Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nenSH8VWxLBt3lyqYk08HmWLsD0.roa
File:                     nenSH8VWxLBt3lyqYk08HmWLsD0.roa (raw, json)
Hash identifier:          U6NN6pdSI3g9rJjUVaNara4v3avP+dyQzA8YSOxKzkQ=
Subject key identifier:   9D:E9:D2:1F:C5:56:C4:B0:6D:DE:5C:AA:62:4D:3C:1E:65:8B:B0:3D
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018B74F1A8B0D6F26F9F6543ECD0CA9647FE
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nenSH8VWxLBt3lyqYk08HmWLsD0.roa
Signing time:             Sat 28 Oct 2023 06:21:16 +0000
ROA not before:           Sat 28 Oct 2023 06:21:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        163.5.228.0/24 maxlen: 24
                          163.5.235.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.249.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.251.0/24 maxlen: 24
                          163.5.252.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24
                          163.5.255.0/24 maxlen: 24
                          163.5.66.0/24 maxlen: 24
                          163.5.67.0/24 maxlen: 24
                          163.5.76.0/24 maxlen: 24
                          163.5.83.0/24 maxlen: 24
                          163.5.79.0/24 maxlen: 24
                          163.5.89.0/24 maxlen: 24
                          163.5.98.0/24 maxlen: 24
                          163.5.94.0/24 maxlen: 24
                          163.5.95.0/24 maxlen: 24
                          163.5.104.0/24 maxlen: 24
                          163.5.105.0/24 maxlen: 24
                          163.5.99.0/24 maxlen: 24
                          163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.106.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.114.0/24 maxlen: 24
                          163.5.30.0/24 maxlen: 24
                          163.5.37.0/24 maxlen: 24
                          163.5.33.0/24 maxlen: 24
                          163.5.35.0/24 maxlen: 24
                          163.5.36.0/24 maxlen: 24
                          163.5.64.0/24 maxlen: 24
                          163.5.62.0/24 maxlen: 24
                          163.5.176.0/24 maxlen: 24
                          163.5.178.0/24 maxlen: 24
                          163.5.181.0/24 maxlen: 24
                          163.5.182.0/24 maxlen: 24
                          163.5.186.0/24 maxlen: 24
                          163.5.188.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.191.0/24 maxlen: 24
                          163.5.204.0/24 maxlen: 24
                          163.5.205.0/24 maxlen: 24
                          163.5.201.0/24 maxlen: 24
                          163.5.203.0/24 maxlen: 24
                          163.5.208.0/24 maxlen: 24
                          163.5.217.0/24 maxlen: 24
                          163.5.218.0/24 maxlen: 24
                          163.5.222.0/24 maxlen: 24
                          163.5.224.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.122.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.128.0/24 maxlen: 24
                          163.5.138.0/24 maxlen: 24
                          163.5.139.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.141.0/24 maxlen: 24
                          163.5.142.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.151.0/24 maxlen: 24
                          163.5.148.0/24 maxlen: 24
                          163.5.150.0/24 maxlen: 24
                          163.5.146.0/24 maxlen: 24
                          163.5.156.0/24 maxlen: 24
                          163.5.165.0/24 maxlen: 24
                          163.5.162.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24
                          163.5.161.0/24 maxlen: 24
                          163.5.167.0/24 maxlen: 24
                          163.5.172.0/24 maxlen: 24
                          163.5.170.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 28 Oct 2023 22:47:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:74:f1:a8:b0:d6:f2:6f:9f:65:43:ec:d0:ca:96:47:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Oct 28 06:21:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9de9d21fc556c4b06dde5caa624d3c1e658bb03d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:9c:f0:83:27:5d:7b:8e:c9:7d:61:47:ed:e4:
                    bb:15:20:c9:f6:a4:16:27:9b:bd:f0:7e:d1:da:ef:
                    08:8b:38:1d:75:0d:80:ba:b2:c0:34:3a:cc:59:8e:
                    32:dc:72:75:7d:38:dc:cb:19:47:eb:81:af:81:39:
                    1a:01:11:7f:39:a1:50:f3:28:20:1c:42:00:f1:66:
                    8b:0d:b4:e5:f7:3a:47:f0:cd:8f:e7:24:fb:01:d5:
                    ee:38:3d:31:b7:db:d9:23:be:fa:6d:a5:67:fd:26:
                    ad:0d:35:81:3b:52:f8:3c:19:e7:9b:5a:e3:0e:d9:
                    f3:70:55:52:6e:89:e6:57:7c:07:bd:91:36:6d:b6:
                    15:e9:bf:dc:5c:df:9e:8e:5d:22:4e:08:ad:c9:4f:
                    2a:c5:24:67:9e:4e:5d:b0:0c:2c:1a:32:b0:98:34:
                    b7:d7:74:7d:b3:86:4b:66:a8:a4:cb:1d:86:a0:c7:
                    b4:e7:8b:e6:9d:c3:cd:34:a7:0f:7d:07:ae:8a:8f:
                    a7:be:54:d3:3b:5a:88:58:ce:22:4b:f2:26:3a:ef:
                    d4:12:8a:45:51:21:68:ea:ce:89:ea:41:d3:c2:ec:
                    6c:fa:39:a8:5b:fb:f2:b3:3e:c3:7c:26:ed:e9:fb:
                    b5:04:53:1d:ac:98:04:17:ba:bb:13:9e:b6:f2:71:
                    42:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:E9:D2:1F:C5:56:C4:B0:6D:DE:5C:AA:62:4D:3C:1E:65:8B:B0:3D
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nenSH8VWxLBt3lyqYk08HmWLsD0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.30.0/24
                  163.5.33.0/24
                  163.5.35.0-163.5.37.255
                  163.5.62.0/24
                  163.5.64.0/24
                  163.5.66.0/23
                  163.5.76.0/24
                  163.5.79.0/24
                  163.5.83.0/24
                  163.5.89.0/24
                  163.5.94.0/23
                  163.5.98.0/23
                  163.5.104.0-163.5.106.255
                  163.5.110.0-163.5.114.255
                  163.5.121.0-163.5.122.255
                  163.5.126.0/24
                  163.5.128.0/24
                  163.5.134.0/24
                  163.5.138.0/23
                  163.5.141.0-163.5.143.255
                  163.5.146.0/24
                  163.5.148.0/24
                  163.5.150.0/23
                  163.5.156.0/24
                  163.5.160.0-163.5.162.255
                  163.5.165.0/24
                  163.5.167.0/24
                  163.5.170.0/24
                  163.5.172.0/24
                  163.5.176.0/24
                  163.5.178.0/24
                  163.5.181.0-163.5.182.255
                  163.5.186.0/24
                  163.5.188.0/23
                  163.5.191.0/24
                  163.5.201.0/24
                  163.5.203.0-163.5.205.255
                  163.5.208.0/24
                  163.5.217.0-163.5.218.255
                  163.5.222.0/24
                  163.5.224.0/24
                  163.5.228.0/24
                  163.5.235.0/24
                  163.5.241.0/24
                  163.5.249.0-163.5.253.255
                  163.5.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:4e:8b:11:65:4d:89:28:74:47:fb:7f:84:85:29:5a:e0:b2:
         19:eb:8c:ce:68:41:00:e2:8b:b7:60:8e:a4:69:14:d0:a8:11:
         0e:c6:59:96:3b:87:0d:68:46:54:0a:b0:c1:5c:b1:39:72:ee:
         54:e5:fd:d7:fc:95:79:57:66:f7:bf:b9:d5:d3:1e:b7:1a:40:
         86:aa:89:d1:80:3c:d9:8e:2a:70:dd:94:f6:12:39:9e:4f:69:
         9d:6f:fb:a4:18:55:c8:0d:5a:cf:2f:f4:92:ea:4c:f9:6d:ad:
         25:c8:c4:e3:07:78:e8:85:f6:2d:38:44:fc:b1:17:aa:95:4f:
         f1:cf:48:cb:d8:28:52:40:4f:ad:e6:6c:bf:71:41:00:89:bc:
         14:12:94:28:2a:12:91:ee:4f:45:3a:04:7a:60:6c:9e:d9:b1:
         4f:56:dd:c0:92:f8:4c:6f:b0:00:aa:c8:e5:41:bc:9c:16:0a:
         4f:17:79:e5:b3:da:11:30:12:a4:a0:09:6f:d8:01:73:14:e0:
         61:e2:9e:5f:a9:2c:ed:e9:05:e2:e2:f2:82:89:45:05:dd:d2:
         12:bf:1d:13:8c:33:b2:60:64:b8:60:49:18:fe:a5:c9:27:ab:
         19:12:c2:5b:4b:74:cd:b1:74:fd:13:b9:a5:0a:7a:c5:10:21:
         6c:10:e1:7d
-----BEGIN CERTIFICATE-----
MIIGZTCCBU2gAwIBAgISAYt08aiw1vJvn2VD7NDKlkf+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMDI4MDYyMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGU5ZDIxZmM1NTZjNGIwNmRkZTVjYWE2MjRkM2MxZTY1OGJiMDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZzwgydde47JfWFH7eS7FSDJ9qQW
J5u98H7R2u8IizgddQ2AurLANDrMWY4y3HJ1fTjcyxlH64GvgTkaARF/OaFQ8ygg
HEIA8WaLDbTl9zpH8M2P5yT7AdXuOD0xt9vZI776baVn/SatDTWBO1L4PBnnm1rj
DtnzcFVSbonmV3wHvZE2bbYV6b/cXN+ejl0iTgityU8qxSRnnk5dsAwsGjKwmDS3
13R9s4ZLZqikyx2GoMe054vmncPNNKcPfQeuio+nvlTTO1qIWM4iS/ImOu/UEopF
USFo6s6J6kHTwuxs+jmoW/vysz7DfCbt6fu1BFMdrJgEF7q7E5628nFC2QIDAQAB
o4IDcTCCA20wHQYDVR0OBBYEFJ3p0h/FVsSwbd5cqmJNPB5li7A9MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbmVuU0g4Vld4TEJ0M2x5cVlrMDhIbVdMc0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhQYIKwYBBQUHAQcBAf8EggF0MIIBcDCCAWwEAgABMIIB
ZAMEAKMFHgMEAKMFITAMAwQAowUjAwQBowUkAwQAowU+AwQAowVAAwQBowVCAwQA
owVMAwQAowVPAwQAowVTAwQAowVZAwQBowVeAwQBowViMAwDBAOjBWgDBACjBWow
DAMEAaMFbgMEAKMFcjAMAwQAowV5AwQAowV6AwQAowV+AwQAowWAAwQAowWGAwQB
owWKMAwDBACjBY0DBASjBYADBACjBZIDBACjBZQDBAGjBZYDBACjBZwwDAMEBaMF
oAMEAKMFogMEAKMFpQMEAKMFpwMEAKMFqgMEAKMFrAMEAKMFsAMEAKMFsjAMAwQA
owW1AwQAowW2AwQAowW6AwQBowW8AwQAowW/AwQAowXJMAwDBACjBcsDBAGjBcwD
BACjBdAwDAMEAKMF2QMEAKMF2gMEAKMF3gMEAKMF4AMEAKMF5AMEAKMF6wMEAKMF
8TAMAwQAowX5AwQBowX8AwQAowX/MA0GCSqGSIb3DQEBCwUAA4IBAQAHTosRZU2J
KHRH+3+EhSla4LIZ64zOaEEA4ou3YI6kaRTQqBEOxlmWO4cNaEZUCrDBXLE5cu5U
5f3X/JV5V2b3v7nV0x63GkCGqonRgDzZjipw3ZT2EjmeT2mdb/ukGFXIDVrPL/SS
6kz5ba0lyMTjB3johfYtOET8sReqlU/xz0jL2ChSQE+t5my/cUEAibwUEpQoKhKR
7k9FOgR6YGye2bFPVt3AkvhMb7AAqsjlQbycFgpPF3nls9oRMBKkoAlv2AFzFOBh
4p5fqSzt6QXi4vKCiUUF3dISvx0TjDOyYGS4YEkY/qXJJ6sZEsJbS3TNsXT9E7ml
CnrFECFsEOF9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:08 2024 by rpki-client on console-fra.rpki-client.org