Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uCovKS8fpqBP9tlP9HLcOn3TLV8.roa
File:                     uCovKS8fpqBP9tlP9HLcOn3TLV8.roa (raw, json)
Hash identifier:          kOwBwoOny9uUKtLmQQW1mYStgr2jgvgxRH/bKELcYyw=
Subject key identifier:   B8:2A:2F:29:2F:1F:A6:A0:4F:F6:D9:4F:F4:72:DC:3A:7D:D3:2D:5F
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018CDFF49DB30CB42C99AD089EA54315144E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uCovKS8fpqBP9tlP9HLcOn3TLV8.roa
Signing time:             Sat 06 Jan 2024 18:06:39 +0000
ROA not before:           Sat 06 Jan 2024 18:06:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        163.5.228.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24
                          163.5.83.0/24 maxlen: 24
                          163.5.79.0/24 maxlen: 24
                          163.5.89.0/24 maxlen: 24
                          163.5.95.0/24 maxlen: 24
                          163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.30.0/24 maxlen: 24
                          163.5.36.0/24 maxlen: 24
                          163.5.178.0/24 maxlen: 24
                          163.5.181.0/24 maxlen: 24
                          163.5.182.0/24 maxlen: 24
                          163.5.188.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.191.0/24 maxlen: 24
                          163.5.204.0/24 maxlen: 24
                          163.5.205.0/24 maxlen: 24
                          163.5.201.0/24 maxlen: 24
                          163.5.203.0/24 maxlen: 24
                          163.5.218.0/24 maxlen: 24
                          163.5.224.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.128.0/24 maxlen: 24
                          163.5.139.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.141.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.151.0/24 maxlen: 24
                          163.5.148.0/24 maxlen: 24
                          163.5.150.0/24 maxlen: 24
                          163.5.146.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24
                          163.5.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 08 Jan 2024 09:26:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:df:f4:9d:b3:0c:b4:2c:99:ad:08:9e:a5:43:15:14:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan  6 18:06:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b82a2f292f1fa6a04ff6d94ff472dc3a7dd32d5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:bc:54:ec:05:88:4d:27:1e:f6:7c:06:fc:35:
                    f9:27:20:fc:57:99:1c:28:9d:d6:e5:15:2a:97:4a:
                    c8:6b:85:af:a6:9f:c8:2e:2a:d8:b8:5f:7d:ad:c6:
                    db:19:52:7c:4d:99:e5:68:3a:eb:b0:77:8d:d2:bf:
                    a2:50:f5:65:14:2b:25:8c:24:c9:6d:e0:3e:32:a8:
                    63:c0:85:77:bf:fd:b5:91:44:6a:d0:13:19:08:3c:
                    71:82:00:bd:2a:d8:e2:2e:d9:89:d7:3a:0f:6a:77:
                    4e:30:aa:c5:30:c5:f7:03:24:b0:ce:87:54:bf:11:
                    cd:db:f6:1f:7a:36:44:13:6a:d2:a9:ed:bb:9d:aa:
                    58:eb:64:a1:8e:a4:bb:0c:18:b3:df:a6:5f:c4:74:
                    3c:1d:fb:7b:de:c7:1f:70:12:03:18:53:13:43:58:
                    c5:70:6a:fc:8b:46:52:03:8b:0e:c4:1d:95:e8:ca:
                    17:3f:d6:2a:7f:06:58:f9:60:c2:28:e2:b3:ae:22:
                    61:8b:e9:0f:36:ba:be:4d:05:aa:e7:d1:b2:ef:82:
                    92:4b:ac:2f:71:79:12:92:5d:bc:f3:2e:05:a0:95:
                    ac:2c:18:0b:45:dd:d6:88:86:a2:e9:b3:53:4e:57:
                    b1:79:b5:70:dc:5d:a6:73:39:7d:1e:bf:4b:c7:9d:
                    2b:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:2A:2F:29:2F:1F:A6:A0:4F:F6:D9:4F:F4:72:DC:3A:7D:D3:2D:5F
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uCovKS8fpqBP9tlP9HLcOn3TLV8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.30.0/24
                  163.5.36.0/24
                  163.5.79.0/24
                  163.5.83.0/24
                  163.5.89.0/24
                  163.5.95.0/24
                  163.5.110.0-163.5.113.255
                  163.5.121.0/24
                  163.5.126.0/24
                  163.5.128.0/24
                  163.5.134.0/24
                  163.5.139.0/24
                  163.5.141.0/24
                  163.5.143.0/24
                  163.5.146.0/24
                  163.5.148.0/24
                  163.5.150.0/23
                  163.5.160.0/24
                  163.5.167.0/24
                  163.5.178.0/24
                  163.5.181.0-163.5.182.255
                  163.5.188.0/23
                  163.5.191.0/24
                  163.5.201.0/24
                  163.5.203.0-163.5.205.255
                  163.5.218.0/24
                  163.5.224.0/24
                  163.5.228.0/24
                  163.5.241.0/24
                  163.5.250.0/24
                  163.5.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:6c:bc:be:52:8e:31:ad:d7:c4:ad:19:c9:b5:e7:e6:9d:e1:
         19:b1:88:c1:6a:34:e7:ba:9d:be:32:c8:ee:74:9d:99:a2:7a:
         ea:c2:6a:52:4c:82:d3:80:79:fe:33:c1:a0:5c:d6:7e:88:26:
         c9:53:91:9b:a0:35:2b:8c:0c:d8:72:80:a9:db:cc:23:57:5d:
         fa:a5:8a:26:d5:4f:6e:48:e0:d9:01:aa:6a:7f:44:c1:56:39:
         c6:2f:c1:21:20:05:5a:e2:00:32:31:31:9e:f7:07:28:44:04:
         ac:d8:10:41:99:d0:95:5f:36:50:94:f2:fe:e7:93:3b:96:31:
         dc:d2:85:55:ce:7f:83:75:e9:6e:23:c8:12:a4:5a:17:42:07:
         5d:2c:42:a0:d9:2a:4a:b6:c3:e7:82:0b:93:f2:1f:85:25:45:
         bd:db:fd:5d:45:29:85:9b:84:bd:10:a3:c2:84:98:48:10:3f:
         f6:3f:a7:7d:0b:8c:4f:30:7f:15:59:cc:e6:eb:6e:f6:9d:d3:
         f9:e6:29:aa:89:c4:cb:e2:3c:5d:ba:25:04:53:b8:f2:fe:fe:
         b6:ad:f1:a4:61:0d:88:09:36:e3:fc:7b:98:3a:25:fe:c0:3f:
         fc:af:50:31:ac:67:62:81:7c:90:0b:17:ba:4f:de:26:db:26:
         80:31:c4:5f
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAYzf9J2zDLQsma0InqVDFRROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTA2MTgwNjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODJhMmYyOTJmMWZhNmEwNGZmNmQ5NGZmNDcyZGMzYTdkZDMyZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrxU7AWITSce9nwG/DX5JyD8V5kc
KJ3W5RUql0rIa4Wvpp/ILirYuF99rcbbGVJ8TZnlaDrrsHeN0r+iUPVlFCsljCTJ
beA+MqhjwIV3v/21kURq0BMZCDxxggC9KtjiLtmJ1zoPandOMKrFMMX3AySwzodU
vxHN2/YfejZEE2rSqe27napY62ShjqS7DBiz36ZfxHQ8Hft73scfcBIDGFMTQ1jF
cGr8i0ZSA4sOxB2V6MoXP9YqfwZY+WDCKOKzriJhi+kPNrq+TQWq59Gy74KSS6wv
cXkSkl288y4FoJWsLBgLRd3WiIai6bNTTlexebVw3F2mczl9Hr9Lx50rGwIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFLgqLykvH6agT/bZT/Ry3Dp90y1fMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdUNvdktTOGZwcUJQOXRsUDlITGNPbjNUTFY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAEwgdIDBACj
BR4DBACjBSQDBACjBU8DBACjBVMDBACjBVkDBACjBV8wDAMEAaMFbgMEAaMFcAME
AKMFeQMEAKMFfgMEAKMFgAMEAKMFhgMEAKMFiwMEAKMFjQMEAKMFjwMEAKMFkgME
AKMFlAMEAaMFlgMEAKMFoAMEAKMFpwMEAKMFsjAMAwQAowW1AwQAowW2AwQBowW8
AwQAowW/AwQAowXJMAwDBACjBcsDBAGjBcwDBACjBdoDBACjBeADBACjBeQDBACj
BfEDBACjBfoDBACjBf0wDQYJKoZIhvcNAQELBQADggEBAJpsvL5SjjGt18StGcm1
5+ad4RmxiMFqNOe6nb4yyO50nZmieurCalJMgtOAef4zwaBc1n6IJslTkZugNSuM
DNhygKnbzCNXXfqliibVT25I4NkBqmp/RMFWOcYvwSEgBVriADIxMZ73ByhEBKzY
EEGZ0JVfNlCU8v7nkzuWMdzShVXOf4N16W4jyBKkWhdCB10sQqDZKkq2w+eCC5Py
H4UlRb3b/V1FKYWbhL0Qo8KEmEgQP/Y/p30LjE8wfxVZzObrbvad0/nmKaqJxMvi
PF26JQRTuPL+/rat8aRhDYgJNuP8e5g6Jf7AP/yvUDGsZ2KBfJALF7pP3ibbJoAx
xF8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:36 2024 by rpki-client on console-ams.rpki-client.org