Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/amwIp81Z5gdlLWaTVyawmpt_Ppw.roa
File:                     amwIp81Z5gdlLWaTVyawmpt_Ppw.roa (raw, json)
Hash identifier:          eNUJGXXvqAjAoFSe8tSCA2L9v/pZbVUJEoEZurQbv2g=
Subject key identifier:   6A:6C:08:A7:CD:59:E6:07:65:2D:66:93:57:26:B0:9A:9B:7F:3E:9C
Certificate issuer:       /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial:       01856F42E986ACB49355B2F1513C4B93C912
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/amwIp81Z5gdlLWaTVyawmpt_Ppw.roa
Signing time:             Sun 01 Jan 2023 21:35:34 +0000
ROA not before:           Sun 01 Jan 2023 21:35:34 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62318
IP address blocks:        5.160.30.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:e9:86:ac:b4:93:55:b2:f1:51:3c:4b:93:c9:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
        Validity
            Not Before: Jan  1 21:35:34 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6a6c08a7cd59e607652d66935726b09a9b7f3e9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:6f:d0:ff:04:ed:68:d9:f2:75:73:bf:f4:dc:
                    39:15:e6:85:26:73:2a:27:96:1a:3d:6b:a5:d2:07:
                    26:0f:ce:19:d7:93:76:6d:0d:9a:39:cb:76:7a:ba:
                    f1:95:80:7c:46:b4:0b:e5:79:bf:d5:92:36:fe:80:
                    cb:cd:b7:06:34:4c:d4:5a:b1:fe:82:6b:96:f2:e2:
                    f9:62:c6:37:dd:f6:89:17:b6:9e:ce:7c:02:c8:f1:
                    a6:e8:df:7a:c7:13:55:7e:fd:43:43:e9:9c:86:78:
                    8c:ec:f9:9e:22:e7:ad:6d:12:30:5d:6c:bf:0e:53:
                    ff:77:64:f2:1c:88:22:6c:5c:2a:95:62:25:bf:fc:
                    f6:f8:a1:a6:ee:a7:26:97:85:18:b3:5c:da:3b:16:
                    53:a6:69:8f:6d:f2:6c:1d:20:44:cb:e7:29:ff:ca:
                    3e:82:82:8e:8e:8c:d8:07:33:d0:2c:d5:2e:86:05:
                    eb:ee:6c:d4:de:57:00:2a:ff:d3:a3:1d:db:fc:96:
                    85:ec:77:b3:b5:d3:60:1f:0a:d8:28:b5:07:21:d0:
                    a8:01:33:9e:ce:fa:b0:55:8f:54:0b:a4:5b:12:20:
                    81:e7:be:26:da:f4:df:65:b4:dc:df:fe:b1:4f:59:
                    f3:35:58:ac:64:79:22:5d:a7:f2:f2:ce:f4:e1:ee:
                    8b:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:6C:08:A7:CD:59:E6:07:65:2D:66:93:57:26:B0:9A:9B:7F:3E:9C
            X509v3 Authority Key Identifier:
                keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/amwIp81Z5gdlLWaTVyawmpt_Ppw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.160.30.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:b8:d8:6c:ec:93:48:69:fa:00:a2:93:60:3e:14:f8:ec:4b:
         37:c0:7f:95:f2:db:08:4f:eb:d7:92:e2:fc:1d:63:08:08:47:
         65:94:d7:ae:83:4c:b4:cf:7b:fb:49:a4:99:6f:4a:4a:c9:75:
         65:36:37:d0:bc:e0:34:92:6f:18:93:e4:5a:8f:04:2b:65:11:
         e1:cc:36:4a:bf:ff:6b:83:42:7f:cf:d1:a7:35:77:bd:ea:bb:
         c2:5f:f9:3b:1c:85:86:91:6d:ea:d0:65:88:88:dd:98:34:72:
         df:8f:0c:8e:89:25:3f:80:b3:2c:2b:25:95:98:fd:cc:78:9e:
         d0:c8:75:19:a4:09:db:b0:e9:c2:e1:10:14:b8:ef:37:cb:e9:
         11:df:b3:09:54:46:da:66:0d:41:17:58:a7:e5:3b:32:09:d9:
         c8:45:9d:c7:1e:bd:a2:ab:17:64:4c:82:6c:cb:0b:a1:06:42:
         fb:9d:90:a2:40:ce:15:5d:98:8b:19:7a:c5:ce:83:f2:6e:91:
         26:5e:9a:83:31:41:b4:ae:fe:fa:38:4a:8e:2c:d3:2a:40:2e:
         39:d2:75:c7:ec:f9:5e:cb:27:9f:a1:f0:38:f0:e3:27:f3:fa:
         c1:65:60:5f:b1:9a:7e:a4:be:9c:95:f0:f8:2a:0d:9d:ed:71:
         6b:32:ba:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQumGrLSTVbLxUTxLk8kSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjMwMTAxMjEzNTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTZjMDhhN2NkNTllNjA3NjUyZDY2OTM1NzI2YjA5YTliN2YzZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmW/Q/wTtaNnydXO/9Nw5FeaFJnMq
J5YaPWul0gcmD84Z15N2bQ2aOct2errxlYB8RrQL5Xm/1ZI2/oDLzbcGNEzUWrH+
gmuW8uL5YsY33faJF7aeznwCyPGm6N96xxNVfv1DQ+mchniM7PmeIuetbRIwXWy/
DlP/d2TyHIgibFwqlWIlv/z2+KGm7qcml4UYs1zaOxZTpmmPbfJsHSBEy+cp/8o+
goKOjozYBzPQLNUuhgXr7mzU3lcAKv/Tox3b/JaF7HeztdNgHwrYKLUHIdCoATOe
zvqwVY9UC6RbEiCB574m2vTfZbTc3/6xT1nzNVisZHkiXafy8s704e6LUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGpsCKfNWeYHZS1mk1cmsJqbfz6cMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvYW13SXA4MVo1Z2RsTFdhVFZ5YXdtcHRfUHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABaAeMA0G
CSqGSIb3DQEBCwUAA4IBAQAsuNhs7JNIafoAopNgPhT47Es3wH+V8tsIT+vXkuL8
HWMICEdllNeug0y0z3v7SaSZb0pKyXVlNjfQvOA0km8Yk+RajwQrZRHhzDZKv/9r
g0J/z9GnNXe96rvCX/k7HIWGkW3q0GWIiN2YNHLfjwyOiSU/gLMsKyWVmP3MeJ7Q
yHUZpAnbsOnC4RAUuO83y+kR37MJVEbaZg1BF1in5TsyCdnIRZ3HHr2iqxdkTIJs
ywuhBkL7nZCiQM4VXZiLGXrFzoPybpEmXpqDMUG0rv76OEqOLNMqQC450nXH7Ple
yyefofA48OMn8/rBZWBfsZp+pL6clfD4Kg2d7XFrMro8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:21 2024 by rpki-client on console-ams.rpki-client.org