Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uUiMD7M7T0NpgvnvytgfOPYh9lc.roa
File:                     uUiMD7M7T0NpgvnvytgfOPYh9lc.roa (raw, json)
Hash identifier:          qFKvscuoH968rMXBd15RijskCqeqVtPEyLBuK1WhBzY=
Subject key identifier:   B9:48:8C:0F:B3:3B:4F:43:69:82:F9:EF:CA:D8:1F:38:F6:21:F6:57
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018D9D812113869DB663A279876EB6F65626
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uUiMD7M7T0NpgvnvytgfOPYh9lc.roa
Signing time:             Mon 12 Feb 2024 13:28:21 +0000
ROA not before:           Mon 12 Feb 2024 13:28:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        163.5.30.0/24 maxlen: 24
                          163.5.79.0/24 maxlen: 24
                          163.5.89.0/24 maxlen: 24
                          163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.128.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.139.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.145.0/24 maxlen: 24
                          163.5.146.0/24 maxlen: 24
                          163.5.148.0/24 maxlen: 24
                          163.5.150.0/24 maxlen: 24
                          163.5.151.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24
                          163.5.167.0/24 maxlen: 24
                          163.5.178.0/24 maxlen: 24
                          163.5.182.0/24 maxlen: 24
                          163.5.188.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.191.0/24 maxlen: 24
                          163.5.201.0/24 maxlen: 24
                          163.5.203.0/24 maxlen: 24
                          163.5.204.0/24 maxlen: 24
                          163.5.205.0/24 maxlen: 24
                          163.5.212.0/24 maxlen: 24
                          163.5.218.0/24 maxlen: 24
                          163.5.219.0/24 maxlen: 24
                          163.5.224.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.248.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 14 Feb 2024 15:38:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:9d:81:21:13:86:9d:b6:63:a2:79:87:6e:b6:f6:56:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Feb 12 13:28:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b9488c0fb33b4f436982f9efcad81f38f621f657
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:da:d8:a3:be:99:c5:84:24:ac:5e:91:c0:f6:
                    bf:f8:41:4b:f1:29:8c:d4:9b:2d:c2:bb:c5:72:d8:
                    64:17:44:63:44:d7:22:a3:ee:d6:f3:1b:ef:79:40:
                    5f:82:6e:1f:80:c6:24:50:82:6c:4b:07:33:eb:e6:
                    67:ce:b0:d6:c6:09:fc:60:b2:9a:0f:c3:b9:98:b8:
                    bd:ab:2b:61:df:6d:6f:ee:e2:96:0a:9e:b5:4b:15:
                    97:ee:90:a4:c3:52:83:44:b5:2b:db:83:61:18:10:
                    b9:6a:0c:1a:7d:4f:d2:be:f0:35:34:a6:30:c4:49:
                    d4:bb:6e:ae:8c:6f:6f:1f:3c:f7:6e:48:3d:71:79:
                    23:97:52:0f:f0:5f:8e:57:f0:dd:75:a1:ae:d3:22:
                    14:55:56:64:5e:f3:9f:fe:31:e8:a7:fc:88:68:4c:
                    8b:28:d8:9f:86:94:9d:94:9e:a2:4c:c9:5b:08:20:
                    47:50:08:a8:b2:94:6a:de:75:fc:b0:52:5c:21:ae:
                    24:7d:e2:8b:04:97:67:a2:c4:c5:aa:e5:b7:15:3a:
                    8f:4b:83:bd:0b:28:ad:11:d9:16:71:51:fe:c9:57:
                    a2:1e:ba:40:75:08:fc:4a:39:26:82:df:44:2e:c8:
                    73:fc:f2:d2:46:bd:a2:29:59:d1:a4:7f:df:cd:74:
                    3c:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:48:8C:0F:B3:3B:4F:43:69:82:F9:EF:CA:D8:1F:38:F6:21:F6:57
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uUiMD7M7T0NpgvnvytgfOPYh9lc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.30.0/24
                  163.5.79.0/24
                  163.5.89.0/24
                  163.5.110.0-163.5.113.255
                  163.5.121.0/24
                  163.5.126.0/24
                  163.5.128.0/24
                  163.5.134.0/24
                  163.5.139.0/24
                  163.5.143.0/24
                  163.5.145.0-163.5.146.255
                  163.5.148.0/24
                  163.5.150.0/23
                  163.5.160.0/24
                  163.5.167.0/24
                  163.5.178.0/24
                  163.5.182.0/24
                  163.5.188.0/23
                  163.5.191.0/24
                  163.5.201.0/24
                  163.5.203.0-163.5.205.255
                  163.5.212.0/24
                  163.5.218.0/23
                  163.5.224.0/24
                  163.5.228.0/24
                  163.5.241.0/24
                  163.5.248.0/24
                  163.5.250.0/24
                  163.5.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:01:d1:78:a8:ca:0d:a6:be:57:19:55:c0:bb:78:6f:54:85:
         04:82:5f:9d:4c:c0:b0:9e:6b:20:1f:f1:41:4d:f1:76:d4:f3:
         3b:e9:bc:e7:c7:29:a5:a7:a5:65:8d:1a:d2:11:c5:78:85:4f:
         12:ce:49:23:c0:a9:ba:25:e0:a4:df:e9:e1:52:cc:7e:f5:d2:
         ae:ca:f5:11:76:55:a8:67:39:bf:42:f4:eb:1c:17:37:92:f6:
         bf:fb:f3:b8:ce:4f:a7:69:ca:ab:8a:d7:c0:f0:65:a5:dd:95:
         87:49:40:02:64:d7:30:bb:da:02:6b:dd:19:56:a9:18:83:52:
         58:14:f2:87:52:10:13:34:55:a4:fd:16:f0:f5:59:71:45:5c:
         6c:39:2c:64:3f:76:0a:13:16:b3:e5:fd:90:9c:cd:c6:09:61:
         1b:9d:9b:be:7a:0c:c5:f6:43:4b:71:73:a9:91:04:6b:40:15:
         b1:e9:61:29:e6:a1:02:43:99:ce:68:3c:f8:13:78:7c:22:8d:
         ea:4a:4e:d9:bf:e3:ed:3d:67:f2:7b:64:03:dc:56:d8:ea:c3:
         fc:ef:c1:c9:db:a8:4a:92:61:9e:3c:f2:3e:a7:7b:41:d9:92:
         06:27:a5:f8:ec:4e:32:cd:bc:d4:db:8c:96:38:33:c3:50:bc:
         af:ad:f5:0b
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAY2dgSEThp22Y6J5h2629lYmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMjEyMTMyODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTQ4OGMwZmIzM2I0ZjQzNjk4MmY5ZWZjYWQ4MWYzOGY2MjFmNjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4drYo76ZxYQkrF6RwPa/+EFL8SmM
1JstwrvFcthkF0RjRNcio+7W8xvveUBfgm4fgMYkUIJsSwcz6+ZnzrDWxgn8YLKa
D8O5mLi9qyth321v7uKWCp61SxWX7pCkw1KDRLUr24NhGBC5agwafU/SvvA1NKYw
xEnUu26ujG9vHzz3bkg9cXkjl1IP8F+OV/DddaGu0yIUVVZkXvOf/jHop/yIaEyL
KNifhpSdlJ6iTMlbCCBHUAiospRq3nX8sFJcIa4kfeKLBJdnosTFquW3FTqPS4O9
CyitEdkWcVH+yVeiHrpAdQj8Sjkmgt9ELshz/PLSRr2iKVnRpH/fzXQ8SQIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFLlIjA+zO09DaYL578rYHzj2IfZXMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdVVpTUQ3TTdUME5wZ3Zudnl0Z2ZPUFloOWxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DCBzQQCAAEwgcYDBACj
BR4DBACjBU8DBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeQMEAKMFfgMEAKMFgAME
AKMFhgMEAKMFiwMEAKMFjzAMAwQAowWRAwQAowWSAwQAowWUAwQBowWWAwQAowWg
AwQAowWnAwQAowWyAwQAowW2AwQBowW8AwQAowW/AwQAowXJMAwDBACjBcsDBAGj
BcwDBACjBdQDBAGjBdoDBACjBeADBACjBeQDBACjBfEDBACjBfgDBACjBfoDBACj
Bf0wDQYJKoZIhvcNAQELBQADggEBAEQB0Xioyg2mvlcZVcC7eG9UhQSCX51MwLCe
ayAf8UFN8XbU8zvpvOfHKaWnpWWNGtIRxXiFTxLOSSPAqbol4KTf6eFSzH710q7K
9RF2VahnOb9C9OscFzeS9r/787jOT6dpyquK18DwZaXdlYdJQAJk1zC72gJr3RlW
qRiDUlgU8odSEBM0VaT9FvD1WXFFXGw5LGQ/dgoTFrPl/ZCczcYJYRudm756DMX2
Q0txc6mRBGtAFbHpYSnmoQJDmc5oPPgTeHwijepKTtm/4+09Z/J7ZAPcVtjqw/zv
wcnbqEqSYZ488j6ne0HZkgYnpfjsTjLNvNTbjJY4M8NQvK+t9Qs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:08 2024 by rpki-client on console-fra.rpki-client.org