Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/uTw9Sb08sxh121iS5LhjKOldzfA.roa
File:                     uTw9Sb08sxh121iS5LhjKOldzfA.roa (raw, json)
Hash identifier:          JOdaeEUgNDSpdLOT8zURyxGkCGdfvtOlPzTZfO+STns=
Subject key identifier:   B9:3C:3D:49:BD:3C:B3:18:75:DB:58:92:E4:B8:63:28:E9:5D:CD:F0
Certificate issuer:       /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial:       01856F42D40AE3DD80E9F079A63EC935DD6A
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/uTw9Sb08sxh121iS5LhjKOldzfA.roa
Signing time:             Sun 01 Jan 2023 21:35:28 +0000
ROA not before:           Sun 01 Jan 2023 21:35:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43395
IP address blocks:        5.160.62.0/23 maxlen: 23
                          92.242.198.0/23 maxlen: 23
                          5.160.196.0/23 maxlen: 23
                          92.242.220.0/23 maxlen: 23
                          5.160.240.0/23 maxlen: 23
                          5.160.158.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Wed 19 Apr 2023 10:35:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:d4:0a:e3:dd:80:e9:f0:79:a6:3e:c9:35:dd:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
        Validity
            Not Before: Jan  1 21:35:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b93c3d49bd3cb31875db5892e4b86328e95dcdf0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:28:13:98:3c:9d:67:f1:92:b7:98:44:88:90:
                    de:e3:ed:67:33:2a:d5:b8:41:ca:19:26:05:98:4d:
                    fc:31:c3:71:d3:bd:a7:e0:0a:87:84:a0:ea:e8:64:
                    81:f6:1d:34:0a:ef:50:74:23:b2:58:38:c7:70:8b:
                    7e:c3:c6:9f:cc:d5:04:f8:ed:30:45:69:07:b0:8b:
                    31:f2:58:48:b0:be:04:bb:46:b2:9a:12:c9:4b:7c:
                    46:81:c6:7d:3c:31:88:7f:4d:bb:07:c1:28:93:ff:
                    74:27:73:b9:b9:7f:5f:2a:88:07:53:be:d0:59:95:
                    77:6f:bc:2c:29:06:b1:e9:05:27:1c:42:02:35:d1:
                    d5:8a:0f:d2:94:33:6d:42:48:21:d7:64:c3:51:fe:
                    05:af:cf:5f:7c:c5:f9:07:97:45:7e:01:97:51:73:
                    c9:ef:01:71:b5:2f:e8:00:d1:60:87:8c:7f:ba:23:
                    d2:a3:c0:49:e1:f1:25:56:5f:6f:ce:11:23:8f:95:
                    7f:56:1b:67:8d:a4:9c:2f:af:67:d2:52:9f:f9:b5:
                    98:ad:2e:86:b5:0d:c4:2c:be:0e:7e:ec:71:1c:32:
                    a6:33:3c:a0:67:ae:a3:dc:c8:05:81:68:80:f7:5f:
                    58:54:39:f7:9a:41:10:bc:9d:54:92:ab:aa:ed:32:
                    45:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:3C:3D:49:BD:3C:B3:18:75:DB:58:92:E4:B8:63:28:E9:5D:CD:F0
            X509v3 Authority Key Identifier:
                keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/uTw9Sb08sxh121iS5LhjKOldzfA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.160.62.0/23
                  5.160.158.0/23
                  5.160.196.0/23
                  5.160.240.0/23
                  92.242.198.0/23
                  92.242.220.0/23

    Signature Algorithm: sha256WithRSAEncryption
         64:98:5d:f5:9c:2b:77:f4:02:e3:ac:ec:9f:fd:7b:f4:d2:8d:
         b9:48:03:ef:0f:1d:9e:55:e9:b3:9d:eb:02:db:56:df:71:54:
         fb:f9:50:db:75:8b:52:b3:39:6d:1e:4e:67:6e:6b:32:8a:51:
         85:a8:03:0d:d1:ef:62:ff:4f:c0:80:c9:91:6f:55:3d:ba:91:
         70:7a:f0:f0:82:06:a5:c7:3c:2f:92:ef:66:4a:a3:32:9e:60:
         1c:ba:7b:fd:dc:90:60:5f:5f:a6:5b:76:72:c6:1a:d2:23:37:
         1f:26:d6:b0:97:a4:64:60:bc:6d:84:53:ea:29:2d:b9:78:d2:
         6e:ad:5d:e2:10:70:61:40:31:1e:79:7b:1d:3a:05:e5:34:e8:
         26:f0:4d:16:d4:89:be:b3:fc:5e:fb:28:dd:49:88:ec:60:0c:
         31:63:58:1a:c4:02:d6:a3:fc:25:1b:56:10:a9:ca:9e:f5:46:
         e6:21:c1:a7:8f:4b:f9:94:88:13:59:3a:a6:db:e9:02:54:70:
         40:b3:e7:ed:f7:64:e6:97:0e:9f:66:a0:e6:91:b0:40:55:6f:
         e8:52:78:2a:5c:90:80:85:e7:6c:af:7e:79:b0:18:ed:bf:b4:
         b0:2e:fa:0d:a0:2e:7b:c1:0a:a3:e2:4f:37:9f:86:bd:1e:90:
         ce:bf:2f:f1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVvQtQK492A6fB5pj7JNd1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjMwMTAxMjEzNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTNjM2Q0OWJkM2NiMzE4NzVkYjU4OTJlNGI4NjMyOGU5NWRjZGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkygTmDydZ/GSt5hEiJDe4+1nMyrV
uEHKGSYFmE38McNx072n4AqHhKDq6GSB9h00Cu9QdCOyWDjHcIt+w8afzNUE+O0w
RWkHsIsx8lhIsL4Eu0aymhLJS3xGgcZ9PDGIf027B8Eok/90J3O5uX9fKogHU77Q
WZV3b7wsKQax6QUnHEICNdHVig/SlDNtQkgh12TDUf4Fr89ffMX5B5dFfgGXUXPJ
7wFxtS/oANFgh4x/uiPSo8BJ4fElVl9vzhEjj5V/VhtnjaScL69n0lKf+bWYrS6G
tQ3ELL4OfuxxHDKmMzygZ66j3MgFgWiA919YVDn3mkEQvJ1Ukquq7TJFawIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLk8PUm9PLMYddtYkuS4YyjpXc3wMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvdVR3OVNiMDhzeGgxMjFpUzVMaGpLT2xkemZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBBaA+AwQB
BaCeAwQBBaDEAwQBBaDwAwQBXPLGAwQBXPLcMA0GCSqGSIb3DQEBCwUAA4IBAQBk
mF31nCt39ALjrOyf/Xv00o25SAPvDx2eVemznesC21bfcVT7+VDbdYtSszltHk5n
bmsyilGFqAMN0e9i/0/AgMmRb1U9upFwevDwggalxzwvku9mSqMynmAcunv93JBg
X1+mW3ZyxhrSIzcfJtawl6RkYLxthFPqKS25eNJurV3iEHBhQDEeeXsdOgXlNOgm
8E0W1Im+s/xe+yjdSYjsYAwxY1gaxALWo/wlG1YQqcqe9UbmIcGnj0v5lIgTWTqm
2+kCVHBAs+ft92Tmlw6fZqDmkbBAVW/oUngqXJCAhedsr355sBjtv7SwLvoNoC57
wQqj4k83n4a9HpDOvy/x
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:31 2024 by rpki-client on console-fra.rpki-client.org