Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/H7HNU8ZlOWJ7L6rtNkSAzQAh268.roa
File:                     H7HNU8ZlOWJ7L6rtNkSAzQAh268.roa (raw, json)
Hash identifier:          eGue2IaLmOwgTQ+ZPeSFaFiH179qdV/VEKswe2hjVD4=
Subject key identifier:   1F:B1:CD:53:C6:65:39:62:7B:2F:AA:ED:36:44:80:CD:00:21:DB:AF
Certificate issuer:       /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial:       01856F42DAF86708555EEE6B3CF2419C8991
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/H7HNU8ZlOWJ7L6rtNkSAzQAh268.roa
Signing time:             Sun 01 Jan 2023 21:35:30 +0000
ROA not before:           Sun 01 Jan 2023 21:35:30 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50855
IP address blocks:        5.160.198.0/24 maxlen: 24
                          5.160.154.0/24 maxlen: 24
                          5.160.154.0/23 maxlen: 23
                          5.160.155.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:da:f8:67:08:55:5e:ee:6b:3c:f2:41:9c:89:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
        Validity
            Not Before: Jan  1 21:35:30 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1fb1cd53c66539627b2faaed364480cd0021dbaf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:d4:45:a4:ee:c2:52:e0:2a:3b:24:32:f4:7c:
                    4e:91:bc:fd:e3:ae:c3:51:7d:c3:78:2f:da:96:fe:
                    2c:62:9f:4e:cb:b3:ae:6b:47:4f:89:cd:14:e2:93:
                    1a:ff:10:3e:7a:d5:53:2b:21:e4:1a:e0:16:a2:75:
                    82:df:94:d5:f6:26:ed:ed:d8:61:a8:e9:cf:f6:37:
                    80:cf:7e:e1:e1:a1:da:3f:4e:4d:21:2b:17:34:5c:
                    51:09:77:0e:b6:48:5a:eb:e1:f2:ca:23:1d:9e:77:
                    6d:8b:c2:cc:22:97:e4:22:c6:57:ed:2a:5d:9c:7e:
                    e2:89:d7:8a:ed:bc:c0:94:8b:04:6b:9c:05:32:56:
                    25:e0:78:d7:6f:3a:50:e0:26:fe:98:d1:1b:42:e9:
                    30:bc:19:f2:95:d9:33:05:db:3b:8b:86:6f:23:1d:
                    9d:7e:97:71:a2:11:bc:31:8d:e4:85:5f:04:44:bc:
                    09:14:8e:d4:17:82:01:52:a1:b5:47:9e:04:78:38:
                    33:59:3d:d2:e7:5f:85:96:7a:91:0b:fd:4e:8e:45:
                    d5:ec:b7:be:5d:d0:91:04:1e:1c:1f:67:f8:a2:e2:
                    f5:e0:1c:dc:e6:7d:b7:f4:79:87:8e:c4:2a:6a:05:
                    1a:f3:82:f6:50:6d:88:f1:2a:3d:1a:c5:62:31:3f:
                    ed:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:B1:CD:53:C6:65:39:62:7B:2F:AA:ED:36:44:80:CD:00:21:DB:AF
            X509v3 Authority Key Identifier:
                keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/H7HNU8ZlOWJ7L6rtNkSAzQAh268.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.160.154.0/23
                  5.160.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:6e:bc:58:38:27:af:47:42:52:46:96:b0:e4:d3:8e:a7:b5:
         cc:57:bd:b2:3f:1b:75:c2:33:69:54:5c:b9:8a:af:3d:43:1d:
         c2:4c:41:5b:03:e7:d3:b5:cf:41:63:4b:a7:7a:1e:83:a1:f1:
         54:81:a1:88:9a:e4:9a:f0:bd:7f:d1:72:81:19:2c:b8:28:ad:
         36:8c:4f:f4:cd:dc:a8:b6:04:73:1b:06:b0:c8:53:bf:67:ca:
         26:61:0c:65:36:a3:e3:9b:1a:5f:cb:d4:72:28:95:43:7a:ab:
         e1:82:9b:49:d0:36:8a:ee:f2:4d:c2:46:0e:c4:8f:45:52:01:
         89:0a:d7:c0:cf:d7:25:b8:11:19:8a:1a:9e:07:30:67:5e:e5:
         b7:4a:22:7b:9d:e4:e2:25:83:46:f5:f1:b5:69:f6:11:f3:3b:
         f1:20:08:e2:4b:6f:69:f4:6a:6f:dd:84:48:b0:b6:b4:cd:ce:
         53:e7:05:80:c5:6b:19:9d:b3:d0:34:28:1b:47:42:1c:c8:7d:
         30:ae:14:1a:60:63:e5:95:4c:b7:57:f5:91:08:98:2a:b7:52:
         80:26:b2:2f:b2:27:b1:fd:3b:2c:c3:88:5b:e2:e0:f4:ec:0f:
         5f:38:4e:db:12:0a:8f:4a:b8:30:9b:4a:c5:bf:6f:a0:94:d0:
         b8:dc:8e:bb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvQtr4ZwhVXu5rPPJBnImRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjMwMTAxMjEzNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmIxY2Q1M2M2NjUzOTYyN2IyZmFhZWQzNjQ0ODBjZDAwMjFkYmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNRFpO7CUuAqOyQy9HxOkbz9467D
UX3DeC/alv4sYp9Oy7Oua0dPic0U4pMa/xA+etVTKyHkGuAWonWC35TV9ibt7dhh
qOnP9jeAz37h4aHaP05NISsXNFxRCXcOtkha6+HyyiMdnndti8LMIpfkIsZX7Spd
nH7iideK7bzAlIsEa5wFMlYl4HjXbzpQ4Cb+mNEbQukwvBnyldkzBds7i4ZvIx2d
fpdxohG8MY3khV8ERLwJFI7UF4IBUqG1R54EeDgzWT3S51+FlnqRC/1OjkXV7Le+
XdCRBB4cH2f4ouL14Bzc5n239HmHjsQqagUa84L2UG2I8So9GsViMT/tUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB+xzVPGZTliey+q7TZEgM0AIduvMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvSDdITlU4WmxPV0o3TDZydE5rU0F6UUFoMjY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBaCaAwQA
BaDGMA0GCSqGSIb3DQEBCwUAA4IBAQAEbrxYOCevR0JSRpaw5NOOp7XMV72yPxt1
wjNpVFy5iq89Qx3CTEFbA+fTtc9BY0uneh6DofFUgaGImuSa8L1/0XKBGSy4KK02
jE/0zdyotgRzGwawyFO/Z8omYQxlNqPjmxpfy9RyKJVDeqvhgptJ0DaK7vJNwkYO
xI9FUgGJCtfAz9cluBEZihqeBzBnXuW3SiJ7neTiJYNG9fG1afYR8zvxIAjiS29p
9Gpv3YRIsLa0zc5T5wWAxWsZnbPQNCgbR0IcyH0wrhQaYGPllUy3V/WRCJgqt1KA
JrIvsiex/Tssw4hb4uD07A9fOE7bEgqPSrgwm0rFv2+glNC43I67
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:21 2024 by rpki-client on console-ams.rpki-client.org