Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/m5wiSoc_zGfT1s8YENF1XWUAheU.roa
File:                     m5wiSoc_zGfT1s8YENF1XWUAheU.roa (raw, json)
Hash identifier:          bzDXNRCMlac+MTHDetY7lfC5p8LgN/Sc+Kw+suxzDHo=
Subject key identifier:   9B:9C:22:4A:87:3F:CC:67:D3:D6:CF:18:10:D1:75:5D:65:00:85:E5
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018EECD6876DB1320ACA0C7318C517F03114
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/m5wiSoc_zGfT1s8YENF1XWUAheU.roa
Signing time:             Wed 17 Apr 2024 16:14:26 +0000
ROA not before:           Wed 17 Apr 2024 16:14:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        163.5.30.0/24 maxlen: 24
                          163.5.89.0/24 maxlen: 24
                          163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.124.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.128.0/24 maxlen: 24
                          163.5.129.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.136.0/24 maxlen: 24
                          163.5.139.0/24 maxlen: 24
                          163.5.140.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.144.0/24 maxlen: 24
                          163.5.146.0/24 maxlen: 24
                          163.5.151.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24
                          163.5.162.0/24 maxlen: 24
                          163.5.163.0/24 maxlen: 24
                          163.5.167.0/24 maxlen: 24
                          163.5.171.0/24 maxlen: 24
                          163.5.178.0/24 maxlen: 24
                          163.5.182.0/24 maxlen: 24
                          163.5.188.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.191.0/24 maxlen: 24
                          163.5.201.0/24 maxlen: 24
                          163.5.203.0/24 maxlen: 24
                          163.5.204.0/24 maxlen: 24
                          163.5.205.0/24 maxlen: 24
                          163.5.211.0/24 maxlen: 24
                          163.5.218.0/24 maxlen: 24
                          163.5.224.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 19 Apr 2024 08:15:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:ec:d6:87:6d:b1:32:0a:ca:0c:73:18:c5:17:f0:31:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Apr 17 16:14:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9b9c224a873fcc67d3d6cf1810d1755d650085e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:59:a5:87:09:27:83:5a:d0:33:ca:11:ad:0d:
                    42:de:96:55:fd:fe:29:48:9e:c5:9a:9f:50:db:48:
                    27:31:d5:04:42:a5:d6:2d:f2:c6:4e:65:35:bc:dc:
                    72:9c:36:9d:19:6e:4c:d4:8a:d6:72:86:ce:f7:fe:
                    6e:8e:7a:cd:f7:a5:94:3e:c5:3b:ce:24:30:be:d1:
                    50:ba:a6:f1:93:f6:55:dc:ba:43:cf:aa:ff:5f:b2:
                    98:b9:32:63:4e:43:b7:40:9b:6e:0f:d9:5b:08:c4:
                    99:4a:e6:ba:13:58:47:e1:04:fa:20:e4:d0:30:13:
                    f2:11:80:6a:ca:54:89:cd:ab:30:c1:d9:6f:a0:e7:
                    0b:de:f8:e4:c7:3c:7a:e6:73:b5:1b:7c:fd:a6:5a:
                    1d:96:80:86:5b:9c:cf:c1:10:6e:69:bd:e4:e0:a1:
                    17:dc:f3:2d:cc:7b:18:27:b1:bc:31:31:1a:25:6c:
                    de:d0:9a:84:96:31:23:87:25:04:a9:c4:41:29:72:
                    47:c4:95:17:66:0c:c4:29:1a:41:7c:eb:1a:c7:5d:
                    c4:6c:96:6d:30:ba:22:f8:1d:0f:d1:45:25:f1:93:
                    15:8f:fd:51:d0:9f:00:ac:c4:fe:6a:0a:4d:23:79:
                    a5:23:e0:66:d8:41:2e:ca:42:60:58:21:de:06:e4:
                    1f:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:9C:22:4A:87:3F:CC:67:D3:D6:CF:18:10:D1:75:5D:65:00:85:E5
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/m5wiSoc_zGfT1s8YENF1XWUAheU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.30.0/24
                  163.5.89.0/24
                  163.5.110.0-163.5.113.255
                  163.5.121.0/24
                  163.5.124.0/24
                  163.5.126.0/24
                  163.5.128.0/23
                  163.5.134.0/24
                  163.5.136.0/24
                  163.5.139.0-163.5.140.255
                  163.5.143.0-163.5.144.255
                  163.5.146.0/24
                  163.5.151.0/24
                  163.5.160.0/24
                  163.5.162.0/23
                  163.5.167.0/24
                  163.5.171.0/24
                  163.5.178.0/24
                  163.5.182.0/24
                  163.5.188.0/23
                  163.5.191.0/24
                  163.5.201.0/24
                  163.5.203.0-163.5.205.255
                  163.5.211.0/24
                  163.5.218.0/24
                  163.5.224.0/24
                  163.5.228.0/24
                  163.5.241.0/24
                  163.5.250.0/24
                  163.5.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:7c:ec:09:48:df:dd:91:f6:9a:09:ec:b6:8c:09:91:dc:6c:
         36:f1:e6:51:96:36:4f:2b:ef:d5:62:f5:ca:d9:4b:73:a6:ba:
         fd:8e:2d:17:61:77:09:2d:84:fd:e3:ca:b1:86:25:a2:74:b6:
         70:c2:4e:de:a3:44:d5:92:a1:58:51:3d:49:e4:2b:9d:dc:b0:
         8e:8d:51:3d:66:87:77:96:53:5b:f1:65:2d:45:4e:48:2d:04:
         1d:5d:0c:6e:1a:ff:ae:8a:7f:5d:df:49:bd:b1:f6:b2:09:38:
         70:b7:b5:51:a2:a4:7c:70:1c:20:2b:27:23:4b:fb:93:50:0e:
         5b:cb:61:bf:ec:a6:62:05:19:8f:4b:0e:3d:7f:86:c8:5f:d8:
         11:bf:8a:7a:90:6d:b1:1e:23:86:98:28:b5:07:a9:95:55:49:
         cd:2d:6f:d1:d7:07:55:08:7e:0a:c0:a2:cd:79:ac:7c:e4:5d:
         9c:bb:08:6c:7c:f3:69:8a:7c:7e:b9:8f:02:01:e5:82:b4:a1:
         69:ce:08:2e:20:78:b5:6d:be:37:3d:58:75:a7:70:e7:7f:06:
         33:39:6c:fd:91:fe:53:9b:4e:a2:d3:3a:cb:de:41:ea:43:0a:
         4a:04:23:f0:80:d3:93:7c:d6:ea:95:24:74:94:1a:57:8f:55:
         93:46:60:ec
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAY7s1odtsTIKygxzGMUX8DEUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNDE3MTYxNDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjljMjI0YTg3M2ZjYzY3ZDNkNmNmMTgxMGQxNzU1ZDY1MDA4NWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolmlhwkng1rQM8oRrQ1C3pZV/f4p
SJ7Fmp9Q20gnMdUEQqXWLfLGTmU1vNxynDadGW5M1IrWcobO9/5ujnrN96WUPsU7
ziQwvtFQuqbxk/ZV3LpDz6r/X7KYuTJjTkO3QJtuD9lbCMSZSua6E1hH4QT6IOTQ
MBPyEYBqylSJzaswwdlvoOcL3vjkxzx65nO1G3z9plodloCGW5zPwRBuab3k4KEX
3PMtzHsYJ7G8MTEaJWze0JqEljEjhyUEqcRBKXJHxJUXZgzEKRpBfOsax13EbJZt
MLoi+B0P0UUl8ZMVj/1R0J8ArMT+agpNI3mlI+Bm2EEuykJgWCHeBuQfLwIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFJucIkqHP8xn09bPGBDRdV1lAIXlMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbTV3aVNvY196R2ZUMXM4WUVORjFYV1VBaGVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCB2wQCAAEwgdQDBACj
BR4DBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeQMEAKMFfAMEAKMFfgMEAaMFgAME
AKMFhgMEAKMFiDAMAwQAowWLAwQAowWMMAwDBACjBY8DBACjBZADBACjBZIDBACj
BZcDBACjBaADBAGjBaIDBACjBacDBACjBasDBACjBbIDBACjBbYDBAGjBbwDBACj
Bb8DBACjBckwDAMEAKMFywMEAaMFzAMEAKMF0wMEAKMF2gMEAKMF4AMEAKMF5AME
AKMF8QMEAKMF+gMEAKMF/TANBgkqhkiG9w0BAQsFAAOCAQEALHzsCUjf3ZH2mgns
towJkdxsNvHmUZY2Tyvv1WL1ytlLc6a6/Y4tF2F3CS2E/ePKsYYlonS2cMJO3qNE
1ZKhWFE9SeQrndywjo1RPWaHd5ZTW/FlLUVOSC0EHV0Mbhr/rop/Xd9JvbH2sgk4
cLe1UaKkfHAcICsnI0v7k1AOW8thv+ymYgUZj0sOPX+GyF/YEb+KepBtsR4jhpgo
tQeplVVJzS1v0dcHVQh+CsCizXmsfORdnLsIbHzzaYp8frmPAgHlgrShac4ILiB4
tW2+Nz1Ydadw538GMzls/ZH+U5tOotM6y95B6kMKSgQj8IDTk3zW6pUkdJQaV49V
k0Zg7A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:07 2024 by rpki-client on console-fra.rpki-client.org