Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/UORWtLTIYuUPU7sgBW8YAMMPAQ8.roa
File:                     UORWtLTIYuUPU7sgBW8YAMMPAQ8.roa (raw, json)
Hash identifier:          thyh+rtvlWlU/M8xjXOxNWV6x3jEVNW+XTRRweJnhYo=
Subject key identifier:   50:E4:56:B4:B4:C8:62:E5:0F:53:BB:20:05:6F:18:00:C3:0F:01:0F
Certificate issuer:       /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial:       01856F42CF8C77ED3558C79E06A24D2E50B4
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/UORWtLTIYuUPU7sgBW8YAMMPAQ8.roa
Signing time:             Sun 01 Jan 2023 21:35:27 +0000
ROA not before:           Sun 01 Jan 2023 21:35:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25158
IP address blocks:        5.160.156.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:cf:8c:77:ed:35:58:c7:9e:06:a2:4d:2e:50:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
        Validity
            Not Before: Jan  1 21:35:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=50e456b4b4c862e50f53bb20056f1800c30f010f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:6d:ed:c7:f4:81:12:c1:1d:b2:11:e1:63:5f:
                    b1:82:08:d7:c2:70:b8:7e:fa:9e:47:14:f8:23:c3:
                    73:80:60:5b:10:67:54:09:1d:0b:80:3c:04:21:b1:
                    aa:5b:16:8b:47:49:53:d6:9a:d2:3a:83:95:44:75:
                    ab:fc:fc:a7:f4:52:2e:4c:90:a7:da:3c:ff:75:e5:
                    cf:0f:98:b0:3b:71:32:ed:6f:49:84:8a:ac:8a:1f:
                    a0:a8:4b:d0:c6:40:25:f0:40:6b:7f:90:e3:5c:87:
                    ca:88:6c:1f:b0:5b:77:11:28:08:fe:3e:62:74:5b:
                    85:ea:1d:f3:07:3e:3a:4b:a4:4a:5b:52:b0:89:30:
                    f4:7f:b1:6f:18:5f:65:8b:ef:ea:46:6e:b3:42:20:
                    f5:90:25:39:16:01:b7:dd:3b:e5:d8:dd:68:b7:c4:
                    25:ef:5c:9e:dd:ed:ce:ac:74:48:c0:3b:e7:90:32:
                    eb:5c:4e:7e:22:e3:64:ac:45:ba:54:02:1a:a5:d7:
                    71:81:6d:07:09:a2:a3:43:49:98:24:d9:86:75:b2:
                    2b:aa:e3:23:f5:90:eb:4e:96:5e:63:64:61:2c:49:
                    98:49:cd:e1:f3:4f:63:05:9f:a7:a2:8e:53:4a:ba:
                    bf:30:01:38:87:22:95:b0:ef:54:fd:f4:1e:b5:b5:
                    47:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:E4:56:B4:B4:C8:62:E5:0F:53:BB:20:05:6F:18:00:C3:0F:01:0F
            X509v3 Authority Key Identifier:
                keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/UORWtLTIYuUPU7sgBW8YAMMPAQ8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.160.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:49:dd:0f:45:d0:b3:79:e4:aa:b5:3a:4e:e1:98:bd:48:44:
         95:c0:09:16:f2:f0:c6:22:32:b1:f4:7b:c9:aa:d5:72:36:83:
         0d:f3:02:6f:2e:b3:8a:87:49:a0:2a:e2:56:fb:6d:6b:77:c1:
         c2:a8:ee:43:c9:e6:98:c8:26:c5:61:fe:10:3c:7d:74:43:6f:
         59:7d:37:71:5b:3b:ec:a5:fb:82:2e:ac:49:fe:d6:59:08:8f:
         8a:61:3e:bf:85:74:09:be:cc:d0:3f:76:fe:63:c5:2d:68:57:
         94:e3:cd:6d:f6:e5:56:ad:60:df:33:0f:ff:1d:18:1b:4b:87:
         f2:fe:61:41:f7:34:92:a4:ec:f4:dd:b8:21:ec:49:5b:56:97:
         21:8b:8c:b1:4c:3e:21:5f:a2:8a:ac:37:d4:6a:be:35:29:d5:
         57:c1:cc:46:3d:f8:aa:9b:35:8a:c6:eb:8e:cc:c7:88:10:04:
         bb:16:af:a8:85:0a:b5:c6:36:09:62:6d:59:f5:5c:0a:75:0c:
         41:be:04:0e:89:b6:c6:ce:b9:bf:0f:53:1f:3f:34:c7:9d:39:
         e7:4a:5e:72:48:bc:1e:1c:17:f4:51:b6:26:b0:83:4e:29:c4:
         d8:5f:17:07:ad:51:53:ae:9a:49:be:84:ab:7e:f7:af:c1:26:
         d6:13:7c:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQs+Md+01WMeeBqJNLlC0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjMwMTAxMjEzNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGU0NTZiNGI0Yzg2MmU1MGY1M2JiMjAwNTZmMTgwMGMzMGYwMTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtm3tx/SBEsEdshHhY1+xggjXwnC4
fvqeRxT4I8NzgGBbEGdUCR0LgDwEIbGqWxaLR0lT1prSOoOVRHWr/Pyn9FIuTJCn
2jz/deXPD5iwO3Ey7W9JhIqsih+gqEvQxkAl8EBrf5DjXIfKiGwfsFt3ESgI/j5i
dFuF6h3zBz46S6RKW1KwiTD0f7FvGF9li+/qRm6zQiD1kCU5FgG33Tvl2N1ot8Ql
71ye3e3OrHRIwDvnkDLrXE5+IuNkrEW6VAIapddxgW0HCaKjQ0mYJNmGdbIrquMj
9ZDrTpZeY2RhLEmYSc3h809jBZ+noo5TSrq/MAE4hyKVsO9U/fQetbVHuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFDkVrS0yGLlD1O7IAVvGADDDwEPMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvVU9SV3RMVElZdVVQVTdzZ0JXOFlBTU1QQVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABaCcMA0G
CSqGSIb3DQEBCwUAA4IBAQBKSd0PRdCzeeSqtTpO4Zi9SESVwAkW8vDGIjKx9HvJ
qtVyNoMN8wJvLrOKh0mgKuJW+21rd8HCqO5DyeaYyCbFYf4QPH10Q29ZfTdxWzvs
pfuCLqxJ/tZZCI+KYT6/hXQJvszQP3b+Y8UtaFeU481t9uVWrWDfMw//HRgbS4fy
/mFB9zSSpOz03bgh7ElbVpchi4yxTD4hX6KKrDfUar41KdVXwcxGPfiqmzWKxuuO
zMeIEAS7Fq+ohQq1xjYJYm1Z9VwKdQxBvgQOibbGzrm/D1MfPzTHnTnnSl5ySLwe
HBf0UbYmsINOKcTYXxcHrVFTrppJvoSrfvevwSbWE3we
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:31 2024 by rpki-client on console-fra.rpki-client.org