Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ayRHANwzyOLU6TnUd951BCsXlbc.roa
File:                     ayRHANwzyOLU6TnUd951BCsXlbc.roa (raw, json)
Hash identifier:          4PT4wJbkksUPEDTrRf58sao4Eg3sPPYf0t/cH+ehGJc=
Subject key identifier:   6B:24:47:00:DC:33:C8:E2:D4:E9:39:D4:77:DE:75:04:2B:17:95:B7
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018E9539505019C129E8A83A2304822E13DD
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ayRHANwzyOLU6TnUd951BCsXlbc.roa
Signing time:             Sun 31 Mar 2024 15:55:45 +0000
ROA not before:           Sun 31 Mar 2024 15:55:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        163.5.30.0/24 maxlen: 24
                          163.5.79.0/24 maxlen: 24
                          163.5.82.0/24 maxlen: 24
                          163.5.89.0/24 maxlen: 24
                          163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.128.0/24 maxlen: 24
                          163.5.129.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.139.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.146.0/24 maxlen: 24
                          163.5.148.0/24 maxlen: 24
                          163.5.151.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24
                          163.5.162.0/24 maxlen: 24
                          163.5.167.0/24 maxlen: 24
                          163.5.171.0/24 maxlen: 24
                          163.5.178.0/24 maxlen: 24
                          163.5.182.0/24 maxlen: 24
                          163.5.188.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.191.0/24 maxlen: 24
                          163.5.201.0/24 maxlen: 24
                          163.5.203.0/24 maxlen: 24
                          163.5.204.0/24 maxlen: 24
                          163.5.205.0/24 maxlen: 24
                          163.5.218.0/24 maxlen: 24
                          163.5.224.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Apr 2024 07:55:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:95:39:50:50:19:c1:29:e8:a8:3a:23:04:82:2e:13:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Mar 31 15:55:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6b244700dc33c8e2d4e939d477de75042b1795b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:43:e7:c0:a5:fb:99:65:6e:ed:d3:11:4a:5b:
                    bd:15:27:df:10:09:88:65:6c:7a:17:ef:9e:76:35:
                    3c:35:ba:82:d3:92:89:6b:62:a7:93:d6:d3:2e:f4:
                    28:2d:4a:1c:b9:a8:33:0a:0f:c3:14:9e:8a:1a:e7:
                    63:83:81:9d:f5:d6:13:22:dd:6f:30:7e:20:14:b5:
                    6c:29:bb:98:25:17:9a:c8:14:45:33:b7:31:30:2c:
                    b9:ed:a9:ac:2d:de:a2:b0:a3:60:8f:8b:68:98:ee:
                    5a:54:3d:fe:82:4c:0c:84:36:89:eb:48:0d:8c:3c:
                    6c:4b:97:8f:1c:81:27:77:73:28:0a:47:53:2a:94:
                    01:a3:20:2b:8c:27:b5:f4:15:ec:43:d5:d2:e8:9b:
                    93:60:ad:48:34:57:99:b9:fb:78:44:ab:65:15:18:
                    f9:c2:07:7e:07:e5:12:12:e8:96:03:6c:12:98:6a:
                    85:3b:7e:f4:82:78:9e:dd:19:e7:05:6d:4d:e1:ae:
                    53:b6:d8:99:d6:72:e9:94:fa:65:84:97:60:e1:95:
                    89:7d:ae:6c:0c:3e:81:f4:bf:9b:35:f4:16:3c:20:
                    1a:7c:3f:dc:f4:0f:34:e0:3e:15:a3:89:b4:4b:3d:
                    1c:08:f1:b3:45:2b:51:d9:76:f0:4d:fd:24:27:bb:
                    7d:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:24:47:00:DC:33:C8:E2:D4:E9:39:D4:77:DE:75:04:2B:17:95:B7
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ayRHANwzyOLU6TnUd951BCsXlbc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.30.0/24
                  163.5.79.0/24
                  163.5.82.0/24
                  163.5.89.0/24
                  163.5.110.0-163.5.113.255
                  163.5.121.0/24
                  163.5.126.0/24
                  163.5.128.0/23
                  163.5.134.0/24
                  163.5.139.0/24
                  163.5.143.0/24
                  163.5.146.0/24
                  163.5.148.0/24
                  163.5.151.0/24
                  163.5.160.0/24
                  163.5.162.0/24
                  163.5.167.0/24
                  163.5.171.0/24
                  163.5.178.0/24
                  163.5.182.0/24
                  163.5.188.0/23
                  163.5.191.0/24
                  163.5.201.0/24
                  163.5.203.0-163.5.205.255
                  163.5.218.0/24
                  163.5.224.0/24
                  163.5.228.0/24
                  163.5.241.0/24
                  163.5.250.0/24
                  163.5.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:72:17:d2:f0:eb:40:6e:8c:fa:4b:81:f3:0a:fc:43:77:df:
         d5:b4:7b:aa:03:b5:19:15:8d:84:c3:06:69:f3:2f:ed:2d:83:
         dd:16:81:8d:8d:4a:94:38:da:89:bf:f5:09:89:2d:cf:35:8a:
         01:c4:09:96:f9:d4:13:70:2d:19:f4:57:85:b7:05:0e:35:b6:
         12:dc:5e:b1:01:76:b7:19:5c:86:e0:b5:b9:93:c8:37:34:03:
         6d:6d:b6:9e:95:09:a9:ef:3d:75:21:97:d1:e5:60:ad:16:d1:
         5e:78:2e:9b:42:64:b1:32:bc:7d:92:d5:f7:63:04:8f:9f:bf:
         5b:8c:41:4d:d1:f0:a6:28:f0:ad:ed:da:26:0c:83:3b:d3:e4:
         e3:de:fd:d7:1e:06:72:06:d8:2b:35:23:80:18:62:f8:0b:7f:
         42:2b:4f:9b:37:c9:68:27:c6:a3:f0:f8:1b:58:4f:56:92:24:
         88:cf:36:ec:00:96:4b:67:b8:5b:2b:b0:a6:41:29:c6:c7:b1:
         fa:c0:a8:04:4a:ca:18:e4:e1:58:22:df:ac:e8:11:9d:b2:3d:
         f3:91:bf:25:d4:58:5b:ac:00:b3:32:3c:c5:12:61:9f:5c:b7:
         31:99:c6:88:5f:fb:96:6b:45:56:88:75:48:0d:0a:bf:90:9b:
         b6:ae:d9:51
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAY6VOVBQGcEp6Kg6IwSCLhPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMzMxMTU1NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjI0NDcwMGRjMzNjOGUyZDRlOTM5ZDQ3N2RlNzUwNDJiMTc5NWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0PnwKX7mWVu7dMRSlu9FSffEAmI
ZWx6F++edjU8NbqC05KJa2Knk9bTLvQoLUocuagzCg/DFJ6KGudjg4Gd9dYTIt1v
MH4gFLVsKbuYJReayBRFM7cxMCy57amsLd6isKNgj4tomO5aVD3+gkwMhDaJ60gN
jDxsS5ePHIEnd3MoCkdTKpQBoyArjCe19BXsQ9XS6JuTYK1INFeZuft4RKtlFRj5
wgd+B+USEuiWA2wSmGqFO370gnie3RnnBW1N4a5TttiZ1nLplPplhJdg4ZWJfa5s
DD6B9L+bNfQWPCAafD/c9A804D4Vo4m0Sz0cCPGzRStR2XbwTf0kJ7t9bQIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFGskRwDcM8ji1Ok51HfedQQrF5W3MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYXlSSEFOd3p5T0xVNlRuVWQ5NTFCQ3NYbGJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBywQCAAEwgcQDBACj
BR4DBACjBU8DBACjBVIDBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeQMEAKMFfgME
AaMFgAMEAKMFhgMEAKMFiwMEAKMFjwMEAKMFkgMEAKMFlAMEAKMFlwMEAKMFoAME
AKMFogMEAKMFpwMEAKMFqwMEAKMFsgMEAKMFtgMEAaMFvAMEAKMFvwMEAKMFyTAM
AwQAowXLAwQBowXMAwQAowXaAwQAowXgAwQAowXkAwQAowXxAwQAowX6AwQAowX9
MA0GCSqGSIb3DQEBCwUAA4IBAQAzchfS8OtAboz6S4HzCvxDd9/VtHuqA7UZFY2E
wwZp8y/tLYPdFoGNjUqUONqJv/UJiS3PNYoBxAmW+dQTcC0Z9FeFtwUONbYS3F6x
AXa3GVyG4LW5k8g3NANtbbaelQmp7z11IZfR5WCtFtFeeC6bQmSxMrx9ktX3YwSP
n79bjEFN0fCmKPCt7domDIM70+Tj3v3XHgZyBtgrNSOAGGL4C39CK0+bN8loJ8aj
8PgbWE9WkiSIzzbsAJZLZ7hbK7CmQSnGx7H6wKgESsoY5OFYIt+s6BGdsj3zkb8l
1FhbrACzMjzFEmGfXLcxmcaIX/uWa0VWiHVIDQq/kJu2rtlR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org