Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hT6_-z4YuREOjHHlWiPJLRZcUfU.roa
File:                     hT6_-z4YuREOjHHlWiPJLRZcUfU.roa (raw, json)
Hash identifier:          GAnwNaYtNq2t+sdoIshJnWfqCxGRYVdl6hqSkilPYqs=
Subject key identifier:   85:3E:BF:FB:3E:18:B9:11:0E:8C:71:E5:5A:23:C9:2D:16:5C:51:F5
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018CE8664F6CD6A8CCA11966C6AA18A0987B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hT6_-z4YuREOjHHlWiPJLRZcUfU.roa
Signing time:             Mon 08 Jan 2024 09:27:48 +0000
ROA not before:           Mon 08 Jan 2024 09:27:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        163.5.228.0/24 maxlen: 24
                          163.5.239.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24
                          163.5.83.0/24 maxlen: 24
                          163.5.79.0/24 maxlen: 24
                          163.5.89.0/24 maxlen: 24
                          163.5.95.0/24 maxlen: 24
                          163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.30.0/24 maxlen: 24
                          163.5.36.0/24 maxlen: 24
                          163.5.61.0/24 maxlen: 24
                          163.5.178.0/24 maxlen: 24
                          163.5.181.0/24 maxlen: 24
                          163.5.182.0/24 maxlen: 24
                          163.5.188.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.191.0/24 maxlen: 24
                          163.5.204.0/24 maxlen: 24
                          163.5.205.0/24 maxlen: 24
                          163.5.201.0/24 maxlen: 24
                          163.5.203.0/24 maxlen: 24
                          163.5.218.0/24 maxlen: 24
                          163.5.224.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.128.0/24 maxlen: 24
                          163.5.139.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.141.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.151.0/24 maxlen: 24
                          163.5.148.0/24 maxlen: 24
                          163.5.150.0/24 maxlen: 24
                          163.5.146.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24
                          163.5.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 10 Jan 2024 17:20:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:e8:66:4f:6c:d6:a8:cc:a1:19:66:c6:aa:18:a0:98:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan  8 09:27:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=853ebffb3e18b9110e8c71e55a23c92d165c51f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:fa:3e:bc:33:15:0f:62:dd:98:08:5b:9b:21:
                    d8:76:48:0e:4a:97:58:86:8b:bb:a5:5a:9d:2c:f7:
                    3d:32:b6:06:9c:ae:d0:02:4b:17:f4:62:bd:c4:e4:
                    93:c1:02:70:f9:f5:87:92:86:c1:32:a7:27:3d:0e:
                    1e:94:90:0c:f3:d1:79:0b:2f:11:f4:65:fa:df:a0:
                    72:a4:eb:98:8c:ec:1d:1f:55:83:a7:b2:b2:76:40:
                    38:0e:46:fd:6f:2f:01:dc:ea:cc:66:b8:15:62:10:
                    a4:ca:40:f6:9f:a5:9b:43:9d:70:93:b8:de:c2:40:
                    8b:39:15:be:cf:4a:5e:ce:06:bb:78:8e:9f:60:c4:
                    42:9b:10:8e:a5:19:25:b8:a7:48:06:b2:2d:80:74:
                    76:48:d5:8f:fc:3e:ce:42:bc:8d:81:c7:1f:77:6d:
                    de:38:11:60:6a:b7:b4:c8:ee:c2:07:8c:9c:e7:1f:
                    01:97:cc:1f:f2:6b:c4:f4:23:21:9a:33:8a:9f:2b:
                    4f:0b:4c:f5:65:45:90:d5:76:d0:4c:35:9b:61:af:
                    f2:3c:cb:5a:d0:6c:49:61:b0:8b:f4:9b:dd:e7:7a:
                    2b:6e:8e:8f:14:6d:be:31:59:3f:0e:28:f1:0c:0a:
                    ce:98:6c:e1:7a:02:9a:f6:c1:a0:85:28:3b:fd:9a:
                    13:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:3E:BF:FB:3E:18:B9:11:0E:8C:71:E5:5A:23:C9:2D:16:5C:51:F5
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hT6_-z4YuREOjHHlWiPJLRZcUfU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.30.0/24
                  163.5.36.0/24
                  163.5.61.0/24
                  163.5.79.0/24
                  163.5.83.0/24
                  163.5.89.0/24
                  163.5.95.0/24
                  163.5.110.0-163.5.113.255
                  163.5.121.0/24
                  163.5.126.0/24
                  163.5.128.0/24
                  163.5.134.0/24
                  163.5.139.0/24
                  163.5.141.0/24
                  163.5.143.0/24
                  163.5.146.0/24
                  163.5.148.0/24
                  163.5.150.0/23
                  163.5.160.0/24
                  163.5.167.0/24
                  163.5.178.0/24
                  163.5.181.0-163.5.182.255
                  163.5.188.0/23
                  163.5.191.0/24
                  163.5.201.0/24
                  163.5.203.0-163.5.205.255
                  163.5.218.0/24
                  163.5.224.0/24
                  163.5.228.0/24
                  163.5.239.0/24
                  163.5.241.0/24
                  163.5.250.0/24
                  163.5.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:d0:f5:35:2e:be:ac:0a:b4:02:20:3a:f0:74:72:04:e8:02:
         6b:e3:20:e4:6e:04:0b:74:e3:fa:eb:01:92:35:82:21:53:69:
         da:8a:c9:29:4f:8c:63:29:f0:ab:25:d1:64:04:1a:53:3c:37:
         0d:23:84:5c:60:e0:8e:0b:4e:3a:c8:1f:b0:57:bf:ff:08:6e:
         e4:a1:dc:a4:06:bb:27:25:b5:fc:f6:e1:6f:47:18:08:64:ba:
         04:6a:9d:1b:3d:6c:74:b7:f6:d9:e5:ad:f9:d2:3d:f5:f0:f9:
         13:91:ee:13:fa:6d:8c:79:5c:99:1a:61:83:88:85:38:e0:ee:
         be:c2:4f:c0:99:2e:6a:ac:7e:61:10:57:c4:24:4e:ab:4b:5e:
         06:98:f4:63:80:cb:84:d8:09:c4:a6:47:94:89:ed:ed:aa:00:
         d5:07:49:30:5a:82:39:a9:61:97:f9:57:13:b3:31:ac:ca:4d:
         04:d5:ed:c2:fe:0e:8d:98:6f:87:c2:a5:a1:ea:19:8d:b0:25:
         2d:b6:11:cc:92:35:89:d0:8f:b0:ee:00:b9:b4:4e:54:74:d6:
         5b:41:b5:00:02:4d:4a:e2:19:52:dd:1e:92:0c:07:1c:07:e3:
         41:b9:2f:66:9d:04:17:dc:9b:e5:b3:e8:c6:f6:59:5f:85:fb:
         fe:86:6b:7b
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAYzoZk9s1qjMoRlmxqoYoJh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTA4MDkyNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTNlYmZmYjNlMThiOTExMGU4YzcxZTU1YTIzYzkyZDE2NWM1MWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Po+vDMVD2LdmAhbmyHYdkgOSpdY
hou7pVqdLPc9MrYGnK7QAksX9GK9xOSTwQJw+fWHkobBMqcnPQ4elJAM89F5Cy8R
9GX636BypOuYjOwdH1WDp7KydkA4Dkb9by8B3OrMZrgVYhCkykD2n6WbQ51wk7je
wkCLORW+z0pezga7eI6fYMRCmxCOpRkluKdIBrItgHR2SNWP/D7OQryNgccfd23e
OBFgare0yO7CB4yc5x8Bl8wf8mvE9CMhmjOKnytPC0z1ZUWQ1XbQTDWbYa/yPMta
0GxJYbCL9Jvd53orbo6PFG2+MVk/DijxDArOmGzhegKa9sGghSg7/ZoTQQIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFIU+v/s+GLkRDoxx5VojyS0WXFH1MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaFQ2Xy16NFl1UkVPakhIbFdpUEpMUlpjVWZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCB5QQCAAEwgd4DBACj
BR4DBACjBSQDBACjBT0DBACjBU8DBACjBVMDBACjBVkDBACjBV8wDAMEAaMFbgME
AaMFcAMEAKMFeQMEAKMFfgMEAKMFgAMEAKMFhgMEAKMFiwMEAKMFjQMEAKMFjwME
AKMFkgMEAKMFlAMEAaMFlgMEAKMFoAMEAKMFpwMEAKMFsjAMAwQAowW1AwQAowW2
AwQBowW8AwQAowW/AwQAowXJMAwDBACjBcsDBAGjBcwDBACjBdoDBACjBeADBACj
BeQDBACjBe8DBACjBfEDBACjBfoDBACjBf0wDQYJKoZIhvcNAQELBQADggEBAG3Q
9TUuvqwKtAIgOvB0cgToAmvjIORuBAt04/rrAZI1giFTadqKySlPjGMp8Ksl0WQE
GlM8Nw0jhFxg4I4LTjrIH7BXv/8IbuSh3KQGuycltfz24W9HGAhkugRqnRs9bHS3
9tnlrfnSPfXw+ROR7hP6bYx5XJkaYYOIhTjg7r7CT8CZLmqsfmEQV8QkTqtLXgaY
9GOAy4TYCcSmR5SJ7e2qANUHSTBagjmpYZf5VxOzMazKTQTV7cL+Do2Yb4fCpaHq
GY2wJS22EcySNYnQj7DuALm0TlR01ltBtQACTUriGVLdHpIMBxwH40G5L2adBBfc
m+Wz6Mb2WV+F+/6Ga3s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:34 2024 by rpki-client on console-ams.rpki-client.org