Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rlRygjwOYKhANqmBrjr6BGxWx8c.roa
File:                     rlRygjwOYKhANqmBrjr6BGxWx8c.roa (raw, json)
Hash identifier:          y0Ky5LOYGcc9bofRQGoyMbb9mx9B/uEnAOEuQ8IjhPM=
Subject key identifier:   AE:54:72:82:3C:0E:60:A8:40:36:A9:81:AE:3A:FA:04:6C:56:C7:C7
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018C26990C0EA7A46F8DA26D07AB1013B48B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rlRygjwOYKhANqmBrjr6BGxWx8c.roa
Signing time:             Fri 01 Dec 2023 18:16:53 +0000
ROA not before:           Fri 01 Dec 2023 18:16:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        163.5.228.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24
                          163.5.255.0/24 maxlen: 24
                          163.5.71.0/24 maxlen: 24
                          163.5.83.0/24 maxlen: 24
                          163.5.79.0/24 maxlen: 24
                          163.5.89.0/24 maxlen: 24
                          163.5.94.0/24 maxlen: 24
                          163.5.95.0/24 maxlen: 24
                          163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.106.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.30.0/24 maxlen: 24
                          163.5.36.0/24 maxlen: 24
                          163.5.176.0/24 maxlen: 24
                          163.5.178.0/24 maxlen: 24
                          163.5.181.0/24 maxlen: 24
                          163.5.182.0/24 maxlen: 24
                          163.5.186.0/24 maxlen: 24
                          163.5.188.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.191.0/24 maxlen: 24
                          163.5.199.0/24 maxlen: 24
                          163.5.204.0/24 maxlen: 24
                          163.5.205.0/24 maxlen: 24
                          163.5.201.0/24 maxlen: 24
                          163.5.203.0/24 maxlen: 24
                          163.5.212.0/24 maxlen: 24
                          163.5.218.0/24 maxlen: 24
                          163.5.224.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.128.0/24 maxlen: 24
                          163.5.138.0/24 maxlen: 24
                          163.5.139.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.142.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.151.0/24 maxlen: 24
                          163.5.148.0/24 maxlen: 24
                          163.5.150.0/24 maxlen: 24
                          163.5.146.0/24 maxlen: 24
                          163.5.156.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24
                          163.5.167.0/24 maxlen: 24
                          163.5.170.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 02 Dec 2023 21:26:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:26:99:0c:0e:a7:a4:6f:8d:a2:6d:07:ab:10:13:b4:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Dec  1 18:16:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ae5472823c0e60a84036a981ae3afa046c56c7c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:30:27:56:2d:4f:db:91:28:b0:13:0d:99:6d:
                    be:08:53:68:df:b0:4a:88:d8:75:6d:c5:cb:5f:f4:
                    3b:51:b3:78:5f:0c:3e:ab:37:7c:ef:c8:6f:96:eb:
                    30:33:47:b5:1b:f6:de:5f:15:0a:5e:84:c6:e8:df:
                    fb:42:b4:cc:98:77:af:22:ae:82:72:5f:ec:d1:c8:
                    04:f9:65:15:27:6d:7a:eb:be:4a:2d:0e:79:0c:c2:
                    0d:5c:63:e3:7b:e1:89:25:07:14:e4:12:9b:45:5a:
                    5a:1e:77:4a:92:05:d4:85:3b:9f:4b:46:33:b6:3c:
                    aa:0e:0b:eb:6b:58:ba:c6:a2:3d:3f:93:4d:52:58:
                    b7:51:b1:c4:81:1d:d8:df:f6:97:20:dd:4b:2a:1a:
                    b0:9c:69:ec:e2:20:02:87:f4:9b:85:b7:5f:c1:39:
                    a5:6c:2d:60:10:be:1b:cc:f8:29:23:47:e3:a7:68:
                    05:a3:8a:af:0e:e0:0b:92:78:b4:bb:76:17:dc:42:
                    59:fa:22:5e:39:6e:87:c1:94:09:ad:d5:ce:95:ed:
                    27:f0:c9:f2:c6:c0:be:83:de:89:76:14:84:f9:cb:
                    23:65:a2:7a:9b:13:5d:b2:b8:3d:85:46:df:e1:7d:
                    11:e2:0f:6d:2f:a4:50:b7:1f:cf:18:e3:34:2c:ed:
                    f9:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:54:72:82:3C:0E:60:A8:40:36:A9:81:AE:3A:FA:04:6C:56:C7:C7
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rlRygjwOYKhANqmBrjr6BGxWx8c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.30.0/24
                  163.5.36.0/24
                  163.5.71.0/24
                  163.5.79.0/24
                  163.5.83.0/24
                  163.5.89.0/24
                  163.5.94.0/23
                  163.5.106.0/24
                  163.5.110.0-163.5.113.255
                  163.5.121.0/24
                  163.5.126.0/24
                  163.5.128.0/24
                  163.5.134.0/24
                  163.5.138.0/23
                  163.5.142.0/23
                  163.5.146.0/24
                  163.5.148.0/24
                  163.5.150.0/23
                  163.5.156.0/24
                  163.5.160.0/24
                  163.5.167.0/24
                  163.5.170.0/24
                  163.5.176.0/24
                  163.5.178.0/24
                  163.5.181.0-163.5.182.255
                  163.5.186.0/24
                  163.5.188.0/23
                  163.5.191.0/24
                  163.5.199.0/24
                  163.5.201.0/24
                  163.5.203.0-163.5.205.255
                  163.5.212.0/24
                  163.5.218.0/24
                  163.5.224.0/24
                  163.5.228.0/24
                  163.5.241.0/24
                  163.5.250.0/24
                  163.5.253.0/24
                  163.5.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:14:82:1e:71:c0:03:8e:57:82:71:91:39:c3:e9:b1:84:df:
         ac:d4:d6:c3:de:85:1f:27:a6:d9:4b:59:ea:ac:a3:ec:5f:d7:
         77:de:bc:a5:55:21:3a:51:22:c7:2a:6a:3f:b4:e5:f2:37:82:
         25:a8:2c:c9:5c:2c:f2:57:a9:70:44:a6:a2:27:10:1b:13:e1:
         16:39:27:ae:c7:34:04:73:d8:82:59:46:3e:5b:3b:4d:ed:c0:
         37:be:90:49:c3:a7:7e:d3:4d:63:62:7b:a9:21:aa:78:ba:e4:
         87:27:8c:ca:e7:69:c3:a0:68:bc:00:be:c6:8d:45:fc:ff:ef:
         e9:94:67:84:42:1c:23:4f:8b:f7:e7:18:57:6a:ee:bf:d4:5f:
         cd:95:76:24:b3:bf:8c:62:48:79:e9:7f:01:df:07:14:9d:e6:
         fe:49:79:cd:9e:46:27:2e:fa:04:09:fc:1f:ba:94:75:99:c9:
         01:03:59:88:ef:65:3e:6c:b0:49:79:2a:c1:2c:7d:fd:49:06:
         c5:93:0e:f0:55:f8:74:4d:07:88:65:88:46:f9:1b:d6:a3:c1:
         fa:86:76:b0:b2:be:b2:d1:22:3f:e3:d8:d6:3e:cf:09:65:60:
         d7:4a:1d:c9:9b:cd:25:cf:7d:6e:ea:7e:c2:5c:77:2b:55:3d:
         52:0b:9a:72
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAYwmmQwOp6RvjaJtB6sQE7SLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMjAxMTgxNjUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTU0NzI4MjNjMGU2MGE4NDAzNmE5ODFhZTNhZmEwNDZjNTZjN2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTAnVi1P25EosBMNmW2+CFNo37BK
iNh1bcXLX/Q7UbN4Xww+qzd878hvluswM0e1G/beXxUKXoTG6N/7QrTMmHevIq6C
cl/s0cgE+WUVJ216675KLQ55DMINXGPje+GJJQcU5BKbRVpaHndKkgXUhTufS0Yz
tjyqDgvra1i6xqI9P5NNUli3UbHEgR3Y3/aXIN1LKhqwnGns4iACh/SbhbdfwTml
bC1gEL4bzPgpI0fjp2gFo4qvDuALkni0u3YX3EJZ+iJeOW6HwZQJrdXOle0n8Mny
xsC+g96JdhSE+csjZaJ6mxNdsrg9hUbf4X0R4g9tL6RQtx/PGOM0LO35RwIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFK5UcoI8DmCoQDapga46+gRsVsfHMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcmxSeWdqd09ZS2hBTnFtQnJqcjZCR3hXeDhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCCAQoEAgABMIIB
AgMEAKMFHgMEAKMFJAMEAKMFRwMEAKMFTwMEAKMFUwMEAKMFWQMEAaMFXgMEAKMF
ajAMAwQBowVuAwQBowVwAwQAowV5AwQAowV+AwQAowWAAwQAowWGAwQBowWKAwQB
owWOAwQAowWSAwQAowWUAwQBowWWAwQAowWcAwQAowWgAwQAowWnAwQAowWqAwQA
owWwAwQAowWyMAwDBACjBbUDBACjBbYDBACjBboDBAGjBbwDBACjBb8DBACjBccD
BACjBckwDAMEAKMFywMEAaMFzAMEAKMF1AMEAKMF2gMEAKMF4AMEAKMF5AMEAKMF
8QMEAKMF+gMEAKMF/QMEAKMF/zANBgkqhkiG9w0BAQsFAAOCAQEAnBSCHnHAA45X
gnGROcPpsYTfrNTWw96FHyem2UtZ6qyj7F/Xd968pVUhOlEixypqP7Tl8jeCJags
yVws8lepcESmoicQGxPhFjknrsc0BHPYgllGPls7Te3AN76QScOnftNNY2J7qSGq
eLrkhyeMyudpw6BovAC+xo1F/P/v6ZRnhEIcI0+L9+cYV2ruv9RfzZV2JLO/jGJI
eel/Ad8HFJ3m/kl5zZ5GJy76BAn8H7qUdZnJAQNZiO9lPmywSXkqwSx9/UkGxZMO
8FX4dE0HiGWIRvkb1qPB+oZ2sLK+stEiP+PY1j7PCWVg10odyZvNJc99bup+wlx3
K1U9Uguacg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:08 2024 by rpki-client on console-fra.rpki-client.org