMEAKMFiwMEAKMFjzAMAwQAowWRAwQAowWSAwQAowWUAwQAowWXAwQBowWg
AwQAowWnAwQAowWyAwQAowW2AwQAowW5AwQBowW8AwQAowW/AwQAowXDAwQAowXJ
MAwDBACjBcsDBAGjBcwDBACjBdQDBACjBdoDBACjBeADBACjBeQDBACjBegDBACj
BfEDBACjBfgDBACjBfoDBACjBf0wDQYJKoZIhvcNAQELBQADggEBACNgVrbkFfGl
Z1JYcriH8gu3swi5ioERZbEAyh615oR092JRlJ49FltV8VjGg5UB7sRy8IxnjBli
s8fep+IsxwSnFO0bhvRVWmtcBKdqIuviUDimFkg6gHBAUvCoZVYwDfnalMOhlmS9
OEN+u7+ygHKE82KI+Lba/taH6s+OYZZL+h/9dG7ltxWByLWYiQ5cqhA0hSymUZ2x
tOTR82MXABrBh0dNv0eliWvyuMgSf4QkcQeQugjNFcUzj50u/jaJDCSsyllaxhB5
EnnPkylzuKKRHWu7Kc1BS6yFmUUl+chJ6rkulmyP1ubYCfHfoosOR679qunYR6E5
5JcY5svIbaE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org