Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/uqGypaa4vuZKqUSWNBWVvpmt9O4.roa
File:                     uqGypaa4vuZKqUSWNBWVvpmt9O4.roa (raw, json)
Hash identifier:          LjouRAF43mH81x+ecrNKjEVUT4VPTxuVYfCPkgCMdGY=
Subject key identifier:   BA:A1:B2:A5:A6:B8:BE:E6:4A:A9:44:96:34:15:95:BE:99:AD:F4:EE
Certificate issuer:       /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial:       01856BC0EB84279F01E184F85BC6CC6841F8
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/uqGypaa4vuZKqUSWNBWVvpmt9O4.roa
Signing time:             Sun 01 Jan 2023 05:14:43 +0000
ROA not before:           Sun 01 Jan 2023 05:14:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3214
IP address blocks:        5.181.23.0/24 maxlen: 24
                          5.181.22.0/24 maxlen: 24
                          5.181.21.0/24 maxlen: 24
                          5.181.20.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 13 Jun 2023 14:41:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:c0:eb:84:27:9f:01:e1:84:f8:5b:c6:cc:68:41:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
        Validity
            Not Before: Jan  1 05:14:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=baa1b2a5a6b8bee64aa94496341595be99adf4ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:0b:ed:75:4b:7d:8b:bd:f4:8c:35:59:a9:37:
                    8b:3d:81:d6:60:f1:bc:0b:d4:ce:8a:d6:7c:de:69:
                    6a:34:08:d7:e2:42:e2:92:7f:0b:fa:01:d4:61:59:
                    55:15:da:18:f0:59:83:6a:16:ac:fa:c1:91:fb:5a:
                    25:6b:54:37:6b:da:64:d5:ad:f0:8a:7e:55:a6:94:
                    bc:73:8d:7b:71:13:00:a6:a4:cf:e2:4c:57:21:54:
                    bc:6e:d2:75:40:25:5b:d4:ad:69:81:08:34:1e:c7:
                    f2:81:44:a3:80:d8:2e:3b:6f:74:ae:a6:cd:6c:be:
                    c4:41:8b:bb:a2:fa:64:83:96:b6:7d:6c:68:6c:86:
                    ee:a2:72:4f:28:90:e5:d1:8f:98:42:ee:fa:12:a8:
                    6d:41:00:87:8a:5c:cb:0d:17:06:4a:43:f1:e1:0c:
                    f4:da:a5:a5:4a:49:39:d9:24:ff:77:71:4d:a2:fb:
                    35:41:92:3c:ef:a9:33:f1:82:f7:b8:f2:7e:43:05:
                    85:6e:57:8b:aa:52:c8:42:2b:a4:c2:b8:45:09:ac:
                    5c:b5:09:b1:ad:f4:aa:d3:8d:1d:29:54:0f:c4:1f:
                    af:4b:e1:22:38:89:36:77:72:65:4d:87:28:bb:36:
                    a1:37:8d:05:7c:98:fd:7c:a4:68:c5:bb:86:af:96:
                    1d:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:A1:B2:A5:A6:B8:BE:E6:4A:A9:44:96:34:15:95:BE:99:AD:F4:EE
            X509v3 Authority Key Identifier:
                keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/uqGypaa4vuZKqUSWNBWVvpmt9O4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5e:d2:94:1f:0f:be:2b:77:d5:1b:fa:d5:e1:4d:d4:90:2c:e0:
         1b:2a:32:94:be:ff:e0:8b:e2:2c:49:35:3b:e4:7f:6a:63:66:
         e4:f7:08:e9:64:ee:28:f6:f8:7b:e9:36:7a:fc:c2:12:73:50:
         ae:ec:15:9e:76:d5:51:9f:74:aa:2a:b5:f8:0a:02:88:13:db:
         c4:a1:cd:52:c3:69:be:e0:aa:10:f3:21:14:8b:57:0e:ee:fc:
         b0:10:f4:9b:a8:f4:fd:31:66:3f:63:1c:29:dd:5a:5a:30:7c:
         85:d3:e9:4f:f8:dd:1f:90:19:48:34:a7:ea:8e:0c:20:43:b8:
         63:b1:8c:16:1d:32:69:b9:47:b8:46:6e:9d:8a:60:02:b3:49:
         14:d2:8e:d6:2c:76:eb:4f:67:3e:c4:1e:b9:ff:99:8e:e6:cb:
         83:57:e9:9d:93:c5:32:ec:0a:18:eb:b1:2d:88:eb:16:51:02:
         40:bc:60:35:95:ce:66:01:2c:31:b2:0f:16:84:cd:b2:68:d9:
         58:42:46:d0:fe:6e:11:38:1a:f2:9a:db:0e:6b:1e:0b:4c:20:
         3d:f1:a9:38:cc:29:5e:9a:6c:80:6a:a9:95:e4:a3:c3:e8:8f:
         90:55:3d:c2:6f:b1:ee:97:bf:a6:03:ad:48:2d:a5:1f:3c:32:
         fe:a3:19:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrwOuEJ58B4YT4W8bMaEH4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjMwMTAxMDUxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWExYjJhNWE2YjhiZWU2NGFhOTQ0OTYzNDE1OTViZTk5YWRmNGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgvtdUt9i730jDVZqTeLPYHWYPG8
C9TOitZ83mlqNAjX4kLikn8L+gHUYVlVFdoY8FmDahas+sGR+1ola1Q3a9pk1a3w
in5VppS8c417cRMApqTP4kxXIVS8btJ1QCVb1K1pgQg0HsfygUSjgNguO290rqbN
bL7EQYu7ovpkg5a2fWxobIbuonJPKJDl0Y+YQu76EqhtQQCHilzLDRcGSkPx4Qz0
2qWlSkk52ST/d3FNovs1QZI876kz8YL3uPJ+QwWFbleLqlLIQiukwrhFCaxctQmx
rfSq040dKVQPxB+vS+EiOIk2d3JlTYcouzahN40FfJj9fKRoxbuGr5YdqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLqhsqWmuL7mSqlEljQVlb6ZrfTuMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvdXFHeXBhYTR2dVpLcVVTV05CV1Z2cG10OU80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbUUMA0G
CSqGSIb3DQEBCwUAA4IBAQBe0pQfD74rd9Ub+tXhTdSQLOAbKjKUvv/gi+IsSTU7
5H9qY2bk9wjpZO4o9vh76TZ6/MISc1Cu7BWedtVRn3SqKrX4CgKIE9vEoc1Sw2m+
4KoQ8yEUi1cO7vywEPSbqPT9MWY/Yxwp3VpaMHyF0+lP+N0fkBlINKfqjgwgQ7hj
sYwWHTJpuUe4Rm6dimACs0kU0o7WLHbrT2c+xB65/5mO5suDV+mdk8Uy7AoY67Et
iOsWUQJAvGA1lc5mASwxsg8WhM2yaNlYQkbQ/m4ROBrymtsOax4LTCA98ak4zCle
mmyAaqmV5KPD6I+QVT3Cb7Hul7+mA61ILaUfPDL+oxnL
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:31 2024 by rpki-client on console-ams.rpki-client.org