Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uCLHWgiyETpZhUnbETEvhwax_9I.roa
File:                     uCLHWgiyETpZhUnbETEvhwax_9I.roa (raw, json)
Hash identifier:          VhhZHoFDiZKUsalP+HwRNuxMkevwTtPa7I7INP6kAs8=
Subject key identifier:   B8:22:C7:5A:08:B2:11:3A:59:85:49:DB:11:31:2F:87:06:B1:FF:D2
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018B96D09D81E7E63BFB8544FF7A7EC4594E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uCLHWgiyETpZhUnbETEvhwax_9I.roa
Signing time:             Fri 03 Nov 2023 20:12:16 +0000
ROA not before:           Fri 03 Nov 2023 20:12:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        163.5.228.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.251.0/24 maxlen: 24
                          163.5.252.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24
                          163.5.255.0/24 maxlen: 24
                          163.5.76.0/24 maxlen: 24
                          163.5.83.0/24 maxlen: 24
                          163.5.79.0/24 maxlen: 24
                          163.5.89.0/24 maxlen: 24
                          163.5.94.0/24 maxlen: 24
                          163.5.95.0/24 maxlen: 24
                          163.5.99.0/24 maxlen: 24
                          163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.106.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.114.0/24 maxlen: 24
                          163.5.30.0/24 maxlen: 24
                          163.5.35.0/24 maxlen: 24
                          163.5.36.0/24 maxlen: 24
                          163.5.62.0/24 maxlen: 24
                          163.5.176.0/24 maxlen: 24
                          163.5.178.0/24 maxlen: 24
                          163.5.181.0/24 maxlen: 24
                          163.5.182.0/24 maxlen: 24
                          163.5.186.0/24 maxlen: 24
                          163.5.188.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.191.0/24 maxlen: 24
                          163.5.204.0/24 maxlen: 24
                          163.5.205.0/24 maxlen: 24
                          163.5.201.0/24 maxlen: 24
                          163.5.203.0/24 maxlen: 24
                          163.5.218.0/24 maxlen: 24
                          163.5.224.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.128.0/24 maxlen: 24
                          163.5.138.0/24 maxlen: 24
                          163.5.139.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.141.0/24 maxlen: 24
                          163.5.142.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.151.0/24 maxlen: 24
                          163.5.148.0/24 maxlen: 24
                          163.5.150.0/24 maxlen: 24
                          163.5.146.0/24 maxlen: 24
                          163.5.156.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24
                          163.5.161.0/24 maxlen: 24
                          163.5.167.0/24 maxlen: 24
                          163.5.170.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 06 Nov 2023 04:04:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:96:d0:9d:81:e7:e6:3b:fb:85:44:ff:7a:7e:c4:59:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Nov  3 20:12:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b822c75a08b2113a598549db11312f8706b1ffd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:a0:11:d8:31:98:be:33:13:45:f7:a6:e7:7f:
                    ee:5d:7c:90:81:ac:34:db:86:f5:17:39:ec:62:d5:
                    b7:3f:3e:98:6a:5e:b8:56:e9:db:b9:82:fd:1e:1e:
                    db:fb:aa:b1:5d:bb:46:81:30:44:20:56:f3:af:cb:
                    d9:d4:2d:e8:09:39:04:b7:ae:bd:e1:2a:85:98:f8:
                    78:9f:86:ac:4e:16:65:be:60:58:42:a3:2b:e1:25:
                    70:82:8a:82:7a:cb:0f:eb:63:e9:e7:70:80:d8:19:
                    63:f3:26:9e:e9:50:15:aa:0f:4d:44:3f:98:68:cb:
                    48:61:79:f8:fa:df:d1:e5:44:aa:eb:0b:24:47:e4:
                    72:6c:fe:0a:a2:72:f0:5d:2b:c7:33:ec:6e:f0:37:
                    cf:73:df:f7:34:ea:f6:29:30:45:61:d5:e2:c2:e9:
                    68:78:b3:36:18:60:bd:fa:19:1c:89:f7:38:86:0f:
                    45:d5:c5:42:0a:a8:3c:24:72:70:b9:55:78:13:65:
                    86:a9:02:00:08:6d:e2:d9:18:5f:92:9d:08:f2:84:
                    f9:25:1f:da:e8:a5:9f:3f:48:8d:84:86:21:8a:93:
                    38:5e:2a:e0:24:a5:b6:8b:86:96:65:d8:91:2f:7b:
                    55:72:15:eb:0c:eb:98:a1:31:50:8b:62:6c:ab:86:
                    11:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:22:C7:5A:08:B2:11:3A:59:85:49:DB:11:31:2F:87:06:B1:FF:D2
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uCLHWgiyETpZhUnbETEvhwax_9I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.30.0/24
                  163.5.35.0-163.5.36.255
                  163.5.62.0/24
                  163.5.76.0/24
                  163.5.79.0/24
                  163.5.83.0/24
                  163.5.89.0/24
                  163.5.94.0/23
                  163.5.99.0/24
                  163.5.106.0/24
                  163.5.110.0-163.5.114.255
                  163.5.121.0/24
                  163.5.126.0/24
                  163.5.128.0/24
                  163.5.134.0/24
                  163.5.138.0/23
                  163.5.141.0-163.5.143.255
                  163.5.146.0/24
                  163.5.148.0/24
                  163.5.150.0/23
                  163.5.156.0/24
                  163.5.160.0/23
                  163.5.167.0/24
                  163.5.170.0/24
                  163.5.176.0/24
                  163.5.178.0/24
                  163.5.181.0-163.5.182.255
                  163.5.186.0/24
                  163.5.188.0/23
                  163.5.191.0/24
                  163.5.201.0/24
                  163.5.203.0-163.5.205.255
                  163.5.218.0/24
                  163.5.224.0/24
                  163.5.228.0/24
                  163.5.241.0/24
                  163.5.250.0-163.5.253.255
                  163.5.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:83:c9:22:ca:1e:ca:03:e9:a3:11:35:e3:b8:23:7b:4a:7b:
         c6:f1:8b:4c:20:3e:a8:28:da:c5:ba:85:28:c3:0f:f7:fc:bc:
         46:9e:f8:6b:5f:1a:3c:be:1e:41:24:90:10:20:34:88:cf:2a:
         17:25:35:ca:1d:63:64:c4:48:c9:20:98:f7:04:8c:fa:86:75:
         4f:6b:80:a6:77:96:30:4d:ff:a8:78:78:fb:fc:08:07:1e:92:
         e1:85:be:d6:a4:7e:c1:2d:f2:07:3b:2e:e2:11:d8:9e:cf:0a:
         c2:f6:bd:d4:64:79:43:12:2f:14:fc:6b:bc:4a:39:8d:fb:ae:
         de:f4:c9:a0:a9:a9:5b:d3:c3:70:06:3b:97:d7:0b:94:6b:30:
         ea:93:20:55:a7:ee:5f:03:2f:4b:c3:ee:44:74:6c:a3:b0:18:
         b0:1d:a7:90:13:1f:0f:93:38:0c:5c:1b:8e:d9:1c:cf:35:1b:
         86:7f:81:6b:4f:af:f6:9f:da:5d:4a:a8:55:cc:4a:80:9d:cd:
         37:a3:04:c2:c4:d1:02:d2:69:84:fa:41:d0:b9:b3:4d:db:35:
         b5:40:6b:27:02:91:32:38:c5:23:74:a7:3c:d6:ce:b2:52:7d:
         03:f6:fd:a6:22:84:d9:8a:3d:82:cc:7b:64:ca:a3:22:bb:f5:
         07:f2:c3:e0
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgISAYuW0J2B5+Y7+4VE/3p+xFlOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMTAzMjAxMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODIyYzc1YTA4YjIxMTNhNTk4NTQ5ZGIxMTMxMmY4NzA2YjFmZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaAR2DGYvjMTRfem53/uXXyQgaw0
24b1FznsYtW3Pz6Yal64VunbuYL9Hh7b+6qxXbtGgTBEIFbzr8vZ1C3oCTkEt669
4SqFmPh4n4asThZlvmBYQqMr4SVwgoqCessP62Pp53CA2Blj8yae6VAVqg9NRD+Y
aMtIYXn4+t/R5USq6wskR+RybP4KonLwXSvHM+xu8DfPc9/3NOr2KTBFYdXiwulo
eLM2GGC9+hkcifc4hg9F1cVCCqg8JHJwuVV4E2WGqQIACG3i2Rhfkp0I8oT5JR/a
6KWfP0iNhIYhipM4XirgJKW2i4aWZdiRL3tVchXrDOuYoTFQi2Jsq4YRsQIDAQAB
o4IDITCCAx0wHQYDVR0OBBYEFLgix1oIshE6WYVJ2xExL4cGsf/SMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdUNMSFdnaXlFVHBaaFVuYkVURXZod2F4XzlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNQYIKwYBBQUHAQcBAf8EggEkMIIBIDCCARwEAgABMIIB
FAMEAKMFHjAMAwQAowUjAwQAowUkAwQAowU+AwQAowVMAwQAowVPAwQAowVTAwQA
owVZAwQBowVeAwQAowVjAwQAowVqMAwDBAGjBW4DBACjBXIDBACjBXkDBACjBX4D
BACjBYADBACjBYYDBAGjBYowDAMEAKMFjQMEBKMFgAMEAKMFkgMEAKMFlAMEAaMF
lgMEAKMFnAMEAaMFoAMEAKMFpwMEAKMFqgMEAKMFsAMEAKMFsjAMAwQAowW1AwQA
owW2AwQAowW6AwQBowW8AwQAowW/AwQAowXJMAwDBACjBcsDBAGjBcwDBACjBdoD
BACjBeADBACjBeQDBACjBfEwDAMEAaMF+gMEAaMF/AMEAKMF/zANBgkqhkiG9w0B
AQsFAAOCAQEAioPJIsoeygPpoxE147gje0p7xvGLTCA+qCjaxbqFKMMP9/y8Rp74
a18aPL4eQSSQECA0iM8qFyU1yh1jZMRIySCY9wSM+oZ1T2uApneWME3/qHh4+/wI
Bx6S4YW+1qR+wS3yBzsu4hHYns8Kwva91GR5QxIvFPxrvEo5jfuu3vTJoKmpW9PD
cAY7l9cLlGsw6pMgVafuXwMvS8PuRHRso7AYsB2nkBMfD5M4DFwbjtkczzUbhn+B
a0+v9p/aXUqoVcxKgJ3NN6MEwsTRAtJphPpB0LmzTds1tUBrJwKRMjjFI3SnPNbO
slJ9A/b9piKE2Yo9gsx7ZMqjIrv1B/LD4A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:36 2024 by rpki-client on console-ams.rpki-client.org