Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/gKfn5-Etrj-UPjJhxQ08QLg-Rmg.roa
File:                     gKfn5-Etrj-UPjJhxQ08QLg-Rmg.roa (raw, json)
Hash identifier:          JE48zVfaCsWs/kGh7lutquataXMulcfy9duTtZYJp0U=
Subject key identifier:   80:A7:E7:E7:E1:2D:AE:3F:94:3E:32:61:C5:0D:3C:40:B8:3E:46:68
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018D4F13E262D655231B6D597F67E86A7DE0
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/gKfn5-Etrj-UPjJhxQ08QLg-Rmg.roa
Signing time:             Sun 28 Jan 2024 07:58:39 +0000
ROA not before:           Sun 28 Jan 2024 07:58:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        163.5.30.0/24 maxlen: 24
                          163.5.79.0/24 maxlen: 24
                          163.5.83.0/24 maxlen: 24
                          163.5.89.0/24 maxlen: 24
                          163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.128.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.139.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.146.0/24 maxlen: 24
                          163.5.148.0/24 maxlen: 24
                          163.5.150.0/24 maxlen: 24
                          163.5.151.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24
                          163.5.167.0/24 maxlen: 24
                          163.5.178.0/24 maxlen: 24
                          163.5.182.0/24 maxlen: 24
                          163.5.188.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.191.0/24 maxlen: 24
                          163.5.201.0/24 maxlen: 24
                          163.5.203.0/24 maxlen: 24
                          163.5.204.0/24 maxlen: 24
                          163.5.205.0/24 maxlen: 24
                          163.5.218.0/24 maxlen: 24
                          163.5.224.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 Jan 2024 14:06:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:4f:13:e2:62:d6:55:23:1b:6d:59:7f:67:e8:6a:7d:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan 28 07:58:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=80a7e7e7e12dae3f943e3261c50d3c40b83e4668
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:84:f3:94:da:6f:d4:aa:88:88:0e:7c:79:da:
                    27:b8:a2:22:22:cf:54:51:24:0c:7d:bb:a6:a7:0d:
                    ab:09:4a:b5:c8:53:1f:7b:34:8a:37:ef:e3:73:e5:
                    26:04:d9:50:b4:07:63:a4:a6:59:55:b5:35:b5:f4:
                    dd:d0:ab:09:c6:95:6e:c7:c0:35:02:aa:21:48:4d:
                    0e:1c:74:36:e5:4c:57:3a:df:73:a9:96:27:17:f7:
                    18:83:a2:8b:0f:39:29:79:6a:27:e8:a7:e5:bc:60:
                    5a:ed:4a:60:ff:c7:3c:9f:a1:71:d5:72:2b:bc:6a:
                    41:4f:4d:0f:2a:9a:ba:d4:23:82:44:25:8b:4c:fb:
                    88:be:d2:a4:04:45:a1:ef:a1:1d:6c:6a:0f:24:55:
                    8c:0e:5f:1a:a6:80:c1:79:18:1d:d7:70:e1:1c:e9:
                    f5:70:88:4c:3c:0f:8a:ba:2f:96:c1:3b:d4:59:70:
                    92:5f:01:1a:55:49:ec:50:e4:b0:5d:36:96:88:ce:
                    8f:bf:ca:65:d7:c8:7e:b2:df:ac:00:25:9d:28:88:
                    5b:f9:65:8c:13:f0:8c:7c:9e:04:3a:ad:f7:d5:0a:
                    e5:14:01:c0:63:70:ea:ee:1d:75:e9:c8:4e:0f:6f:
                    af:32:21:1f:43:7e:f2:b6:a4:e8:52:da:25:f1:46:
                    1e:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:A7:E7:E7:E1:2D:AE:3F:94:3E:32:61:C5:0D:3C:40:B8:3E:46:68
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/gKfn5-Etrj-UPjJhxQ08QLg-Rmg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.30.0/24
                  163.5.79.0/24
                  163.5.83.0/24
                  163.5.89.0/24
                  163.5.110.0-163.5.113.255
                  163.5.121.0/24
                  163.5.126.0/24
                  163.5.128.0/24
                  163.5.134.0/24
                  163.5.139.0/24
                  163.5.143.0/24
                  163.5.146.0/24
                  163.5.148.0/24
                  163.5.150.0/23
                  163.5.160.0/24
                  163.5.167.0/24
                  163.5.178.0/24
                  163.5.182.0/24
                  163.5.188.0/23
                  163.5.191.0/24
                  163.5.201.0/24
                  163.5.203.0-163.5.205.255
                  163.5.218.0/24
                  163.5.224.0/24
                  163.5.228.0/24
                  163.5.241.0/24
                  163.5.250.0/24
                  163.5.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:98:40:0a:0c:1c:87:56:7f:c5:b3:ff:76:8f:e9:ae:32:5d:
         19:d3:32:af:f3:ec:b2:11:f7:83:15:7d:9d:eb:3e:d5:68:c4:
         cd:2a:a3:d2:e3:a3:da:06:44:b8:89:8c:31:6d:70:09:eb:d1:
         de:cd:d0:d3:86:9d:d9:c4:54:ac:68:15:03:b9:98:8e:57:98:
         dd:d0:07:91:81:31:90:f6:9a:c7:f7:93:6f:80:2e:6f:c8:04:
         a9:02:06:9d:4e:b8:96:48:91:e2:dd:68:a7:f9:22:74:01:07:
         58:87:8f:62:7d:9c:35:74:8e:ba:54:8b:82:1c:1b:64:d9:73:
         3a:79:f9:42:66:f9:ce:02:05:c0:3f:9c:c7:ef:57:b2:e5:20:
         2c:3e:6b:35:05:79:29:91:3c:ff:5e:05:3f:64:0b:e9:53:c3:
         da:55:e9:d1:74:0c:d7:80:c9:fa:3b:3f:d6:79:2e:2f:9e:76:
         ed:56:a2:60:c7:19:72:69:e0:8f:d0:2e:01:22:89:cf:6a:2f:
         11:ff:3f:f9:46:b0:ef:41:4d:a7:df:98:54:1f:6c:0c:28:82:
         7a:ab:e7:91:d2:d0:a1:34:44:bb:19:46:70:f3:3b:39:dd:75:
         0b:e0:4f:32:02:c7:04:57:b8:09:dc:03:f3:9d:25:73:8f:ad:
         13:68:5c:e7
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAY1PE+Ji1lUjG21Zf2foan3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTI4MDc1ODM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGE3ZTdlN2UxMmRhZTNmOTQzZTMyNjFjNTBkM2M0MGI4M2U0NjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYTzlNpv1KqIiA58edonuKIiIs9U
USQMfbumpw2rCUq1yFMfezSKN+/jc+UmBNlQtAdjpKZZVbU1tfTd0KsJxpVux8A1
AqohSE0OHHQ25UxXOt9zqZYnF/cYg6KLDzkpeWon6KflvGBa7Upg/8c8n6Fx1XIr
vGpBT00PKpq61COCRCWLTPuIvtKkBEWh76EdbGoPJFWMDl8apoDBeRgd13DhHOn1
cIhMPA+Kui+WwTvUWXCSXwEaVUnsUOSwXTaWiM6Pv8pl18h+st+sACWdKIhb+WWM
E/CMfJ4EOq331QrlFAHAY3Dq7h116chOD2+vMiEfQ37ytqToUtol8UYe9QIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFICn5+fhLa4/lD4yYcUNPEC4PkZoMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZ0tmbjUtRXRyai1VUGpKaHhRMDhRTGctUm1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgDBACj
BR4DBACjBU8DBACjBVMDBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeQMEAKMFfgME
AKMFgAMEAKMFhgMEAKMFiwMEAKMFjwMEAKMFkgMEAKMFlAMEAaMFlgMEAKMFoAME
AKMFpwMEAKMFsgMEAKMFtgMEAaMFvAMEAKMFvwMEAKMFyTAMAwQAowXLAwQBowXM
AwQAowXaAwQAowXgAwQAowXkAwQAowXxAwQAowX6AwQAowX9MA0GCSqGSIb3DQEB
CwUAA4IBAQAImEAKDByHVn/Fs/92j+muMl0Z0zKv8+yyEfeDFX2d6z7VaMTNKqPS
46PaBkS4iYwxbXAJ69HezdDThp3ZxFSsaBUDuZiOV5jd0AeRgTGQ9prH95NvgC5v
yASpAgadTriWSJHi3Win+SJ0AQdYh49ifZw1dI66VIuCHBtk2XM6eflCZvnOAgXA
P5zH71ey5SAsPms1BXkpkTz/XgU/ZAvpU8PaVenRdAzXgMn6Oz/WeS4vnnbtVqJg
xxlyaeCP0C4BIonPai8R/z/5RrDvQU2n35hUH2wMKIJ6q+eR0tChNES7GUZw8zs5
3XUL4E8yAscEV7gJ3APznSVzj60TaFzn
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:34 2024 by rpki-client on console-ams.rpki-client.org