Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vi73sKT_vOVPZv9RTqPqm1-wSGc.roa
File:                     vi73sKT_vOVPZv9RTqPqm1-wSGc.roa (raw, json)
Hash identifier:          7xobD1MSkmg8draIfgMpsffh1N+ux+ta/6Ov5QcCrQs=
Subject key identifier:   BE:2E:F7:B0:A4:FF:BC:E5:4F:66:FF:51:4E:A3:EA:9B:5F:B0:48:67
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018B071080EDBF667119139731D5A5247D54
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vi73sKT_vOVPZv9RTqPqm1-wSGc.roa
Signing time:             Fri 06 Oct 2023 22:16:43 +0000
ROA not before:           Fri 06 Oct 2023 22:16:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        163.5.231.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.235.0/24 maxlen: 24
                          163.5.242.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.249.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.251.0/24 maxlen: 24
                          163.5.247.0/24 maxlen: 24
                          163.5.252.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24
                          163.5.255.0/24 maxlen: 24
                          163.5.66.0/24 maxlen: 24
                          163.5.71.0/24 maxlen: 24
                          163.5.83.0/24 maxlen: 24
                          163.5.79.0/24 maxlen: 24
                          163.5.89.0/24 maxlen: 24
                          163.5.86.0/24 maxlen: 24
                          163.5.87.0/24 maxlen: 24
                          163.5.97.0/24 maxlen: 24
                          163.5.98.0/24 maxlen: 24
                          163.5.94.0/24 maxlen: 24
                          163.5.95.0/24 maxlen: 24
                          163.5.104.0/24 maxlen: 24
                          163.5.105.0/24 maxlen: 24
                          163.5.99.0/24 maxlen: 24
                          163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.106.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.114.0/24 maxlen: 24
                          163.5.30.0/24 maxlen: 24
                          163.5.33.0/24 maxlen: 24
                          163.5.35.0/24 maxlen: 24
                          163.5.36.0/24 maxlen: 24
                          163.5.58.0/24 maxlen: 24
                          163.5.64.0/24 maxlen: 24
                          163.5.62.0/24 maxlen: 24
                          163.5.179.0/24 maxlen: 24
                          163.5.176.0/24 maxlen: 24
                          163.5.178.0/24 maxlen: 24
                          163.5.181.0/24 maxlen: 24
                          163.5.182.0/24 maxlen: 24
                          163.5.186.0/24 maxlen: 24
                          163.5.188.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.191.0/24 maxlen: 24
                          163.5.195.0/24 maxlen: 24
                          163.5.198.0/24 maxlen: 24
                          163.5.204.0/24 maxlen: 24
                          163.5.205.0/24 maxlen: 24
                          163.5.201.0/24 maxlen: 24
                          163.5.203.0/24 maxlen: 24
                          163.5.212.0/24 maxlen: 24
                          163.5.216.0/24 maxlen: 24
                          163.5.217.0/24 maxlen: 24
                          163.5.218.0/24 maxlen: 24
                          163.5.220.0/24 maxlen: 24
                          163.5.224.0/24 maxlen: 24
                          163.5.120.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.122.0/24 maxlen: 24
                          163.5.123.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.128.0/24 maxlen: 24
                          163.5.138.0/24 maxlen: 24
                          163.5.139.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.141.0/24 maxlen: 24
                          163.5.142.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.151.0/24 maxlen: 24
                          163.5.148.0/24 maxlen: 24
                          163.5.150.0/24 maxlen: 24
                          163.5.146.0/24 maxlen: 24
                          163.5.156.0/24 maxlen: 24
                          163.5.165.0/24 maxlen: 24
                          163.5.162.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24
                          163.5.161.0/24 maxlen: 24
                          163.5.167.0/24 maxlen: 24
                          163.5.172.0/24 maxlen: 24
                          163.5.170.0/24 maxlen: 24
                          163.5.171.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 07 Oct 2023 10:32:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:07:10:80:ed:bf:66:71:19:13:97:31:d5:a5:24:7d:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Oct  6 22:16:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=be2ef7b0a4ffbce54f66ff514ea3ea9b5fb04867
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:79:8e:98:1e:34:47:42:77:93:87:47:12:31:
                    c9:91:92:c1:47:69:6e:b1:c6:b0:8d:ca:97:46:03:
                    d7:44:eb:1e:d3:6e:a8:34:d4:18:13:1f:2b:ac:8b:
                    eb:88:ff:8a:35:2e:fd:d9:fa:79:c2:72:2f:36:4e:
                    fe:49:96:e4:68:1f:c8:b9:a6:6c:ae:b6:a3:d6:13:
                    35:05:fc:8f:2a:23:7e:8a:c2:6c:df:57:8c:8c:a5:
                    d5:af:c8:64:01:ac:1c:d0:74:a0:26:1b:03:3c:98:
                    28:76:ea:bd:ee:8e:9b:63:cc:5b:25:39:72:1e:2e:
                    67:cf:86:ea:56:a9:20:fa:0c:bb:55:b3:51:0a:14:
                    eb:c2:62:bf:61:3b:a5:d9:03:45:0f:3d:e5:9f:3e:
                    fa:72:c9:6c:35:34:cf:10:83:84:c7:45:b0:33:8a:
                    b6:ce:9e:f3:41:e0:1c:79:ec:9b:4f:56:3d:c4:4f:
                    33:6a:6e:46:07:52:eb:0d:1d:1c:88:75:63:dd:a3:
                    30:28:92:f7:4b:8c:79:3e:54:b3:aa:9d:32:e9:be:
                    0e:5f:4d:d5:a6:7e:f6:4d:a6:c1:65:3d:43:db:80:
                    05:1d:cd:b2:69:2a:e4:72:23:97:b9:bd:d0:62:04:
                    fa:6b:fb:33:10:84:4c:c7:ba:21:a1:7e:58:2d:5e:
                    5c:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:2E:F7:B0:A4:FF:BC:E5:4F:66:FF:51:4E:A3:EA:9B:5F:B0:48:67
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vi73sKT_vOVPZv9RTqPqm1-wSGc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.30.0/24
                  163.5.33.0/24
                  163.5.35.0-163.5.36.255
                  163.5.58.0/24
                  163.5.62.0/24
                  163.5.64.0/24
                  163.5.66.0/24
                  163.5.71.0/24
                  163.5.79.0/24
                  163.5.83.0/24
                  163.5.86.0/23
                  163.5.89.0/24
                  163.5.94.0/23
                  163.5.97.0-163.5.99.255
                  163.5.104.0-163.5.106.255
                  163.5.110.0-163.5.114.255
                  163.5.120.0/22
                  163.5.126.0/24
                  163.5.128.0/24
                  163.5.134.0/24
                  163.5.138.0/23
                  163.5.141.0-163.5.143.255
                  163.5.146.0/24
                  163.5.148.0/24
                  163.5.150.0/23
                  163.5.156.0/24
                  163.5.160.0-163.5.162.255
                  163.5.165.0/24
                  163.5.167.0/24
                  163.5.170.0-163.5.172.255
                  163.5.176.0/24
                  163.5.178.0/23
                  163.5.181.0-163.5.182.255
                  163.5.186.0/24
                  163.5.188.0/23
                  163.5.191.0/24
                  163.5.195.0/24
                  163.5.198.0/24
                  163.5.201.0/24
                  163.5.203.0-163.5.205.255
                  163.5.212.0/24
                  163.5.216.0-163.5.218.255
                  163.5.220.0/24
                  163.5.224.0/24
                  163.5.228.0/24
                  163.5.231.0/24
                  163.5.235.0/24
                  163.5.241.0-163.5.242.255
                  163.5.247.0/24
                  163.5.249.0-163.5.253.255
                  163.5.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:5b:c4:a2:8f:56:a5:83:06:c4:a1:6b:f3:35:e7:3b:9f:e8:
         c4:9e:b4:42:3f:ad:bb:d4:0e:f6:eb:68:dd:84:ba:51:69:3d:
         d0:6a:b8:45:2d:ad:9c:af:97:a7:3c:e1:d6:ac:dd:d1:46:50:
         eb:0d:6b:90:e9:2a:c0:aa:d2:61:d7:aa:4a:cc:c8:95:69:62:
         3a:01:0a:e1:be:d0:d2:27:21:89:ad:40:47:25:3b:ec:2a:f9:
         f3:ce:22:6e:c2:0b:01:b6:f4:d9:73:9b:c1:8a:4d:94:05:fd:
         0a:cc:14:6e:93:47:52:58:32:e6:ee:10:d7:5b:e7:30:a3:b4:
         be:ee:95:c3:d9:42:45:9b:43:f4:c0:73:36:8b:fe:f8:fe:b9:
         b6:87:d0:ef:8b:2e:a1:51:8f:5f:99:5e:4d:7c:bc:cd:de:13:
         19:05:c3:5b:75:d8:69:e3:f1:ed:0a:78:84:b0:5d:a1:fd:90:
         01:4e:59:d3:55:a7:87:16:9a:31:99:07:a2:ec:7f:9f:b8:9e:
         28:7d:d1:99:ec:08:3f:42:7f:40:5e:46:20:c3:b8:23:47:14:
         26:02:68:71:0b:42:1f:fb:17:cb:57:b3:e9:6e:7c:33:97:f8:
         43:8e:2e:c4:f8:66:03:96:6b:96:bc:d3:da:6b:38:4c:cc:b8:
         e9:eb:73:6c
-----BEGIN CERTIFICATE-----
MIIGkzCCBXugAwIBAgISAYsHEIDtv2ZxGROXMdWlJH1UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMxMDA2MjIxNjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTJlZjdiMGE0ZmZiY2U1NGY2NmZmNTE0ZWEzZWE5YjVmYjA0ODY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHmOmB40R0J3k4dHEjHJkZLBR2lu
scawjcqXRgPXROse026oNNQYEx8rrIvriP+KNS792fp5wnIvNk7+SZbkaB/IuaZs
rraj1hM1BfyPKiN+isJs31eMjKXVr8hkAawc0HSgJhsDPJgoduq97o6bY8xbJTly
Hi5nz4bqVqkg+gy7VbNRChTrwmK/YTul2QNFDz3lnz76cslsNTTPEIOEx0WwM4q2
zp7zQeAceeybT1Y9xE8zam5GB1LrDR0ciHVj3aMwKJL3S4x5PlSzqp0y6b4OX03V
pn72TabBZT1D24AFHc2yaSrkciOXub3QYgT6a/szEIRMx7ohoX5YLV5cnwIDAQAB
o4IDnzCCA5swHQYDVR0OBBYEFL4u97Ck/7zlT2b/UU6j6ptfsEhnMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdmk3M3NLVF92T1ZQWnY5UlRxUHFtMS13U0djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBswYIKwYBBQUHAQcBAf8EggGiMIIBnjCCAZoEAgABMIIB
kgMEAKMFHgMEAKMFITAMAwQAowUjAwQAowUkAwQAowU6AwQAowU+AwQAowVAAwQA
owVCAwQAowVHAwQAowVPAwQAowVTAwQBowVWAwQAowVZAwQBowVeMAwDBACjBWED
BAKjBWAwDAMEA6MFaAMEAKMFajAMAwQBowVuAwQAowVyAwQCowV4AwQAowV+AwQA
owWAAwQAowWGAwQBowWKMAwDBACjBY0DBASjBYADBACjBZIDBACjBZQDBAGjBZYD
BACjBZwwDAMEBaMFoAMEAKMFogMEAKMFpQMEAKMFpzAMAwQBowWqAwQAowWsAwQA
owWwAwQBowWyMAwDBACjBbUDBACjBbYDBACjBboDBAGjBbwDBACjBb8DBACjBcMD
BACjBcYDBACjBckwDAMEAKMFywMEAaMFzAMEAKMF1DAMAwQDowXYAwQAowXaAwQA
owXcAwQAowXgAwQAowXkAwQAowXnAwQAowXrMAwDBACjBfEDBACjBfIDBACjBfcw
DAMEAKMF+QMEAaMF/AMEAKMF/zANBgkqhkiG9w0BAQsFAAOCAQEAgVvEoo9WpYMG
xKFr8zXnO5/oxJ60Qj+tu9QO9uto3YS6UWk90Gq4RS2tnK+Xpzzh1qzd0UZQ6w1r
kOkqwKrSYdeqSszIlWliOgEK4b7Q0ichia1ARyU77Cr5884ibsILAbb02XObwYpN
lAX9CswUbpNHUlgy5u4Q11vnMKO0vu6Vw9lCRZtD9MBzNov++P65tofQ74suoVGP
X5leTXy8zd4TGQXDW3XYaePx7Qp4hLBdof2QAU5Z01WnhxaaMZkHoux/n7ieKH3R
mewIP0J/QF5GIMO4I0cUJgJocQtCH/sXy1ez6W58M5f4Q44uxPhmA5ZrlrzT2ms4
TMy46etzbA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:08 2024 by rpki-client on console-fra.rpki-client.org