Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/w3fSDeRt7daEI5ej1GLRf2bmwzw.roa
File:                     w3fSDeRt7daEI5ej1GLRf2bmwzw.roa (raw, json)
Hash identifier:          eUszTLcWjEkfrzi0hCNAXCainw+w+3MX0gR4VdN3Iks=
Subject key identifier:   C3:77:D2:0D:E4:6D:ED:D6:84:23:97:A3:D4:62:D1:7F:66:E6:C3:3C
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018E9DD23DF6D7DA78E737504D5C85E5CAB5
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/w3fSDeRt7daEI5ej1GLRf2bmwzw.roa
Signing time:             Tue 02 Apr 2024 07:59:45 +0000
ROA not before:           Tue 02 Apr 2024 07:59:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        163.5.30.0/24 maxlen: 24
                          163.5.82.0/24 maxlen: 24
                          163.5.89.0/24 maxlen: 24
                          163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.124.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.128.0/24 maxlen: 24
                          163.5.129.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.139.0/24 maxlen: 24
                          163.5.140.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.146.0/24 maxlen: 24
                          163.5.148.0/24 maxlen: 24
                          163.5.151.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24
                          163.5.162.0/24 maxlen: 24
                          163.5.163.0/24 maxlen: 24
                          163.5.167.0/24 maxlen: 24
                          163.5.171.0/24 maxlen: 24
                          163.5.178.0/24 maxlen: 24
                          163.5.182.0/24 maxlen: 24
                          163.5.188.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.191.0/24 maxlen: 24
                          163.5.201.0/24 maxlen: 24
                          163.5.203.0/24 maxlen: 24
                          163.5.204.0/24 maxlen: 24
                          163.5.205.0/24 maxlen: 24
                          163.5.218.0/24 maxlen: 24
                          163.5.224.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 07 Apr 2024 16:34:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:9d:d2:3d:f6:d7:da:78:e7:37:50:4d:5c:85:e5:ca:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Apr  2 07:59:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c377d20de46dedd6842397a3d462d17f66e6c33c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:a9:2e:d5:f2:3e:45:46:9d:31:30:ae:b3:f7:
                    9e:5a:a4:cf:49:69:d3:01:43:ed:5a:48:d2:d1:e6:
                    5f:18:99:2e:da:68:c6:ee:59:cf:b9:a3:32:84:d6:
                    4e:58:29:f4:ce:49:7d:17:49:64:85:e1:d2:69:2f:
                    36:23:c5:ac:d9:83:7e:61:49:67:37:d2:f1:b7:e8:
                    b1:4e:48:ff:14:d3:2c:7e:7c:df:57:3e:37:03:20:
                    fa:64:61:4d:70:3d:93:60:c4:88:39:95:cd:e3:46:
                    09:3f:a4:79:f6:71:98:7c:92:73:bb:1e:46:25:a5:
                    0e:3b:b2:46:8b:7c:f3:f7:c2:ea:e4:f6:a2:e9:16:
                    ca:6c:29:1f:eb:9c:29:1c:4a:42:45:a5:5a:d5:18:
                    e1:af:38:df:f4:2a:2d:73:c5:ce:db:3b:85:4a:97:
                    f2:32:51:33:b8:4b:52:64:90:5d:e3:e8:11:0a:be:
                    c3:85:bc:26:de:ff:1b:6a:4d:24:a4:bb:32:1b:15:
                    e7:c0:80:cc:1e:76:21:3f:b2:d6:2b:da:f3:c4:54:
                    8f:87:c9:f1:b2:8d:f6:1f:4f:f8:7a:6a:f1:ba:d2:
                    0a:84:78:b3:49:49:f1:33:cd:a7:f9:67:c5:c9:16:
                    ae:14:c6:09:91:29:ba:69:41:18:6b:a6:bc:91:4f:
                    74:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:77:D2:0D:E4:6D:ED:D6:84:23:97:A3:D4:62:D1:7F:66:E6:C3:3C
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/w3fSDeRt7daEI5ej1GLRf2bmwzw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.30.0/24
                  163.5.82.0/24
                  163.5.89.0/24
                  163.5.110.0-163.5.113.255
                  163.5.121.0/24
                  163.5.124.0/24
                  163.5.126.0/24
                  163.5.128.0/23
                  163.5.134.0/24
                  163.5.139.0-163.5.140.255
                  163.5.143.0/24
                  163.5.146.0/24
                  163.5.148.0/24
                  163.5.151.0/24
                  163.5.160.0/24
                  163.5.162.0/23
                  163.5.167.0/24
                  163.5.171.0/24
                  163.5.178.0/24
                  163.5.182.0/24
                  163.5.188.0/23
                  163.5.191.0/24
                  163.5.201.0/24
                  163.5.203.0-163.5.205.255
                  163.5.218.0/24
                  163.5.224.0/24
                  163.5.228.0/24
                  163.5.241.0/24
                  163.5.250.0/24
                  163.5.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:cf:6a:f4:4d:e1:7a:36:5c:60:2d:7e:2f:7c:0d:39:bc:43:
         90:4f:43:6d:9a:5e:c1:db:23:a0:d8:e0:6d:ed:62:10:9e:b6:
         52:e3:51:b3:e1:a1:7d:bb:8d:44:be:c8:7e:fa:f8:ac:33:da:
         6d:37:b8:37:bb:7e:87:08:d6:c9:40:48:26:68:0d:6c:14:7e:
         61:08:96:81:3d:73:0a:29:26:ec:a9:e9:a7:79:0c:54:e7:36:
         88:9a:78:bc:66:50:85:dc:b1:c9:9e:59:ad:71:0b:36:53:d4:
         47:4a:e4:a0:e8:fe:ce:23:69:e1:de:42:ab:09:75:ab:55:cb:
         15:39:b7:8a:d6:14:88:10:5c:34:54:23:4c:24:20:90:bd:3b:
         64:04:13:ed:12:d0:0d:c6:a1:0d:b7:31:e9:46:32:cd:8c:c9:
         7d:9f:72:d4:fd:43:a0:56:dc:8c:f2:25:61:7d:c0:ef:4e:c5:
         9d:4c:c7:25:fd:2e:0e:5b:4b:b4:e6:04:0b:d3:24:2c:5e:2d:
         b6:a3:ab:49:05:3b:a1:7c:b3:29:36:1b:15:0d:4e:49:e3:a4:
         2c:0d:bd:fa:4c:97:a6:c9:36:bd:59:8e:e7:f4:51:fb:9e:4c:
         94:74:19:e9:04:2e:ff:83:5b:e0:64:ee:01:4b:46:55:86:ce:
         89:78:bf:f6
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAY6d0j3219p45zdQTVyF5cq1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNDAyMDc1OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzc3ZDIwZGU0NmRlZGQ2ODQyMzk3YTNkNDYyZDE3ZjY2ZTZjMzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKku1fI+RUadMTCus/eeWqTPSWnT
AUPtWkjS0eZfGJku2mjG7lnPuaMyhNZOWCn0zkl9F0lkheHSaS82I8Ws2YN+YUln
N9Lxt+ixTkj/FNMsfnzfVz43AyD6ZGFNcD2TYMSIOZXN40YJP6R59nGYfJJzux5G
JaUOO7JGi3zz98Lq5Pai6RbKbCkf65wpHEpCRaVa1Rjhrzjf9Cotc8XO2zuFSpfy
MlEzuEtSZJBd4+gRCr7Dhbwm3v8bak0kpLsyGxXnwIDMHnYhP7LWK9rzxFSPh8nx
so32H0/4emrxutIKhHizSUnxM82n+WfFyRauFMYJkSm6aUEYa6a8kU90iQIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFMN30g3kbe3WhCOXo9Ri0X9m5sM8MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdzNmU0RlUnQ3ZGFFSTVlajFHTFJmMmJtd3p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCB0wQCAAEwgcwDBACj
BR4DBACjBVIDBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeQMEAKMFfAMEAKMFfgME
AaMFgAMEAKMFhjAMAwQAowWLAwQAowWMAwQAowWPAwQAowWSAwQAowWUAwQAowWX
AwQAowWgAwQBowWiAwQAowWnAwQAowWrAwQAowWyAwQAowW2AwQBowW8AwQAowW/
AwQAowXJMAwDBACjBcsDBAGjBcwDBACjBdoDBACjBeADBACjBeQDBACjBfEDBACj
BfoDBACjBf0wDQYJKoZIhvcNAQELBQADggEBAFrPavRN4Xo2XGAtfi98DTm8Q5BP
Q22aXsHbI6DY4G3tYhCetlLjUbPhoX27jUS+yH76+Kwz2m03uDe7focI1slASCZo
DWwUfmEIloE9cwopJuyp6ad5DFTnNoiaeLxmUIXcscmeWa1xCzZT1EdK5KDo/s4j
aeHeQqsJdatVyxU5t4rWFIgQXDRUI0wkIJC9O2QEE+0S0A3GoQ23MelGMs2MyX2f
ctT9Q6BW3IzyJWF9wO9OxZ1MxyX9Lg5bS7TmBAvTJCxeLbajq0kFO6F8syk2GxUN
TknjpCwNvfpMl6bJNr1Zjuf0UfueTJR0GekELv+DW+Bk7gFLRlWGzol4v/Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:36 2024 by rpki-client on console-ams.rpki-client.org